MIST 356 FINAL EXAM ACTUAL QUESTIONS AND
ANSWERS GRADED A+
✔✔Signature-Based - ✔✔has code excerpts of malicious software. IDS scans systems
or networks to detect if malicious code is being executed
✔✔False Positive - ✔✔when a non-malicious event is identified as malicious
✔✔False Negative - ✔✔when a malicious event is not identified as malicious and slips
through the IDS
✔✔IPS (Intrusion Prevention Systems) - ✔✔HIDS and NIDS are often paired with IPS.
Prevents attacks, not just detects them.
✔✔Host-Based Firewalls - ✔✔an application that protects an individual computer from
unwanted internet traffic.
✔✔Pop-Up Blockers - ✔✔software or an application that disables a pop-up and similar
advertisements that display while using a web browser
✔✔Endpoint DLP Systems - ✔✔these systems run on an individual computer and are
usually software-based. They monitor data in use, such as email communications, and
can control what information flows between various users.
✔✔Network DLP Systems - ✔✔these can be software- or hardware-based solutions
and are often installed on the perimeter of the network. They inspect data that is in
motion.
✔✔Storage DLP Systems - ✔✔These are typically installed in data centers or server
rooms as software that inspects data at rest
✔✔Whole Disk Encryption - ✔✔ensures that even if the device is stolen, the data on the
drive cannot be accessed. (Bitlocker, Filevault)
✔✔Bluejacking - ✔✔the sending of unsolicited messages to bluetooth-enables devices.
Not really a threat , more of a nuisance
✔✔Bluejacking - ✔✔the sending of unsolicited messages to bluetooth-enables devices.
Not really a threat , more of a nuisance
✔✔BYOD (Bring Your Own Device) - ✔✔a policy of many modern organizations that
allow employees to bring their own electronic devices to the workplace
, ✔✔OS Hardening - ✔✔the act of configuring an OS securely, updating it, creating rules
and policies to help govern the system in a secure manner, and removing unnecessary
applications and services
✔✔Daemons - ✔✔programs that can run and execute themselves , typically in the
background
✔✔Least Functionality - ✔✔only programs you
NEED installed
✔✔Application Whitelisting - ✔✔approved applications and services
✔✔Application Blacklisting - ✔✔prohibited applications and services
✔✔Patches - ✔✔- Keep your operating systems patched
- Windows Update
- Mac OS X Security Updates
- Linux Updates
✔✔Trusted Operating Systems (TOS) - ✔✔supports multilevel security, meets
government requirements
✔✔Stopping Services/Daemons - ✔✔- Windows - net start and net stop commands, or
sc command
- Mac OS X - Find the plist in question. Sudo launchctl unload -
w/path/to/.plist/plistfilename
- Linux - Ubuntu - systemctl start ServiceName. Service - -status-all/etc/init.d/service
stop
✔✔Security Update - ✔✔a broadly released fix for a product-specific security-related
vulnerability
✔✔Critical Update - ✔✔a broadly released fix for a specific problem addressing a
critical non-security related bug
✔✔Service Pack - ✔✔a combination of hotfixes, security updates, critical updates found
since the release of a product
✔✔Driver Update - ✔✔updates device driver for hardware
✔✔Hotfix - ✔✔patch a single problem to an OS or an application
✔✔Patch Management - ✔✔the planning, testing, implementing, and auditing of
patches
ANSWERS GRADED A+
✔✔Signature-Based - ✔✔has code excerpts of malicious software. IDS scans systems
or networks to detect if malicious code is being executed
✔✔False Positive - ✔✔when a non-malicious event is identified as malicious
✔✔False Negative - ✔✔when a malicious event is not identified as malicious and slips
through the IDS
✔✔IPS (Intrusion Prevention Systems) - ✔✔HIDS and NIDS are often paired with IPS.
Prevents attacks, not just detects them.
✔✔Host-Based Firewalls - ✔✔an application that protects an individual computer from
unwanted internet traffic.
✔✔Pop-Up Blockers - ✔✔software or an application that disables a pop-up and similar
advertisements that display while using a web browser
✔✔Endpoint DLP Systems - ✔✔these systems run on an individual computer and are
usually software-based. They monitor data in use, such as email communications, and
can control what information flows between various users.
✔✔Network DLP Systems - ✔✔these can be software- or hardware-based solutions
and are often installed on the perimeter of the network. They inspect data that is in
motion.
✔✔Storage DLP Systems - ✔✔These are typically installed in data centers or server
rooms as software that inspects data at rest
✔✔Whole Disk Encryption - ✔✔ensures that even if the device is stolen, the data on the
drive cannot be accessed. (Bitlocker, Filevault)
✔✔Bluejacking - ✔✔the sending of unsolicited messages to bluetooth-enables devices.
Not really a threat , more of a nuisance
✔✔Bluejacking - ✔✔the sending of unsolicited messages to bluetooth-enables devices.
Not really a threat , more of a nuisance
✔✔BYOD (Bring Your Own Device) - ✔✔a policy of many modern organizations that
allow employees to bring their own electronic devices to the workplace
, ✔✔OS Hardening - ✔✔the act of configuring an OS securely, updating it, creating rules
and policies to help govern the system in a secure manner, and removing unnecessary
applications and services
✔✔Daemons - ✔✔programs that can run and execute themselves , typically in the
background
✔✔Least Functionality - ✔✔only programs you
NEED installed
✔✔Application Whitelisting - ✔✔approved applications and services
✔✔Application Blacklisting - ✔✔prohibited applications and services
✔✔Patches - ✔✔- Keep your operating systems patched
- Windows Update
- Mac OS X Security Updates
- Linux Updates
✔✔Trusted Operating Systems (TOS) - ✔✔supports multilevel security, meets
government requirements
✔✔Stopping Services/Daemons - ✔✔- Windows - net start and net stop commands, or
sc command
- Mac OS X - Find the plist in question. Sudo launchctl unload -
w/path/to/.plist/plistfilename
- Linux - Ubuntu - systemctl start ServiceName. Service - -status-all/etc/init.d/service
stop
✔✔Security Update - ✔✔a broadly released fix for a product-specific security-related
vulnerability
✔✔Critical Update - ✔✔a broadly released fix for a specific problem addressing a
critical non-security related bug
✔✔Service Pack - ✔✔a combination of hotfixes, security updates, critical updates found
since the release of a product
✔✔Driver Update - ✔✔updates device driver for hardware
✔✔Hotfix - ✔✔patch a single problem to an OS or an application
✔✔Patch Management - ✔✔the planning, testing, implementing, and auditing of
patches
