CYSE 101 Final Exam Jones

How does the principle of least privilege apply to operating system hardening? - Answer- prevents attack actions that require administrator or root privilege What is the difference between a port scanner and a vulnerability assessment tool? - Answer- port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports What does applying a vendor OS update (patch) usually do? - Answer- What does executable space protection do for us and how? - Answer- prevents buffer overflow attacks from working by blocking code execution on the memory stack If an antivirus tool is looking for specific bytes in a file (e.g., hex 50 72 6F etc.) to label it malicious, what type of AV detection is this? - Answer- signature Which of the following is not part of operating system hardening? - Answer- Changing the main network firewall ruleset Why might we want a (software) firewall (FW) on our host if one already exists on the network? - Answer- host FWs know more about the local system Are nmap results always accurate, or is it sometimes necessary to verify nmap output with another tool? - Answer- you should verify nmap results with another tool or data source Exploit frameworks make it... - Answer- easier for amateurs to launch cyber attacks What is a cyber attack surface? - Answer- the total of the number of available avenues through which our system might be attacked What does a fuzzing tool do? - Answer- Provide multiple data and inputs to discover vulnerabilities What does the tool Nikto do? - Answer- Scans a web server for common vulnerabilities Why is input validation important from a security perspective? - Answer- to prevent certain types of attacks How can we prevent buffer overflows in our applications? - Answer- implement proper bounds checking Does an SQL injection attack compromise content in the database or content in the Web application? - Answer- database