Chapter 12

¡Supera tus tareas y exámenes ahora con Quizwiz!

What are the basic steps needed in the process of securing a system?

*1.* patch operating systems and applications using auto-update *2.* patch third-party applications *3.* restrict admin privileges to users who need them *4.* white-list approved applications

A plan needs to identify appropriate personnel to install and manage the system, noting any training needed. *A.* True *B.* False

*A.* True

Each layer of code needs appropriate hardening measures in place to provide appropriate security services. *A.* True *B.* False

*A.* True

It is possible for a system to be compromised during the installation process. *A.* True *B.* False

*A.* True

The ______ process retains copies of data over extended periods of time in order to meet legal and operational requirements. *A.* archive *B.* virtualization *C.* patching *D.* backup

*A.* archive

The first critical step in securing a system is to secure the __________. *A.* base operating system *B.* system administrator *C.* malware protection mechanisms *D.* remote access privileges

*A.* base operating system

Cryptographic file systems are another use of _______. *A.* encryption *B.* testing *C.* virtualizing *D.* acceleration

*A.* encryption

Lower layer security does not impact upper layers. *A.* True *B.* False

*B.* False

Most large software systems do not have security weaknesses. *A.* True *B.* False

*B.* False

__________ applications is a control that limits the programs that can execute on the system to just those in an explicit list. *A.* Virtualizing *B.* White listing *C.* Logging *D.* Patching

*B.* White listing

The ______ process makes copies of data at regular intervals for recovery of lost or corrupted data over short time periods. *A.* logging *B.* backup *C.* hardening *D.* archive

*B.* backup

The needs and policy relating to backup and archive should be determined ______. *A.* as a final step *B.* during the system planning stage *C.* during security testing *D.* after recording average data flow volume

*B.* during the system planning stage

______ systems should not run automatic updates because they may possibly introduce instability. *A.* Configuration controlled *B.* Policy controlled *C.* Change controlled *D.* Process controlled

*C.* Change controlled

Once the system is appropriately built, secured, and deployed, the process of maintaining security is ________. *A.* complete *B.* no longer a concern *C.* continuous *D.* sporadic

*C.* continuous

The first step in deploying new systems is _________. *A.* security testing *B.* installing patches *C.* planning *D.* secure critical content

*C.* planning

______ are resources that should be used as part of the system security planning process. *A.* Texts *B.* Online resources *C.* Specific system hardening guides *D.* All of the above

*D.* All of the above

Security concerns that result from the use of virtualized systems include ______. *A.* guest OS isolation *B.* guest OS monitoring by the hypervisor *C.* virtualized environment security *D.* all of the above

*D.* all of the above

The following steps should be used to secure an operating system: *A.* test the security of the basic operating system *B.* remove unnecessary services *C.* install and patch the operating system *D.* all of the above

*D.* all of the above

The most important changes needed to improve system security are to ______. *A.* disable remotely accessible services that are not required *B.* ensure that applications and services that are needed are appropriately configured *C.* disable services and applications that are not required *D.* all of the above

*D.* all of the above

security planning process? *A.* how users are authenticated *B.* the categories of users of the system *C.* what access the system has to information stored on other hosts *D.* all of the above

*D.* all of the above

The range of logging data acquired should be determined _______. *A.* during security testing *B.* as a final step *C.* after monitoring average data flow volume *D.* during the system planning stage

*D.* during the system planning stage

What steps are used to maintain system security?

*1.* Initial Setup and Patching *2.* Remove unnecessary Services, Applications, and Protocols *3.* Configure Users, Groups, and Authentication *4.* Configure Resource Controls *5.* Install Additional Security Controls *6.* Test the System Security

What are the basic steps to secure virtualized systems?

*1.* carefully plan the security of the virtualized system *2.* secure all elements of a full virtualization solution, including the hypervisor, guest OSs, and virtualized infrastructure, and maintain their security *3.* ensure that the hypervisor is properly secured *4.* restrict and protect administrator access to the virtualization solution

What virtualization alternatives do we discuss securing?

*1.* full virualization - multiple full operating system instances execute in parallel *2.* virtual machine monitor - coordinates access between each of the guests and the actual physical hardware resources: CPU, memory, disk, network, and other devices *3.* native virtualization - goal of improving the execution efficiency of the hardware *4.* Hosted virtualization - they run aside other applications on the host OS, and are used to support applications for alternate operating system versions or types

What are the main security concerns with virtualized systems?

*1.* guest OS isolation, ensuring that programs executing within a guest OS may only access and use the resources allocated to it, and not covertly interact with programs or data either in other guest OSs or in the hypervisor *2.* guest OS monitoring by the hypervisor, which has privileged access of the programs and data in each guest OS, and must be trusted as secure from subversion and compromised use of this access *3.* virtualized environment security, particularly as regards image and snapshot management, which attackers may attempt to view or modify

What are the basic steps needed to secure the base operating system?

*1.* install and patch the operating system *2.* harden and configure the operating system to adequately address the identified security needs of the system by: > removing unnecessary services, applications, and protocols > configuring users, groups, and permissions > configuring resource controls *3.* install and configure additional security controls, such as anti-virus, host-based firewalls, and intrusion detection systems (IDS), if needed *4.* test the security of the base operating system to ensure that the steps taken adequately address its security needs

What are mandatory integrity controls used for in Windows systems?

These label all objects, such as processes and files, and all users, as being of low, medium, high, or system integrity level. It first ensures that the subject's integrity is equal or higher than the object's level.

What are the major differences between the implementations of the discretionary access control models on Unix and Linux systems and those on Windows systems?

Unix and Linux implements to all file system resources not only files, and directories but devices, processes, memory, and most system resources. Windows applies to files, shared memory, and name pipes and much of the configuration information is centralized in the Registry.

What types of additional security controls may be used to secure the base operating system?

anti-virus software, host-based firewalls, IDS or IPS software, or application white-listing

What permissions may be specified, and for which subjects?

as granting read, write and execute permissions to each of owner, group, and others, for each resource

Why is keeping all software as up to date as possible so important?

because of the continuing discovery of software and other vulnerabilities for commonly used operating systems and applications

What are the pros and cons of automated patching?

because security patches can, on rare but significant occasions, introduce instability. You should stage and validate all patches on test systems before deploying them in production

What type of access control model do Unix and Linux systems implement?

discretionary access controls to all file system resources

What commands are used to manipulate extended file attributes access lists in Unix and Linux systems?

getfac1 setfac1

Where is application and service configuration information stored on Unix and Linux systems?

in the /etc directory or in the installation tree for a specific application

Where are two places user and group information may be stored on Windows systems?

in the Security Account Manager (SAM). Or centrally managed by Active Directory (AD)

What is the aim of system security planning?

is to maximize security while minimizing costs

What is the main host firewall program used on Linux systems?

perimeter firewall

What effect do set user and set group permissions have when executing files on Unix and Linux systems?

programs can execute with Superuser rights, or with access to resources belonging to the privileged group.

Where is application and service configuration information stored on Windows systems?

registry

How is a chroot jail used to improve application security?

restricts the server's view of the file system to just a specified portion. This is done using the chroot system call that confines a process to some subset of the file system by mapping the root of the system / to some other directory

What is the point of removing unnecessary services, applications, and protocols?

so that a suitable level of functionality is provided

What is virtualization?

technology that provides an abstraction of the computing resources used to run in a simulated environment

On Windows, which privilege overrides all ACL checks, and why?

the ability to backup the computer, privileges give user accounts permission to backup. explicit deny permissions takes precedence over Allow permissions

Why is it important to rotate log files?

to rotate any logs for debugging and for the greatest and latest

What additional steps are used to secure key applications?

traffic monitoring, file integrity check, white-list applications that limits the programs that can execute on the system to just those in an explicit list


Conjuntos de estudio relacionados

Statistics: Unit 4 Lesson 2 Review

View Set

The Carbon Cycle and Climate Change Test

View Set

Criminal Justice Chapter 3 and 4.

View Set

5. Making a Radiographic Image: Projection Geometry & Characteristics of Diagnostic Radiograph Localization

View Set