click below
click below
Normal Size Small Size show me how
IT Fundamentals
Block 5 Unit 2 - 20 April 2023
Question | Answer |
---|---|
______________________is a wired and wireless network security solution that allows control of access based on predefined conditions that systems must meet prior to being granted onto a network. | Network Access Control |
Network Access Control can scan a system attempting to connect to the network for OS __________________, _______________ software and virus ______________, and can determine whether a host-based ________________ is installed and running. | updates, antivirus, software and virus definitions, and can determine whether a host-based firewall is installed and running |
NAC may require users connecting to a wireless network to accept _____________________________________________ before permitting them access. | terms of usage |
______________-based NAC utilizes software installed on clients which authenticates the client to the NAC before scanning and allowing network access. | Agent |
Agentless NAC does not require agent _____________ to be installed on a client. | software |
Dissolvable agents run the NAC check for a current status of the system but does/does not remain installed. ________________ | Does Not |
Secured system access requires individuals to identify themselves and for a system to verify that they are who they say they are. This verification process is called ____________________. | Authentication |
In something you know, users must know something to prove their identity. Examples include what two things? _______________________________________________________________ | Passwords and PINS |
This type of authentication factor includes swipe cards, physical tokens and codes sent to mobile phones via text message. ________________________ | Something you Have |
This type of authentication factor requires a biometrics system. ________________________ | Something You Are |
This authentication factor is based upon a user’s location. ________________________ | Somewhere You Are |
An authentication factor that is based on user habits like typing patterns is ________________________. | Something You Do |
________________________ authentication uses any combination of two factors. | Multifactor |
Combining a username + password is considered multifactor authentication. (True/False) ________________________ | False |
A drawback to what service is that if an account is compromised, a hacker can now access multiple servers rather than one? _______________________________ | Single Sign-on |
A popular approach for ________________________ the network is to ensure that anyone who connects supplies valid credentials before the connection is allowed. | hardening |
What must be supplied by a user who's attempting to connect to a network secured with 802.1X? ________________________________ | valid credentials |
An IEEE ________________________-compliant switch can be configured in conjunction with an authentication service to ensure connecting clients are being provided before permitting network access. | 802.1X |
A system that offers centralization of authentication, authorization, and accounting are known as what? ______________________________________________ | Authentication, Authorization, and Accounting (AAA) |
Accounting logs user activity on a network and tracks _____________. Any network resources (such as access time and bandwidth) the user consumes during their session is logged | usage |
___________________is presenting information about yourself to a system, such as a username or a smartcard. | Identification |
The part of AAA services that validate the _________________ presented by a user is authentication. | Authentication |
After verifying the account information, the user is granted access to the network. Which part of AAA is this? ________________________ | Authorization |
With ___________________ _____________________________ clients can access a network remotely by connecting to a client which sends an authentication request through User Datagram Protocol (UDP)? | Remote Authentication Dial-In Service RADIUS |
DIAMETER is a newer AAA protocol that gives a more reliable and secure communication service through which protocol? __________________________________________ | Transmission Control Protocol |
Ensuring the integrity of software is called ________________________. | Application Security |
In this SDLC model, each phase of development must be completed prior to passing on to the following phase. ____________________________. | Waterfall |
In this SDLC model, backtracking and repeating development steps is possible, making it receptive to customer feedback ____________________________. | Agile |
In order to ensure that no possible keyboard characters can be manipulated by hackers, developers should conduct input ____________________________. | input validation |
Taking measures to prevent security issues on a network before they happen is called application ____________________________. | Application Hardening |
________ are used to automate processes on a computer or for generating Web pages. | Scripts |
Attack scripts utilize the process to attack a system. | scripting |
Cross site scripting can compromise ______, activate ______ programs, mislead users into revealing _______, and enable a perpetrator to steal session cookies to ________. | user accounts, trojan horse, private data, impersonate users |
Some application vulnerability prevention techniques include what four things? | 1. Software patches, 2. configuration baseline, 3. app hardening, 4. cross-site request forgery prevention |
When hardening an application you should features that are not necessary. | disable |
Remember Me" should be denied by browser users to avoid _______. | Cross-Site Request Forgery |
How can you stop an attacker from inserting a disc into the optical drive to boot into another operating system? ______________________________________________________________________________ | disable booting from everything but the primary storage drive, and add password to CMOS |
To prevent data theft and worms, Universal Serial Bus (USB) data ports are _______________ on Department of Defense computers. | disabled |
Facilities should be protected by facility protection measures that limit ________________________________. | Physical Access |
To prevent theft, servers should be stored in ____________________, and access controlled | Secured Communications Rooms |
Hardware encryption applies very complex encryption more/less quickly than software encryption. ________ | More |
When BitLocker is enabled, without the key a Windows 7 system cannot boot. This is an example of what type of encryption? ________________________ | Full Disk Encryption |
When using Full Disk Encryption (FDE), what stores the cryptographic keys? ________________________________ | Trusted Platform Module |
When installing a cryptographic processor on a separate card, what would that be called? _________________________________ | Hardware Security Module |
Storage drive encryption can encrypt what kinds of storage drives? | Hard drives and USB drives |
Cross site scripting injects malicious code into what? | websites |