Access Control

Which of the following terms refers to the prevention of unauthorized disclosure of keys?

Authentication

Integrity

Access control

Nonrepudiation

Default systems adminstrator account

What is a hackers favorite target account on Microsoft's SQL Server?

Biometrics

You're in the process of securing the IT infrastructure by adding fingerprint scanners to your existing authentication methods. This type of security is an example of what?

.SCR

Which of the following file extensions should not be allowed with an e-mail attachment?

.DOC

.SCR

.TXT

.XLS

DoS

Which type of attack denies authorized users access to network resources?

DDoS

As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?

Back Door

A server in your network has a program running on it that bypasses authentication. Which type of attack has occured?

Replay Attack

You've discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this mostly likely to be?

TCP/IP Hijacking

A junior administrator comes to you in a panic. After looking at the log files, he has become convinced that an attacker is attempting to use an IP address to replace another system in the network to gain access. Which type of attack is this?

TCP ACK attack

A server on your network will no longer accept communication using the TCP protocol. The server indicates that it has exceeded its session limit. Which type of attack is this?

ICMP

A smurf attack attempts to use a broadcast ping on a network; the return address of the ping may be a valid system in your network. Which protocol does a smurf attack use to conduct the attack?

Password-guessing attack

Your system log files report an ongoing attempt to gain access to a single account. This attempt has been unsucessful to this point. What type of attack are you most likely experiencing?

Windows Defender

Which of the following programs can identify spyware and unwanted software on a Windows Vista machine?

Windows Defender

System Integrity Checker

NetBus

Recovery Console

Phage

Which of the following types of viruses modifies and alters other programs and databases?

Talkabout

Backdoor

Phage

Hijack

Task Scheduler

What could be used with Windows to configure running an antivirus program if the program itself lacked such a feature?

Windows XP Professional

In which of the following operating system is EFS fully supported?

Windows XP Pro

Windows Home Basic

Windows Home Premium

Windows Vista Starter

Vulnerability Scanner

Which of the following is a software application that checks your network for any known security holes?

Man-in-the-middle

Vulnerability scanner

Worm

Port check

gpedit.msc

Which of the following is the Group Policy Editor?

gpedit.msc

regedit.exe

poledit.com

group.sh

security baseline

A _____ defines the level of security that will be implemented and maintained.

polymorphic, stealth, retrovirus, multipartite, armored, companion, phage, and macro viruses.

Viruses can be classified in one of 8 groups. What are they?

Render your system inoperable, and spread to other systems.

A virus, in most cases, tries to accomplish one of two things. What are they?

Armored viruses

What viruses cover themselves with protective code that stops debuggers or disassemblers from examining critical elements of the virus?

Companion Virus

A _______ attaches itself to legitimate programs and then creates a program with a different extension. When a user types the name of the legitimate program, this virus executes instead of the real program.

Macro Virus

This virus exploits the enhancements made to many application programs. Which type of virus does this?

Multipartite Virus

A ______ attacks your system in multiple ways. It may attempt to infect your boot sector, infect all of your executable files, and destroy your application files.

Phage Virus

The only way to remove this type of virus is to reinstall the programs that are infected. If you miss even a single incident of this virus on the victim system, the process will start again and infect the system once more. It modifies and alters other programs and databases. What type is this?

Polymorphic viruses

_______ change form in order to avoid detection. These types of viruses attack your system, display a message on your computer, and delete files on your system.

Signature

A _____ is an algorithm or other element of a virus that uniquely identifies it.

Retrovirus

Which type of virus can directly attack your antivirus software and potentially destroy the virus definition database file?

Stealth Virus

Which type of virus redirects commands around itself in order to avoid detection?

Back door

This refers to gaining access to a network and inserting a program or utility that creates an entrance for an attacker.

IP spoofing

The goal of this type of spoofing attack is to make the data look like it came form a trusted host when it didn't.

DNS spoofing

With this type of spoofing, the DNS server is given information about a name server that it thinks is legitimate when it isn't.

Brute Force, and Dictionary

There are 2 types of password guessing attacks, what are they?

Ping of Death, and Buffer Overflow

         What are 2 of the most common types of        

DoS (Denial of Service) attacks?

Ping of Death

This type of DoS attack crashes a system by sending ICMP packets that are larger than the system can handle.

DDoS (Distributed Denial-of-Service)

This type of attack uses multiple computer systems to conduct an attack against a single organization.

TCP sequence number attack

In this type of attack, the attacker intercepts and then responds with a sequence number similar to the one used in the orginal session?

Active Sniffing

TCP/IP hijacking is also called what?

UDP attack

This attack type attacks either a maintenance protocol or a UDP service in order to overload services and initiate a DoS situation.

Recovery Console

This is a command-line utility used for troubleshooting. From it, you can format drives, stop and start services, and interact with files.

ASR Wizard

Its possible to automate the process of creating a system recovery set by choosing the _______ on the tools menu of the Backup utility.

Microsoft Security Baseline Analyzer

Microsoft provides a tool for establishing a security baseline and for subsequent evaluations of security in Windows 2000 and higher OS's. What is this tool called?

SFC.exe

____ automatically verifies system files after a reboot to see if they were changed to unprotected copies. If an unprotected file is found, its overwritten by a stored copy of the system file.

Hardening

The process of reducing or eliminating weaknesses, securing services, and attempting to make your enviroment immune to attacks is called what?

Hotfixes

______ are used to make repairs to a system during normal operation, even though they may require a reboot.

Service Pack

A ______ is a comprehensive set of fixes consolidated into a single product. May be used to address a large number of bugs or to introduce new capabilities in an OS.

Patches

A temporary or quick fix to a program is called what?

ACL's (Access Control Lists)

These enable devices in your network to ignore requests from specified users or systems, or to grant them certain network capabilities.

Computer Configuration, and

User Configuration

A local policy has 2 primary divisions. What are they?

System Configuration Utility

MSCONFIG is also known as what?

Vulnerability Scanner

this is a software application that checks your network for any known security holes.