Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following would provide the BEST level of protection?
Correct Answer: A
Section: Threats and Vulnerabilities
A zero day vulnerability is an unknown vulnerability so there is no fix or patch for it. One way to attempt to work around a zero day vulnerability would be to restrict the permissions by using an ACL (Access Control List)
A zero day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it — this exploit is called a zero day attack. Uses of zero day attacks can include infiltrating malware, spyware or allowing unwanted access to user information. The term “zero day” refers to the unknown nature of the hole to those outside of the hackers, specifically, the developers. Once the vulnerability becomes known, a race begins for the developer, who must protect users.
B: Dumpster diving is looking for treasure in someone else’s trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn’t limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. Using proximity card readers instead of the traditional key punch doors would not prevent dumpster diving. You cannot prevent dumpster diving by using an ACL. This answer is therefore incorrect.
C: A virus outbreak is a virus spreading around multiple computers. A virus can be stopped by using antivirus software. A virus could possibly be restricted by an ACL on a single computer but it would be difficult to configure ACLs quickly on several computers.
D: Tailgating in IT security would be an unauthorized person following and authorized person into a building or room such as a datacenter. If a building has a card reader where an authorized person can hold up a card to the reader to unlock the door, someone tailgating could follow the authorized person into the building by walking through the door before it closes and locks. You cannot prevent tailgating by using an ACL. This answer is therefore incorrect.