Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Operating Systems

Module 9

Authentication The process of identifying an individual, usually based on a username and password.
Backdoor Also called a trapdoor. An undocumented way of gaining access to a program, online service or an entire computer system.
Digital certificate An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply.
Encryption The translation of data into a secret code
Public Key Infrastructure (PKI) a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction.
Public Key Encryption A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message.
Rootkit a type of malicious software that is activated each time your system boots up.
Social Engineering In the realm of computers, the act of obtaining or attempting to obtain otherwise secure data by conning an individual into revealing secure information.
Zero-fill Utility To place leading zeros in the portion of a field to the left of a numeric value.
Security Policies •External and internal policies are typically applied •Policies are developed, enacted, observed and maintained •Driven by various standards/laws: HIPPA, FERPA, ISO 17799 & 27002, NIST, etc.
Security policies Two goals protect assets and allows access (often a balance due to the inherent conflict)
Access Control oPerformed by a combination of authentication and authorization oApplied at multiple levels oRequires the use of strong credentials and good resource-access design
Which Access Control method requires a user to prove their identity? Authentication
Where are power-on passwords assigned? Assigned in Bios setup and kept in CMOS Ram
Authentication Technologies oUsed in larger network environments oUsername/password, PIN, Biometrics, Smart card, or combination
Vista’s default authentication protocol is: Kerberos
Administrator Account oDefault use of was the downfall of Windows Operating Systems through XP oVista brought significant change in philosophy oUse of the administrator account should be limited to administrative duties
Standard Account oAccount type recommended for day-to-day use
File/Folder Protection oMultiple methods of securing files and folders oSharing, visible/hidden, encrypted, password protection
What location on a Vista PC is intended as the location for folders and files that all uses share? c:users\public
Equipment oPhysical protection levels should match data value levels oHardware and software techniques
Encryption (NTFS) oMethod to protect information by forcing translation oVarious methods available depending on OS version oVarious techniques applied at different levels oEncrypted files may be shared, encrypted folders may not
How are encrypted files displayed in Windows Explorer? Displayed in Green
The quickest way to lock a Windows workstation is: Windows Key and L
Infection occurs when malware has penetrated the defenses
Malware is often categorized by intent, action, spreading techniques
Virus various types, replicates, often needs a host file
Adware often not malicious but annoying, comes with free programs
Spyware various types, collect data to report, benign to severely malicious
Worm similar to a virus, replicates, does not require a host file
Browser Hijacker alters browser settings
Spam unwanted/junk email, often the result of distant malware on another’s PC
Virus Hoax often “nice” email or false virus information
Phishing act of Social Engineering, baiting a user to give out personal information
Logic Bomb time or action dependent routine that runs to perform malicious act
Trojan malware masquerading as legitimate program
Rootkit old UNIX term, now used to describe malware with advanced hiding ability
Identify the best way to protect against a worm: Firewall
The most common viruses spread by email are: Macro viruses
How does (using) Firefox enhance security on a Windows PC? Its an alternate client sorfware
Social Engineering oPractice of manipulating people with malicious intent oIncludes phishing, email scams, virus hoaxes and others oMay involve script use taking advantage of normally hidden filename extensions
Routine Security Maintenance •Effective password policy •OS and security/antimalware software: enabled, updated, routinely run •Monitor events (Event Viewer) •Monitor fault tolerance activities, test the recovery plan •Schedule and perform system maintenance
What is the best way to erase everything on a hard drive? use hard drive manufactuer zero-fill utility
Created by: booaphi