Security+ (Syo-201) Domain #1: Systems Security

A buffer overflow occurs when a program or application is provided with more data than it can handle. This can lead to the excess data overwriting adjacent memory locations, causing the program to behave unexpectedly or crash. It is a common vulnerability that can be exploited by attackers to execute arbitrary code or gain unauthorized access to a system.

Adware is a type of software that displays advertisements, often in the form of pop-ups, while running on a computer. It is designed to generate revenue for the software developer by promoting products or services. Unlike spyware or malware, adware does not typically harm the computer or steal personal information. Tupperware, on the other hand, is a brand of food storage containers and is unrelated to the question.

Turning off auditing is not part of hardening the operating system because auditing is an important security feature that helps track and monitor system activities. It allows administrators to identify and investigate any suspicious or unauthorized activities on the system. Disabling auditing would hinder the ability to detect and respond to potential security breaches or incidents. Therefore, it is not recommended as part of the hardening process.

A service pack is a single package that contains multiple updates to a program. It is typically released by software vendors to provide bug fixes, security enhancements, and additional features. Service packs are designed to update and improve the overall functionality and stability of the program. Unlike hotfixes or patches, which address specific issues or vulnerabilities, a service pack includes a collection of updates that have been tested and bundled together for easier deployment and installation.

DNS (Domain Name System) is a protocol used for translating domain names into IP addresses. DNS name queries are performed to retrieve information about domain names, such as the IP address associated with a specific domain. These queries are sent over UDP (User Datagram Protocol) port 53, making it the correct answer for the service that runs over this port. UDP is a connectionless protocol that provides a faster and more lightweight communication compared to TCP (Transmission Control Protocol), which is used for reliable and ordered data transmission.

25 is SMTP, 139 is NetBios Session Service, 110 is POP3 (email)

Java is the correct answer because it is a software program that runs in a sandbox. A sandbox is a secure environment that isolates the program from the rest of the system, preventing it from accessing sensitive resources or causing harm. Java's sandbox environment allows it to execute untrusted code safely by restricting its access to certain system resources and preventing malicious actions. This makes Java a popular choice for running applications in a secure and controlled manner.

A retrovirus is best described as a virus that attacks or bypasses anti-virus software. Retroviruses are a type of RNA virus that replicate by converting their RNA into DNA and integrating it into the host cell's genome. This allows them to evade detection and removal by anti-virus software, making them particularly dangerous. They have the ability to modify their own code and adapt to the defenses put in place to combat them, making them highly effective at infecting and spreading within a system.

The correct answer is "companion." A companion virus is a type of virus that relies on the weakness of the 8.3 file naming convention. The 8.3 file naming convention is a limitation in older operating systems that only allowed file names to be a maximum of 8 characters long, followed by a period and a 3-character file extension. Companion viruses take advantage of this limitation by creating a file with the same name as an existing file but with a different file extension. When the original file is executed, the companion virus is also executed, infecting the system.