ITS 3250 - Securing Systems
Review for Midterm Test
The following questions are provided to help you study for the midterm
test. Do not expect to see these exact questions on the test.
- So, what is the CIA triad, and why does it apply to all of our IT
- What is a threat? What is a vulnerability?
- What is the feature of a worm that makes it a worm, and not just another
- When dealing with a worm, virus, or other malware, what phase of the
process should follow discovery and analysis?
- What is a control, with regard to a specific threat?
- What is the kernel of an OS?
- How is a microkernel different from a kernel?
- What does it mean to run in kernel mode? Why is this attractive to
- What are the three classic types of authentication discussed in the
- What are some more modern methods of authentication?
- Windows generally has discretionary access control. What does this
- What is an access control list? What would we expect to find on such
- Explain the principle of least privilege.
- What are the differences between identification, authentication,
- What is the value of User Account Control, with respect to IT security?
- What is Kerberos? What protocol did it replace in Windows networks?
- If a user turns on EFS for a file, what happens regarding that file?
What happens if the user copies that file to a drive not using EFS?
- How does BitLocker protect Windows computers?
- In a symmetric key system, how many keys are used during the encryption
and decryption of a single message?
- In an asymmetric key system, how many keys are used during the encryption
and decryption of a single message?
- What is the purpose of a certificate authority?
- How would you define malware?
- Regarding antivirus software, what is a signatures file? What should
you do regarding such a file for an antivirus program you are using?
- How does using a group policy improve your management of rights?
- Where are two places in the Windows Registry to look for policy settings?
- What is the scope of a local GPO?
- What is the MMC console? What did we see in chapter 7 that should
be added to it?
- When doing backups, what is a target? What are some decisions that
should be made before you start making backups?
- Can you use a feature of Windows to make a backup of a workstation?
- Name at least three network three-letter-acronyms relating to size,
and explain what each one means.
- Arrange the layers of the OSI network model from the highest number
to the lowest, and include each of their names.
- In the context of our class, what is a service? What do users use
to access services instead of their names?
- What is a service account? What advice were we offered about the configuration
we should use on a service account?
- If you stop a running service, what might cause it to run again?
If you disable the service, will that same cause run it again?
- What is the standard advice about WEP and WPA protocols?
- What are the parts of a Deming cycle?
- What is the purpose of Performance Monitor? Too easy? How can you
use it to make comparisons?
- What is due diligence? Why is it an important concept regarding security?
- What are the two methods that are presented at the start of chapter
11 regarding hardening a server?
- What is the difference between a role and a feature, in the context
of chapter 11?
- What is the Server Core option in a Windows Server installation? Why
might you use it?
- What are some of the purposes of the Security Configuration Wizard?
- How do you make a backup of a registry, according to the text?
- What are some actions you should take regarding administrator accounts
when you suspect an attack is imminent?