CYSE 101 Final Exam 2023 with 100% correct answers

How does the principle of least privilege apply to operating system hardening? prevents attack actions that require administrator or root privilege What is the difference between a port scanner and a vulnerability assessment tool? port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports What does applying a vendor OS update (patch) usually do? ... What does executable space protection do for us and how? prevents buffer overflow attacks from working by blocking code execution on the memory stack If an antivirus tool is looking for specific bytes in a file (e.g., hex 50 72 6F etc.) to label it malicious, what type of AV detection is this? signature Which of the following is not part of operating system hardening? Changing the main network firewall ruleset Why might we want a (software) firewall (FW) on our host if one already exists on the network? host FWs know more about the local system Are nmap results always accurate, or is it sometimes necessary to verify nmap output with another tool? you should verify nmap results with another tool or data source Exploit frameworks make it... easier for amateurs to launch cyber attacks What is a cyber attack surface? the total of the number of available avenues through which our system might be attacked What does a fuzzing tool do? Provide multiple data and inputs to discover vulnerabilities