Security Flashcards

1
Q

Mantraps

A
  • All doors normally unlocked
    • Opening one door causes others to lock

• All doors normally locked
• Unlocking one door prevents others from being
unlocked

  • One door open / other locked
    • When one is open, the other cannot be unlocked
  • One at a time, controlled groups
    • Managed control through an area
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Token-based

A

Magnetic swipe card or key fob

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Tokens and cards

A
  • Smart card
    • Integrates with devices
    • May require a PIN
  • USB token
    • Certificate is on the USB device
  • Hardware or software tokens
    • Generates pseudo-random authentication codes
  • Your phone
    • SMS a code to your phone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Guards and access lists

A
  • Security guard
    • Physical protection
    • Validates identification of existing employees
    • Provides guest access
  • ID badge
    • Picture, name, other details
    • Must be worn at all times
  • Access list
    • Physical list of names
    • Enforced by security guard
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

USB locks

A
  • Prevent access to a USB port
    • Physical lock inside of the interface

• A secondary security option after disabling the
interface
in BIOS and/or operating system
• There’s always a way around security controls

  • Relatively simple locks
    • Defense in depth
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Active Directory

A
  • Centralized management
    • Windows Domain Services
    • Limit and control access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Login script

A
  • Map network drives
  • Update security software signatures
  • Update application software
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Organizational Units

A

• Structure Active Directory
• Can be based on the company
(locations, departments)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Home Folder

A
  • Assign a network share as the user’s home
    • \server1\users\professormesser
  • Folder redirection
    • Instead of a local folder, redirect to the server
    • Store the Documents folder on \server1
    • Access files from anywhere
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Mobile Device Management (MDM)

A
  • Manage company-owned and user-owned devices
    • BYOD - Bring Your Own Device

• Centralized management of
the mobile devices
• Specialized functionality

  • Set policies on apps, data, camera, etc.
    • Control the remote device
    • The entire device or a “partition”

• Manage access control
• Force screen locks and PINs on these single user
devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Port security

A

• Prevent unauthorized users from
connecting to a switch interface
• Alert or disable the port

  • Based on the source MAC address
    • Even if forwarded from elsewhere
  • Each port has its own config
    • Unique rules for every interface
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

MAC filtering

A

• Media Access Control - The “hardware” address

  • Limit access through the physical hardware address
    • Keeps the neighbors out
    • Additional administration with visitors

• Easy to find MAC addresses through wireless LAN
analysis
• MAC addresses can be spoofed

• Security through obscurity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Certificate-based authentication

A
  • Smart card
  • Private key is on the card
  • PIV (Personal Identity Verification) card
  • US Federal Government smart card
  • Picture and identification information
  • CAC (Common Access Card)
  • US Department of Defense smart card
  • Picture and identification
  • IEEE 802.1X
  • Gain access to the network using a certificate
  • On-device storage or separate physical device
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Host-based firewalls

A
  • “Personal” firewalls
  • Software-based
  • Included in many operating systems
  • 3rd-party solutions also available
  • Stops unauthorized network access
  • “Stateful” firewall
  • Blocks traffic by application
  • Windows Firewall
  • Filters traffic by port number and application
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Network-based firewalls

A

• Filters traffic by port number
• HTTP is 80, SSH is 22
• Next-generation firewalls can
identify the application

  • Can encrypt traffic into/out of the network
  • Protect your traffic between sites
  • Can proxy traffic
  • A common security technique
  • Most firewalls can be layer 3 devices (routers)
  • Usually sits on the ingress/egress of the network
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

User authentication

A

• Identifier
• Something unique
• In Windows, every account has a Security Identifier
(SID)

  • Credentials
  • The information used to authenticate the user
  • Password, smart card, PIN code, etc.
  • Profile
  • Information stored about the user
  • Name, contact information, group memberships, etc
17
Q

Directory permissions

A
  • NTFS permissions
  • Much more granular than FAT
  • Lock down access
  • Prevent accidental modification or deletion
  • Some information shouldn’t be seen
  • User permissions
  • Everyone isn’t an Administrator
  • Assign proper rights and permissions
  • This may be an involved audit
18
Q

VPN concentrator

A
  • Virtual Private Network
  • Encrypt (private) data traversing a public network
  • Concentrator
  • Encryption/decryption access device
  • Many deployment options
  • Specialized cryptographic hardware
  • Software-based options available

• Used with client software - Sometimes built into the OS

19
Q

Data Loss Prevention (DLP)

A

• Where’s your data?
• Social Security numbers, credit card numbers,
medical records

  • Stop the data before the bad guys get it
  • Data “leakage”
  • So many sources, so many destinations
  • Often requires multiple solutions in different places
20
Q

Access Control Lists (ACLs)

A
  • Used to allow or deny traffic
  • Also used for NAT, QoS, etc.
  • Defined on the ingress or egress of an interface
  • Often on a router or switch
  • Incoming or outgoing
  • ACLs evaluate on certain criteria
  • Source IP, Destination IP,
  • TCP port numbers, UDP port numbers, ICMP
  • Deny or permit
  • What happens when an ACL matches the traffic?
  • Following the traffic flow
21
Q

Email filtering

A
  • Unsolicited email
  • Stop it at the gateway before it reaches the user
  • On-site or cloud-based
  • Scan and block malicious software
  • Executables, known vulnerabilities
  • Phishing attempts
  • Other unwanted content
22
Q

An antivirus software is kept up to date via

A

Engine updates

Virus signature updates

23
Q

Examples of secure network protocols used for establishing VPN connections include

A

IPsec

TLS