Shared Flashcard Set

Details

Microsoft Security
Lanier Tech - CIST 1601
12
Computer Networking
Undergraduate 1
02/12/2012

Additional Computer Networking Flashcards

 


 

Cards

Term
What primary security element does a trusted computing base provide and support?
Definition
Integrity - A trusted computing base is designed to provide and support the security element of integrity. The trusted computing base does not directly address or provide the security elements of availability, non repudiation, authentication, and confidentiality.
Term
Which of the following versions of Microsoft Windows does not allow administrators to restrict file access?
Definition
Microsoft Windows 95 - Windows 95 supports only the File Allocation Table (FAT) file system, which does not include file level access controls. Windows 2000, Windows XP, and Windows Server 2003 all support the NTFS file system, which does include file level access controls.
Term
Which of the following is not a reason to restrict the number of applications or services installed on a secured system?
Definition
Software Dependencies - Software dependencies often force you to install additional software in order to support a specific service or application. Reasons to restrict the number of installed services and applications include software specific attacks, additional avenues of attack, difficulty in managing access permissions and known vulnerabilities.
Term
Which of the following actions would reduce the attack surface of a computer system connected to the Internet?
Definition
Removing Internet Information Server - Of the options listed above, removing un-needed protocols and services is the only means to reduce the vulnerabilities and risks of the system, effectively reducing its attack surface. Installing new services or network interfaces increases the attack surface. Locking down access permissions might increase the difficulty of waging an attack, but the attack surface itself is unchanged.
Term
What types of patches or updates released by Microsoft should you apply only if you are experiencing the same issues they address?
Definition
Hot-fixes - Hot-fixes are patches and updates that are minimally tested so they can be released quickly. Thus, hot-fixes could cause problems in some environments and configurations. To avoid these problems, you should install a hot-fix only if you have the problem it was designed to address. As a general rule, you should install service packs and security roll-up packages. However, never install anything until you have tested the deployment on a non production system. Resource kit tools are not patches or updates; they should be installed only if you need the tools contained in the kit.
Term
Which of the following activities can be used to describe or identify the components of the IT solution that are included in a trusted computing base?
Definition
List all aspects of the computer, software, procedures, and policies that support and enforce the security policy. - The trusted computing base is the collection of components such as computer hardware, software, procedures, and policies that support and enforce the security policy. Not all hardware components of a computer are a part of the trusted computing base. Not all software installed on a system is part of the trusted computing base. Not all hardware and software but that involved in communications is part of the trusted computing base.
Term
Managing and maintaining the trusted computing base is an essential element of maintaining security. Which of the following is not needed to maintain the trusted computing base?
Definition
Maintaining a backup of the trusted computing base components - In general,backups are an essential part of a security solution. However, managing and maintaining the trusted computing base does not involve backups, especially since not all components o the trusted computing base are software. Monitoring, enforcing procedures, secure design, and regular updates are part of managing and maintaining the trust computing base.
Term
You own a company that builds client and server computers. You've decided to become a government-approved purchasing organization so you can sell your products to government agencies and government contractors. In order to qualify with the purchasing requirements established by the United Stages government, what must you do?
Definition
Obtain certification of your products. - Most government purchasing requirements include requiring the products to comply with a specific evaluation criteria. Proof of compliance with such criteria is known as certification. Current certifications should be in compliance with Common Criteria. Specific security templates, quick format utilities, onsite technical support contracts, and security degrees are typically not elements of government purchasing contracts.
Term
When performing access control, a secured computer system performs two functions. Which of the following statements describes the first function?
Definition
Proving an identity - The first function or step when performing access control is to prove the identity of user (authentication). The second function or step is authorization. Receiving a claimed identity is the initial sub-step of authentication. Tracking user activity occurs after access control or authorization.
Term
Which of the following is not a reason that passwords are considered a weak security mechanism?
Definition
Single Sign-on - A single sign-on solution does not necessarily need to use passwords. Furthermore, even if it does, that does not relate to the issue of passwords being insecure or a weak mechanism. Passwords are insecure because they can be intercepted with Trojan horse key loggers, captured through network traffic eavesdropping, and stolen through shoulder surfing
Term
Which of the following should be the determining factor when you are selecting between two biometric devices from different vendors?
Definition
CER (Crossover Error Rate) - You should use the CER to select the more accurate device when you are selecting from several models of the same type of biometric scanner. False rejection rate (Type 1) errors and false acceptance rate (Type 2) errors are graphed to define the CER for a device. Acceptability is take into account when selecting what form of biometric scanner to use. Once you are deciding between two different products, you have already decided what biometric factor you want to use and you just need to select the best device for your environment.
Term
You are designing the log on security system for a bank environment. Which of the following represents the strongest authentication solution?
Definition
A password and a token - A password and token are the strongest set of authentications listed here, since they are two different authentication factors. All of the other examples are two of the same factor.
Supporting users have an ad free experience!