Chat with AI
Deck 12: Operating System Security
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/45
Play
Full screen (f)
Deck 12: Operating System Security
1
Performing regular backups of data on a system is a critical control
that assists with maintaining the integrity of the system and user data.
that assists with maintaining the integrity of the system and user data.
True
2
A malicious driver can potentially bypass many security controls to
install malware.
install malware.
True
3
Lower layer security does not impact upper layers.
False
4
Most large software systems do not have security weaknesses.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
5
The default configuration for many operating systems usually
maximizes security.
maximizes security.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
6
You should run automatic updates on change-controlled systems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
7
Ideally new systems should be constructed on an unprotected network
in order to prevent installation restrictions.
in order to prevent installation restrictions.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
8
The first step in deploying new systems is _________.
A)security testing
B)installing patches
C)planning
D)secure critical content
A)security testing
B)installing patches
C)planning
D)secure critical content
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
9
__________ applications is a control that limits the programs that can execute on the system to just those in an explicit list.
A)Virtualizing
B)White listing
C)Logging
D)Patching
A)Virtualizing
B)White listing
C)Logging
D)Patching
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
10
The purpose of the system does not need to be taken into consideration
during the system security planning process.
during the system security planning process.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
11
Each layer of code needs appropriate hardening measures in place to
provide appropriate security services.
provide appropriate security services.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
12
The following steps should be used to secure an operating system:
A)test the security of the basic operating system
B)remove unnecessary services
C)install and patch the operating system
D)all of the above
A)test the security of the basic operating system
B)remove unnecessary services
C)install and patch the operating system
D)all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
13
Manual analysis of logs is a reliable means of detecting adverse
events.
events.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
14
It is possible for a system to be compromised during the installation
process.
process.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
15
Passwords installed by default are secure and do not need to be
changed.
changed.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
16
A plan needs to identify appropriate personnel to install and manage
the system,noting any training needed.
the system,noting any training needed.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
17
The first critical step in securing a system is to secure the __________.
A)base operating system
B)system administrator
C)malware protection mechanisms
D)remote access privileges
A)base operating system
B)system administrator
C)malware protection mechanisms
D)remote access privileges
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
18
Backup and archive processes are often linked and managed together.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following need to be taken into consideration during the system security planning process?
A)how users are authenticated
B)the categories of users of the system
C)what access the system has to information stored on other hosts
D)all of the above
A)how users are authenticated
B)the categories of users of the system
C)what access the system has to information stored on other hosts
D)all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
20
A very common configuration fault seen with Web and file transfer
servers is for all the files supplied by the service to be owned by the
same "user" account that the server executes as.
servers is for all the files supplied by the service to be owned by the
same "user" account that the server executes as.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
21
The range of logging data acquired should be determined _______.
A)during security testing
B)as a final step
C)after monitoring average data flow volume
D)during the system planning stage
A)during security testing
B)as a final step
C)after monitoring average data flow volume
D)during the system planning stage
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
22
______ systems should not run automatic updates because they may possibly introduce instability.
A)Configuration controlled
B)Policy controlled
C)Change controlled
D)Process controlled
A)Configuration controlled
B)Policy controlled
C)Change controlled
D)Process controlled
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
23
______ is the process of retaining copies of data over extended periods of time,being months or years,in order to meet legal and operational requirements to access past data.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
24
The needs and policy relating to backup and archive should be determined ______.
A)as a final step
B)during the system planning stage
C)during security testing
D)after recording average data flow volume
A)as a final step
B)during the system planning stage
C)during security testing
D)after recording average data flow volume
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
25
The three operating system security layers are: physical hardware,operating system kernel,and _________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
26
The aim of the specific system installation planning process is to maximize _______ while minimizing costs.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
27
The most important changes needed to improve system security are to ______.
A)disable remotely accessible services that are not required
B)ensure that applications and services that are needed are appropriately configured
C)disable services and applications that are not required
D)all of the above
A)disable remotely accessible services that are not required
B)ensure that applications and services that are needed are appropriately configured
C)disable services and applications that are not required
D)all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
28
The final step in the process of initially securing the base operating system is ________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
29
_______ is the process of making copies of data at regular intervals allowing the recovery of lost or corrupted data over relatively short time periods of a few hours to some weeks.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
30
Cryptographic file systems are another use of _______.
A)encryption
B)testing
C)virtualizing
D)acceleration
A)encryption
B)testing
C)virtualizing
D)acceleration
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
31
______ is a reactive control that can only inform you about bad things that have already happened.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
32
System security begins with the installation of the ________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
33
Unix and Linux systems grant access permissions for each resource using the ______ command.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
34
______ are resources that should be used as part of the system security planning process.
A)Texts
B)Online resources
C)Specific system hardening guides
D)All of the above
A)Texts
B)Online resources
C)Specific system hardening guides
D)All of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
35
Once the system is appropriately built,secured,and deployed,the process of maintaining security is ________.
A)complete
B)no longer a concern
C)continuous
D)sporadic
A)complete
B)no longer a concern
C)continuous
D)sporadic
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
36
The ______ process makes copies of data at regular intervals for recovery of lost or corrupted data over short time periods.
A)logging
B)backup
C)hardening
D)archive
A)logging
B)backup
C)hardening
D)archive
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
37
Security concerns that result from the use of virtualized systems include ______.
A)guest OS isolation
B)guest OS monitoring by the hypervisor
C)virtualized environment security
D)all of the above
A)guest OS isolation
B)guest OS monitoring by the hypervisor
C)virtualized environment security
D)all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
38
Unix and Linux systems use a ________ which restricts the server's view of the file system to just a specified portion.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
39
_______ systems should validate all patches on test systems before deploying them to production systems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
40
The ______ process retains copies of data over extended periods of time in order to meet legal and operational requirements.
A)archive
B)virtualization
C)patching
D)backup
A)archive
B)virtualization
C)patching
D)backup
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
41
Guest OSs are managed by a ______,or VMM,that coordinates access between each of the guests and the actual physical hardware resources.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
42
______ virtualization systems are more common in clients,where they run along side other applications on the host OS,and are used to support applications for alternate operating system versions or types.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
43
Configuration information in Windows systems is centralized in the _______,which forms a database of keys and values.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
44
________ refers to a technology that provides an abstraction of the computing resources that run in a simulated environment.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
45
______ virtualization systems are typically seen in servers,with the goal of improving the execution efficiency of the hardware.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
