Chat with AI
Deck 12: Operating System Security
Full screen (f)
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Question
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/45
Play
Full screen (f)
Deck 12: Operating System Security
1
Most large software systems do not have security weaknesses.
False
2
Backup and archive processes are often linked and managed together.
True
3
The following steps should be used to secure an operating system:
A) test the security of the basic operating system
B) remove unnecessary services
C) install and patch the operating system
D) all of the above
A) test the security of the basic operating system
B) remove unnecessary services
C) install and patch the operating system
D) all of the above
D
4
Lower layer security does not impact upper layers.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
5
__________ applications is a control that limits the programs that can execute on the system to just those in an explicit list.
A) Virtualizing
B) White listing
C) Logging
D) Patching
A) Virtualizing
B) White listing
C) Logging
D) Patching
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following need to be taken into consideration during the systemsecurity planning process?
A) how users are authenticated
B) the categories of users of the system
C) what access the system has to information stored on other hosts
D) all of the above
A) how users are authenticated
B) the categories of users of the system
C) what access the system has to information stored on other hosts
D) all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
7
The purpose of the system does not need to be taken into considerationduring the system security planning process.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
8
You should run automatic updates on change-controlled systems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
9
Manual analysis of logs is a reliable means of detecting adverseevents.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
10
A plan needs to identify appropriate personnel to install and managethe system, noting any training needed.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
11
Ideally new systems should be constructed on an unprotected networkin order to prevent installation restrictions.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
12
A very common configuration fault seen with Web and file transferservers is for all the files supplied by the service to be owned by thesame "user" account that the server executes as.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
13
The default configuration for many operating systems usuallymaximizes security.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
14
A malicious driver can potentially bypass many security controls toinstall malware.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
15
It is possible for a system to be compromised during the installationprocess.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
16
Each layer of code needs appropriate hardening measures in place toprovide appropriate security services.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
17
The first critical step in securing a system is to secure the __________.
A) base operating system
B) system administrator
C) malware protection mechanisms
D) remote access privileges
A) base operating system
B) system administrator
C) malware protection mechanisms
D) remote access privileges
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
18
The first step in deploying new systems is _________.
A) security testing
B) installing patches
C) planning
D) secure critical content
A) security testing
B) installing patches
C) planning
D) secure critical content
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
19
Passwords installed by default are secure and do not need to bechanged.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
20
Performing regular backups of data on a system is a critical controlthat assists with maintaining the integrity of the system and user data.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
21
_______ systems should validate all patches on test systems before deploying them to production systems.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
22
Unix and Linux systems use a ________ which restricts the server's view of the file system to just a specified portion.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
23
______ are resources that should be used as part of the system security planning process.
A) Texts
B) Online resources
C) Specific system hardening guides
D) All of the above
A) Texts
B) Online resources
C) Specific system hardening guides
D) All of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
24
_______ is the process of making copies of data at regular intervals allowing the recovery of lost or corrupted data over relatively short time periods of a few hours to some weeks.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
25
Once the system is appropriately built, secured, and deployed, the process of maintaining security is ________.
A) complete
B) no longer a concern
C) continuous
D) sporadic
A) complete
B) no longer a concern
C) continuous
D) sporadic
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
26
The range of logging data acquired should be determined _______.
A) during security testing
B) as a final step
C) after monitoring average data flow volume
D) during the system planning stage
A) during security testing
B) as a final step
C) after monitoring average data flow volume
D) during the system planning stage
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
27
System security begins with the installation of the ________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
28
______ is the process of retaining copies of data over extended periods of time, being months or years, in order to meet legal and operational requirements to access past data.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
29
The final step in the process of initially securing the base operating system is ________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
30
The ______ process retains copies of data over extended periods of time in order to meet legal and operational requirements.
A) archive
B) virtualization
C) patching
D) backup
A) archive
B) virtualization
C) patching
D) backup
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
31
The needs and policy relating to backup and archive should be determined ______.
A) as a final step
B) during the system planning stage
C) during security testing
D) after recording average data flow volume
A) as a final step
B) during the system planning stage
C) during security testing
D) after recording average data flow volume
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
32
The three operating system security layers are: physical hardware, operating system kernel, and _________.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
33
Security concerns that result from the use of virtualized systems include ______.
A) guest OS isolation
B) guest OS monitoring by the hypervisor
C) virtualized environment security
D) all of the above
A) guest OS isolation
B) guest OS monitoring by the hypervisor
C) virtualized environment security
D) all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
34
______ systems should not run automatic updates because they may possibly introduce instability.
A) Configuration controlled
B) Policy controlled
C) Change controlled
D) Process controlled
A) Configuration controlled
B) Policy controlled
C) Change controlled
D) Process controlled
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
35
______ is a reactive control that can only inform you about bad things that have already happened.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
36
Unix and Linux systems grant access permissions for each resource using the ______ command.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
37
The aim of the specific system installation planning process is to maximize _______ while minimizing costs.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
38
The ______ process makes copies of data at regular intervals for recovery of lost or corrupted data over short time periods.
A) logging
B) backup
C) hardening
D) archive
A) logging
B) backup
C) hardening
D) archive
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
39
Cryptographic file systems are another use of _______.
A) encryption
B) testing
C) virtualizing
D) acceleration
A) encryption
B) testing
C) virtualizing
D) acceleration
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
40
The most important changes needed to improve system security are to ______.
A) disable remotely accessible services that are not required
B) ensure that applications and services that are needed are appropriately configured
C) disable services and applications that are not required
D) all of the above
A) disable remotely accessible services that are not required
B) ensure that applications and services that are needed are appropriately configured
C) disable services and applications that are not required
D) all of the above
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
41
Guest OSs are managed by a ______, or VMM, that coordinates access between each of the guests and the actual physical hardware resources.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
42
________ refers to a technology that provides an abstraction of the computing resources that run in a simulated environment.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
43
______ virtualization systems are more common in clients, where they run along side other applications on the host OS, and are used to support applications for alternate operating system versions or types.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
44
______ virtualization systems are typically seen in servers, with the goal of improving the execution efficiency of the hardware.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
45
Configuration information in Windows systems is centralized in the _______, which forms a database of keys and values.
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
Unlock Deck
k this deck
Unlock Deck
Unlock for access to all 45 flashcards in this deck.
