All domains Flashcards
(171 cards)
1
Q
Kerckhoff’s principle
A
Crypto system must be secure even if crypto algorithm is public
2
Q
Which crypto principles does IPSEC provide?
A
Confidentiality
Integrity
3
Q
In what state does a processor’s scheduler place a process when it is prepared to execute but the CPU is not currently available?
A
Ready state
4
Q
Processor Running State
A
Process is executing on the CPU
5
Q
Process: Waiting State
A
Process is blocked waiting for an external event
6
Q
Process: Ready State
A
Process is prepared to execute but the CPU is not available
7
Q
Process: Stopped state
A
Used when a process terminates
8
Q
Maintenance hook
A
Backdoor created by developers
9
Q
Substitution cipher examples
A
AES, 3DES
10
Q
Transposition cipher
A
One for one replacement of letters. Defeated by frequency analysis.
11
Q
Data custodian
A
Implements security controls defined by policy and mgmt. Authority delegated from data owner.
12
Q
Data custodian responsibilities
A
Validating data integrity
Testing backups
Implementing controls defined by policy
13
Q
Data Purging
A
Removing data so it cannot be reconstructed. Ex. DBAN
14
Q
Device sanitization
A
All of the processes used to remove data.
“Defensible Destruction”
15
Q
4 Goals of Crypto
A
CAIN
Confidentiality
Authentication
Integrity
Non-repudiation
16
Q
C
A
I
N
A
Confidentiality
Authentication
Integrity
Non-repudiation
17
Q
Which backup type does not clear the archive bit?
A
Differential
18
Q
Incremental backup
A
Backs up all data since previous backup
19
Q
Differential backup
A
Backs up all data that changed since last full backup
20
Q
Which backup type uses fewer tapes to restore?
A
Differential
21
Q
Which backup type uses more tapes to restore?
A
Incremental
22
Q
Which backup type is faster to restore?
A
Differential
23
Q
Opposite of CIA
A
DAD
Disclosure
Alteration
Destruction
24
Q
Which law protects trade secrets?
A
Economic Espionage Act
25
Covert timing attack
Modulating some aspect of system behavior over time.
Inference attack
26
Confinement aka...
Sandbox
27
Data steward
Ensures governance/compliance.
Manages data from business perspective.
28
Audits provide...
Assurance
29
Due Diligence
Assurance we're doing the right thing.
Evidence that due care is working.
30
Due care
Doing the right thing.
31
Intangible asset valuation aka...
Intellectual property
32
Copyright length for software
95 years
33
Copyright length for creative expressions
70 years
34
Wassenaar Agreement
Covers weapons or dual use technologies (high encryption, VPN, etc.)
35
OECD
Oversees financial cooperation between nations
36
ISC Code of ethics (4)
1. Protect society
2 Act legally
3. Provide competent service
4. Advance the profession
37
SPML purpose
Provides service, user, and resource provisioning between organizations
38
Which is an OASIS standard markup language?
SPML
39
SAML purpose
Exchange authentication and authorization data
40
XACML purpose
Describe access controls
41
What do digital signatures provide TLS?
Authentication
42
Acceptable humidity levels
40%-60%
43
What type of packet does ping flood use?
ICMP echo request
44
RESTful, JSON-based authentication protocol
OpenID
45
Which two protocols are paired to provide identity verification and basic profile information?
OpenID
OAuth
46
Most effective defense against XSS attacks?
Input validation
47
What does an incipient fire detection system use to identify fires?
Air ionization
48
In what stage of the ISC2 incident response process does remediation occur?
Remediation
49
Take-grant security model
Used to assign-revoke rights.
Confidentiality
50
In what phase of the IR process are processes analyzed for potential improvements?
Lessons learned
51
Misuse case testing
Testing how a system can be misused
52
Can serial data over TCP/IP be encrypted?
Yes
53
Fagan
Highly structured code inspections
54
Pair programming
Two developers. One writes code while both discuss the coding process.
55
Which has higher availability? Cloud or Hybrid cloud?
Hybrid Cloud
56
SMURF attack traffic type
ICMP echo replies
57
What can be used to prevent DOS attacks?
Filtering
58
What do PPTP and L2F have in common?
They are IP protocols
59
Protocol for non-IP based VPN's
L2TP
60
Civilian classification levels (3)
Confidential/Proprietary
Private
Sensitive
61
What testing methods are used in static analysis?
Walkthroughs
Sanity checks
Syntax checks
Logical code reviews
62
vlan hopping attack
Jumping vlans via the trunk by double tagging 802.1q frames
63
IR Phases (7)
Detection
Response
Mitigation
Reporting
Recovery
Remediation
Lessons Learned
64
What are code words for?
Shorten, hide, or clarify a message.
65
Characteristic of circuit switched networks
Dedicated between two endpoints
66
Cell switched network example
ATM
67
TGS: Ticket Granting Service
Receives TGT. Validates TGT and user rights. Then issues a ticket and session keys.
68
Difference between sampling and clipping in log review.
Sampling uses statistical techniques.
Clipping uses thresholds
69
Cognitive passwords
Passwords that are answers to a series of questions
70
Multistate systems
Handle data from different security classifications
71
Incremental backup backs up...
Files changed since last backup
72
Identity as a service
Third party identity service
73
OpenID vs. OAuth
OpenID: Authentication
OAuth: Authorization
74
Netflow records
Contain every network communication session
75
What does IDS record?
Detections
76
What two logical network topologies can be physically implemented as a star topology?
Bus
Ring
77
Preaction steps
Fill with water when fire is detected
Dispense water when heat sensors trigger
78
What does ESP encrypt?
IP packet data, but not the header
79
Exposure factor is...
Percentage of asset loss
80
Exposure factor calculation
SLE x Asset Value=Exposure Factor
81
ARO less than one
Percentage less than 1. 1 represents 100%.
82
ALE calculation
SLE * ARO = ALE
83
First step in the User provisioning process...
Enrollment (registration)
84
Which security framework is an "appraisal"
CMMI
85
Clark-Wilson goal
Prevent fraud
86
Security model that uses transformation procedures and integrity verification procedures
Clark-Wilson
87
Security model that uses access-control triple
Clark-Wilson
88
Brewer-Nash Confidentiality model purpose
Conflicts of Interest
Separation of Duties
89
Lipner model
Bell & Biba combined
90
Bell LaPadula
Write Up, Read Down
Confidentiality
91
Protection Profile
Common Criteria Term
92
Evaluation Assurance Level
Common Criteria Term
93
Target of Evaluation
Common Criteria Term
94
Security Target
Common Criteria Term
95
Security kernel protects...
The TCB
96
Stream cipher
Encrypts data-in-transit
97
Block ciphers encrypt...
Data in transit and data at rest
98
What type of encryption upholds all 4 goals of crypto?
Assymetric
99
IAAA Order
Identify
Authenticate
Authorize
Auditing (always happens)
100
AAA
EAP
PKI
Enterprise
Are all characteristics of...
802.1x
101
How many ISAKMP SA's are created per protocol per connection?
2 (Initiator and responder)
Total 4 for ESP and AH
102
Product certification requirements
Tested by certification authority
Proven to fit security requirements of product owner
103
Product accredited
Data owner has chosen to implement system, even if there are vulnerabilities and risks.
104
Obfuscation type that makes code obscure to computer
Prevention obfuscation
105
Junk Bytes
Converting branches to jsr instructions
Combining try blocks with catch blocks
Prevention obfuscation techniques
106
Lexical obfuscation
Renaming classes, fields, and methods with new identifiers that lack intuitive meaning
107
Control flow obfuscation
Making the application harder to understand/decompile
108
Separating related structures and operations
Grouping unrelated structures and operations
Inserting unused or irrelevant code
Parallel code
Control flow obfuscation techniques
109
Variable modification
Array splitting
Bit shifting
Data obfuscation techniques
110
What type of BC/DR plan includes checklists?
DRP`
111
MTD
Maximum tolerable downtime
112
Circuit-level proxy firewall OSI Layer
Layer 5
113
Packet filter firewall OSI Layer
Layer 3 and Layer 4
114
ALE Caluclation
SLE x ARO
115
Who receives BCP training?
Everyone
116
Best method to sanitize SSD's
Destruction
117
What is a concern with degausing?
Data remanence
118
zzuf
Fuzzer
119
Nikto
Web server scanner
120
Identification
Claiming an identity
121
802.1g Ad-hoc mode
P2P. Directly connects two clients (not through a AP)
122
Wireless stand-alone mode
Wireless network not connected to wired network.
123
Wireless Infrastructure mode
Connect endpoints to a central network. (Normal home wireless setup)
124
Wired extension mode
Connects wired networks via WAPs
125
PAT
NAT with Port numbers
126
Best protection for buffer overflow
Input validation
127
Microsoft SDL Design Phase
Decide how to implement security requirements.
Begin to identify threats.
Attack surface analysis and reduction
Threat modeling
128
CHAP periodically...
reauthenticates users
129
Encryption modes that don't propagate errors
CTR, OFB
130
Weakest encryption mode
ECB
131
Best Encryption modes
1. CTR
2. OFB
132
When should risk transfer occur?
When the cost of insurance is less than the cost of the insured item.
133
Which is slower and cheaper? SRAM or DRAM?
DRAM
134
RAM type that stores more information
DRAM
135
What does SRAM use to store information?
Flip-flops
136
Minutiae refers to...
fingerprints
137
A digital signature encrypts...
the hash of a message
138
Which key is used to sign a message?
Senders private key
139
Which key is used to decrypt email?
Recipients private key
140
Corrective access control
Repair damage after a malicious event
141
CVSS Scoring order
Base
Temporal
Environmental
142
Who issues CVE numbers?
MITRE
143
Determining the cost-effectiveness of mitigating the potential harm or loss to a company
Risk Management
144
RTO
Amount of time to restore without unacceptable impact
145
Type 1 error
Valid subject is not authenticated
146
Type 2 error
Invalid subject is incorrectly authenticated
147
FISMA applies to...
Government contractors
148
Generational fuzzing aka...
Intelligent fuzzing
149
Generational fuzzing relies on...
Data models
150
What must the client perform before it can use the TGT?
Install the TGT
Decrypt the symmetric key using a hash of the users password
151
Database key that corresponds to a key in another table...
Foreign key
152
TCP PSH flag
Used to clear the buffer
153
Keyspace bit calculation
2 to the power of the number of bits
154
AAA protocol that provides authentication to remote devices
RADIUS
155
Access control model with "meaningful" permissions
RBAC
156
What are the two types of physical intrusion detection systems?
Electromechanical
Volumetric
157
Volumetric systems detect...
change to space of an environment
158
Security marking uses...
Human readable security attributes
159
What refers to security attributes for internal data structures?
Security labeling
160
Primary objective of physical security
Protecting peoples safety
161
Which side generates a high number port for a network connection? (Client or Server)
Client
162
MD5 and SHA-1 hash values
MD5: 128
SHA-1 160
163
Negative testing
Sending invalid information to an application
164
Positive testing
Tests if an app is working the way it should
165
CRUD testing
Test that database objects are creted correctly
166
Layer 5 protocols (2)
RPC
PAP
167
Exigent circumstances
Seize evidence without a warrant to protect it
168
Remote journaling
Remote database log
169
Capacitance
Monitors electromagnetic field
170
Abstraction
Hide implantation details for an object from the users of that object
171
Dirty Read
Reading a transaction that did not commit
