Exam Notes for Security+

Page1    Page2    Page3    Page4    Page5    Page6    Page7

81. Defense against social engineering may be built by:

  1. Including instructions in your security policy for handling it, and
  2. Training the employees what social engineering is and how to deal with it.

The security policy should clearly state that no one is ever allowed to share his/her password with anyone else. Secondly, the security policy should state that the help desk can only change or assign a new password after positive identification of the individual requesting the information.

82. Some of the features of Kerberos authentication system:

  1. Uses client-server based architecture.
  2. Kerberos server, referred to as KDC (Key Distribution Center) implements the Authentication Service (AS), Ticket Granting Ticket and the Ticket Granting Service (TGS).
  3. Uses symmetric encryption
  4. Unlike other authentication protocols ( FTP, PAP, etc. which transmits passwords over the network) passwords are not transmitted over the network.

83. Viruses, worms, and Trojan horses are all harmful pieces of software. The way they differ is how they infect the computers, and spread.

84. Computer log files can be tampered with by a hacker to erase any intrusions. Computer logs can be protected using the following methods:

  1. Setting minimal permissions
  2. Using separate logging server
  3. Encrypting log files
  4. Setting log files to append only
  5. Storing them on write-once media

Implementing all the above precautions ensures that the log files are safe from being tampered.

85. Phishing is the act of sending an e-mail to a user claiming to be a reputed organization (such as a bank) in an attempt to scam the user into providing information over the Internet. The e-mail directs the user to a Web site where they are prompted to provide private information, such as credit card, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.
Piggybacking is another type of social engineering. Here the intruder poses as a new recruit, or a guest to your boss. The intruder typically uses his social engineering skills to enter a protected premises on someone else’s identity, just piggybacking on the victim.

86. Social engineering, and Trojan attack are two well-known problems associated with Discretionary Access Control (DAC).

87. TCP/IP Troubleshooting Utilities:

88. RAID (short for Redundant Array of Inexpensive Disks) can be used to provide fault tolerance on a computer. There are several RAID levels such as RAID 1, RAID 5, etc. RAID 1 provides disk mirroring, where as RAID 5 provides striping with parity and minimum 3 disks are required for RAID 5.
Clustering is a technique where two or more computers are clustered and share the load. If one computer fails, the other computer's) take the load off the failed computer. Clustering is more expensive and requires two or more computers.

89. Acceptable use policy specifies what employees can do with their systems, and network access. The policy may put limits on personal use of resources, and resource access time.

90. It is recommended to store the backup tapes in a secure, physically distant location. This would take care of unforeseen disasters like natural disasters, fire, or theft. It is also important that the backup tapes are regularly verified for proper recovery in a test server, even though recovery is not really required at that time. Otherwise, it may so happen that you find a backup tape corrupt when it is really required.

91. A host based IDS should be place on a host computer such as a server. Network based IDS is typically placed on a network device such as a router.

92. Using Discretionary Access Control (DAC), the access rights for resources are controlled by the owner of a given resource.

93. For detecting spamware and virus, one need to install anti spamware, and anti virus programs. Installing the latest updates to Operating Systems will protect your system from exploits (like gaining back-door entry), but not necessarily from downloaded virus or spamware.

94. PGP uses public-key encryption for sending and receiving email messages. Diffie-Hellman and RSA algorithms are used for encryption/ decryption of PGP messages.

95. NAT (short for Network Address Translation) device changes the source IP address of a packet passing through it. Because of this, the destination host would not be able to receive the packets. The NAT devices at either side need to be configured so that it allows VPN packets through it.

96. A few techniques used by IDS (Intrusion Detection Systems) include the following:

97. SNMP is based on the manager/agent model. The manager runs on the server, and the agent runs on the client computers. Three important constituents of SNMP are a manager, an agent, and a database of management information. The manager provides the interface between the human network manager and the management system. The agent provides the interface between the manager and the physical device(s) being managed. The manager and agent use a Management Information Base (MIB) and a set of commands to exchange information.

98. In Public Key Infrastructure parlance, the term Principal means an entity whose identity can be verified.

99. Encryption Schemes:

  1. AES (Advanced Encryption Standard) is more secure than DES or 3DES.
  2. AES is a symmetric block cipher that can encrypt (encipher) or decrypt (decipher) information
  3. AES is based on Rijndael algorithm
  4. PGP (Pretty Good Privacy) can use Diffie-Hellman or RSA algorithms, but not AES or DES.

100. All web applications such as Web servers, News servers, email servers etc. need to be configured as secure as possible. This can be achieved by

Page1    Page2    Page3    Page4    Page5    Page6    Page7

CertExams Blog!  Certexams.com Facebook Page Certexams.com Twitter Page Certexams on YouTube

Cert-Ex™ Exam Simulators, Cert-Ex™ Network Simulator, Cert-Ex™ Cheatsheets are written independently by CertExams.com and not affiliated or authorized by respective certification providers. Cert-Ex™ is a trade mark of CertExams.com or entity representing Certexams.com.Security+® is a trademark of CompTIA™ organization.