footprinting: Represents a security threat to your DNS enviroment.

Footprinting
refers to the process of maliciously gaining information about domains. DNS zone
data can then be used in a malicious attack such as DOS attack.

Sender Policy Framework: Records provide email protection from spoofing and
phishing.

Firewall Classes: Class 1 - Personal Firewall, Class 2 - Router Firewall, Class 3 -

Low End Hardware Firewall, Class 4 - High End Hardware Firewall, Class 5 - High End
Server Firewall.

Root CA is self certifying.

Delegated standard domain users and domain admins can administer a read only domain
controller RODC.

To ensure that a specific web site do not have access to your browsing patterns you
would use InPrivate filtering. InPrivate filtering settings allow you to identify
the web sites you will allow to receive data about the web sites you visited.

Protocol Spoofing is often undertaken during network sniffing attack. Spoofing

involved forging network frame address fields to impersonate network hosts.

DNS Cache poising attack occurs when a malicious agent alters the name resolution
data of a DNS server.

Encapsulating Security Payload (ESP) provides both data confidentiality and

authentication.

Stateful firewall keeps track of the state of the connection and can log
information about connections.

Windows Updata Agent should be used for mobile clients. WUA contacts microsoft
windows update web site directly and checks for updates. You can control whether
the updates are downloaded and installed automaitcally for each client.

When you move an encrypted file to an unencrypted folder on an NTFS partition it

will remain encrypted.

WPA Uses and Requires TKIP. TKIP users initialization vector and preshared key
values to generate encryption keys.

DMZ also referred to as a perimeter network or screened subnet. A DMZ can contain
servers that allow public access, firewalls are usually implemented between DMZ and
the public untrusted network.

Public Encryption keys in asymmetric encryption is used to encrypt data and can be
distrubuted by certificate. Two Keys are used in asymmetric encryption as public
and private keys.

Patching: Applying patches or interim fixes to either OS or other software.

Hardening: Making changes to the OS, Network or Applications to reduce the

vulnerability to attacks.

Security Log: All security audits including policy changes are written to the
security log.

Tunneling Ecapsulates packets of one protocol inside another protocol. In effect

the packet is carried as the payload of another packet.

Encapsulating Security Payload provides both data confidentiality and

authentication. Internet protocol security is a protocol suite that greatley
enhances the security of IP communications.