Security + Exam Guide (Charles River Media Networking/Security)

The following tips have been collected to sum up the topics covered in Chapter 7. They represent the areas of study that deserve the most attention, so memorize away!

• A distributed computing environment (DCE) is where applications are running across multiple computers in a network. Distributed applications include applets (Java, ActiveX), agents, and objects.

• The nondistributed environment category of applications presents a threat to the local system. Nondistributed applications include viruses, worms, Trojans, and logic bombs.

• Updates come in many forms. Know the differences between hot-fixes, services packs, patches, and upgrades.

• Update = version 1.0 > 1.5. Upgrade = version 1.5 > 2.0.

• Staying current is vital. Subscribe to mailing lists to keep up-to-date on security bulletins.

• To harden Web servers, use SSL, block unused ports, and disable unnecessary services. For remote administration, replace Telnet with SSH.

• To harden e-mail servers, use secured versions of SMTP, POP3, and IMAP. Kerberos and S/MIME can also secure mail traffic. Scan for viruses.

• To harden FTP servers, disable anonymous accounts.

• To harden DNS servers, use DNSSEC.

• To harden DHCP servers, limit DHCP scope, extend lease times, and reserve IPs.

• To harden any server, apply updates. Use encryption and firewalls. Make use of redundancy techniques such as data backups, secondary servers, RAID arrays, server clusters, mirroring, replication, and backup power.

• Memorize the interchangeable database terms. Tuple = row.

• A relation is a table of rows and columns in a relational database.

• Metadata is data about data.

• Relationships aim to link the elements of a database together. Know the difference between one-to-one, one-to-many, and many-to-many relationships. Also remember that different database models make relationships in different manners.

• Views restrict what is displayed in a database.

• Both network and hierarchical databases use parent-child relationship models. Children in network databases can have more than one parent. Children in hierarchical databases have only one parent.

• Data mining extracts trends and patterns from a data warehouse.

• Aggregation is a security threat where combined low-level access rights grant access to high-level data.

• Inference is the problem of high-level data being deduced via a portrayal of low-level data. Know the methods that prevent inference attacks.

• Polyinstantiation fights inference attacks by inserting multiple copies of data with differing security levels.

• Perturbation or noise prohibits inference attacks by inserting phony data in a database to confuse attackers.

• Partitioning splits up a database to complicate inference.

• Covert channels are exposed links between high-level and low-level data in a multilevel secure (MLS) system.

• SQL is the standard for query languages used by DBMSes. They define the structure of queries.

• Knowledge-based systems (KBS) solve problems by interfacing users with a knowledge base.

• Expert systems are KBSes that are fed rules and actions. They don't learn-they just respond.

• Neural networks are KBSes that simulate biological nervous systems. They are trained and they can learn over time. Also known as AI (artificial intelligence).

• SDLC splits application development into phases. It focuses on documentation, teamwork, and standardization.

• The certification/accreditation process provides an approval to operate.

• Machine code is what all program languages must ultimately be translated into.

• Java is a high-level language that is interpreted or translated one command at a time.

• C++ is high-level language that is compiled or translated into an executable file in one process.

• Abstraction classifies objects in OOP.

• Reference monitor monitors subject requests for objects.

• Primary storage is the central memory area of a computer. It is volatile.

• Secondary storage consists of HDDs and the like. It is not volatile.

• Virtual storage is comprised of secondary storage areas. It compliments primary storage.

• Sequential storage refers to intermittently accessed storage areas like backup tapes.