Term
| What are the data base administrator roles? |
|
Definition
Used to assign user database account maintenance responsibility to users other than DBAs.
may have the privileges to create user database accounts, assign specific database profiles to the user accounts and assign database roles. |
|
|
Term
| What is MS SQL Server Version 8 marketed as? |
|
Definition
|
|
Term
| Is SQL Server Version 8(SQL Server 2000) capable of being fully compliant with DoD security standards? |
|
Definition
|
|
Term
| Access permissions fall into what three categories? |
|
Definition
Statement Permissions
Object Permissions
Implied Permissions |
|
|
Term
| Once auditing is enabled at the database level, specific auditing instructions have to be issued from what? |
|
Definition
|
|
Term
| SQL server configuration options have a security impact on what? |
|
Definition
|
|
Term
| What are a few of the more important security parameters? |
|
Definition
Allow Updates
C2 Audit Mode
Remote Access
Scan For Startup Procs |
|
|
Term
| What is a fully functional version of Microsoft SQL Server. |
|
Definition
| MSDE (Microsoft SQL Server Desktop Engine) |
|
|
Term
| Oracle Access Control provileges are devided into what two types? |
|
Definition
System privileges
Object privileges |
|
|
Term
| Web servers have become the focus for individuals who wish to do what 3 things? |
|
Definition
| Steal, damage, or deny access |
|
|
Term
| What are the responsibilities of the IAM/IAO? |
|
Definition
Trained staff
verify local policies are developed approved and posted. |
|
|
Term
| What are the responsibilities of the SA? |
|
Definition
| host operating system and will ensure the web server is configured IAW the product specific checklist. |
|
|
Term
| What are the responsibilities of the Web Manager? |
|
Definition
configure and manage web server
Coordinate of placement and scripts
Provide security guidance and training
advise IAO of technical, operational or security problems with possable solutions |
|
|
Term
|
Definition
| Common Gateway Interface -a standard for interfacing applications with information servers |
|
|
Term
|
Definition
| Extends the ability of the server to respond to client events without the need for client/server communications. |
|
|
Term
| Windows DNS provides cryptografic authentication through the what? |
|
Definition
| Secure Dynamic Updates feture |
|
|
Term
| What does Windows Internet Naming Service do? |
|
Definition
|
|
Term
|
Definition
| Set up the forest in active directory and gives permissions to the exchange admin |
|
|
Term
| What is Installation Directory? |
|
Definition
| partition for the OS to reside. |
|
|
Term
|
Definition
| Gathers information about the user |
|
|
Term
|
Definition
| presents a user with ads based on trends for that user |
|
|
Term
| Symantec Norton AntiVirus Corporate Edition is also know as what? |
|
Definition
|
|
Term
| What does AntiVirus CE prtect? |
|
Definition
| protection from viruses that spread from hard drives, floppy disks, e-mail attachments, and other files that travel across networks. |
|
|
Term
| T/F Web Browsers are the client applications that communicate with web servers? |
|
Definition
|
|
Term
| T/F Data, HTML web pages, and files sent to the browser can contain malicious mobile code? |
|
Definition
|
|
Term
| The SA/IAO will ensure that the browser is configured to what? |
|
Definition
| To support current DoD mobile code policies |
|
|
Term
| Remote Access from any location is considered what? |
|
Definition
|
|
Term
| The risk of exposure to vulnerabilities, malicious attackers, and opportunistic individuals is significantly incressed with the use of what? |
|
Definition
|
|
Term
| What is the best means of protecting data on mobile devises? |
|
Definition
| Encrypting the files on the devise itself |
|
|
Term
| For a remote access VPN to be as secure as possible, the traffic should be what? |
|
Definition
| Encrypted and integrity protected |
|
|
Term
| What are the three approved cryptographic algorithims? |
|
Definition
| cryptographic hash functions, symmetric key algorithms, and asymmetric key algorithms |
|
|
Term
| What is function of the private key? |
|
Definition
| Decryption or to compute a signature |
|
|
Term
| Cryptography relies upon two basic components. What are they? |
|
Definition
|
|
Term
| What are Symmetric Key Algorithms? |
|
Definition
| Uses a single key for both encryption and decryption |
|
|
Term
| What are Asymmetric Algorithims? |
|
Definition
| Uses a public and a private key |
|
|
Term
|
Definition
| small part of message to verify the message |
|
|
Term
| How are the public and private key related in Asymmetric algorithims? |
|
Definition
|
|
Term
|
Definition
| Triple Data Encryption Algorithm- operates on blocks (chunks) of data during an encryption or decryption operation |
|
|
Term
|
Definition
| Certificate Issuing and Management Components- consists of the hardware, software and firmware that are responsible for issuing, revoking, and managing public key certificates. |
|
|
Term
| T/F In hierarchical models, a CA delegates trust when it certifies a subordinate? |
|
Definition
|
|
