Ethical Hacking Chapter 9
Trusted Platform Module
A cryptographic firmware boot-check processor installed on many computer systems
MFD
A device that performs more than one function, such as printing and faxing is called which of the following?
NetBEUI
A fast and efficient protocol that requires little configuration and allows transmitting NetBIOS packets over TCP/IP
embedded operating system
A small program developed specifically for use with embedded systems
RTOS
A specialized embedded OS used in devices such as programmable thermostats, appliances controls, and even spacecraft
Common Internet File System
A standardized protocol that replaced SMB in Windows 2000 Server and later
Windows Software Update server
A windows client/server technology introduced in 295 used to manage patching and updating system software from the network
attack surface
Amount of code a computer system exposed to unauthenticated outsiders
RTLinux
An OS microkernel extension developed for Linux
Mandatory Access Control
An OS security mechanism that enforces access rules based on privileges from interactions between processes, files, and users
MILS
An embedded OS certified to run multiple levels of classification on the same CPU without leakage between levels
Remote Procedure Call
An interprocess communication mechanism that allows a program running on one host to run code on a remote host
RTEMS
An open-source embedded OS used in space systems because it supports processors designed specifically to operate in space
Samba
An open-source implementation of CIFS
embedded system
Any computer system that is not a general purpose PC or server
multifunction devices
Devices on a organization's network performing more than one function, such as printers, scanners, and copiers
True
Embedded OSs are usually designed to be small and efficient so they do not have some of the functions that general-purpose OSs have
System Center Configuration Manager
In 2007 became Windows new standard to deploy and manage servers alongside updated patch-management functionality
Systems Management Server
Microsoft's standard for managing Windows security patches on multiple computers in a network between 1994 and 2005
firmware
Rootkits that pose the biggest threat to any OS are those that infect what part of the targeted device?
air gap
SCADA systems controlling critical infrastructure are usually completely separated from the Internet by which of the following?
firmware
Software residing on a chip
SCADA
Systems used for equipment monitoring in large industries, such as public works and utilities, power, generators and dams
apt-get
Ubuntu and debian Linux use what command to update and manage their RPM packages?
Server Message Block
Used to share files and usually runs on top of NetBIOS, NetBEUI, or TCP/IP
NTFS
What is the current file system that Windows utilizes that has strong security features?
no ACL support
What is the most serious shortcoming of Microsoft's original File Allocation Table (FAT) file system?
C and C++
What programming languages are vulnerable to buffer overflow attacks?
BIOS-based rootkit
What type of malicious code could be installed in a system's flash memory to allow an attacker to access the system at a later date?
Java-based
What type of viruses and code has been created by security researchers and attackers that could infect phones running Google's Android, Windows Mobile, and the Apple iPhone OS
Share-level security
When using the Common Internet File System (CIFS), which security model does not require a password to be set for the file share?
User-level security
When using the Common Internet File System (CIFS), which security model will require network users to have name and password to access a specific resource?
Linux Rootkit 5
Which of the following is a common linux rootkit?
Mandatory Access Control
Which of the following is an SELinux OS security mechanism that enforces acces rules base on privileges for interactions between processes, files, users?
null SA password
Which of the following is considered to be the most critical SQL vulnerability?
Web server
Which of the following is often found within an embedded OS that can cause a potential vulnerability to an attack?
Windows Embedded 8
Which of the following source code is now available to the public and was considered a trimmed down version of the Windows desktop OS?
SCADA
Which of the following systems can be used when equipment monitoring and automation is critical?
router
Which one of the following, if compromised might allow attackers the ability to gain complete access to network resources?
