Exam Notes for Security+

Page1    Page2    Page3    Page4    Page5    Page6    Page7

121. The Internet architecture provides an unregulated network path to attack innocent hosts. Denial-of-service (DoS) attacks exploit this to target mission-critical services. DoS attacks, are explicit attempts to block legitimate users system access by reducing system availability. Any physical or host-based intrusions are generally addressed through hardened security policies and authentication mechanisms. Although software patching defends against some attacks, it fails to safeguard against DoS flooding attacks, which exploit the unregulated forwarding of Internet packets.

122. Authentication Types:

123. Sensitivity labels are associated with Mandatory Access Control (MAC).

124. Computer log files can be tampered with by a hacker to erase any intrusions. Computer logs can be protected using the following methods:

  1. Setting minimal permissions
  2. Using separate logging server
  3. Encrypting log files
  4. Setting log files to append only
  5. Storing them on write-once media

Implementing all the above precautions ensures that the log files are safe from being tampered.

125. A hacker begins a DDoS attack by exploiting a vulnerability in one computer system and making it the DDoS "master", also called as “zombie”. It is from the zombie that the intruder identifies and communicates with other systems that can be compromised. The intruder loads hacking tools on the compromised systems. With a single command, the intruder instructs the controlled machines to launch one of many flood attacks against a specified target. This causes Distributed Denial of Service (DDoS) attack on the target computer.

126. Log Files Explained:

127. Security policy planning should include the following:

128. “Single sign-on” enables one to use all the eligible services with one sign-in. Though other terms appear relevant, they are not widely used for describing this type of service.

129. Always try to download, and apply latest patches and service packs (if any) directly from the manufacturer’s website. Downloading from unreliable sources may compromise the system security.

130. SLA (Short for Service Level Agreement) is the formal negotiated document between two parties. It is a legal document that binds both the parties during the tenure of the agreement.
DRP (stands for Disaster Recovery Planning), security audit, and invoice are not relevant answers.

131. A host based IDS should be place on a host computer such as a server. Network based IDS is typically placed on a network device such as a router.

132. In IP spoofing, the attacker uses somebody else’s IP address as the source IP address. Since routers forward packets based on the destination IP address, they simply forward the packets to the destination without verifying the genuineness of the source IP address.

133. A digital certificate is a credential issued by a trusted authority that binds you (and individual or an organization) to an identity that can be recognized and verified electronically by other agencies. Locally issued digital certificates are valid only within an organizations network (like intranet). Therefore, any secure pages or digital signatures containing local registration will not work on the Internet.

134. A personal firewall is software that resides on the end users computers. This is different from a regular firewall, in the sense that a personal firewall is geared to protect a single user computer.

135. Smurf attack is a denial-of-service attack that uses spoofed broadcast ping messages to flood a target system

136. DDoS, Short for Distributed Denial of Service, it is an attack where multiple compromised systems (which are usually infected with a Trojan) are used to send requests to a single system causing target machine to become unstable or serve its legitimate users.

137. PGP certificates differ from X.509 certificates in two ways:

  1. PGP certificates are issued (signed) by normal people while the X.509 certificates must be issued by a professional CA, and
  2. PGP implements a security fault tolerance mechanism, called the Web of Trust. Here an individual is allowed to sign and issue certificates to people they know.

Page1    Page2    Page3    Page4    Page5    Page6    Page7

CertExams Blog!  Certexams.com Facebook Page Certexams.com Twitter Page Certexams on YouTube

Cert-Ex™ Exam Simulators, Cert-Ex™ Network Simulator, Cert-Ex™ Cheatsheets are written independently by CertExams.com and not affiliated or authorized by respective certification providers. Cert-Ex™ is a trade mark of CertExams.com or entity representing Certexams.com.Security+® is a trademark of CompTIA™ organization.