| < Day Day Up > |
|
The following tips have been collected to sum up the topics covered in Chapter 7. They represent the areas of study that deserve the most attention, so memorize away!
A distributed computing environment (DCE) is where applications are running across multiple computers in a network. Distributed applications include applets (Java, ActiveX), agents, and objects.
The nondistributed environment category of applications presents a threat to the local system. Nondistributed applications include viruses, worms, Trojans, and logic bombs.
Updates come in many forms. Know the differences between hot-fixes, services packs, patches, and upgrades.
Update = version 1.0 > 1.5. Upgrade = version 1.5 > 2.0.
Staying current is vital. Subscribe to mailing lists to keep up-to-date on security bulletins.
To harden Web servers, use SSL, block unused ports, and disable unnecessary services. For remote administration, replace Telnet with SSH.
To harden e-mail servers, use secured versions of SMTP, POP3, and IMAP. Kerberos and S/MIME can also secure mail traffic. Scan for viruses.
To harden FTP servers, disable anonymous accounts.
To harden DNS servers, use DNSSEC.
To harden DHCP servers, limit DHCP scope, extend lease times, and reserve IPs.
To harden any server, apply updates. Use encryption and firewalls. Make use of redundancy techniques such as data backups, secondary servers, RAID arrays, server clusters, mirroring, replication, and backup power.
Memorize the interchangeable database terms. Tuple = row.
A relation is a table of rows and columns in a relational database.
Metadata is data about data.
Relationships aim to link the elements of a database together. Know the difference between one-to-one, one-to-many, and many-to-many relationships. Also remember that different database models make relationships in different manners.
Views restrict what is displayed in a database.
Both network and hierarchical databases use parent-child relationship models. Children in network databases can have more than one parent. Children in hierarchical databases have only one parent.
Data mining extracts trends and patterns from a data warehouse.
Aggregation is a security threat where combined low-level access rights grant access to high-level data.
Inference is the problem of high-level data being deduced via a portrayal of low-level data. Know the methods that prevent inference attacks.
Polyinstantiation fights inference attacks by inserting multiple copies of data with differing security levels.
Perturbation or noise prohibits inference attacks by inserting phony data in a database to confuse attackers.
Partitioning splits up a database to complicate inference.
Covert channels are exposed links between high-level and low-level data in a multilevel secure (MLS) system.
SQL is the standard for query languages used by DBMSes. They define the structure of queries.
Knowledge-based systems (KBS) solve problems by interfacing users with a knowledge base.
Expert systems are KBSes that are fed rules and actions. They don't learn-they just respond.
Neural networks are KBSes that simulate biological nervous systems. They are trained and they can learn over time. Also known as AI (artificial intelligence).
SDLC splits application development into phases. It focuses on documentation, teamwork, and standardization.
The certification/accreditation process provides an approval to operate.
Machine code is what all program languages must ultimately be translated into.
Java is a high-level language that is interpreted or translated one command at a time.
C++ is high-level language that is compiled or translated into an executable file in one process.
Abstraction classifies objects in OOP.
Reference monitor monitors subject requests for objects.
Primary storage is the central memory area of a computer. It is volatile.
Secondary storage consists of HDDs and the like. It is not volatile.
Virtual storage is comprised of secondary storage areas. It compliments primary storage.
Sequential storage refers to intermittently accessed storage areas like backup tapes.
| < Day Day Up > |
|