Page 533 - StudyBook.pdf
P. 533
Infrastructure Security: System Hardening • Chapter 8 517
A: ACL use can define who can access, configure, and control a device, and can
also be used to control services and protocols that are allowed to pass through
devices on your network.Therefore, they become very important in the config-
uration of your security plan.
Q: Why are Web servers considered to be a high vulnerability item?
A: As development of the technologies for highly graphic sites has come about,
many of the new processes have exposed weaknesses that were not anticipated
in the original construction of the underlying OS and NOS structure. It is now
increasingly important to keep current on all of the latest security fixes to
reduce the level of vulnerability in your network.
Q: I would have never thought about a DHCP server being vulnerable! Can you
tell me why I need to worry about it?
A: DHCP servers can be used to configure client machines to reach other net-
works.A DHCP server that is not configured by you but is connected to your
network in any way, could redirect your client machines and allow a high level
of compromise to occur.
Self Test
A Quick Answer Key follows the Self Test questions. For complete questions,
answers, and explanations to the Self Test questions in this chapter as well as
the other chapters in this book, see the Self Test Appendix.
1. Bob is preparing to evaluate the security on his Windows XP computer and
would like to harden the OS. He is concerned as there have been reports of
buffer overflows.What would you suggest he do to reduce this risk?
A. Remove sample files
B. Upgrade is OS
C. Set appropriate permissions on files
D. Install the latest patches
www.syngress.com
