Various Concepts

Question 1

software based client that monitors data in use on a computer and can stop file transfers or alert admins of the transfers base on a set of rules or policies.

Answer 1

Endpoint dlp

Question 2

software or hardware solution installed on the perimeter of the network to protect data in transit.

Answer 2

Network dlp

Question 3

software stored on servers in a data center to protect data at rest.

Answer 3

Storage dlp

Question 4

Software to protect data being stored in cloud services, usually a SaaS solution.

Answer 4

Cloud dlp

Question 5

UEBA

Answer 5

User and Entity Behavior Analytics

Question 6

SCCM

Answer 6

System Center Configuration Management - Microsoft software management system for admin device management.

Question 7

trusted program to ensure that microprocessors in the supply chain are secure and is overseen by the Department of Defense

Answer 7

Trusted Foundry Program

Question 8

process of ensuring that hardware is procured tamper free from a trusted supplier.

Answer 8

Hardware Source Authenticity

Question 9

cryptographic module embedded within a computer system that can endorse trusted execution and can attest to boot settings and metrics

Answer 9

Root of Trust - ROT

Question 10

PUF

Answer 10

Physically Unclonable Function - anti tamper mechanism used inside systems (ROT policies).

Question 11

UEFI feature that prevents unwanted process from executing during the boot process.

Answer 11

Secure Boot

Question 12

UEFI feature that gathers secure metrics to validate the boot processes in an attestation report.

Answer 12

Measured Boot

Question 13

A claim that the data presented is valid by digitally signing it using a TPM’s private key.

Answer 13

Attestation

Question 14

A means for software or firmware to permanently alter the state of a transistor on a computer chip.

Answer 14

eFuse

Question 15

an update digitally signed by the vendor.

Answer 15

Trusted Firmware Update

Question 16

low-level CPU changes and instructions that ensure secure processing and are built into the microprocessor.

Answer 16

Processor Security Extensions

Question 17

AMD chip PSEs

Answer 17

• SME Secure Memory Encryption
• SEV Secure Encrypted Virtualization

Question 18

Intel chip PSEs

Answer 18

• TXT Trusted Execution Technology
• SGX Software Guard Extensions

Question 19

extensions that allow a trusted process to create an encrypted container for sensitive data.

Answer 19

Secure Enclave

Question 20

operations that should only be performed once or not at all.

Answer 20

Atomic Execution

Question 21

key signature of a directory traversal attack

Answer 21

../../ or dot dot slash and %255

Question 22

key signature of a SQL attack

Answer 22

’ or 1 = 1

Question 23

occurs when an attacker is able to execute run commands physically on a victim computer

Answer 23

Arbitrary Code Execution

Question 24

occurs when an attacker is able to execute run commands on a victim computer remotely

Answer 24

RCE Remote Code Execution

Question 25

occurs when an attacker fills up the buffer with NOP (nonoperation instruction) so that the return address may hit a NOP and continue until it finds the attacker’s code to run

Answer 25

smash the stack

Question 26

User’s web browser is exploited by the attacker, usually by a compromised web server

Answer 26

XSS

Question 27

The web page is exploited the user’s browser. User is already authenticated, then the attacker uses that trust to exploit the web site.

Answer 27

XSRF

Question 28

Hosts or servers located in the DMZ that do not have any services configured to run on the local network.

Answer 28

Bastion Hosts

Question 29

secures the network by keeping the machines behind it anonymous while web surfing. Uses NAT.

Answer 29

IP Proxy

Question 30

Attempts to serve clients content itself without contacting the remote server.

Answer 30

Caching Proxy

Question 31

Used to prevent devices from connecting to prohibited websites and other content.

Answer 31

Internet Content Filter

Question 32

A go between device that scans for viruses, filters content, and performs dlp functions.

Answer 32

Web Secure Gateway WSG

Question 33

Low upfront cloud storage solutions, but exorbitant fees to move the data from the cloud to another provider or on prem solution due to bandwidth and storage costs to transfer the large amounts of data

Answer 33

Vendor Lockin

Question 34

Security appliance set up at the client network edge to forward traffic to the cloud network if the content complies with the policies.

Answer 34

Forward Proxy: Users can evade forward proxies.

Question 35

A security appliance set up at the cloud network edge that forwards content if it complies with policy. Cloud provider must support this to work.

Answer 35

Reverse Proxy

Question 36

FAAS

Answer 36

Function as a Service

Question 37

A software architecture that runs functions within virtualized containers at runtime instead of on dedicated servers.

Answer 37

Serverless

Question 38

AWS storage containers

Answer 38

Buckets

Question 39

Microsoft azure storage containers

Answer 39

Blobs

Question 40

CORS

Answer 40

Cross Origin Resource Sharing. A network policy that allows the browser to treat content from nominated domains as safe.

Question 41

DoS attack which attempts to send more packets to a device/server than it can handle.

Answer 41

Flood Attack

Question 42

A flood/dos attack using ICMP pings.

Answer 42

Ping of Death

Question 43

attacker sends a ping to a subnet broadcast address and the devices reply to a spoofed ip address (victim’s server) using bandwidth and power.

Answer 43

Smurf Attack

Question 44

flood attack using udp packets to flood the target device.

Answer 44

Fraggle Attack

Question 45

DOS attack where the attacker initiates multiple TCP sessions but does not complete the three way handshake. Flood Guards are used to prevent these attacks.

Answer 45

SYN FLOOD

Question 46

a network scan attack that sets the FIN, PSH, and URG flags that can cause a system to crash.

Answer 46

XMAS Attack

Question 47

breaks apart packets into IP fragments and modifies them with oversized payloads and sends them to a victim machine.

Answer 47

Teardrop Attack

Question 48

exploits a security flaw to permanently break a device by reflashing its firmware.

Answer 48

Permanent DOS attack

Question 49

attack that creates a large number of resources to use up the available processing power of the device

Answer 49

Fork Bomb

Question 50

If A=B=C, then A=C: If any trusted network is compromised, all trusted networks are also.

Answer 50

Transitive attack

Question 51

name resolution info is modified in the DNS server’s cache

Answer 51

DNS Poisoning

Question 52

DNS attack where the attacker requests copies of the DNS info (server names, ip info) to their system for future attacks

Answer 52

Unauthorized Zone transfer

Question 53

DNS attack where the attacker modifies the host file to have the client bypass the dns server and redirects to a malicious site.

Answer 53

Altered Host File

Question 54

occurs when an attacker redirects one website’s traffic to another bogus/malicious website.

Answer 54

Pharming

Question 55

exploits the process in how dns names are registered and prevents domain names from being registered.

Answer 55

Domain Name Kiting

Question 56

Key differences between WEP, WPA, WPA2, and open networks

Answer 56

: open=no security. WEP = weak IV, WPA = TKIP and RC4, WPA2 = CCMP and AES,

Question 57

key components of the two WPA3 modes

Answer 57

WPA3(Enterprise Mode) AES-256 W/SHA-384 hash (Personal Mode) CCMP128 key and uses PFS instead of PSK

Question 58

Class A Fire Suppression base, use, and symbol

Answer 58

Water, ordinary combustibles, and green triangle w/A

Question 59

Class B Fire Suppression base, use, and symbol

Answer 59

Dry chemical or CO2, flammable gasses and liquids, red square withB

Question 60

Class C Fire Suppression base, use, and symbol

Answer 60

CO2, electrical fires, blue circle w/C

Question 61

Class D Fire Suppression base, use, and symbol

Answer 61

dry powder blend, combustible metals, yellow pentagon w/a D

Question 62

Class K Fire Suppression base, use, and symbol

Answer 62

Potassium based, cooking oils and animal fats, black hexagon with a K

Question 63

Location of HVAC hot and cold isles.

Answer 63

Cold isles front of rack, hot isles at rear of rack

Question 64

shielding installed around an entire room to prevent electromagnetic energy from entering or exiting the area.

Answer 64

Faraday Cage

Question 65

U.S. Government standards for the level of shielding required in a building to ensure emissions and interference cannot enter or exit the facility.

Answer 65

Tempest

Question 66

CAN

Answer 66

Controller Area Network – a digital serial data communications network used in vehicles.

Question 67

OBD-2

Answer 67

Onboard Diagnostics module – external interface for CAN networks

Question 68

describe 3 CAN vulnerabilities

Answer 68

Attach the exploit to the OBD-2, exploit over onboard cellular, or over onboard wifi

Question 69

Main difference between SoC and FPGA

Answer 69

SoC cant be changed, FPGA can be changed as needed.

Question 70

Digital serial data connections used in operation technology networks to link PLCs

Answer 70

Fieldbus

Question 71

input and output controls on a PLC that allow a user to configure and monitor the system.

Answer 71

HMI Human Machine Interface

Question 72

software that catalogs and aggregates data from multiple sources within an ICS

Answer 72

Data Historian

Question 73

Key difference between ICS and SCADA

Answer 73

ICS = single location, SCADA multi point of a geographical region.

Question 74

communications protocol used in operational technology networks

Answer 74

Modbus

Question 75

4 key controls for mitigating vulnerabilities in specialized systems (ISC & SCADA):

Answer 75

1. Establish admin control by recruiting staff w/relevant expertise.
2. Implemint minimum links by disconnecting unnecessary services, protocols, etc.
3. Develop and test a patch management program for OT networks.
4. Perform regular audits of logical and physical access to these systems.

Question 76

BAS

Answer 76

Building Automation System

Question 77

utilizes a web of trust between organizations where each one certifies others in the federation. Not efficient for large network of organizations.

Answer 77

Cross-Certification authentication

Question 78

Organizations authorize based on a single third-party organization. More efficient.

Answer 78

Trusted Third Party(bridge model)

Question 79

Users log in to an Identity Provider(IP) and uses their account at Relying Parties (RP). Largest is google.

Answer 79

Open ID

Question 80

IEEE Standardized framework used for port based authentication for both wired and wireless networks.

Answer 80

802.1x

Question 81

application layer protocol for accessing and modifying directory services. Used in MS AD.

Answer 81

LDAP

Question 82

what is the supplicant in the 802.1x process

Answer 82

pc, client, etc.

Question 83

The device through which the supplicant is attempting to access the network(switches, vpn concentrators, etc.). 802.1x process

Answer 83

Authenticator

Question 84

The centralized device that performs the authentication (RADIAUS, TACACS, etc. servers) . 802.1x

Answer 84

authentication server

Question 85

A standardized framework of protocols that allows for many methods of authentication including passwords, PKI, and digital certificates.

Answer 85

EAP

Question 86

uses simple passwords, CHAP for authentication, and a 1 way process.

Answer 86

EAP MD5

Question 87

uses PKI and digital certificates for mutual authentication (2 way).

Answer 87

EAP TLS

Question 88

requires server-side digital certificates and a client-side password for mutual authentication.

Answer 88

EAP TTLS

Question 89

uses protected access credentials (a security credential generated by the server that holds information specific to a peer) instead of digital certificates for mutual authentication.

Answer 89

EAP FAST

Question 90

uses server certificates and MS Active Directory databases to authenticate a client’s password.

Answer 90

PEAP

Question 91

Cisco’s proprietary authentication protocol requiring Cisco based networks.

Answer 91

LEAP

Question 92

Cross platform version of RDP(MS only) for remote user GUI access.

Answer 92

Virtual Network Computing (VNC)

Question 93

specialized hardware device that allows for hundreds of simultaneous vpn connections from remote devices.

Answer 93

vpn concentrator

Question 94

a remote worker’s machine diverts internal traffic(file transer, email, etc.) over a vpn and external traffic over their own internet connection.

Answer 94

Split tunneling

Question 95

Cisco’s proprietary version of RADIUS and is not available for cross platform use..

Answer 95

TACACS+

Question 96

attack that intercepts API calls between the browser process and its DLLs.

Answer 96

MITB Man in the Browser

Question 97

brute force attack where stolen names and passwords are tried against multiple websites.

Answer 97

Credential Stuffing

Question 98

software vulnerability where the authentication mechanism allows an attacker to gain entry.

Answer 98

Broken Authentication

Question 99

the access control policy is determined by the owner.

Answer 99

DAC

Question 100

the computer systems determine the access control policies for an object. Military, top secret, secret, etc. Lattice and Rule based are MAC models.

Answer 100

MAC

Question 101

uses a set of permissions instead of labels in MAC.

Answer 101

RBAC - Role Based

Question 102

if/then access control. If Jason is in HR, then give access to HR files.

Answer 102

Attribute based

Question 103

requires more than one person to conduct a sensitive task or operation.

Answer 103

Separation of Duties

Question 104

ADUC

Answer 104

Active Directory Users and Computers

Question 105

3 Types of Linux user permissions

Answer 105

U = owners, G = groups, and O or A = all users.

Question 106

used to change permissions or rights of a file of folder system in linux.

Answer 106

chmod change mode

Question 107

Linux numeric value for R,W, and X

Answer 107

: 4(R) = read, 2(W)= write, 1(X) = Execute. (binary values) Add to combine, 6=rw, 3 = wx, etc.

Question 108

occurs when permissions are passed to a subfolder from the parent through inheritance.

Answer 108

Propagation

Question 109

Two most popular password crackers

Answer 109

Cain and Able & John the Ripper

Question 110

Attack method where a program attempts to guess a password by using a list of possible passwords.

Answer 110

Dictionary attack

Question 111

Attack method where a program attempts to try every possible combination until the password has been compromised.

Answer 111

Brute Force Attack

Question 112

attack method that compares a precomputed encrypted password to a value in a lookup table.

Answer 112

Cryptanalysis Attack

Question 113

A list of precomputed values (hashes) to more quickly break a password.

Answer 113

Rainbow table

Question 114

network traffic is analyzed to discover predetermined attack patterns.

Answer 114

Signature-based monitoring

Question 115

network traffic is analyzed to discover traffic that is outside of an established baseline.

Answer 115

Anomaly-based monitoring

Question 116

network traffic is analyzed to discover data that does not match previous network activity, applications, etc.

Answer 116

Behavior-based monitoring

Question 117

Windows program for performance monitoring.

Answer 117

perfmon.exe (perfmon in cmd will load)

Question 118

2 Protocol analyzer modes

Answer 118

Promiscuous and Non-Promiscuous modes

Question 119

Network adaptor captures all traffic on the network regardless of the MAC address on the frames carrying them.

Answer 119

Promiscuous Mode

Question 120

Network adaptor only captures traffic directly addressed to itself.

Answer 120

Non-promiscuous mode

Question 121

Data files that contain the accounting and audit trail for actions performed by a user on the computer or network.

Answer 121

Logs

Question 122

Logs the events such as successful and unsuccessful user logons to the system.

Answer 122

Security Logs

Question 123

Logs the events such as a system shutdown or driver failure.

Answer 123

System Logs

Question 124

Logs the events for the operating system and third party applications.

Answer 124

Application Logs