Review questions

Review questions
1 What is meant by operating system hardening?
It is the process of modifying an operating system’s default configuration to make it
more secure from outside threats.
2 __________ are designed to fix security vulnerabilities.
A Hotfixes
B
Patches
C Updates
D BIOS updates
3 How can you remove an update from Windows Vista?
From the Windows Update window, click View update history. Click the Installed
Updates link on the Review your update history page. If the update can be
removed, Uninstall is displayed in the toolbar. Click Uninstall to remove the update.
4 Where do you need to look to determine whether a service pack has
been installed?
View Computer Properties, and in the Windows edition portion of the page it will
indicate if a Service Pack has been installed.
5 Why might you filter outgoing traffic between your DMZ and the
Internet?
Filtering outgoing traffic that is initiated by a DMZ computer would prevent your
systems from being used to take part in distributed denial-of-service attacks.
6 Define bastion host.
A bastion host is a computer that is located between the Internet and your intranet.
It has two network cards, one for each network. Communications between the
networks is typically blocked to prevent inbound access to intranet systems.
7 The three main zones into which you can divide a network are the
_________, _________, and _________.
Intranet, perimeter network (or DMZ), and extranet (or Internet)
8 Name at least two actions you should take to limit risk of attacks on
your network devices (switches, routers, and so forth).
Answers should include:
• Changing default passwords
• Disabling features, protocols, and options you do not need
• Applying firmware and software updates regularly
• Monitoring physical and virtual access to your network and devices
9 You’re configuring your network switch to improve its security. You
have changed the default password for the unit’s Web interface. What
else should you configure to be sure all management interfaces have
been locked down?
Make sure to secure TELNET and SNMP interfaces. Also, if available, block
access to management interfaces from all external network locations. In the case of
wireless devices, block access to management interfaces over wireless
connections (allow wired connections only).
10 How does antivirus software recognize new viruses and worms?
Updated virus definitions are downloaded.
11 What is the Windows Vista built-in spyware protection function called?
Windows Defender
Download PDF