Section 12 Review

12.1 Simulation
Please review the simulations in 12.1
What are examples of strong passwords?
ilOve2EatIceCr3am

TuxP3nguinsRnOv3l

One of the Windows 7 workstations you manage has four user accounts defined on it. Two of the users are limited users while the third is an administrative user. The fourth account is the Guest user account which has been enabled to allow management employees convenient workstation access. Each limited and administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other’s files. Autorun has been disabled on the system. What should you do to increase the security of this system?
Disable the Guest account.
12.2 Simulation
Please review the simulations in 12.2
You are a security consultant and have been hired to evaluate an organization’s physical security practices. All employees must pass through a locked door to enter the main work area. Access is restricted using a biometric fingerprint lock. A receptionist is located next to the locked door in the reception area. She uses an iPad application to log any security events that may occur. She also uses her iPad to complete work tasks as assigned by the organization’s CEO. Network jacks are provided in the reception area such that employees and vendors can access the company network for work-related purposes. Users within the secured work area have been trained to lock their workstations if they will be leaving them for any period of time.
Disable the network jacks in the reception area

Train the receptionist to keep her iPad in a locked drawer when not in use.

One of the Windows 7 workstations you manage has three user accounts defined on it. Two of the users are limited users while the third is an administrative user has been assigned a strong password. File and folder permissions have been assigned to prevent users from accessing each other’s files. What else could you do to increase the security of this system?
Disable autorun on the system

Set a screensaver password

What are common forms of social engineering attack?
Hoax virus information e-mail.
What is a form of attach that tricks victims into providing confidential information, such as identity information or logon credentials, through e-mails or Web sites that impersonate an online entity that the victims trusts, such as financial institution or well known e-commerce site?
Phishing
What is the best countermeasure against social engineering?
User awareness training
What would indicate when a system case cover is removed?
Chassis intrusion detection
What security measure uses a unique key that can be used for hardware system identification?
Trusted Platform Module (TPM)
You want to configure your computer so that a password is required before the operating system will load. What should you do?
Configure a user password in the BIOS
If your anti-virus software does not detect and remove a virus, what should you try first?
Update your virus detection software
You discover that a system on your network has been infected with a worm. What is the best way to prevent the spread of the worm to other systems while you work on removing the worm?
Quarantine the computer
A user reports that her machines is behaving erratically. She suspects something is wrong because lately a firewall alert keeps indicating programs are trying to access the Internet, and several files have disappeared or have been renamed. What do you suspect is causing these problems?
Malware infection
What is not a form of biometrics?
Token device
What is the most common form of authentication?
Username and password
What type of biometric authentication uses the ridges of your skin?
Fingerprint
What provides security for wireless networks?
WPA2
What wireless security methods uses a common shared key configured on the wireless access point and all wireless clients?
WEP, WPA Personal, and WPA2P Personal
What TCP/IP protocol is s secure form of HTTP that uses SSL as a sublayer for security?
HTTPS
A small business named Widgets, INC. has hired you to evaluate their wireless network security practices. As you analyze their facility, you note the following using a wireless network locator device:

-They use an 802.11n wireless network
-The wireless network is broadcasting a SSID of Liksys
-The wireless network uses WPA2 with AES security
-Directional access points are positioned around the periphery of the building.

Based on this information, what should you recommend your client do to increase their wireless network security?

Disable SSID broadcast

Change the SSID to something other than the default

A small business named BigBikes, Inc. has hired you to evaluate their wireless network security practices. As you analyze their facility, you note the following?

-They use an 802.11n wireless network
-The wireless network SSID is set to BWLAN
-The wireless network is not broadcasting the network SSID
-The wireless network uses WPA2 with AES security
-Omni-directional access points are positioned around the periphery of the building

Based on this information, what should you recommend your client do to increase their wireless network security?

Implement directional access points
Your client has fired you to evaluate their wired network security posture. As you tour their facility, you note the following:

-Server systems are kept in a locked server room
-User accounts on desktop systems have strong passwords assigned.
-A locked door is used to control access to the work area. Users must use ID badges to enter the area.
-Users connect their personal mobile devices to their computers using USB cables.
-Users work in three 8-hour shifts per day. Each computer is shared by three users. Each user has a limited account on the computer they use.

Based on this information, what should you recommend your client do to increase security?

Disable the USB ports on user’s workstations
You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. What IP ports should you open on the firewall?
25
110
To increase security on your company’s internal network, the administrator has disabled as many ports as possible. Now, however, through you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443
You are configuring a firewall to allow access to a server hosed on the demilitarized zone of your network. You open IP ports 80, 25, 110 and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
Web server, e-mail server
You would like to control Internet access based on users, time of day, and Web sites visited. How can you do this?
Install a proxy server. Allow Internet access only through the proxy server.
What functions are performed by proxy servers?
Block employees from accessing certain Web sites

Cache web pages

Two employees cannot access any sites outside of the local network, but can still access internal files on other internal subnets. Other employees are not experiencing the same problem. You suspect the issue may have something to do with the proxy server on your network and the settings in Internet Explorer. What should you do?
Identify the proxy server name and port number in Internet Options.