R. Craig Collins >CPMT
2449 > Review 1
Review 1 ©
R. Craig Collins, 2005/7
•Review questions at the end of chapters 1-3
Chapter 1
- Operating system and network security is the ability to reliably store, modify, protect, and grant _____ to information or resources. Access
- An operating system is ideal for providing security because it handles the computer's most basic _____ input/output
- The ____ verifies hardware, establishes basic communications, and loads other OS components on startup. BIOS
- The OS ____ is the core of the OS. kernel
- Define and differentiate LAN, MAN, and WAN.
- Security is needed to protect information and resources, ensure privacy, and facilitate _____. workflow
- Hardware and software can be exposed to threat from security holes or ____, unexpected results. bugs
- While outsiders are always a threat, often insiders are a danger due to error or neglect. Be prepared to discuss why users may allow security failures. p. 11
- Be prepared to discuss at least three types of attacks, or match term to definition. p. 13-14
- Typical TCP ports include ftp on ____ , SMTP on ____, and http on _____. 20/21, 25, 80
- ____ involves taking specific actions to block or prevent attacks. hardening
- One form of security is exchanging _______ between communicating stations on a network. Certificates
- Be able to define file and folder security, shared resource security, and policies.
- Be able to define authentication, firewall, and topology (with examples)
Chapter 2
- Be able to compare and contrast viruses, worms, and trojan horses.
- Be able to define MBR, macro, digital signature, spy ware, cookies, hot fixes, and service packs.
- What should malicious software scanners be able to do? locate, remove, and protect from reinfection
- Compare and contrast ERD and ASD. page 70-72
Chapter 3
- Be able to define encryption, cipher, secret keys/public keys, and hashing. p. 98-99
- A common way of checking accuracy of data sent is to us a ____. checksum
- Be prepared to discuss the evolution from SNMO to DES to 3DES to AES to RSA. encryption
- What are MPPE, PPP, VPN, and PPTP? p. 104-105
- Windows can use EFS and Linux can use CFS to ____ the file system. encrypt
- Discuss authentication methods, including
certificates (standard) X.509
Kerberos, (the grant for access is called a _____) service ticket
EAP, (which often uses a ____ server) RADIUS
SSL, which uses ____ for secure web transmission) HTTPS
and
SSH, for ___ logins. UNIX/Linux
- A __ __ is a physical device used for authentication. security token
- Be prepared to discuss IPSec. p. 116-120
- List some common attack methods, aside from simple password guessing. p. 120
Operating Systems
Be prepared to discuss installing Windows 2003 and Linux server.
Acronym cheatsheet
EAP A multipurpose Authentication method
PAM A module that can be installed in Linux without rewriting existing system code
PPP Communications protocol that supports TCP/IP, NetBEUI, and IPX/SPX,
Used by Microsoft for remote communications over PPP or PPTP
PPTP Communications protocol that enables Internet connections to VPNs
CFS Enables Linux and UNIX disk file systems and NFS files to be encrypted
EFS Enables a user to encrypt the contents of a folder or a file
SSH Authentication developed for UNIX/Linux to provide authentication security
NTLM Logon authentication compatible with all Windows operating systems