Final Last Quiz

Most information security breaches start with the

compromise of small pieces of an organization’s infrastructure—often one or two systems at a time. these targets are called

Which model identify the risk that the use of highly privileged accounts for day-to-day administration presents, in addition to providing recommendations to reduce that risk.

Windows security event logs have categories and

subcategories that determine which security events are tracked and recorded.

The accounts in Active Directory that are most commonly targeted by attackers are those that are members of the less privileged groups,

Pass-the-hash (PTH) and other credential theft attacks are ubiquitous today, it is because there is freely available tooling that makes it simple and easy to extract the credentials of other privileged accounts when an attacker has gained Administrator- or SYSTEM-level access to a computer.

Whether an organization deploys consistent baseline settings across servers, the installation of applications that are part of a server’s defined role should not be

permitted.

Root-cause analysis of enterprise-wide 27 Best Practices for Securing Active Directory incidents often reveals that an initial compromise is effected through custom applications–particularly those that are Internet facing.

SQL Injection is an application vulnerability that allows user-defined input to modify a SQL statement that is passed to the database for execution.

XSS is often exploited in online banking and e-commerce scenarios where an attacker can make purchases or transfer money in the context of the exploited user.

The Microsoft Security Development Lifecycle (SDL) is a set of structural process controls that work to improve security beginning early in requirements gathering and extending through the lifecycle of the application until it is decommissioned.