Chapter 19 Flashcards

Windows Vista
Terms Definitions
 
 
 
 
Access Control
 
Which of the following terms refers to the prevention of unauthorized disclosure of keys?
 
Authentication
Integrity
Access control
Nonrepudiation
 
 
 
Default systems adminstrator account
 
 
 
 
What is a hackers favorite target account on Microsoft's SQL Server?
 
 
 
 
Biometrics
 
 
 
 
You're in the process of securing the IT infrastructure by adding fingerprint scanners to your existing authentication methods. This type of security is an example of what?
 
 
 
 
.SCR
 
 
Which of the following file extensions should not be allowed with an e-mail attachment?
 
.DOC
.SCR
.TXT
.XLS
 
 
 
 
DoS
 
 
 
Which type of attack denies authorized users access to network resources?
 
 
 
 
DDoS
 
 
 
As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
 
 
 
 
Back Door
 
 
 
A server in your network has a program running on it that bypasses authentication. Which type of attack has occured?
 
 
 
 
Replay Attack
 
 
 
You've discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this mostly likely to be?
 
 
 
 
TCP/IP Hijacking
 
 
 
A junior administrator comes to you in a panic. After looking at the log files, he has become convinced that an attacker is attempting to use an IP address to replace another system in the network to gain access. Which type of attack is this?
 
 
 
 
TCP ACK attack
 
 
 
A server on your network will no longer accept communication using the TCP protocol. The server indicates that it has exceeded its session limit. Which type of attack is this?
 
 
 
 
ICMP
 
 
 
A smurf attack attempts to use a broadcast ping on a network; the return address of the ping may be a valid system in your network. Which protocol does a smurf attack use to conduct the attack?
 
 
 
Password-guessing attack
 
 
 
Your system log files report an ongoing attempt to gain access to a single account. This attempt has been unsucessful to this point. What type of attack are you most likely experiencing?
 
 
 
Windows Defender
 
Which of the following programs can identify spyware and unwanted software on a Windows Vista machine?
 
Windows Defender
System Integrity Checker
NetBus
Recovery Console
 
 
 
 
Phage
 
Which of the following types of viruses modifies and alters other programs and databases?
 
Talkabout
Backdoor
Phage
Hijack
 
 
 
 
Task Scheduler
 
 
 
What could be used with Windows to configure running an antivirus program if the program itself lacked such a feature?
 
 
 
 
Windows XP Professional
 
 
In which of the following operating system is EFS fully supported?
 
Windows XP Pro
Windows Home Basic
Windows Home Premium
Windows Vista Starter
 
 
 
 
Vulnerability Scanner
 
Which of the following is a software application that checks your network for any known security holes?
 
Man-in-the-middle
Vulnerability scanner
Worm
Port check
 
 
 
gpedit.msc
 
 
 
Which of the following is the Group Policy Editor?
 
gpedit.msc
regedit.exe
poledit.com
group.sh
 
 
 
 
security baseline
 
 
 
A _____ defines the level of security that will be implemented and maintained.
 
 
 
 
polymorphic, stealth, retrovirus, multipartite, armored, companion, phage, and macro viruses.
 
 
 
Viruses can be classified in one of 8 groups. What are they?
 
 
 
 
Render your system inoperable, and spread to other systems.
 
 
 
A virus, in most cases, tries to accomplish one of two things. What are they?
 
 
 
 
Armored viruses
 
 
 
What viruses cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus?
 
 
 
 
Companion Virus
 
 
 
A _______ attaches itself to legitimate programs and then creates a program with a different extension. When a user types the name of the legitimate program, this virus executes instead of the real program.
 
 
 
 
Macro Virus
 
 
 
 
This virus exploits the enhancements made to many application programs. Which type of virus does this?
 
 
 
Multipartite Virus
 
 
 
A ______ attacks your system in multiple ways. It may attempt to infect your boot sector, infect all of your executable files, and destroy your application files.
 
 
 
Phage Virus
 
 
 
The only way to remove this type of virus is to reinstall the programs that are infected. If you miss even a single incident of this virus on the victim system, the process will start again and infect the system once more. It modifies and alters other programs and databases. What type is this?
 
 
 
 
Polymorphic viruses
 
 
 
 
_______ change form in order to avoid detection. These types of viruses attack your system, display a message on your computer, and delete files on your system.
 
 
 
 
Signature
 
 
 
A _____ is an algorithm or other element of a virus that uniquely identifies it.
 
 
 
Retrovirus
 
 
 
Which type of virus can directly attack your antivirus software and potentially destroy the virus definition database file?
 
 
 
 
Stealth Virus
 
 
 
Which type of virus redirects commands around itself in order to avoid detection?
 
 
 
Back door
 
 
 
This refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker.
 
 
 
 
IP spoofing
 
 
 
 
The goal of this type of spoofing attack is to make the data look like it came form a trusted host when it didn't.
 
 
 
 
DNS spoofing
 
 
 
With this type of spoofing, the DNS server is given information about a name server that it thinks is legitimate when it isn't.
 
 
 
Brute Force, and Dictionary
 
 
 
There are 2 types of password guessing attacks, what are they?
 
 
 
 
Ping of Death, and Buffer Overflow
 
 
 
         What are 2 of the most common types of        
DoS (Denial of Service) attacks?
 
 
 
Ping of Death
 
 
 
This type of DoS attack crashes a system by sending ICMP packets that are larger than the system can handle.
 
 
 
 
DDoS (Distributed Denial-of-Service)
 
 
 
This type of attack uses multiple computer systems to conduct an attack against a single organization.
 
 
 
 
TCP sequence number attack
 
 
 
In this type of attack, the attacker intercepts and then responds with a sequence number similar to the one used in the orginal session?
 
 
 
Active Sniffing
 
 
 
TCP/IP hijacking is also called what?
 
 
 
UDP attack
 
 
 
This attack type attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation.
 
 
 
 
Recovery Console
 
 
 
This is a command-line utility used for troubleshooting. From it, you can format drives, stop and start services, and interact with files.
 
 
 
ASR Wizard
 
 
 
 
Its possible to automate the process of creating a system recovery set by choosing the _______ on the tools menu of the Backup utility.
 
 
 
 
Microsoft Security Baseline Analyzer
 
 
 
 
Microsoft provides a tool for establishing a security baseline and for subsequent evaluations of security in Windows 2000 and higher OS's. What is this tool called?
 
 
 
 
SFC.exe
 
 
 
 
____ automatically verifies system files after a reboot to see if they were changed to unprotected copies. If an unprotected file is found, its overwritten by a stored copy of the system file.
 
 
 
 
Hardening
 
 
 
The process of reducing or eliminating weaknesses, securing services, and attempting to make your enviroment immune to attacks is called what?
 
 
 
Hotfixes
 
 
 
 
 
______ are used to make repairs to a system during normal operation, even though they may require a reboot.
 
 
 
 
Service Pack
 
 
 
 
A ______ is a comprehensive set of fixes consolidated into a single product. May be used to address a large number of bugs or to introduce new capabilities in an OS.
 
 
 
 
Patches
 
 
 
 
A temporary or quick fix to a program is called what?
 
 
 
 
ACL's (Access Control Lists)
 
 
 
 
These enable devices in your network to ignore requests from specified users or systems, or to grant them certain network capabilities.
 
 
 
 
Computer Configuration, and
 
User Configuration
 
 
 
 
A local policy has 2 primary divisions. What are they?
 
 
 
 
 
System Configuration Utility
 
 
 
 
MSCONFIG is also known as what?
 
 
 
 
Vulnerability Scanner
 
 
 
 
this is a software application that checks your network for any known security holes.
/ 52
Term:
Definition:
Definition:

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})

{[comment.username]}

{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online