Study Guide for Windows Security Final IS3340
1. Many current operating systems actually implement microkernel architecture. Microkernel only implements the minimal required. Processes generally run in either user mode or supervisor mode.
2. The process of providing and denying access is called access control. Access control is multi step process starting with Identification and authentication. Three authentication types are type I, II, and III
3. User rights define the tasks that user is permitted to carry out, such as take ownership of objects or shutdown the computer. Permissions define what a user can do to a specific object such as read or delete the object.
4. This functionality ...view middle of the document...
13. Encryption Protocols in Microsoft Windows SSL/TLS. Provides a secure channel for HTTPS .The Client and server negotiate a cipher and then exchange a key using public key cryptography.
14. Public key infrastructure (PKI), Certificate Authority (CA), trusted source, and Registration Authority (RA).
15. Public key infrastructure (PKI), Certificate Authority (CA), trusted source, and Registration Authority (RA).
16. A computer Virus is a software program that attaches itself to, or copies itself into, another program. A worm is a type of malware that is self contained.
17. The largest number of potential victims occurs during a zero-day attack. A zero-day attack is male ware that is actively exploiting an unknown vulnerability and one or more of the following is true:
• The malwares actions have not been noticed and the vulnerability has not been discovered.
• The malwares actions have not been noticed but not identified as an attack.
• The malware and the vulnerability have been identified but no fix is available yet.
18. Common anti-malware software components; Signature database, Scanner, Vault and Shield.
19. Techniques and tools for removing Malware: 1. your anti-malware software’s support resources, 2. Microsoft are online resources specifically Microsoft Malicious Software Removal tool for Windows 7.
20. Know Aggressive prevention strategies will include the following:
• Frequent media scans
• Multiple anti-malware software shields
• Frequent signature database updates
• Restrictive software installation policy
• Restrictive download policy
• Restricted removable policy
• Limited Web browser functionality
• Not running in Administrator mode unless necessary
21. Group Policy Object order: Organizational Unit GPO, Domain GPO, Site GPO, Local GPO.
22. Unlike Local GPOs, AD GPOs do nothing until you link them to one or more containers.
23. Group Policy Inventory: the first step to using the Group Policy Inventory tool (gpinventory.exe) is to download and install it on your computer.
24. Shavlik Security Analyzers can produce output files the MBSA can read and analyze.
25. The Shavlik products NetChk Protect and NetChk Protect Limited analyze patch status of products MBSA does not support.
26. Windows Backup and Restore utility
Open the Windows Backup and Restore utility on a computer running Windows 7 using these steps:
1. Choose Windows Start Button> Control Panel
2. Select System and Security> Backup and Restore.
27. The wbadmin command line utility performs the same functions as the Microsoft Windows Backup and Restore Utility on windows workstations.
28. WBADMIN START BACKUP –backupTaget:i:, -include:c:, -allCritical, –vssFull, -quiet
29. Restoring with the Windows Backup and Restore Utility:
• The Scope of the restore operation- Choose one of the following options
• Select the Restore my files button to restore only files that you own
• Select the Restore All User’s Files link to restore...