Download Chapter04

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
Document related concepts

Malware wikipedia , lookup

Information security wikipedia , lookup

Airport security wikipedia , lookup

Cross-site scripting wikipedia , lookup

Wireless security wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Hacker wikipedia , lookup

Distributed firewall wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Windows Update wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Mobile security wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Unix security wikipedia , lookup

Computer security wikipedia , lookup

Security-focused operating system wikipedia , lookup

Transcript 
Security+ Guide to Network Security Fundamentals, 2e
Solutions 4-1
Chapter 4 Review Questions
1. You can start to build defenses for your information systems by creating security
___________.
a. foundations
b. baselines
c. pillars
d. planes
2. In Microsoft Windows, the name of the background program, such as Svchost.exe, is called a
_____ .
a. process
b. service
c. display service
d. parent service
3. Stopping and then starting again a service is sometimes called a ______________.
a. restart
b. disable
c. process
d. reable
4. A nonsecurity advantage of disabling a service is that ____________.
a. ROM is preserved
b. the operating system can perform fewer functions
c. communication with firmware is enhanced
d. it frees up RAM
5. A(n) _____ identifies what program or service on the receiving computer is being accessed.
a. process
b. port number
c. UPD designator
d. service-initiated socket (SIS)
6. Port 80 identifies the service as Web traffic (HTTP). True or false?
7. Determining which services to turn off is a very simple task. True or false?
Security+ Guide to Network Security Fundamentals, 2e
Solutions 4-2
8. With open source software such as Linux, the user community provides updates. True or
false?
9. A patch should be applied before a service pack. True or false?
10. Tools that assist in the update procedures of distributing and testing patches are known as
patch management tools. True or false?
11. A process provides what is known as a(n) _____ to the operating system. service
12. When a service is in _____ mode, it starts every time the computer is turned on. automatic
13. _____ mode allows Windows to start a service whenever it is needed. Manual
14. A service that has been set to _____ mode is not loaded, even if it is needed. Disable
15. Explain the differences between a service pack, a hotfix, and a patch.
Of the different types of software updates there are three that are most commonly used.
The service pack, which is a cumulative set updates including fixes for problems that
have not been made available through updates, are the most broad. After installing the
current version of the operating system software on the computer the very next step
should be to install the service pack (or packs). This will serve to update the software to
the fullest extent. The second type is known as a hotfix. A hotfix does not typically
address security issues. Instead, it addressed a specific problem in software, such as a
feature that does not work properly. Once all of the service packs have been installed
on a new system then any hotfixes should be applied. The third common update is a
patch, or a software update to fix or repair of a specific security flaw. Patches may be
released on a regular or irregular basis, depending upon the vendor or support team.
Patches for a local operating system can be installed by the end user on his or her own
system.
16. What are the desirable features of a good patch management system?
Patch management attempts to identify the systems that need updates and then installs
and tests those updates as well as identifying any new vulnerabilities. The features of a
good patch management system include:
 Patches can be targeted at certain groups of computers for deployment
 Computers are automatically rebooted after the patch is installed
 A reporting system verifies the download and installation of the patch
 Third-party management and patch tools should connect to the patch management
system
 Patches can be downloaded from the Internet onto a local patch server and then the
updates can be distributed locally so that patches can be applied to computers that
do not have Internet access
 Patches can be copied to a CD from the local patch server and installed manually if
necessary
Security+ Guide to Network Security Fundamentals, 2e
Solutions 4-3
17. What are security template snap-ins?
Microsoft Windows systems provide a centralized method of defining security on a
computer. The Microsoft Management Console (MMC) is Windows a utility that
accepts additional components known as snap-ins. Snap-ins, available from either
Microsoft or other third-party vendors, adds additional functionality to the operating
system.
One of the useful snap-in components is the Security Template snap-in. Security
Templates do not introduce new security parameters, but rather organizes all existing
security attributes into one place to make security administration easier by providing a
single point of entry where all system security can be viewed, adjusted, and applied to a
local computer.
18. List some ways to secure a Web server.







Some of the steps that should be followed to harden a Web server include:
Use ACLs to limit a Web surfer’s ability to navigate and browse the content and run
selected applications; they should never be given permissions to write to the server.
Be sure that patches and service packs are regularly used to update the server.
Keep in tune with exposed Web server vulnerabilities by subscribing to security
organizations that distribute information on the latest flaws, or regularly visit attacker
Web sites.
Delete any sample files that may be included with the installation that are intended as
references; these may have security holes in them.
Isolate the Web server from the internal network
Be sure that the Web server records its actions on a log file and examine the file
regularly
If the server will be sending or receiving sensitive information, implement a technology
that encrypts the transmission
19. What is an open mail relay? How can it be prevented?
An open mail relay occurs when a mail server processes mail messages when neither the
sender nor the recipient is a local user. The mail server is used to “bounce” e-mail from
one outside source to other sources. In this case the mail server becomes an entirely
unrelated third party. Spammers use open mail relays to to distribute hundreds of
thousands of e-mail messages that can only be traced back to the open mail relay and
not the spammer’s computer. Open mail relay can be prevented by properly
configuring the mail server. Only trusted users should be given permission to send
outgoing e-mail messages. This can be set by specifying a IP range of addresses.
Another option is to specify which systems are allowed to send mail through the mail
server.
20. What is a rule base and how is it used?
The rules that a network device will use to permit or deny a packet are sometimes
called a rule base. Because more than one criteria is used, such as deny packets arriving
from a specific site or that attempt to access a specific TCP port, ACLs end up being
lists of rules instead of one specific rule. Because each packet must be compared to the
Security+ Guide to Network Security Fundamentals, 2e
Solutions 4-4
set of rules before it can pass through, it is important that the rule base size be limited
to about 40 rules. As packets arrive they are compared to each rule in sequence: the
packet is first compared to Rule 1, and if it passes it is then compared to Rule 2, etc.
The most important rules should come towards the top of the list. The last rule should
be a “general” rule that covers malicious packets that have not been detected by any
previous rules.
Related documents
The New Drug Patch Treatment
The New Drug Patch Treatment
Patches - carmelacanzonieri.com
Patches - carmelacanzonieri.com
Mechanisms involved in spatial and temporal mobility of disease
Mechanisms involved in spatial and temporal mobility of disease
A metapopulation simulation including spatial heterogeneity, among
A metapopulation simulation including spatial heterogeneity, among
The Drug Dealers
The Drug Dealers
Transdermal Delivery Systems
Transdermal Delivery Systems
Understanding the Types of Direct Marketing
Understanding the Types of Direct Marketing
Butrans Patch
Butrans Patch
Transdermal Delivery Systems
Transdermal Delivery Systems
Direct mail
Direct mail
Ecology
Ecology
New Paradigms - School of Environmental and Forest Sciences
New Paradigms - School of Environmental and Forest Sciences
Things to know before using the FASTT or WHITEE Patches and LC
Things to know before using the FASTT or WHITEE Patches and LC
AP Environmental Science Fall 2016
AP Environmental Science Fall 2016
Chapter 29 – Conducting Marketing Research
Chapter 29 – Conducting Marketing Research
extinct
extinct
Fentanyl Patch - Doctors Foster and Smith
Fentanyl Patch - Doctors Foster and Smith
module 2 network security unit 1
module 2 network security unit 1
Administration of medications Patch_Cream
Administration of medications Patch_Cream
On-line marketing communications
On-line marketing communications
2015 6345 hw1
2015 6345 hw1
File
File