978-0840020932 Chapter 16

Chapter 16: Windows Vulnerabilities

TRUE/FALSE

1. Windows XP is a multitasking operating system based on Windows 2010.

2. There are several vulnerabilities in Windows Server 2008, XP, Vista, 7, and 8.

3. The NTFS file system is more secure than the FAT32 file system.

4. Changing settings in the registry without understanding the effects can easily render a Windows

installation inoperable.

5. RDP stands for Remote Desktop Protocol.

MULTIPLE CHOICE

1. The most widely used operating systems on larger servers is one of the many versions of ____.

a.

UNIX

c.

MAC OS

b.

Windows XP

d.

Windows NT

2. ____ is a multiuser, multitasking operating system based on Windows 2000.

a.

Windows Vista

c.

Windows XP

b.

Windows 7

d.

Windows 8

3. The easiest way to break password security on a Windows 2000 or later machine is to use a ____

program which can set the administrator password to a blank.

a.

password-guessing

c.

password-cracking

b.

password-burning

d.

password-generator

4. ____ allows the authenticated users of a Windows domain to access resources on another domain,

without being authenticated by it.

a.

SAM database

c.

Password-burning

b.

ACL

d.

Trust relationship

5. The most frequently discovered vulnerabilities in modern Windows operating systems are those related

to obtaining ______________.

a.

codes

c.

trust relationships

b.

SIDs

d.

permissions

COMPLETION

1. ______________________________ was built along the continuum of increased security features that

began in 2002 when Bill Gates announced his Trusted Computing Initiative (TCI) in response to calls

from customers for greater attention to security.

2. Windows 2000 and later applications store passwords in the form of hash values in a database called

______________________________.

3. The Microsoft utility ____________________ safeguards passwords from cracking activities. This

utility encrypts passwords with a 128-bit algorithm, making it very difficult to crack.

4. ____________________ was the first version of Windows to use a registry, though it was not the source

of all its system settings.

5. The __________ service of Windows operating systems does not validate inputs that are submitted to it

for processing.

1. What are the most important Windows operating systems?

2. Describe the main characteristics of Windows Server 2008.

3. Briefly describe the main characteristics of Windows Vista.

4. Explain why the SetValue access should be restricted to specific users.

5. Describe an example of code execution vulnerability.