Chapter 19 Flashcards

Windows Vista
Terms Definitions
Access Control
Which of the following terms refers to the prevention of unauthorized disclosure of keys?
Access control
Default systems adminstrator account
What is a hackers favorite target account on Microsoft's SQL Server?
You're in the process of securing the IT infrastructure by adding fingerprint scanners to your existing authentication methods. This type of security is an example of what?
Which of the following file extensions should not be allowed with an e-mail attachment?
Which type of attack denies authorized users access to network resources?
As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
Back Door
A server in your network has a program running on it that bypasses authentication. Which type of attack has occured?
Replay Attack
You've discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this mostly likely to be?
TCP/IP Hijacking
A junior administrator comes to you in a panic. After looking at the log files, he has become convinced that an attacker is attempting to use an IP address to replace another system in the network to gain access. Which type of attack is this?
TCP ACK attack
A server on your network will no longer accept communication using the TCP protocol. The server indicates that it has exceeded its session limit. Which type of attack is this?
A smurf attack attempts to use a broadcast ping on a network; the return address of the ping may be a valid system in your network. Which protocol does a smurf attack use to conduct the attack?
Password-guessing attack
Your system log files report an ongoing attempt to gain access to a single account. This attempt has been unsucessful to this point. What type of attack are you most likely experiencing?
Windows Defender
Which of the following programs can identify spyware and unwanted software on a Windows Vista machine?
Windows Defender
System Integrity Checker
Recovery Console
Which of the following types of viruses modifies and alters other programs and databases?
Task Scheduler
What could be used with Windows to configure running an antivirus program if the program itself lacked such a feature?
Windows XP Professional
In which of the following operating system is EFS fully supported?
Windows XP Pro
Windows Home Basic
Windows Home Premium
Windows Vista Starter
Vulnerability Scanner
Which of the following is a software application that checks your network for any known security holes?
Vulnerability scanner
Port check
Which of the following is the Group Policy Editor?
security baseline
A _____ defines the level of security that will be implemented and maintained.
polymorphic, stealth, retrovirus, multipartite, armored, companion, phage, and macro viruses.
Viruses can be classified in one of 8 groups. What are they?
Render your system inoperable, and spread to other systems.
A virus, in most cases, tries to accomplish one of two things. What are they?
Armored viruses
What viruses cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus?
Companion Virus
A _______ attaches itself to legitimate programs and then creates a program with a different extension. When a user types the name of the legitimate program, this virus executes instead of the real program.
Macro Virus
This virus exploits the enhancements made to many application programs. Which type of virus does this?
Multipartite Virus
A ______ attacks your system in multiple ways. It may attempt to infect your boot sector, infect all of your executable files, and destroy your application files.
Phage Virus
The only way to remove this type of virus is to reinstall the programs that are infected. If you miss even a single incident of this virus on the victim system, the process will start again and infect the system once more. It modifies and alters other programs and databases. What type is this?
Polymorphic viruses
_______ change form in order to avoid detection. These types of viruses attack your system, display a message on your computer, and delete files on your system.
A _____ is an algorithm or other element of a virus that uniquely identifies it.
Which type of virus can directly attack your antivirus software and potentially destroy the virus definition database file?
Stealth Virus
Which type of virus redirects commands around itself in order to avoid detection?
Back door
This refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker.
IP spoofing
The goal of this type of spoofing attack is to make the data look like it came form a trusted host when it didn't.
DNS spoofing
With this type of spoofing, the DNS server is given information about a name server that it thinks is legitimate when it isn't.
Brute Force, and Dictionary
There are 2 types of password guessing attacks, what are they?
Ping of Death, and Buffer Overflow
         What are 2 of the most common types of        
DoS (Denial of Service) attacks?
Ping of Death
This type of DoS attack crashes a system by sending ICMP packets that are larger than the system can handle.
DDoS (Distributed Denial-of-Service)
This type of attack uses multiple computer systems to conduct an attack against a single organization.
TCP sequence number attack
In this type of attack, the attacker intercepts and then responds with a sequence number similar to the one used in the orginal session?
Active Sniffing
TCP/IP hijacking is also called what?
UDP attack
This attack type attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation.
Recovery Console
This is a command-line utility used for troubleshooting. From it, you can format drives, stop and start services, and interact with files.
ASR Wizard
Its possible to automate the process of creating a system recovery set by choosing the _______ on the tools menu of the Backup utility.
Microsoft Security Baseline Analyzer
Microsoft provides a tool for establishing a security baseline and for subsequent evaluations of security in Windows 2000 and higher OS's. What is this tool called?
____ automatically verifies system files after a reboot to see if they were changed to unprotected copies. If an unprotected file is found, its overwritten by a stored copy of the system file.
The process of reducing or eliminating weaknesses, securing services, and attempting to make your enviroment immune to attacks is called what?
______ are used to make repairs to a system during normal operation, even though they may require a reboot.
Service Pack
A ______ is a comprehensive set of fixes consolidated into a single product. May be used to address a large number of bugs or to introduce new capabilities in an OS.
A temporary or quick fix to a program is called what?
ACL's (Access Control Lists)
These enable devices in your network to ignore requests from specified users or systems, or to grant them certain network capabilities.
Computer Configuration, and
User Configuration
A local policy has 2 primary divisions. What are they?
System Configuration Utility
MSCONFIG is also known as what?
Vulnerability Scanner
this is a software application that checks your network for any known security holes.
/ 52

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})


{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online