Uploaded by Its_Ecliptic

Chapter 12 Studyguide (DONE)

advertisement
Name _____________ ___________________________________________ Date __________________
Chapter 12: Security
Tips for success: While answering the questions read Chapter 12 and review the summary.
All answers should be in RED type.
After completion of this chapter, students should be able to:









Explain why security is important and describe security threats.
Explain social engineering, data wiping, hard drive destruction and recycling.
Identify security procedures.
Explain what is required in a basic security policy and describe ways to protect data.
Describe wireless security techniques
Explain the tasks required to protect physical equipment.
Identify common preventive maintenance techniques for security.
Explain measures to maintain operating systems, backup data, configure firewalls, and maintain
accounts.
Apply the six steps of the troubleshooting process to security.
12.0 Security
1. What are the two type’s general threats to computer security? Give examples of each.
Physical such as damage to servers, and data such as corrupted files
12.1 Security Threats
2. What is Malware and what does it do?
software created to perform malicious acts
3. How is Malware typically installed?
on a computer without the knowledge of the user
4. What is a Trojan threat and where are they found?
looks like a useful program but it carries malicious code
5. Trojans are often disguised as what?
Things like free to play games
6. How much do computer viruses cost business annually? (search this)
$55 Billion
Chapter 12: Security
IT Essentials 6.0
Page 1 of 9
7. Explain what is Virus protection software and what does it do?
It is used to detect, disable, and remove malware before it infects a computer
8. Differentiate the following types of Malware:
a. Worms – Self-replicating program that is harmful to networks
b. Adware – displays pop up advertisements
c.
Spyware – gathers information about the user
d. Ransomware – denies access to infected computer
e. Rootkits – used to gain administrator account level access to a computer
9. Explain what is Phishing and give an example:
a malicious party sends an email, calls on the phone, or places a text with the intent to trick
the recipient into providing personal or financial information, such as telemarketer calls
10. What is SPAM and what threat can it pose?
used to send harmful links, malware, or deceptive content, if clicked on by the user it could open
the door to many viruses on your computer
11. What are some of the indicators of SPAM?
An email has no subject line, An email is requesting an update to an account, The email is filled with
misspelled words or strange punctuation, Links within the email are long and/or cryptic, etc.
12. Explain these common attacks:
SYN Flood - randomly opens TCP ports at the source of the attack and ties up the network
equipment
DoS - creates an abnormally large number of requests to network servers
DDoS - like a DoS attack but is created using many more computers
Spoofing - a computer pretends to be a trusted computer to gain access to resources
Man-in-the-Middle - intercepting communications between computers to steal information
transiting through the network
Replay - data transmissions are intercepted and recorded by an attacker
DNS Poisoning - The user attempts to access a legitimate site, but traffic is diverted to an
imposter site
13. What does the term zero-hours describe?
the moment when the Zero-day threat exploit is discovered
Chapter 12: Security
IT Essentials 6.0
Page 2 of 9
14. A Social Engineer is a person who can gain access to equipment or a network by tricking
people into providing the necessary access information.
15. Basic precautions to help protect against social engineering include:
Never give out your login credentials (e.g., username, password, PIN), Never post credential information
in your work area, and lock your computer when you leave your desk
12.2 Security Policy
16. Explain what is a security policy and why is it needed?
a set of security objectives that ensure the security of a network, the data, and the computer systems in
an organization, It keeps the computers on a network safe
17. What questions should you ask to determine security policy factors?
Which assets require protection, what are the possible threats, what to do in the event of a breach, and
what training will be in place to educate end users?
18. What six elements should be included in a security policy?
ID and Authentication, Password, Acceptable Use, Remote Access, Network Maintenance, and Incident
Handling Policies
19. What do most networks that use Windows computer use to maintain policy?
Active Directory
20. What security problem is created when people use each other’s password to log-in?
Everyone knows the password and can access the computers information
21. Explain the three levels of password protection that are recommended:
BIOS, Login, and Network
22. List and explain four good password guidelines/ requirements:
A - Minimum password length - The password must be at least 8 characters
B - Maximum password age - The user must change the password after 90 days
C - Password must meet complexity requirements - The password must not contain the
user's account name or parts of the user's full name
D - Minimum password age - The user must wait one day before changing a password again
23. How can an Administrator enforce password requirements using the system?
By not storing them using reversible encryption
24. What can be used to prevent a “brute force” attack?
Use the Account Lockout Policy
Chapter 12: Security
IT Essentials 6.0
Page 3 of 9
25. What can password protection can be done on a local machine?
through the User Accounts tool
26. Can local policy be automated and how if so?
Yes, in the computer local system settings
12.2.1.8 Lab – Configure Windows Local Security Policy
27. How can I limit the impact of malicious Active X controls on web-sties?
ActiveX filtering
28. What is a pop-up and how can you limit their impact?
a web browser window that opens on top of another web browser window, Pop-Up Blocker
29. What is a SmartScreen filter?
detects phishing websites, analyzes websites for suspicious items, and checks downloads
30. What is InPrivate browsing prevent the browser from doing and what are two ways you
activate it in Internet Explorer?
prevents the storing of certain information, can be opened from the Windows desktop or from within
the browser
31. What is a software firewall and how does it work?
a program that runs on a computer to allow or deny traffic between the computer and other computers,
it applies a set of rules to data transmissions through inspection and filtering of data packets
32. Where can you get a firewall for Windows 7?
In the control panel on the computer
33. What do biometric devices use to give access to people? Give one example
They are granted access if their characteristics match saved settings, devices such as a fingerprint reader
34. What make a “smart card” operate?
The small chip imbedded in it
35. Where are data backups kept and why?
removable backup media, so that way the data isn’t lost
36. What are some considerations for data backups?
Frequency, Security, Validation, Etc.
37. What is meant “Principle of Least Privilege”?
Limiting access to specific resources on a computer
38. Complete the following chart on folder permission levels:
Chapter 12: Security
IT Essentials 6.0
Page 4 of 9
Level
Full
Description
Users can see contents of a file or folder, change, create, and delete
existing files and folders, and run programs in folders
Change existing files and folders but can’t make new ones
Modify
Can see folder contents and can run programs in folder
Read and Execute
Can see contents of a folder and open files
Read
Can create new files and folders and make changes to existing ones
Write
39. How does data encryption work on a drive?
data is transformed using a complicated algorithm to make it unreadable
40. How can the Bit-Locker application be used?
It is used to encrypt an entire hard drive
41. Data Wiping is the process of removing sensitive data from hardware and software before
recycling or discarding.
42. The only ways to fully ensure that data cannot be recovered from a hard drive is to:
Fully erase the data
43. Will a Degaussing wand work on a SSD. Why or why not?
No because the data on an SSD can only be wiped by performing a secure erase
44. How should drives with potentially sensitive media be disposed of?
Use a shredding machine or incinerator
45. When facing a suspect warning window, what key combination may help safely close it?
Alt+F4
46. When a machine reports an infection, what should be the first action taken and why?
remove the computer from the network
47. Why must software manufacturers regularly create and dispense new patches to fix flaws
and vulnerabilities?
new viruses are always being developed
48. How are signature files used in keeping computers free from malicious software?
looks for patterns in the programming code of the software in a computer
Chapter 12: Security
IT Essentials 6.0
Page 5 of 9
49. Explain what is hash encoding and where is it used?
ensures that the message is not corrupt or been tampered with during transmission, It is used when two
computers send messages between them
50. What are the most popular hashing algorithms?
Secure Hash Algorithm
51. What is symmetric encryption?( Give an example in your answer)
requires both sides of an encrypted conversation to use an encryption key to encode and decode the
data, such as AES
52. What is asymmetric encryption? (Give an example in your answer.)
It requires two keys, a private key and a public key, an example is having one computer use the private
key and the other use the public key
53. When is the private key used?
encrypting a message
54. What does the SSID do and how could it be an exploit?
The name of a wireless network, attackers could access the radio waves that are put off by these
55. Define the following (you may need to search this):
Wired Equivalent Privacy (WEP) – designed to provide a wireless local area network with a
level of security and privacy comparable to what is usually expected of a wired LAN
Wi-Fi Protected Access (WPA) – security standard for users of computing devices equipped
with wireless internet connections
Lightweight Extensible Authentication Protocol (LEAP), also called EAP-Ciscoa proprietary wireless LAN authentication method developed by Cisco
56. Before WPS (Wi-Fi Protected Setup) what did people do for network security and how does
WPS help now?
They just put in the password and connected, it makes it more secure because it only connects when
both buttons are pushed
57. Why is UPnP a potential threat?
has no method for authenticating devices
58. Where can you get firmware updates for your router?
the manufacturer’s website
59. Explain the types of hardware firewall configurations:
Chapter 12: Security
IT Essentials 6.0
Page 6 of 9




Packet filter – Packets cannot pass through the firewall, unless they match the
established rule set configured in the firewall
Stateful packet inspection – keeps track of the state of network connections traveling
through the firewall
Application layer – All packets traveling to or from an application are intercepted
Proxy – inspects all traffic and allows or denies packets based on configured rules
60. What is a network DMZ and what things are usually place there?
a subnetwork that provides services to an untrusted network, things such as An email, web,
or FTP server
12.2.4.8 Worksheet - Research Firewalls
61. What is port forwarding and when might you use it at home?
forwarding all traffic ports from the Internet to a specific IP address, on a game machine, or web camera
2.2.5.8 Packet Tracer – Configure Wireless Security
62. Explain how each user level factor is a potential security concern and what can be done:

BIOS/ UEFI Passwords – a malicious user could access or erase your files by booting from
a cd or flash drive, this can be avoided by entering a BIOS or UEFI password

AutoRun and AutoPlay - automatically follows the instructions in a special file called
autorun.inf when new media, such as a CD, DVD, or flash drive, is inserted into the
computer, can be fixed by turning off AutoPlay

Multifactor Authentication - adds something you are, such as a fingerprint scan, can be
fixed by just selecting another security measure

Bring Your Own Device (BYOD) - devices that can be used within the corporate
infrastructure, can be fixed depending on how sensitive the information is
63. What are at least five methods of physically protecting computer equipment?
Use cable locks with equipment, Use webcams with motion-detection and surveillance software, Posted
security guard, Identification badges with photographs, and Keep telecommunication rooms locked
64. To limit access to a facility, what are some methods that can be used?
Sensors, such as RFID badges, to monitor location and access, Biometric sensors that identify physical
characteristics of the user, such as fingerprints, etc.
Chapter 12: Security
IT Essentials 6.0
Page 7 of 9
65. What are some questions to ask when determining the level of needed security?
How the equipment is used, Where the computer equipment is located, What type of user access to
data is required
12.2.6.3 Activity – Identify the Physical Security Device Instructor Check___________
12.3 Common Preventive Maintenance Techniques for Security
66. What is a patch and how is it different from a service pack?
code updates that manufacturers provide to prevent a newly discovered virus or worm from making a
successful attack, service packs are just a bunch of patches combined into one
67. What is the difference between an incremental backup and a differential backup? Use a
diagram to support your answer: (May need to search this)
A differential backup backs up only the files that changed since the last full back, Incremental backups
also back up only the changed data, but they only back up the data that has changed since the last
backup
68. When should backups be run?
when computer and network utilization requirements are low
12.3.1.3 Lab – Configure Data Backup and Recovery in Windows 7 /8 (10)
69. What is the difference between a restrictive verses permissive security policy when dealing
with firewalls?
By opening only the required ports on a firewall, you are implementing a restrictive security policy, a
permissive security policy permits access through all ports, except those explicitly denied
12.3.1.5 Lab - Configure a Windows Firewal 7 /8 (10)
70. When should an employee’s access be terminated and why?
Immediately, so they cannot access important information after they are gone
Chapter 12: Security
IT Essentials 6.0
Page 8 of 9
71. When should guest accounts be used?
When guests are present
72. What are the three built- in Groups?
Admins, guests, and users
73. What can help limit areas of vulnerability that allow a virus of malicious software to enter
the network by using Group membership?
add your domain user account only to the Users group
12.3.1.9 Lab – Configure Users and Groups in Windows
12.4 Basic Troubleshooting Process for Security
74. What are some common probable causes for security problems? (at least 4)
Flash drive has a virus, user added a wireless access point, network is not providing protection,
computer has a virus, download is corrupted
75. What are three quick procedures that can be done to help test your previous theory(s)?
A – scan the media device
B – turn on Windows Firewall
C – Remove the Virus
76. If a quick procedure does not correct the problem, what needs to happen?
Wipe the computer
77. What are some additional resources that can be used to establish a plan of action?
(list at least 4)
Check online, Troubleshoot the issue, Make sure the Firewall is on, Test more theories
78. After you have determined the exact cause of the problem what needs to occur?
Test different solutions until you find one that works
79. What is the final step(s) in troubleshooting and what are at least three actions you may do
in that final step(s)?
Making sure the computer is working properly, reboot the computer, perform simple tasks
on it, troubleshoot it to see if no errors are detected
Chapter 12: Security
IT Essentials 6.0
Page 9 of 9