IT Security: Defense against the digital dark arts - Defense in Depth - Week 5 Already Passed

IT Security: Defense against the digital dark arts - Defense in Depth - Week 5 Already Passed What is an attack vector? A mechanism by which an attacker can interact with your network or systems Disabling unnecessary components serves which purposes? Check all that apply. Reducing the attack surface, closing attack vectors What's an attack surface? The combined sum of all attack vectors in a system or network A good defense in depth strategy would involve deploying which firewalls? Both host-based and network-based firewalls Using a bastion host allows for which of the following? Applying more restrictive firewall rules, having more detailed monitoring and logging, enforcing stricter security measures What benefits does centralized logging provide? It allows for easier logs analysis, it helps secure logs from tampering or destruction What are some of the shortcomings of antivirus software today? It cant protect against unknown threats How is binary whitelisting a better option than antivirus software? It can block unknown or emerging threats What does full-disk encryption protect against? Data theft, Tampering with system files What's the purpose of escrowing a disk encryption key? Performing data recovery Why is it important to keep software up-to-date? To address any security vulnerabilities What are some types of software that you'd want to have an explicit application policy for? Video Games, Filesharing Software How are attack vectors and attack surfaces related? An attack surface is the sum of all attack vectors Having detailed logging serves which of the following purposes? Event Reconstruction, Auditing What is a class of vulnerabilities that are unknown before they are exploited? 0-Days If a user's machine gets infected with malware within a trusted network, what can help protect computers inside the trusted network from the compromised one? Host Based Firewall Which of these plays an important role in keeping attack traffic off your systems and helps to protect users? Antimalware measures, Antivirus software If a full disk encryption (FDE) password is forgotten, what can be incorporated to securely store the encryption key to unlock the disk? Key Escrow What is the purpose of installing updates on your computer? Updating improves performance and stability, Updating adds new features, Updating addresses security vulnerabilities A core authentication server is exposed to the internet and is connected to sensitive services. How can you restrict connections to secure the server from getting compromised by a hacker? Access Control Lists (ACLs), Bastion hosts, Secure firewall What's the key characteristic of a defense-in-depth strategy to IT security? Multiple overlapping lays or defense What does full-disk encryption protect against? Data tampering, Data theft Which of these host-based firewall rules help to permit network access from a Virtual Private Network (VPN) subnet? Access Control Lists (ACLs) Which of these protects against the most common attacks on the internet via a database of signatures, but at the same time actually represents an additional attack surface that attackers can exploit to compromise systems? Antivirus software What is the purpose of application software policies? They serve to help educate users on how to use software more securely, They define boundaries of what applications are permitted What is the combined sum of all attack vectors in a corporate network? The attack surface What does a host-based firewall protect against that a network-based one doesn't? Protection in untrusted networks, Protection from compromised peers While antivirus software operates using a ______, binary whitelisting software uses a whitelist instead. Blacklist What does applying software patches protect against? Newly found vulnerabilities, Undiscovered vulnerabilities A hacker gained access to a network through malicious email attachments. Which one of these is important when talking about methods that allow a hacker to gain this access? An attack vector