• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/25

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

25 Cards in this Set

  • Front
  • Back

Name four procedures for Hardening the Network?
  1. Port Security: limiting which MAC address connect to Switch ports. MAC limiting.
  2. MAC Limiting: and Filtering: Limits which MAC addresses connects to ACL or switch
  3. Disable Unused Interfaces (Ports)
  4. RADIUS 802.1x: Sends all network access request to an authenticating server

Name steps to Harden Network Switch?
  1. Connect to the console port through a serial connection.
  2. Disable unused ports
  3. Configure Port Security
  4. Test the Port Security

How is are Rogue system/device handled?

Disable the port the device is connected to then investigate.

What are Security Templates?

Security templates are text files that can be used to configure policy settings in a Windows environment.

What is a security Baseline?

A standard configuration that has been approved by the company for a specific type of system or device. It is required for all systems.

What are the four key stages of managing a Security Baseline?
  1. Security Posture: baseline requirement established and documented.
  2. Initial Baseline Configuration: Template or imaging.
  3. Continuous Security Monitoring: Running Vulnerability Scans
  4. Remediation: Correcting a fault in the system

Name three methods of reporting?
  1. Alarms: report critical events
  2. Alerts: used to notify admin an event has occurred
  3. Trends: analysis typically involves looking at log files or packet capture looking for trends

Purposely Inputting Invalid data into a data entry screens is?

Fuzzing

What is the Application Security Issue with ActiveX controls, Java, Scripting Browser and Cookies?
  1. ActiveX: controls can manipulate the system.
  2. Java: Sandbox exclusivity.
  3. Scripting: Can modify the system.
  4. Browser: Because most Web sites have different types of content.
  5. Cookies: info can be viewed by others and unencrypted and can be viewed.
What is the Application Security Issue with Instant messaging, Peer-to-Peer File sharing, P2P and Buffer overflow?
  1. Instant Messaging: Can give hacker free rein
  2. Peer-to-Peer: Can contain malicious code
  3. Cross-site scripting: Overloading a system and then taking it over.Script code is inserted into a form that executes when the page is displayed by another user.
  4. Buffer Overflow:Can result allow admin access

The best practice for preventing application security fall into two categories what are they?
  1. Validate input
  2. Apply patches

Application Hardening is accomplished by?
  1. Disabling unused features

Cross-site Scripting is prevented by?

Validating input.

Cross-site request forgery is prevented by?
  1. Do not check Remember Me Box
  2. Application cookies should be set to expire in a short time.

Server and Client side validation can be used is a method of?

Application Hardening.

What is the first thing to do on all servers to harden them?

Disable unnecessary software and services.

Once all unnecessary software and services have been disabled what should be done next.
  1. Patch the system
  2. Configure password and account lockout policies and enable auditing
  3. Set strong passwords on accounts
  4. Rename default accounts.

In addition to applying standard hardening procedures what should be done with the HTTP servers?
  1. Place servers in the DMZ outside firewall and the internal firewall.
  2. The Server is not accessed by the public then disable anonymous access.
  3. Use SSL when needed

In addition to applying standard hardening procedures what should be done with the DNS servers?
  1. Limit Zone transfers i.e. when the primary DNS server sends the DNS data to the secondary DNS server.
  2. Enable port UDP 53 to open the firewall to allow DNS queries to reach the DNS server and block TCP 53 if zone transfers are not allowed.
In addition to applying standard hardening procedures what should be done with the DHCP servers?
  1. Create a scope (IP addresses for the DHCP to give out)
  2. Associate MAC with the in scope IPs
In addition to applying standard hardening procedures what should be done with the SMTP and FTP servers?
  1. Protect the SMTP with and firewall and open TCP port 25 and disable relaying to destination server.
  2. Protect FTP by limiting who can upload and decide about using anonymous or forcing authentication.

Network segmentation allow for control of?

Which systems can communicate with one another on the network.VLANs and IP subnets can be used for segments.

Control redundancy and diversity is the security principle of?

Ensuring that there is diversity of product

These provide granular control of access to specific network services. What are they?

Wrappers

In addition to patching the Operating System it is a good practice also patch the ________________?

Applications