Chat with AI
Deck 14: Baselines
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/45
Play
Full screen (f)
Deck 14: Baselines
1
In Mac OS X,what does library randomization do?
A)It defeats buffer overflows.
B)It is used for encryption.
C)It restricts network access.
D)It increases the ease of code writing.
A)It defeats buffer overflows.
B)It is used for encryption.
C)It restricts network access.
D)It increases the ease of code writing.
A
2
Which of the following is NOT a UNIX file permission?
A)Read
B)Write
C)Modify
D)Execute
A)Read
B)Write
C)Modify
D)Execute
C
3
What is the first step in addressing issues with passwords?
A)The first step in addressing password issues is to create an effective and manageable password policy that both system administrators and users can work with.
B)The first step in addressing password issues is to find a systematic,alpha-numeric combination and then assign passwords,so that both system administrators and users can tell which department is using what system.
C)The first step in addressing password issues is to see how many passwords are required.
D)The first step in addressing password issues is to see how many accounts can use the same password.
A)The first step in addressing password issues is to create an effective and manageable password policy that both system administrators and users can work with.
B)The first step in addressing password issues is to find a systematic,alpha-numeric combination and then assign passwords,so that both system administrators and users can tell which department is using what system.
C)The first step in addressing password issues is to see how many passwords are required.
D)The first step in addressing password issues is to see how many accounts can use the same password.
A
4
Linux and other operating systems use the _______ command to change the read-write-execute properties of a file or directory.
A)tracert
B)ifconfig
C)chmod
D)chkconfig
A)tracert
B)ifconfig
C)chmod
D)chkconfig
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
5
An initial baseline should be performed when?
A)After every update to a system
B)Before patches are installed on a system
C)After administrators have finished patching,securing,and preparing a system
D)Every 90-120 days,as determined by local policy
A)After every update to a system
B)Before patches are installed on a system
C)After administrators have finished patching,securing,and preparing a system
D)Every 90-120 days,as determined by local policy
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
6
Most modern UNIX versions store the passwords associated with a user account in a
A)BitLocker
B)shadow file
C)passwd file
D)Registry
A)BitLocker
B)shadow file
C)passwd file
D)Registry
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
7
On a UNIX system,if a file has the permission rwx r-- ---,what permission does the group have?
A)Execute,read,write
B)Read
C)Read,write,execute
D)No permissions
A)Execute,read,write
B)Read
C)Read,write,execute
D)No permissions
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
8
Selecting a good password for each user account is critical to protecting information systems.How should you select a good password?
A)Use letters in your first name and letters in your last name.
B)Select a password that is still relatively easy to remember,but still difficult to "guess."
C)Unfortunately,there is way to keep a password safe,so it really doesn't matter what you use.
D)Create a password that would be hard to remember,and then write it down so you won't forget it.
A)Use letters in your first name and letters in your last name.
B)Select a password that is still relatively easy to remember,but still difficult to "guess."
C)Unfortunately,there is way to keep a password safe,so it really doesn't matter what you use.
D)Create a password that would be hard to remember,and then write it down so you won't forget it.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
9
Run levels are used to
A)Determine which users are allowed on a Windows machine
B)Describe the state of initialization and what system services are operating in a Linux system
C)Determine the level of user in Linux systems
D)Are a Windows construct to manage which services are allowed to autostart
A)Determine which users are allowed on a Windows machine
B)Describe the state of initialization and what system services are operating in a Linux system
C)Determine the level of user in Linux systems
D)Are a Windows construct to manage which services are allowed to autostart
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
10
Which of the following is true of the registry permissions area settings in security templates?
A)They control who should be allowed to join or be part of certain groups.
B)They are for services that run on the system.
C)They control who can access the registry and how it can be accessed.
D)They are settings that apply to files and folders,such as permission inheritance.
A)They control who should be allowed to join or be part of certain groups.
B)They are for services that run on the system.
C)They control who can access the registry and how it can be accessed.
D)They are settings that apply to files and folders,such as permission inheritance.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
11
Which UNIX command would you use to change permissions associated with a file or directory?
A)chmod
B)chown
C)chgrp
D)chng
A)chmod
B)chown
C)chgrp
D)chng
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
12
A _________ is a more formal,large software update that may address several or many software problems.
A)Script
B)Log
C)Hotfix
D)Patch
A)Script
B)Log
C)Hotfix
D)Patch
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
13
Which of the following is NOT a general step in securing a networking device?
A)Choosing good passwords
B)Password-protecting the console
C)Maintaining SNMP community strings
D)Turning off unnecessary services
A)Choosing good passwords
B)Password-protecting the console
C)Maintaining SNMP community strings
D)Turning off unnecessary services
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
14
In a UNIX operating system,which run level reboots the machine?
A)0
B)1
C)3
D)6
A)0
B)1
C)3
D)6
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
15
Which of the following is true of BitLocker,in Windows Vista?
A)It's where malicious code is stored when it's discovered.
B)It's a form of data storage for network traffic.
C)It allows encryption of all data on a server.
D)It monitors Internet Explorer traffic.
A)It's where malicious code is stored when it's discovered.
B)It's a form of data storage for network traffic.
C)It allows encryption of all data on a server.
D)It monitors Internet Explorer traffic.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
16
What is the process of establishing a system's security state called?
A)Hardening
B)Baselining
C)Securing
D)Controlling
A)Hardening
B)Baselining
C)Securing
D)Controlling
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
17
Which UNIX command can be used to show the patches that are installed for a specific software package?
A)pkglist
B)pkgparam
C)pkgqury
D)pkgdump
A)pkglist
B)pkgparam
C)pkgqury
D)pkgdump
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
18
Which of the following is one of those critical activities that is often neglected as part of a good security baseline?
A)Password selection
B)Hardening the OS
C)Securing the firewall
D)Hardening applications
A)Password selection
B)Hardening the OS
C)Securing the firewall
D)Hardening applications
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following is the command to stop a service in UNIX?
A)Stop
B)Kill
C)End
D)Finish
A)Stop
B)Kill
C)End
D)Finish
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
20
On a UNIX system,if a file has the permission r-x rw- ---,what permission does the world have?
A)Read and execute
B)Read and write
C)Read,write,execute
D)No permissions
A)Read and execute
B)Read and write
C)Read,write,execute
D)No permissions
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
21
Most modern UNIX versions store the actual password associated with an user account in a(n)_______________,located in the /etc directory.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
22
Securing access to files and directories in Solaris is vastly different from most UNIX variants.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
23
The _______________ of a computer is the basic software that handles things such as input,output,display,memory management,and all the other highly detailed tasks required to support the user environment and associated applications.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
24
Service pack is the term given to a small software update designed to address a specific problem,such as a buffer overflow in an application that exposes the system to attacks.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
25
Securing an application against local-and internet-based attacks is called _______________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
26
The process of planning,deploying,and testing patches in a controlled manner is called _______________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
27
Adding more services and applications to a system helps to harden it.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
28
_______________ is a term usually applied to a formal,large software update,which may address several software problems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
29
The process of securing and preparing a system for the production environment is called ________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
30
_______________ is a term usually given to a small software update designed to address a specific problem,such as a buffer overflow in an application that exposes the system to attacks.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
31
Hardening applications is similar to hardening operating systems,in that you remove functions that are not needed,restrict access where you can,and make sure the application is up to date with patches.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
32
Permissions under Linux are the same as for other UNIX-based operating systems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
33
In 2002,Microsoft increased the number of services that were installed and running due to public demand.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
34
Hotfixes are usually smaller than patches,and patches are usually smaller than service packs.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
35
In Solaris,one can use the __________ command to modify the permissions associated with a file or directory.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
36
To stop a running service,an administrator can identify a service by its unique _______________,and then use the kill command to stop the service.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
37
When hardening Mac OS X,the same guidelines for all UNIX systems apply.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
38
Windows Defender is new,personal firewall software included in Vista.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
39
Mac OS X FileVault encrypts files with 3DES encryption.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
40
_______________ are a mechanism for providing interoperation and secure access to a variety of services on different platforms.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
41
List four of the new modifications and capabilities of Windows 2003 Server.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
42
List three of the new capabilities of Windows Server 2008.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
43
What are the general steps to take to secure a network device?
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
44
List three of the new security-specific features of Mac OS X 10.5.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
45
List three of the security features of Windows Vista.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
