1

Question 1

Incident response phases

Answer 1

Preparation
Detection & Analysis
Containment, Eradication & Recovery
Post-event activity

From NiST

Question 2

Types of halon

Answer 2

1211 only in portable, streaming agent

1301 only in fixed, flooding agent

Question 3

Sha

Answer 3

Secure Hash Algorithm
Hashing algorithm
20 byte output

Question 4

AES

Answer 4

Advanced Encryption Standard 
Original name rijndael
Block cipher
Block size 128
Key length 128, 192, 256

Question 5

EAP

Answer 5

Extensible authentication protocol
Used by ppp
Support multi auth mechanisms
Token cards, smart cards, certs, opt, public key enc

Question 6

Usage gap

Answer 6

Total potential - actual current usage

Question 7

Used to authent asym keys

Answer 7

Password

Question 8

Circuit level firewall

Answer 8

Provides udp and tcp connection security

Operates transport and application layers such as session

Question 9

Stream cipher

Answer 9

Faster than block

Question 10

PEAP

Answer 10

Protected Extensible Authentication Protocol
Mschap
Gtc

Question 11

IDEA

Answer 11

International data encryption algorithm

Symmetric block cipher

Question 12

DES

Answer 12

Data encryption standard

Symmetric block

Question 13

Blowfish

Answer 13

Symmetric block

Key 32 to 448 bits

Question 14

Two fish

Answer 14

Symmetric block
Block 128
Key up to 256

Question 15

ECB

Answer 15

Electronic Code Book
Block Cipher
Same key on each block

Question 16

CBC

Answer 16

Cipher Block Chaining
Block cipher
Uses IV on first block
Plaintext XORed with previous ciphertext before being encrypted

Question 17

PCBC

Answer 17

Propagating Cipher Block Chaining
Block Cipher
uses IV on first block
Plaintext XORed with both previous plaintext and previous ciphertext before being encrypted

Question 18

CFB

Answer 18

Cipher Feedback
makes a block cipher into a self-syncronizing stream cipher
if part of encrypted message lost, only part of decryption lost.

Question 19

OFB

Answer 19

Output Feedback
makes a block cipher into a synchronous stream cipher
allows many error correction codes to function even when applied before encryption

Question 20

smart cards

Answer 20

typically credit card sized
embedded IC
some have electrical contacts
does not display

Question 21

MD5

Answer 21

Message Digest
Hash
128 hash output

Question 22

SOM

Answer 22

Service-Oriented Modeling
Comprehensive view of analysis, design and arch of all software entities
View software entities as assets referred to as services

Question 23

SOMF

Answer 23

Service-Oriented Modeling Framework
Modeling language for software development
practices, environments, disciplines, artifacts
SOA Value Proposition
Software Assets reuse
Architectural components abstraction
Business Traceability

Question 24

IPSEC Authentication Methods

Answer 24

Pre-shared key
Certificate
Kerberos

Question 25

Kerberos Components

Answer 25

3 main Authentication Server Ticket Granting Server Principles Database

Question 26

IPComp

Answer 26

IP Payload Compression

Question 27

SABSA

Answer 27

Sherwood Applied Business Security Architecture Business driven, risk and opportunity focused security architectures traceably support business objectives

Question 28

SSH encrypt options

Answer 28

inlcude AES, Blowfish, 3DES, CAST128, Arcfour (RC4), IDEA

Question 29

L2TP

Answer 29

layer 2 Tunneling Protocol operates at layer 2 Extenion of PPTP Used to enable the operation of a VPN over Internet Does not provide encryption or confidentiality by itself

Question 30

IPSec

Answer 30

protocol suite that authenticates and encrypts the packets of data sent over an IP network. used in VPNs. Mutual Authentication

Question 31

RC4

Answer 31

aka ARC4 | stream cipher

Question 32

RC5

Answer 32

Rivest Cipher Symmetric block cipher

Question 33

SKA

Answer 33

Shared Key Authentication | WEP encryption key shared in advance

Question 34

SwIPe

Answer 34

1993 | Provides confidentiality, Integrity and authentication with end to end and intermediate hop security

Question 35

ALE

Answer 35

Annualized Loss Expectency | product of ARO (Annual Rate of Occurance) and SLE (Single Loss Expectancy)

Question 36

SLE

Answer 36

Single Loss Expectency

Question 37

ARO

Answer 37

Annual Rate of Occurance

Question 38

EF

Answer 38

Exposure Factor | Potential percentage of loss if a specific threat is realized

Question 39

AV

Answer 39

Asset Value

Question 40

MS-CHAPv2

Answer 40

Provides mutual authentication

Question 41

Layer 1 protocols

Answer 41

10BaseT DSL, ISDN Infrared

Question 42

Layer 2 protocols

Answer 42

``` ARP ATM CHAP CDP Ethernet L2TP MAC PPP PPTP STP Spanning Tree Protocol VLAN ```

Question 43

Layer 3

Answer 43

``` network layer NAT AppleTalk IP ICMP ARP RIP OSPF IPSec ```

Question 44

Layer 4

Answer 44

``` Transport Layer ESP NetBios SPX TCP UDP ```

Question 45

layer 5

Answer 45

``` Session Layer - provides session management netbios RPC SMB SOCKS ```

Question 46

Layer 6

Answer 46

``` Presentation layer TLS SSL FTP IMAP SSH ```

Question 47

Layer 7

Answer 47

``` Application Layer SOAP DHCP DNS HTTP/S NFS POP3 SNMP Telnet SSH TFTP ```

Question 48

X.25

Answer 48

ITU-T protocol suite for packet switched WAN

Question 49

Skipjack

Answer 49

used by clipper chip | symmetric block cipher

Question 50

Clipper Chip

Answer 50

used Skip Jack to encrypt and Diffie Hellman key exchange

Question 51

MAC

Answer 51

Message Authentication Code

Question 52

SKIP

Answer 52

Simple Key Management for Internet Protocol encryption tool used to protect sessionless datagram protocols. designed to integrate with IPSec layer 3

Question 53

ElGamal

Answer 53

Asymetric encryption | based on Diffie Hellman key exchange

Question 54

Blueprint

Answer 54

A detailed plan or program of action. | overall architecture first, then individual components

Question 55

Security Architecture

Answer 55

Think of same way home architecture How many doors and windows are there? Who is allowed in and out of each opening? Must people in home identify self before going out and back in? What possessions need protection? What people need protection?