Term
Network Based Attack:
Social Engineering Attack |
|
Definition
hacker tries to trick a user or admin to divulge sensitive information through social contact.
Hacker uses that info to compromise the system or network |
|
|
Term
Network Based Attack:
Password Attacks:
Dictionary |
|
Definition
Hacker has 2 files:
- all user names
- every word in the dictionary + others
tries every word in dictionary+ to crack each account |
|
|
Term
Network Based Attack:
Password Attacks:
Brute Force |
|
Definition
| hacker uses a program that tries to figure out your password with different combos of characters |
|
|
Term
Network Based Attack:
Denial of Service (DoS) Attack |
|
Definition
designed to cause a system to be so busy that it cannot service a real request from a client.
have a firewire installed as well as updated patches to prevent this attack |
|
|
Term
Network Based Attack:
Spoofing attack |
|
Definition
hacker modifies the source address of a network packet (piece of info sent out on the network).
3 types:
- MAC
- IP
- E-mail
implement encryption and authentication services on the network |
|
|
Term
Network Based Attack:
Eavesdropping Attack |
|
Definition
Hacker uses some sort of packet sniffer program to see all the traffic on a network.
utilized to find login passwords or monitor activities
To protect, encrypt network traffic |
|
|
Term
Network Based Attack:
Man-in-the-middle Attack |
|
Definition
hacker monitoring traffic but also intercepting data, and possibly modifying the data, then sending out the result.
to protect:
- restrict access to the network, implement encryption and authentication services on the network |
|
|
Term
Network Based Attack:
Session hijacking Attack |
|
Definition
similar to Man-in-the-middle, instead the hacker poses as the party it was supposed to be sent to and hijacks the conversation.
Protect:
- restrict access to the network and implement encryption and authentication services |
|
|
Term
| Physical Security Best Practices |
|
Definition
- Secure server placement
- Lock the workstation
- Disable boot devices
- Set CMOS password
- Disable network ports
- Use a lockdown cable |
|
|
Term
Encryption:
Secure Sockets Layer (SSL) |
|
Definition
encrypts different types of internet traffic by applying digital certificates
Digital Certificate:
- contains the key that is used to encrypt and decrypt the traffic |
|
|
Term
Encryption:
Internet Protocol Security (IPSec) |
|
Definition
Can encrypt all TCP/IP traffic between systems.
unlikely solution for Websites but great for encrypting traffic on your network |
|
|
Term
Encryption:
Virtual Private Network (VPN) |
|
Definition
Allows a user to connect across the Internet to a remote network and send info between her system and the office network securely.
creates a security tunnel that is encrypted. |
|
|
Term
|
Definition
| Copies files that you select, and clears the archive bit on any file that is backed up -- essentially recording the fact that the file has been backed up |
|
|
Term
|
Definition
- Copies files that have been changed
- Does not clear archive bit (no record files have been backed up)
- Next time it backs up, the files will be backed up again |
|
|
Term
|
Definition
- Copies any file that has changed and then clears archive bit on those files
- Files will not be backed up again unless they were changed since last backup |
|
|
Term
| RAID (Redundant Array of Inexpensive Disks)Level 0 (striped volume) |
|
Definition
- Writes different parts of the data to different disks at the same time
- Benefit: get performance benefit by writing data at the same time to multiple disks, taking less time to read/write file. (data is split up, not duplicated)
- not a redundant solution |
|
|
Term
| RAID (Redundant Array of Inexpensive Disks)Level 1 (mirrored volume) |
|
Definition
- Duplicates the data stored on one disk to another.
- If one fails the other disk has a copy |
|
|
Term
| RAID (Redundant Array of Inexpensive Disks) Level 5 (volume) |
|
Definition
requires a minimum of 3 drives and writes to all drives in the solution like a striped volume.
- stores redundant data (parity data) on one of the disks.
- Redundant data is used to calculate the missing data when a disk goes missing, ensuring that users can still retrieve data without noticing a problem |
|
|
Term
|
Definition
- Authentication is the process of proving an identity to the network, but Authorization is the process of determining whether accessing a resource is allowed after authentication takes place.
- Hackers take many different approaches to compromise a system. Protect your environment from both network-based and software-based attacks, and make sure that physical security is in place.
- a denial of service (DoS) is an attack on a system or network that prevents the system or network from performing it's regular function.
- Social engineering is a popular type of attack involving the hacker compromising security by tricking an employee through social contact.
- You secure network traffic by encyrpting traffic between two systems by using technologies such as SSL and IPSec. Admins typically use SSL to encrypt web traffic and IPSec to encrypt internal or VPN traffic.
- securing your data involves not only protecting resources with permissions but also protecting your data by following proper data destruction procedures and backup strategies as well as creating redundant disk solutions. |
|
|
Term
| Windows Built-in accounts |
|
Definition
- Administrator
- Guest
Guest is disabled by default |
|
|
Term
Windows Default Groups:
Administrators |
|
Definition
| Members have full access to the system and can change any setting on the system. |
|
|
Term
Windows Default Groups:
Backup Operators |
|
Definition
| Members can perform backups and restores on the system |
|
|
Term
Windows Default Groups:
Account Operators |
|
Definition
| Members can create user accounts not the entire system |
|
|
Term
Windows Default Groups:
Printer Operators |
|
Definition
| Members can change any settings on the printers. |
|
|
Term
Windows Default Groups:
Users |
|
Definition
| All members can be assigned specific permissions |
|
|
Term
Windows Default Groups:
Power Users |
|
Definition
Prior to Windows Vista, members allowed to create user accounts and manage printing environment.
Use this if the desktop OS does not have an account operator or a printer operator group |
|
|
Term
Copying and moving files:
Move on same partition |
|
Definition
| It keeps the files permissions |
|
|
Term
Copying and moving files:
Copy on same partition |
|
Definition
| The new file inherits the permissions of the folder it was copied to |
|
|
Term
Copying and moving files:
Move across partition |
|
Definition
| file inherits the permissions of the target folder, not the original permissions |
|
|
Term
Copying and moving files:
Copy across partition |
|
Definition
| new file inherits the permissions of the destination folder |
|
|
Term
| Exposing servers to the internet |
|
Definition
| Be sure to put these servers in a DMZ (demilitarized zone) so you can selectively choose which type of data is allowed to reach your servers. |
|
|
Term
|
Definition
- Create user accounts for each user of the system. Make sure that users use strong passwords for those accounts and understand to not share those passwords
- Assign permissions to resources such as folders and files to ensure that unauthorized users don't get access to the resource
- Enable auditing so that you are aware of any security-related events that happen on the system. Also be sure to review the security log often
- Enable a firewall for the network and enable the Firewall on the Windows System
- Secure your wireless router by disabling the wireless feature if you are not using the wireless components of the router. If you are using wireless, be sure to implement WEP or WPA and disable SSID broadcasting |
|
|
Term
You have enabled auditing; where do you go to view the audit information?
1. Local Security Policy
2. Event Viewer
3. LAN Connection Properties
4. Firewall |
|
Definition
|
|
Term
A privilege to perform an operating system task is known as what?
1. Permission
2. Policy
3. Right
4. Firewall |
|
Definition
| 3. A right gives you the privilege to perform an operating system task |
|
|
Term
|
Definition
- A virus is a program that does harm to your system
- Popular types of viruses are file, boot sector, and macro viruses
- Other types of malicious software are Trojan horse, worms, and spyware
- You may use antivirus software to remove viruses from your system and antispyware software to remove spyware from your system
- Be sure to update your virus definitions on a regular basis so that your virus protection software can protect your system against the most popular viruses |
|
|
Term
What software allows the network administrator to deploy patches to all the systems on the network after they are downloaded to a central server?
1. Virus protection software
2. Virus definitions
3. WSUS
4. Trojans |
|
Definition
| 3. WSUS can deploy updates to all systems on the network |
|
|
