Chapter 8

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embeded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Verify that your network's existing security infrastructure is working properly.

Which commands should you use to display both listening and non-listening sockets on your Linux system?

netstat -a

You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?

nmap

Which command should you use to scan for open TCP ports on your LINUX system?

nmap -sT

Which of the following describes a configuration baseline?

A list of common security settings that a group or all devices share

Which of the following describes a logic bomb?

A program that performs a malicious activitiy at a specific time or after a triggering event.

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasures best addresses the issue?

A strong password policy

What is the main difference between a worm and a virus?

A worm can replicate itself, while a virus requires a host for distribution

You have a file server named srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are access through the network or through a local logon. Which solution should you implement?

Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions

While browsing the Internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?

Adware

What will the netstat -a command show?

All listening and non-listening sockets

Many popular operating systems allow for quick and easy sharing of files and printers with other network memebrs. Which of the following is not a measure by which file and printer sharing is hardened?

Allowing NetBIOS traffic outside of your secured network

Which of the following measures are you most likely to implement to protect against a worm or Trojan horse?

Anti-virus software

Which of the following statements about the use of anti-virus software is correct?

Anti-virus software should be configured to download updated viruses definition files as soon as they become available.

Which of the following is the best recommendation for applying hotfixes to your servers?

Apply only the hotfixes that apply to software running on your systems

What is another name for a logic bomb?

Asynchronous attack

Developers in your company have created a Web application that interfaces with a database serve. During development, programmers created a special user account that bypasses that normal security. What is this an example of?

Backdoor

NetBus and back orifice are remote control tool. They allow you to connect to a remote system over a network and operate it as if you were sitting at a local keyboard. Unfortuntely, these two programs are also examples of what type of security concern?

Backdoor trojans

A collection of zombie computers have been set up to collect personal information. What type of malware do the zombie computers represent?

Botnet

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security?

Change default account passwords Apply all patches and updates

You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?

Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL

When securing a newly deployed server, which of the following rules of thumb should be followed?

Determine the unneeded services and their dependencies before altering the system.

Which of the following actions should you take to reduce the attack surface of a server?

Disable unused services

You have multiple users who are computer administrators. You want each administrator to be able to shut down systems and install drivers. What should you do?

Grant the group the necessary user rights Create a security group for the administrators; add all user accounts to the group.

For users who are memebrs of the Sales team, you want to force their computers to use a specific desktop background and remove access to adminstrative tols from the Start menu. Which solution should you use?

Group policy

Which of the following solutions would you use to control the actions that users can perform on a computer such as shutting down the system, logging in through the network, or loading and unloading device drivers?

Group policy

You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application version and patches are released, you want to be able to automatically apply these to multiple computers. Which tool would be the best choice to use?

Group policy

Which of the following tools can you use on a windows network to automatically distribute and install software and operating system patches on workstations?

Group policy WSUS

By definition, what is the process of reducing security exposure and tightening security controls?

Hardening

Which of the following terms describes a Windows oeprating system patch that corrects a specific problem and is released in a short term, periodic base(typically monthly)?

Hotfix

You manage the information systems for a large manufacturing firm. Supervisory control and data acquistion (SCADA) devices are used on the manfucaturing floor to manager your organization's automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Install the latest firmware updates from the device manufacturer Verify that your network's existing security infrastrucutre is working properly.

You have installed anti-malware software that checks for viruses in e-mail attachments. You configure the software to quarantine any file with problems. You receive an e-mail with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarentined by the anti-malware software. What has happened to the file?

It has been moved to a secure folder on your computer

Which of the following best describes spyware?

It monitors the actions you take on your machine and sends the information back to its originating source

You have 2 folders that contain documents used by various departments: The development group has been given the Write permission to the Design folder. The sales group has been given the Write permission to the Products folder. No other permissions have been given to either group. User Mark Tillman needs to have read permission to the Design folder and the write permission to the Products folder. You want to use groups as much as possible. What should you do?

Make mark a member of the Sales group; add Mark's user account directly to the ACL for the Design folder

You have a file server named srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are access through the network or through a local logon. Which solution should you implement?

NTFS and share permissions

You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report they are unable to access the FTP server. What should you do to enable access?

Open ports 20 and 21 for inbound and outbound connections

Which of the following is most vulnerable to a brute force attack?

Password authentication

Which of the following password attacks uses preconfigured matrices of hashed dictionary words?

Rainbow table

You recently discovered several key files of your antivirus program have been deleted. You suspect that a virus deleted the files. Which type of virus deletes key antivirus program files?

Retro

You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrative access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain adminstrator access to the computer. Which of the following terms best describes this software?

Rootkit

FTPS uses which mechanism to provide security for authentication and data transfer?

SSL

Match the group policy type with the function it can perform

Software that should be installed on a specific computer Computer configuration Software that should be installed for a specific user User configuration Scripts that should run at startup or shutdown Computer configuration Scripts that should run at logong or logoff User configuration Network communication security settings Computer configuration

Which type of virus intercepts system requests and alters service outputs to conceal its presence?

Stealth

You have recently experienced a security incident with one of your servers. After some research, you determine that hotfix #568994 has recently been released would have protected the server. Which of the following recommendations should you follow when applying the hotfix?

Test the hotfix, then apply it to all servers

Arrange the group policy objects in the order in which they are applied

The local group policy on the computer GPOs linked to the domain that contains the user or computer object GPOs linked to the organizational unit that contains the object

Why do attackers prefer static environment devices to conduct distributed network attacks?

These devices are typically more difficult to monitor than traditional network devices These devices tend to employ much weaker security than traditional network devices.

What is a program that appears to be a legitimate application, utility, game, or screensaver that performs malicious activities surreptitiously?

Trojan horse

A user named Bob Smith has been assigned a new desktop workstation to complete his day to day work. The computer runs windows 7. when provisioning Bob's user account in your organization's domain, you assigned an account name of Bsmith with an initial password of bw2Fs3d. On first logon, ob is prompted to change his password, so he changes it to the name of his dog(fido). What should you do to increase the security of Bob's account?

Use Group policy to require strong passwords on user accounts. Train users not to use passwords that are easy to guess


Ensembles d'études connexes

Personal Financial Planning Exam 1

View Set

Introduction to Pyschology Chapter 12 practice quiz

View Set

Critical Thinking lessons 2.01- 2.012

View Set

Rat Dissection - arteries functions

View Set

History - Colonization of Kazakhstan by the Russian Empire

View Set