ITS 3250 - Securing Systems

Review for Midterm Test

The following questions are provided to help you study for the midterm test. Do not expect to see these exact questions on the test.

  1. So, what is the CIA triad, and why does it apply to all of our IT classes?

  2. What is a threat? What is a vulnerability?

  3. What is the feature of a worm that makes it a worm, and not just another virus?

  4. When dealing with a worm, virus, or other malware, what phase of the process should follow discovery and analysis?

  5. What is a control, with regard to a specific threat?

  6. What is the kernel of an OS?

  7. How is a microkernel different from a kernel?

  8. What does it mean to run in kernel mode? Why is this attractive to a hacker?

  9. What are the three classic types of authentication discussed in the Windows text?

  10. What are some more modern methods of authentication?

  11. Windows generally has discretionary access control. What does this mean?

  12. What is an access control list? What would we expect to find on such a list?

  13. Explain the principle of least privilege.

  14. What are the differences between identification, authentication, and authorization?

  15. What is the value of User Account Control, with respect to IT security?

  16. What is Kerberos? What protocol did it replace in Windows networks?

  17. If a user turns on EFS for a file, what happens regarding that file? What happens if the user copies that file to a drive not using EFS?

  18. How does BitLocker protect Windows computers?

  19. In a symmetric key system, how many keys are used during the encryption and decryption of a single message?

  20. In an asymmetric key system, how many keys are used during the encryption and decryption of a single message?

  21. What is the purpose of a certificate authority?

  22. How would you define malware?

  23. Regarding antivirus software, what is a signatures file? What should you do regarding such a file for an antivirus program you are using?

  24. How does using a group policy improve your management of rights?

  25. Where are two places in the Windows Registry to look for policy settings?

  26. What is the scope of a local GPO?

  27. What is the MMC console? What did we see in chapter 7 that should be added to it?

  28. When doing backups, what is a target? What are some decisions that should be made before you start making backups?

  29. Can you use a feature of Windows to make a backup of a workstation?

  30. Name at least three network three-letter-acronyms relating to size, and explain what each one means.

  31. Arrange the layers of the OSI network model from the highest number to the lowest, and include each of their names.

  32. In the context of our class, what is a service? What do users use to access services instead of their names?

  33. What is a service account? What advice were we offered about the configuration we should use on a service account?

  34. If you stop a running service, what might cause it to run again? If you disable the service, will that same cause run it again?

  35. What is the standard advice about WEP and WPA protocols?

  36. What are the parts of a Deming cycle?

  37. What is the purpose of Performance Monitor? Too easy? How can you use it to make comparisons?

  38. What is due diligence? Why is it an important concept regarding security?

  39. What are the two methods that are presented at the start of chapter 11 regarding hardening a server?

  40. What is the difference between a role and a feature, in the context of chapter 11?

  41. What is the Server Core option in a Windows Server installation? Why might you use it?

  42. What are some of the purposes of the Security Configuration Wizard?

  43. How do you make a backup of a registry, according to the text?

  44. What are some actions you should take regarding administrator accounts when you suspect an attack is imminent?