Chapter One: Mastering the Basics of Security

Slides:



Advertisements
Similar presentations
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
Advertisements

Operating System Security
File Server Organization and Best Practices IT Partners June, 02, 2010.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Access Control Methodologies
Chapter 2.  CIA Model  Host Security VS Network Security  Least Privileges  Layered Security  Access Controls Prepared by Mohammed Saher2.
ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 2 Operating System Security Fundamentals.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
11 WORKING WITH USER ACCOUNTS Chapter 6. Chapter 6: WORKING WITH USER ACCOUNTS2 CHAPTER OVERVIEW Understand the differences between local user and domain.
OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Chapter One: Mastering the Basics of Security McKinley Cybersecurity Team.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
CN1260 Client Operating System Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
Security Planning and Administrative Delegation Lesson 6.
Database Security and Auditing: Protecting Data Integrity and Accessibility Chapter 4 Profiles, Password Policies, Privileges, and Roles.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.
Guide to MCSE , Second Edition, Enhanced1 The Windows XP Security Model User must logon with: Valid user ID Password User receives access token Access.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Database Role Activity. DB Role and Privileges Worksheet.
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
1 Data Access Control, Password Policy and Authentication Methods for Online Bank Md. Mahbubur Rahman Alam B. Sc. (Statistics) Dhaka University M. Sc.
Authentication What you know? What you have? What you are?
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 7 Authentication Methods and Requirements.
Privilege Management Chapter 22.
Implementing Server Security on Windows 2000 and Windows Server 2003 Fabrizio Grossi.
Operating Systems Concepts 1/e Ruth Watson Chapter 9 Chapter 9 Accounts and Groups Ruth Watson.
Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.
Module 7: Designing Security for Accounts and Services.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
IS 4506 Windows NTFS and IIS Security Features.  Overview Windows NTFS Server security Internet Information Server security features Securing communication.
Chapter 13: Managing Identity and Authentication.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
7/10/20161 Computer Security Protection in general purpose Operating Systems.
Question 1 Of the following choices, what type of control is least privilege? A. Corrective B. Detective C. Preventative D. Technical.
Understand User Authentication LESSON 2.1A Security Fundamentals.
Authentication, Authorization and Accounting Lesson 2.
Secure Connected Infrastructure
ITMT Windows 7 Configuration Chapter 10 – Securing Windows 7
Working at a Small-to-Medium Business or ISP – Chapter 8
SECURITY PLANNING AND ADMINISTRATIVE DELEGATION
Information Security Professionals
Configuring Windows Firewall with Advanced Security
Chapter 5 : Designing Windows Server-Level Security Processes
Secure Software Confidentiality Integrity Data Security Authentication
Introduction to Operating Systems
SECURITY in IT ~Shikhar Agarwal.
Radius, LDAP, Radius used in Authenticating Users
CompTIA Security+ Study Guide (SY0-401)
Security of a Local Area Network
Lesson 16-Windows NT Security Issues
Managing User Security
Chapter 3: Protecting Your Data and Privacy
Securing Windows 7 Lesson 10.
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Authentication Chapter 2.
PLANNING A SECURE BASELINE INSTALLATION
Computer Security Protection in general purpose Operating Systems
Designing IIS Security (IIS – Internet Information Service)
Test 3 review FTP & Cybersecurity
Security Planning and Administrative Delegation
Protection Mechanisms in Security Management
Presentation transcript:

Chapter One: Mastering the Basics of Security McKinley Cybersecurity Team

Question 1 As requested by your manager you purchase two servers to participate in a server cluster so that if one server fails, the other server will take over the workload. Which of the following goals of security has been met? A. Confidentiality B. Accountability C. Integrity D. Availability

Question 2 You have protected the contents of a highly sensitive file by encrypting the data using Windows EFS. Which of the following goals of security has been satisfied? Confidentiality Accountability Integrity Availability

Question 3 You have managed the file permissions on a file so that unauthorized persons cannot make modifications to the file. What goal of security has been met? Confidentiality Accountability Integrity Availability

Question 4 You have configured your network so that each person on the network must provide a username and password to gain access. Presenting a username is an example of what? Authentication Identification Authorization Confidentiality Username is identification; password is authorization.

Question 5 You have configured the permissions on the accounting folder so that the Accounting group can create, modify, and delete content in the folder; the Managers group can read the contents of the folder; and all other users have been denied access. This is an example of which of the following? Authentication Identification Authorization Confidentiality

Question 6 Which of the following are considered biometrics? (Select all that apply) Username and password Smartcard PIN number Fingerprint Retina scan

Question 7 Before an individual is authorized to access resources on the network, they are first ________ with the network. Authenticated Identified Authorized Encrypted

Question 8 You want to ensure that data is only viewable by authorized users. What security principle are you trying to enforce? Confidentiality Integrity Availability Authentication

Question 9 Of the following choices, what is the best way to protect the confidentiality of data? Authentication Encryption Hashing Checksums

Question 10 An organization hosts several bays of servers used to support a large online ecommerce business. Which one of the following choices would increase the availability of this datacenter? Encryption Hashing Generators Integrity

Question 11 You are planning to host a free online forum for users to share IT security-related information with each other. Any user can anonymously view data. Users can post messages after logging in but you do not want users to be able to modify other users’ posts. What levels of confidentiality, integrity & availability should you seek? Low C, low I and low A Medium C, low I and high A High C, low I and low A Low C, medium I and medium A

Question 12 You are reviewing a firewall's ACL (Access Control List) and see the following statement: Drop All. What security principle does this enforce? Least privilege Integrity Availability Implicit Deny

Question 13 What is the purpose of risk mitigation? Reduce the chances that a threat will exploit a vulnerability Reduce the chances that a vulnerability will exploit a threat Eliminate risk Eliminate threats

Question 14 Your organization is addressing single points of failure (SPOF) as potential risks to security. What are they addressing? Confidentiality Integrity Availability Authentication

Question 15 An organization hosts several bays of servers used to support a large online eCommerce business. They want to ensure that customer data hosted within the data center is protected and they implement several access controls including an HVAC (Heating/Ventilation/Air Conditioning) system. What does the HVAC system protect? Access Availability Confidentiality Integrity

Question 16 A database administrator is tasked with increasing the retail prices of all products in a database by 10%. The administrator writes a script performing a bulk update of the database and executes it. However, all retail prices are doubled increased by 100% instead of 10%). What has been lost? Confidentiality Integrity Hashing Authentication

Question 17 Your security administrator has told you that he’s implementing a new security policy that includes two-factor authentication. What is two-factor authentication? Your authentication must contain two pieces of information. Your password must contain at least two types of characters, such as upper-case characters, lower-case characters, numbers, and non-alphanumeric characters. Before you can access a resource, you must login correctly twice in a row. Your password is encrypted twice before it is stored on an authentication server.

Question 18 The network security team at your organization is enhancing your login process through the use of two-factor authentication. Which of these methods would NOT be an example of two-factor authentication? Fingerprint scanner Smart card Pseudo-random token generator Extended-length passwords that include special characters

Question 19 What is completed when a user’s password has been verified? Identification Authentication Authorization Access Verification

Question 20 Which of the following formulas represent the complexity of a password policy that requires users to use only upper and lower case letters with a length of eight characters? 52^8 26^8 8^52 8^26

Question 21 Of the following choices, what password has a dissimilar key space that the others? Secru1tyIsFun Passw0rd ILOve$ecurity 4uBetutaOn

Question 22 Robert lets you know that he is using his username as his password since it’s easy to remember. You decide to inform the user that this isn’t a secure password. What explanation would you include? The password wouldn’t meet account lockout requirements The password is too hard to remember The password is not long enough The password is not complex

Question 23 Your organization has implemented a self-service password reset system. What does this provide? Password policy Certificate reset Password recovery Previous logon notification

Question 24 A user issued a token with a number displayed in an LCD. What does this provide? A rolling password for one-time use Multifactor authentication CAC PIV

Question 25 Which of the following includes a photo and can be used as identification? (Choose all that apply) CAC MAC DAC PIV

Question 26 Which of the following is an example of multifactor authentication? Smart card and token Smart card and PIN Thumbprint and voice recognition Password and PIN

Question 27 What is used for authentication in a Microsoft Active Directory domain? RADIUS TACACS+ Kerberos NIDS

Question 28 Which of the following best describes the purpose of LDAP? A central point for user management Biometric authentication Prevent loss of confidentiality Prevent loss of integrity

Question 29 A federated user database is used to provide central authentication via a web portal. What service does this database provide? SSO Multifactor authentication CAC DAC

Question 30 Which of the following AAA protocols uses multiple challenges and responses? CHAPS RADIUS XTACACS TACACS+

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.