701 - Chapter 5 Flashcards
1
Q
What is the software that creates runs and manages VMs?
A
Hyper visor
2
Q
The physical system hosting the VM is called what? The operating systems running on the on the above system are called what
A
Host…Guest
3
Q
What is the term for the ability to resize the computing capacity of the VM?
A
Cloud scalability
4
Q
What refers to the ability to dynamically change resources assigned to the VM based on the load?
A
Cloud elasticity
5
Q
What is a computer with enough resources to boot and connect to a server to run specific applications or desktops called?
A
Thin client
6
Q
What hosts a users desktop operating system on a server?
A
Virtual desktop infrastructure, VDI
7
Q
What is a type of virtualization that run services or applications within isolated containers or application cells?
A
Containerization
8
Q
What is an advantage of containerization and a disadvantage?
A
It uses fear resources and can be more efficient, but the container must use the same operating system as the host
9
Q
What is an attack that allows an attacker to access the host system from within a virtual guest system? And what is the best way to prevent against it?
A
VM escape…keeping the system up to date with patches
10
Q
What is when an organization has many VMs that aren’t appropriately managed?
A
VM sprawl
11
Q
What refers to the potential for data or resources to remain on a shared infrastructure even after they are no longer needed, making them potentially accessible to other users?
A
Resource reuse
12
Q
What are four common categories of endpoint security software?
A
Antivirus software, end point detection and response EDR, extended detection and response XDR, host intrusion prevention systems HIPS
13
Q
What is the practice of making an operating system or application more secure from its default installation? It helps eliminate vulnerabilities from default configurations misconfiguration, and weak configurations.
A
Hardening
14
Q
These practices help organizations deploy systems with secure configurations and enforce requirements that those secure configurations remain in place?
A
Configuration management
15
Q
What are the three steps to using a baseline?
A
Establish an initial baseline configuration, deploy the baseline, maintain the baseline
16
Q
One of the most common methods of deploying systems is with images starting with what?
A
A Master image
17
Q
What are two important benefits of imaging?
A
Secure starting point and reduced cost
18
Q
What are the procedures that ensure operating systems, applications and firmware or up-to-date with current patches? And what does this do?
A
Patch management procedures… it protects systems against known vulnerabilities
19
Q
What defines the process and accounting structure for handling modification and upgrades? and what is the goal?
A
Change management… To reduce risks related to unintended outages and provide documentation for all changes
20
Q
What is a list of applications authorized to run on a system?
A
An application allow list sometimes called a white list
21
Q
This is a list of applications that the system will block from installing and executing?
A
Application block list or blacklist
22
Q
Which is more restrictive a whitelist or a blacklist?
A
A white list
23
Q
What protects all of the contents of a desk using encryption called? This may be done with specialized software or be done using specialized hardware known as what?
A
Full disk encryption, FDE… self encrypting drives SED
24
Q
What is it called when the operating system goes through enough of the boot process to verify the integrity of the operating system and boot loading systems? And what does it do if it identifies an issue?
A
A measured boot… the system will halt the process and not come up
25
What is the hardware chip on a computers motherboard that stores cryptographic keys used for full disk encryption?
A trusted platform module TPM
26
What is the name of the processes that TPM supports for secure boot? And how does it work?
Boot attestation… The TPM will capture signatures of key files used to boot the computer and stores a report of the signature securely within the TPM. when the system boots, the secure boot process will compare the files against what is stored in the TPM
27
What is the name of the boot attestation process that occurs but not on the local system called?
Remote attestation
28
The TPM has what burned into it? What is it called? And what does this key provide?
A unique encryption key… the endorsement key… It provides hardware root of trust otherwise known as a known secure starting point
29
In addition to encryption, secure boot and remote attestation, what other services does TPM provide
It can generate store and protect other keys used for encrypting and decrypting discs
30
What is a removable or external device that can generate, store and manage keys used in asymmetric encryption? And how do these differ from a TPM?
A hardware security module HSM.. one of the main differences is that the HSM is a removable or an external device
31
What is a common platform and usage for an HSM?
A high performance server will use HSM to store and protect keys
32
What is the name of the card that includes an HSM?
A microSD HSM
33
What is the process of retiring and cleaning of hardware via established procedures, and guidelines called?
Decommissioning
34
What is the unauthorized transfer of data outside an organization called? And what do organizations do to block and prevent this loss of data?
#DATA X filtration… Data loss prevention, DLP techniques and technologies…
35
what are some examples of DLP techniques?
Blocking the use of USB flash drives, controlling the use of removable media, and examining outgoing data transfers
36
In addition to #DATA, what else can DLP Systems scan? Can DLP scan encrypted data.
Emails, FTP and HTTP traffic… no, but they can be configured to look out for outgoing encrypted data
37
What are the two primary methods of protecting the confidentiality of data? What is used to encrypt individual fields within a database called?
Encryption and strong access control… database column encryption
38
What are the two options for database encryption?
Full database encryption and column or row encryption
39
What refers to data that is currently being processed or access by system or application?
#DATA in use
40
What is a type of security technology that provides a secure and isolated area within a system or application for processing sensitive data called?
Secure enclave, also known as trusted execution environment TEE
41
What are the three main cloud delivery models?
Software as a service, platform as a service, infrastructure as a service
42
Which cloud delivery model includes any software or application provided to us users over a network such as the Internet?
Software as a service
43
Which cloud delivery model provides customers with a pre-configured computing platform they can use as needed? And what is another name for this?
Platform as a service… a managed hardware solution
44
What are some of the features that platform as a service provides?
Installed operating system, a core software package for web servers, antivirus software and spam protection
45
What is the cloud delivery model that allows an organization to outsource its equipment requirements, including the hardware and all support operations? What is another name for this?
Infrastructure as a service… a self managed platform
46
What are the four cloud deployment models?
Public cloud, private cloud, community cloud, hybrid cloud
47
Which of the cloud models make services available to any customer who wishes to use them?
Public cloud
48
Which of the cloud models are available for only one organization?
Private cloud
49
Which of the cloud models allows, two or more organizations with shared concerns to share the cloud?
Community cloud
50
And what cloud model is a combination of two or more different cloud deployment models?
Hybrid cloud
51
What cloud system combines the resources from two or more cloud service providers? What is it an advantage and what is a disadvantage of these?
Multi cloud system… an advantage is that it increases resiliency and redundancy…. He disadvantage is that it adds cost and increases the risk of mistakes.
52
What is a software component that gives developers access to features or data within another application service or operating system called?
An application programming interface API
53
True or false APIs are susceptible to attacks?
True
54
What are three things that developers need to address in order to ensure that their API is not vulnerable to common exploits?
Authentication, authorization, transport level security
55
What are code modules designed to do one thing very well? They are typically small code modules that receive values, process them, and respond with an output.
Micro services
56
What is a difference between an API and a microservice?
An API is generally tied to a specific business whereas a micros service is not
57
What is a third-party vendor that provides security services for smaller companies called?
A managed security service provider MSSP
58
What is a vendor that provides any IT services needed by an organization called
A managed service provider MSP
59
What is the entity that offers one or more cloud services via one or more cloud deployment models called?
A cloud service provider, CSP
60
In a cloud environment, what is the software called that is added to an operating system to extend its basic capabilities called?
Middleware
61
Within the cloud models, from least responsible to most responsible for customers, what are they?
Software as a service platform as a service, infrastructure as a service
62
What are the six cloud security issues that an organization needs to consider when picking a CSP?
Availability, resilience, cost, responsiveness, scalability, segmentation
63
Which of the cloud security issues indicates a system or service remaining operational with almost 0 downtime? And how is it typically achieved?
Availability… By using multiple load balancing notes
64
Which of the cloud security issues refers to the ability of a system to maintain its functionality, even when faced with adverse conditions or unexpected events? And how is this achieved?
Resilience… By implementing redundancy and fail over mechanisms
65
Which of the cloud security issues refers to the speed with which a cloud service can respond to request and perform tasks? And how is this typically achieved?
Responsiveness… By using cashing, load balancing and other techniques
66
Which of the cloud security issues refers to the ability of a cloud service to handle increased amounts of data, traffic, and other user requests without degradation and performance, and how is this achieved?
Scale ability… It is achieved through the use of elastic computing resources and auto scaling mechanisms that can dynamically all allocate resources
67
Which of the cloud security issues refers to the isolating of sensitive data and applications from other parts of the cloud network?
Segmentation
68
In this type of cloud solution, the organization retains complete control over all the cloud-based resources, including any data stored?
On premises
69
With this cloud security control,
This is a software solution or service deployed between an organizations network and the cloud provider, it provides security by monitoring traffic and enforcing security policies?
Cloud access security broker CASB
70
With this cloud security control,
What can enforce security policies for data stored in the cloud such as ensuring that PII data is encrypted?
Cloud based DLP
71
With this cloud security control, this is a combination of a proxy server and a stateless firewall and it filters traffic to prevent threats from infiltrating the network? what are some of the services provided by it?
Next generation secure web Gateway… URL filtering, packet filtering, malware, detection, DLP, sandboxing
72
What offers you the ability to write cloud firewall rules that affect only your resources?
Security groups
73
This refers to managing and provisioning data centers with code to define VM’s and virtual networks. It reduces complexity of creating virtual objects by allowing administrators to run a script to create them, which are also reusable?
Infrastructure as code IAC
74
This is a cloud solution that uses virtualization technologies to route traffic instead of using hardware, routers and switches?
Software defined networking
75
What is an SDN on a wide area network to connect different sites together called?
Software defined wide area network SD-WAN
76
What is the practice of storing and processing data on a single node or device that is close to the device that generate and uses the data? And what is using a network close to that device that may have multiple node sensing and processing data within this network called
Edge computing…fog computing
77
What is a knot for profit member-based organization that promotes best practices related to the cloud?
The cloud security alliance CSA
78
What is it called when a corporation purchases and issues devices to employees but allows them to be used for personal activities. In addition to work?
Corporate owned personally enabled COPE
79
What are the two own your own device policies that organizations use for employees connecting wireless devices to their network ? Which one is a bit more safer for the organization?
Bring your own device BYOD and choose your own device CYOD… CYOD
80
What are the three methods that mobile devices used to connect to networks and other devices?
Cellular, Wi-Fi, Bluetooth
81
What tool helps enforce security policies on mobile devices?
Mobile device management MD M
82
What are four hardening techniques for mobile devices?
Storage segmentation, containerization, full device encryption, using strong encryption
83
This MDM solution can restrict what applications can run on mobile devices?
Application management
84
This MDM solution protects the device against loss of confidentiality?
Full device encryption
85
This MDM solution Isolates data stored on the device?
Storage segmentation
86
This MDM solution ensures that only appropriate stuff is stored In a segmented storage space?
Content management
87
This MDM solution isolates and protects the application, including any of its data?
Containerization
88
This MDM solution employees a something you know by the user?
Passwords and PINs
89
This MDM solution send a signal to a lost or stolen device to race all of its data?
Remote wipe
90
This MDM solution can help locate a lost or stolen device?
Geolocation
91
This MDM solution create a virtual fence or geographic boundary and can be used to detect when a device is within an organizations property?
Geo fencing
92
This MDM solution add geographical data to file such as pictures?
GPS tagging
93
This MDM solution uses multiple elements to authenticate a user and a mobile device?
Context aware authentication
94
What refers to removing all software restrictions from an iPhone device? And what is the process of modifying an android device to give the user root level access to the device?
Jailbreaking and rooting
95
What is the firmware on a mobile device? and how is the firmware updated?
The onboard memory which stores the operating system, known as flash memory it retains data without power… it uses over the air update techniques OTA
96
What is another way to overwrite a mobile devices firmware?
With custom firmware
97
Another way to install application on android devices by copying an application package in the application packet kit format, and activating it?
Side loading
98
A mobile device manager can limit these two pieces of hardware on a mobile device to eliminate the risk of spying via the device?
Disabling the camera and microphone
99
What to methods allow devices to access the Internet and bypass network controls?
Tethering and mobile hotspots
100
What is a standard that allows devices to connect without a wireless access point or wireless router?
Wi-Fi direct
101
True or false MDM tools can block access to devices using tethering mobile hotspots or Wi-Fi direct to access the Internet
True
102
What is any device that has a dedicated function and uses a computer system to perform that function? What are some examples of embedded systems?
An embedded system… medical devices, automobiles, aircraft, and unmanned aerial vehicles
103
What is the wide assortment of technologies that interact with the physical world that commonly have embedded systems and typically connect to a central device or app and communicate via the Internet?
Internet of things IoT
104
What refers to systems within large facilities such as power plants or water treatment facilities?
An industrial control system I see S
105
What type of system has embedded systems that control an ICS?
A supervisory control and data acquisition system SCADA
106
This key component of embedded systems integrates many components of a computer system onto a single chip, including the processor, memory input output, interfaces, and other components?
System on a chip SOC
107
This key component of embedded systems is a specialized operating system design for embedded systems that requires precise timing, real time scheduling, and deterministic behavior?
Real time operating system RTOS
108
What hardening technique is effective for embedded systems, Internet of thing devices and ICS/SCADA systems?
Placing them on a segmented network where they are tightly locked down and protected from external attack
109
What are some of the constraints that limits the use of embedded systems?
Limited computing ability, cryptographic limitations, power, limitations, ease of deployment, cost, and ability to patch/patch availability
