SPSCC_CNA113_Chpt_28_Securing_Computers

question

Acceptable Use Policy (AUP)
answer

Defines what actions employees may or may not perform on company equipment, including computers, phones, printers, and even the network itself. This policy defines the handling of passwords, e-mail, and many other issues.
question

access control
answer

Security concept using physical security, authentication, users and groups, and security policies.
question

activation
answer

Process of confirming that an installed copy of a Microsoft product, most commonly Windows or a Microsoft Office application, is legitimate. Usually done at the end of software installation.
question

anti-malware program
answer

Software designed to identify and block or remove malware. Typically powered by frequently updated definition files containing the signatures of known malware.
question

antivirus program
answer

Software designed to combat viruses by either seeking out and destroying them or passively guarding against them.
question

attack vector
answer

The route or methods used by a given attack, including malware.
question

authentication
answer

Any method a computer uses to determine who can access it.
question

biometric device
answer

Hardware device used to support authentication; works by scanning and remembering a unique aspect of a user’s various body parts, e.g., retina, iris, face, or fingerprint, by using some form of sensing device such as a retinal scanner.
question

botnet
answer

Network of computers infected with malware that can be controlled to do the bidding of the malware developers, or anyone who pays them. A common use is carrying out Distributed Denial of Service (DDoS) attacks.
question

brute force
answer

Simple attack that attempts to guess credentials or identify vulnerabilities by trying many possibilities.
question

cable lock
answer

Simple anti-theft device for securing a laptop to a nearby object.
question

certificate authority (CA)
answer

Trusted entities that sign digital certificates to guarantee that the certificate was signed by the site in question and not forged.
question

chain of custody
answer

A documented history of who has been in possession of a system.
question

checksum
answer

Value generated from some data, like a file, and saved for comparing to others later. Can be used to identify identical data, such as files on a user’s system that match known viruses. They can also be used to monitor whether a program is changing itself over time, which is a strong warning sign that it may be malware that evolves to avoid detection.
question

closed source software
answer

Software for which the source code is kept secret.
question

compliance
answer

Concept that members of an organization must abide by the rules of that organization. For a technician, this often revolves around what software can or cannot be installed on an organization’s computers.
question

data classification
answer

System of organizing data according to its sensitivity. Common classifications include public, highly confidential, and top secret.
question

default user accounts/groups
answer

Users or groups that are enabled by default. Some, such as the guest account, represent a security risk.
question

definition files
answer

List of virus signatures that an antivirus program can recognize.
question

destination port
answer

In port triggering, after the router sends outbound traffic on the trigger port it will open this port to receive the response.
question

dictionary attack
answer

Type of brute-force attack using a dictionary to guess things like usernames and passwords. Don’t think Webster’s, these dictionaries may be full of usernames and passwords that have leaked or been used as defaults over the years.
question

digital certificate
answer

Form in which a public key is sent from a Web server to a Web browser so that the browser can decrypt the data sent by the server.
question

digital rights management (DRM)
answer

Code schemes for enforcing what users can and can’t do with commercial software or digital media files.
question

drive-by-download
answer

Undesired file downloads generated by turpid Web sites and ads.
question

dumpster diving
answer

To go through someone’s trash in search of information.
question

effective permissions
answer

User’s combined permissions granted by multiple groups.
question

encryption
answer

Making data unreadable by those who do not possess a key or password.
question

End User License Agreement (EULA)
answer

Agreement that accompanies a piece of software, to which the user must agree before using the software. Outlines the terms of use for the software and also lists any actions on the part of the user that violate the agreement.
question

entry control roster
answer

Document for recording who enters and leaves a building.
question

environmental controls
answer

Practice of protecting computing equipment from environmental damage by taking measures such as air conditioning, proper ventilation, air filtration, temperature monitoring, and humidity monitoring.
question

event auditing
answer

Feature of Event Viewer’s Security section that creates an entry in the Security Log when certain events happen, such as a user logging on.
question

Event Viewer
answer

Utility made available in Windows as an MMC snap-in that enables users to monitor various system events, including network bandwidth usage and CPU utilization.
question

firewall
answer

Device that restricts traffic between a local network and the Internet.
question

Group Policy
answer

Means of easily controlling the settings of multiple network clients with policies such as setting minimum password length or preventing Registry edits.
question

hardware firewall
answer

Firewall implemented within networking hardware such as a router.
question

HTTPS
answer

Secure form of HTTP used commonly for Internet business transactions or any time when a secure connection is required. Uses port 443.
question

ID badge
answer

Small card or document for confirming the identity of its holder and what access they should be granted. May use built-in authentication tools such as RFID or smart card to function as a \”something you have\” authentication factor.
question

incident reporting
answer

Process of reporting gathered data about a system or problem to supervisors. Creates a record of work accomplished, and may help identify patterns. Often documented on an incident report form.
question

incident response leader
answer

In some organizations, a person other than a supervisor responsible for receiving and responding to all incident reports.
question

intrusion detection system (IDS)
answer

Application that inspects packets, looking for active intrusions. Functions inside the network, looking for threats a firewall might miss, such as viruses, illegal logon attempts, and other well-known attacks. May also discover threats from inside the network, such as a vulnerability scanner run by a rogue employee.
question

intrusion prevention system (IPS)
answer

Application similar to an intrusion detection system (IDS), except that it sits directly in the flow of network traffic. This enables it to stop ongoing attacks itself, but may also slow down the network and be a single point of failure.
question

IPsec or Internet Protocol security
answer

Microsoft’s encryption method of choice for networks consisting of multiple networks linked by a private connection, providing transparent encryption between the server and the client.
question

Kerberos
answer

Authentication encryption developed by MIT to enable multiple brands of servers to authenticate multiple brands of clients.
question

Local Security Policy
answer

Windows tool used to set local security policies on an individual system.
question

malware
answer

Broadly, software designed to use your computer or device against your wishes. Includes adware, spyware, viruses, ransomware, etc. May be part of seemingly legitimate software or installed by exploiting a vulnerability in the device.
question

man-in-the-middle (MITM)
answer

Attacker serves as an intermediary between two systems, enabling the attacker to observe, redirect, or even alter messages passing in either direction.
question

mantrap
answer

Small room with a set of doors; one to the unsecured area and one to a secured area. Only one door can open at a time, and individuals must authenticate to continue. Combats tailgating.
question

object access auditing
answer

Feature of Event Viewer’s Security section that creates an entry in the Security Log when certain objects are accessed, such as a file or folder.
question

open source software
answer

Software for which the source code is published instead of kept secret. Typically released under an open source license that specifies terms for those who wish to use the software or modify its source.
question

patch management
answer

Process of keeping software updated in a safe, timely fashion.
question

personally identifiable information (PII)
answer

Any data that can lead back to a specific individual.
question

phishing
answer

The act of trying to get people to give their usernames, passwords, or other security information by pretending to be someone else electronically.
question

policies
answer

Control permission to perform a given action, such as accessing a command prompt, installing software, or logging on at a certain time of day. Contrast with true permissions, which control access to specific resources.
question

polymorph virus
answer

Virus that attempts to change its signature to prevent detection by antivirus programs, usually by continually scrambling a bit of useless code.
question

pop-up
answer

Irritating browser window that appears automatically when you visit a Web site.
question

port forwarding
answer

Preventing the passage of any IP packets through any ports other than the ones prescribed by the system administrator.
question

port triggering
answer

Router function that enables a computer to open an incoming connection to one computer automatically based on a specific outgoing connection.
question

principle of least privilege
answer

Security idea that accounts should have permission to access only the resources they need and no more.
question

radio frequency identification (RFID)
answer

Wireless technology that uses small tags containing small amounts of digital information, and readers capable of accessing it. The passive type of these tags operate by harvesting some of the power a scanner or reader emits, enabling a vast array of applications. Common uses such as tracking library books, identifying lost pets, contactless payments, and wireless door locks are just scratching the surface.
question

ransomware
answer

A nasty form of malware that encrypts data or drives on the infected system and demands payment, often within a limited timeframe, in exchange for the keys to decrypt the data.
question

remediation
answer

Repairing damage caused by a virus.
question

replication
answer

When a virus makes copies of itself, often by injecting itself into other executables. See malware and virus.
question

retinal scanner
answer

Biometric security device that authenticates an individual by comparing retinal scans. Rarer in the real world than in media such as movies or video games.
question

rogue anti-malware
answer

Free applications that claim to be anti-malware, but which are actually themselves malware.
question

rootkit
answer

Program that takes advantage of very lowlevel functionality to gain privileged system access and hide itself from all but the most aggressive anti-malware tools. Can strike operating systems, hypervisors, and even device firmware.
question

RSA token
answer

Random-number generators used along with a user name and password to enhance security.
question

Secure Sockets Layer (SSL)
answer

Security protocol used by a browser to connect to secure Web sites.
question

security token
answer

Devices that store some unique information that a user carries with them. May contain digital certificates, passwords, biometric data, or RSA tokens.
question

session hijacking
answer

Intercepting a valid computer session to get authentication information from it, enabling the attacker to use whatever resources the authentication grants access for as long as the authentication information or session are valid.
question

shoulder surfing
answer

Looking for credentials or other sensitive information by watching someone use a computer or device, often over their shoulder.
question

signature
answer

Code pattern of a known virus; used by antivirus software to detect viruses.
question

smart card
answer

Hardware authentication involving a credit card-sized card with circuitry that can be used to identify the bearer of that card.
question

social engineering
answer

Using or manipulating people inside the networking environment to gain access to that network from the outside.
question

software firewall
answer

Firewall implemented in software running on servers or workstations.
question

spam
answer

Unsolicited e-mails from both legitimate businesses and scammers that account for a huge percentage of traffic on the Internet.
question

spear phishing
answer

Dangerous targeted phishing attack on a group or individual that carefully uses details from the target’s life to increase the odds they’ll take the bait.
question

spoofing
answer

Pretending to be someone or something else by placing false information into packets. Commonly this type of data includes a source MAC address or IP address, e-mail address, Web address, or user name. Generally a useful tool for enhancing or advancing other attacks, such as social engineering or spear fishing..
question

spyware
answer

Software that runs in the background of a user’s PC, sending information about browsing habits back to the company that installed it onto the system.
question

Stateful Packet Inspection (SPI)
answer

Used by hardware firewalls to inspect each incoming packet individually for purposes such as blocking traffic that isn’t in response to outgoing requests.
question

stealth virus
answer

Virus that uses various methods to hide from antivirus software
question

tailgating
answer

Form of infiltration and social engineering that involves following someone else through a door as if you belong in the building.
question

telephone scam
answer

Social engineering attack in which the attacker makes a phone call to someone in an organization to gain information.
question

Transport Layer Security (TLS)
answer

Encryption protocol used to securely connect between servers and clients, such as when your Web browser securely connects to Amazon’s servers to make a purchase.
question

trigger port
answer

In port triggering, outbound traffic on this port will cause the router to open the destination port and wait for a response.
question

Trojan horse
answer

Program that does something other than what the user who runs the program thinks it will do. Used to disguise malicious code.
question

trusted root CA
answer

A highly respected certificate authority (CA) that has been placed on the lists of trusted authorities built into Web browsers.
question

unauthorized access
answer

Anytime a person accesses resources in an unauthorized way. This access may or may not be malicious.
question

unified threat management (UTM)
answer

Providing robust network security by integrating traditional firewalls with many other security services such as IPS, VPN, load balancing, antimalware, and more.
question

virus
answer

Program that can make a copy of itself without your necessarily being aware of it. Some viruses can destroy or damage files. The best protection is to back up files regularly.
question

virus shield
answer

Passive monitoring of a computer’s activity, checking for viruses only when certain events occur.
question

worm
answer

Very special form of virus. Unlike other viruses, this does not infect other files on the computer. Instead, it replicates by making copies of itself on other systems on a network by taking advantage of security weaknesses in networking protocols.
question

zero-day attack
answer

Attack targeting a previously unknown bug or vulnerability that software or hardware developers have had zero days to fix.
question

zombie
answer

Computer infected with malware that has turned it into a botnet member.
question

data classification
answer

Mary’s company routinely labels data according to its sensitivity or potential danger to the company if someone outside accesses the data. This is an example of __________________.
question

Trojan horse
answer

A(n) __________________ masquerades as a legitimate program, yet does something different than what is expected when executed.
question

definition files. signature.
answer

Antivirus software uses updatable __________________ to identify a virus by its __________________.
question

object access auditing
answer

Enable __________________ to create Event Viewer entries when a specific file is accessed.
question

unauthorized access
answer

Although not all __________________ is malicious, it can lead to data destruction.
question

social engineering
answer

Most attacks on computer data are accomplished through __________________.
question

firewall
answer

A(n) __________________ protects against unauthorized access from the Internet.
question

smart card
answer

Many companies authenticate access to secure rooms using an ownership factor such as a(n) __________________.
question

Transport Layer Security (TLS). HTTPS.
answer

Before making a credit card purchase on the Internet, be sure the Web site uses the __________________ protocol (that replaced the older SSL protocol), which you can verify by checking for the __________________ protocol in the address bar.
question

polymorph virus
answer

A virus that changes its signature to prevent detection is called a(n) __________________.
question

Social engineering
answer

What is the process of using or manipulating people to gain access to network resources? A. Cracking B. Hacking C. Network engineering D. Social engineering
question

Smart card
answer

Which of the following might offer good hardware authentication? A. Strong password B. Encrypted password C. NTFS D. Smart card
question

Local Security Policy
answer

Which of the following tools would enable you to stop a user from logging on to a local machine but still enable him to log on to the domain? A. AD Policy Filter B. Group Policy Auditing C. Local Security Policy D. User Settings
question

Port forwarding
answer

Which hardware firewall feature enables incoming traffic on a specific port to reach an IP address on the LAN? A. Port forwarding B. NAT C. DMZ D. Multifactor authentication
question

He installed a Trojan horse.
answer

Zander downloaded a game off the Internet and installed it, but as soon as he started to play he got a Blue Screen of Death. Upon rebooting, he discovered that his Documents folder had been erased. What happened? A. He installed spyware. B. He installed a Trojan horse. C. He broke the Group Policy. D. He broke the Local Security Policy
question

WPA2
answer

Which of the following should Mary set up on her Wi-Fi router to make it the most secure? A. NTFS B. WEP C. WPA D. WPA2
question

Effective permissions
answer

A user account is a member of several groups, and the groups have conflicting rights and permissions to several network resources. The culminating permissions that ultimately affect the user’s access are referred to as what? A. Effective permissions B. Culminating rights C. Last rights D. Persistent permissions
question

They automatically scan e-mails, downloads, and running programs.
answer

What is true about virus shields? A. They automatically scan e-mails, downloads, and running programs. B. They protect against spyware and adware. C. They are effective in stopping pop-ups. D. They can reduce the amount of spam by 97 percent.
question

Kerberos
answer

What does Windows use to encrypt the user authentication process over a LAN? A. PAP B. TPM C. HTTPS D. Kerberos
question

Telephone scams and Phishing
answer

Which threats are categorized as social engineering? Select all that apply. A. Telephone scams B. Phishing C. Trojan horses D. Spyware
question

Quarantine the computer so the suspected malware does not spread.
answer

A user calls to complain that his computer seems awfully sluggish. All he’s done so far is open his e-mail. What should the tech do first? A. Educate the user about the dangers of opening e-mail. B. Quarantine the computer so the suspected malware does not spread. C. Run anti-malware software on the computer. D. Remediate the infected system.
question

Boot to Safe Mode and run System Restore or Boot to the Windows Recovery Environment and run System Restore.
answer

Which of the following are good examples of remediation? Select two. A. Boot to Safe Mode and run System Restore. B. Boot to the Windows Recovery Environment and run System Restore. C. Boot to a safe environment and run antivirus software. D. Remove a computer suspected of having malware from the network, effectively quarantining the computer.
question

Applaud the technician for proper compliance.
answer

A user calls and complains that the technician who fixed his computer removed some software he used to download movies and music on the Internet. A check of approved software does not include the uTorrent application, so what should the supervisor do? A. Applaud the technician for proper compliance. B. Educate the user about the legal issues involved with movie and music downloads. C. Add the uTorrent application to the approved software list and make the technician apologize and reinstall the software. D. Check with the user’s supervisor about adding uTorrent to the approved software list.
question

Chain of custody
answer

Mike hands the hard drive containing suspicious content to the head of IT security at Bayland Widgets Co. The security guy requests a record of everyone who has been in possession of the hard drive. Given such a scenario, what document should Mike give the IT security chief? A. Chain of custody B. Definition file C. Entry control roster D. Trusted root CA
question

Install anti-malware software on every computer. Set the software up to update the definitions and engine automatically. Set the software up to scan regularly. Educate the users about what sites and downloads to avoid.
answer

Cindy wants to put a policy in place at her company with regard to malware prevention or at least limitation. What policies would offer the best solution? A. Install anti-malware software on every computer. Instruct users on how to run it. B. Install anti-malware software on every computer. Set the software up to scan regularly. C. Install anti-malware software on every computer. Set the software up to update the definitions and engine automatically. Set the software up to scan regularly. D. Install anti-malware software on every computer. Set the software up to update the definitions and engine automatically. Set the software up to scan regularly. Educate the users about what sites and downloads to avoid.
question

Often via email & disguised as from trusted company. Requests a username, password, or account number. Tricks unsuspecting users.
answer

Describe how a phishing attack works.
question

A package of security services providing robust network security by integrating traditional firewalls with many other security services such as IPS, VPN, load balancing, antimalware, and more.
answer

What is Unified Threat Management (UTM)?
question

Social engineering
answer

Some hackers try to deceive people to get others to tell them confidential information. What is this called?
question

Smart cards & biometric devices such as fingerprint/retinal scanners.
answer

What are some hardware-based authentication mechanisms?
question

Via HTTPS, or HTTP over the Secure Sockets Layer (SSL)
answer

How is the Hypertext Transfer Protocol (HTTP) protected when secure data needs to be sent?
question

Searching through trash for valuable data
answer

What is dumpster diving?
question

Authorization validates credentials. Encryption makes data unreadable.
answer

What’s the difference between authorization & encryption?
question

Malicious software. Prog/code: does something undesirable. Viruses, Trojan horses, worms, rootkits, spyware, botnets, ransomware, spam, etc.
answer

What is malware?
question

Defines what employees may or may not do on company equipment.
answer

What is an Acceptable Use Policy (AUP)?
question

Event Viewer
answer

User states that he received an error message in a Windows dialog box. Doesn’t remember exact error message. How can a technician view it?
question

Similar to tailgating, but instead of following an authorized person into the building, you’re allowed in by an insider.
answer

What is piggybacking?
question

It’s phishing but targeting a high value target such as a CEO of a company.
answer

What is whaling?
question

Phishing scams that are done via SMS messaging or texting.
answer

What is SMSishing?
question

Knowledge factors – something the user knows, like a password or PIN. Ownership factors – something the user has, such as a key, smart card, or security token. Inherence factors – something about the user, such as a fingerprint or iris scan Location factor – somewhere you are. This can be used if the individual’s location can be pinpointed via GPS or some other method. The individual may be required to be at a certain location in order to log in to the system, for example. Temporal factor – may require logon at a certain time of day, or even within so many seconds or minutes of another event. Ability factor – Something you can do such as typing pattern or voice cadence pattern.
answer

What are the authentication factors?
question

Knowledge factor
answer

Authorization factor where the factor is something the user knows, like a password or PIN.
question

Ownership factor
answer

Authorization factor where the factor is something the user has, such as a key, smart card, or security token.
question

Inherence factors
answer

Authorization factor where the factor is something about the user, such as a fingerprint, facescan, or iris scan
question

Location factor
answer

Authorization factor where the factor is somewhere you are. This can be used if the individual’s location can be pinpointed via GPS or some other method. The individual may be required to be at a certain location in order to log in to the system, for example.
question

Temporal factor
answer

Authorization factor where the factor may require logon at a certain time of day, or even within so many seconds or minutes of another event.
question

Ability factor
answer

Authorization factor where the factor is something you can do such as typing pattern or voice cadence pattern.
question

Uninterruptible Power Supplies (UPSs)
answer

What is the best way to protect network devices from a loss of power?
question

Clean equipment with compressed air or a nonstatic vacuum. Maintain proper airflow to keep things cool and to control dusty air. Make sure that the room is ventilated and air-conditioned and that the air filters are changed regularly. If things are really bad, you can enclose a system in a dust shield which comes complete with its own filter.
answer

What are some methods of protecting equipment from \”dirty air?\”
question

22° Celsius or 72° Fahrenheit
answer

What temperature are most computers designed to operate at?
question

A privacy filter which is little more than a framed sheet or film that you apply to the front of your monitor. Privacy filters reduce the viewing angle, making it impossible to see the contents on the screen for anyone except those directly in front of the screen
answer

What’s an excellent way to prevent \”shoulder surfing?\”
question

The bot hearder
answer

What is the person in charge of the botnet called?
question

1. Identify malware symptoms 2. Quarantine infected system 3. Disable system restore in Windows 4. Remediate infected systems * Update anti-malware software * Use scan and removal techniques – Windows Safe Mode or Preinstallation Environment 5. Schedule scans and run updates 6. Enable system restore & create restore point 7. Educate end user
answer

What’s the best way to remove malware?

Get instant access to
all materials

Become a Member