Study sets, textbooks, questions
Upgrade to remove ads
Get Quizlet's official Security+ - 1 term, 1 practice question, 1 full practice test
General vulnerability types
Terms in this set (23)
An attack on the target's vulnerability in software code.
Software vulnerabilites effect two types of software code that are not applications
OS and Firmware
A software vulnerability that effects an OS effect these two things
OS kernal and shared libraries
A term for a vulnerability that is exectuted before it is discoved or a patch is issued for it is known as a...
Protecting a system that a vendor no longer supports, and is not updating with security patches entails...
Isolating it from networks that an attacker can get to.
You are protecting a a company from weak (network and host ) configuration vulnerabilites. What are the seven pieces to this?
Default settings, unsecured root acounts, open permissions, errors, weak encryption, and open ports and services
What are two other ways to refer the root user?
Default administration account, and the superuser
Effective _______ and ________ policies should be enforced so that the root account is highly restricted and administration tasks are performed by the least privilege management accounts or roles instead.
User management and authorization policies
Refers to provisioning data files or application without differentiating access rights for user groups.
Relying on the manufacturer default settings when deploying and appliance or software.
Three steps to harden a service to meet a given role
1) Restrict remote access to security-critical services to IP address and block blacklisted ones. 2) Disable services that are not needed on service. 3) For internal services block the access at boarder firewalls
Transfers data as cleartext (what is it)?
Weakly configured applications may display unformatted _____ messages under certain conditions
Hardening against errors means that when something fails, ...
It fails gracefully
A ______ is where confidential data is read or transfered without authorization.
Data breach (event)
A _____ is when personal data is not collected, stored , or processed in full compliance with the laws and regulations governing the personal information.
_______ is the methods and tools by which an attacker transfers data without authorization from victims systems to an external network or media.
Two types of event unauthorized information use occurs
Data breach and data exfiltration
_____ is where information becomes unavalible temporarily or permanently.
A process for selecting supplier companies and evaluating the risks in relying on third-party products or services.
Refers to a process of using component/services from multiple vendors to implement a business workflow.
There may be two main scenarios for risks to data when using third-paries:
1) You may need to grant the vendor access to your data 2) You may use a vendor to host data or data backups and archives
What are the three general precautions when it comes to data storage and third-party vendors?
1) Protect off site data the same as onsite data. 2) Monitor and audit third parties to ensure compliance. 3) Evaluate compliance impacts for storing data with third-parties
Sets found in the same folder
Other sets by this creator
Other Quizlet sets
MLN101 - Part2
Ch 17 anatomy
Short block 1 review
A&P2: Endocrine System
Write a program that calculates the balance of a savings account at the end of a period of time. It should ask the user for the annual interest rate, the starting balance, and the number of months that have passed since the account was established. A loop should then iterate once for every month, performing the following: A) Ask the user for the amount deposited into the account during the month. (Do not accept negative numbers.) This amount should be added to the balance. B) Ask the user for the amount withdrawn from the account during the month. (Do not accept negative numbers.) This amount should be subtracted from the balance. C) Calculate the monthly interest. The monthly interest rate is the annual interest rate divided by twelve. Multiply the monthly interest rate by the balance, and add the result to the balance. After the last iteration, the program should display the ending balance, the total amount of deposits, the total amount of withdrawals, and the total interest earned. NOTE: If a negative balance is calculated at any point, a message should be displayed indicating the account has been closed and the loop should terminate.
How do I write a program to calculate the nth Fibonacci number?
In statistics, the mode of a set of values is the value that occurs most often or with the greatest frequency. Write a function that accepts as arguments the following: A) An array of integers B) An integer that indicates the number of elements in the array The function should determine the mode of the array. That is, it should determine which value in the array occurs most often. The mode is the value the function should return. If the array has no mode (none of the values occur more than once), the function should return −1. (Assume the array will always contain nonnegative values.) Demonstrate your pointer prowess by using pointer notation instead of array notation in this function.
Write a method called isAlpha that accepts a character parameter and returns true if that character is an uppercase or lowercase alphabetic letter.