Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

PCS CISSP MM, EC, Thor series > all domains - quick learning and terms > Flashcards

all domains - quick learning and terms Flashcards

1
Q

what is OSI layer 1 and what devices are there and protocol data unit (PDU)

A
  1. Physical
  2. PDU - bits
  3. Hubs, repeaters and gateways
  4. 802.11 (wireless family) radio frequency, infrared, microwave, bluetooth
  5. ethernet, wired (twisted, pair, coax, fiber optics, SONET
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is OSI layer 2 and what devices are there and what protocol data unit (PDU), protocols

A
  1. Data
  2. PDU - frames
  3. gateways, switches, Bridges, WAPs
  4. arp, rarp, PPTP, L2TP(vpn tunnels) , ppp (encapsulates IP traffice over analog, provides authentication, encryption (poor) and compression))
  5. authentication protocols pap, chap and eap
  6. FDDI, ISDN,
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is OSI layer 3 and what devices are there and what protocol data unit (PDU), protocols

A
  1. Network
  2. PDU - packets
  3. Routers, gateways and packet filtering firewall
  4. IP, ICMP(ping), IPSEC, IKE, ISAKMP, PING, IGMP IGMP, NAT, SKIP, OSPF (routing protocols)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is OSI layer 4 and what devices are there and what protocol data unit (PDU)

A
  1. Transport
  2. ports 65535
  3. pdu -segments
  4. TCP/UDP and SSL/TLS(used to encrypt http and other data traffic) (makes sure to know tcp/udp nuances)-
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

TCI/IP model layers

A
  1. Application
  2. Transport
  3. internet
  4. Network access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what is the TCP 3 way handshake

A
  1. syn
  2. syn/ack
  3. ack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what does network access layer in TCP/IP model map to in the OSI

A

TCP IP Network layer access maps to physical layer and data layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what does the Internet layer in TCP/IP model map to in OSI

A

Internet maps to the OSI Network layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what does the transport layer in TPC/IP model map to in OSI

A

transport layer maps to the transport layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what does the application layer in the TCP/IP model map to in the OSI model

A

the TCP/IP application layer maps to the OSI session, presentation and application layers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. mnemonic for protocol data units (PDU)
  2. what layer
  3. what are they
A
  1. some people fear birthdays from 4 to 1
    Transport layer - segments
    Network layer - packet
    Data layer - frame
    physical layer - bits
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is OSI layer 5 and what devices are there

A
  1. Session
  2. circuit proxy firewall, gateways, PC’s
  3. socks is an example of proxy firewall
  4. session management capabilities between hosts
  5. remember session information like passwords, so verification does not need to repeat, dialog control
  6. Netbios, SMB, RPC, NFS, and SQL
  7. RPC - remote procudure protocol
  8. attacks – Session hijack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what layer is encryption decrypted

A

layer 6 - presentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. what layers can gateways operate in
  2. what are they also called
  3. what logical function do the perform
A
  1. layers 1-7
  2. protocol translators
  3. they break broadcast and collision domains
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is OSI layer 6 and what devices are there

A
  1. Presentation
  2. coding and conversation functions on application layer data
  3. responsible for “presentation” character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG)
  4. establishes, manages, and terminates communication sessions between presentation layer entities
  5. encryption/decryption
  6. attacks – Phishing - Worms - Trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what is OSI layer 7 and what devices are there

A
  1. Application
  2. application firewalls, gateways, computers
  3. greatest intelligence to make decisions
  4. human computer interaction and where applications can access network services
  5. application firewalls (very intelligent, very advanced decisions like deep packet inspection, slow)
  6. HTTP/S, DNS, SSH, SNMP, LDAP, DHCP, Telnet, POP3 IMAP,
  7. attacks - Phishing - Worms - Trojans
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

what port number and protocol is POP3

A
  1. TCP 110
  2. TLS TCP 995
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

what port number and protocol is SMTP

A

TCP port 25
possibly TCP 587

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

what port number and protocol is IMAP

A
  1. TCP 143
  2. TLS TCP 993
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

what port number and protocol is RDP

A
  1. TCP and UDP 3389
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

what is the DHCP request flow look like

A
  1. discovery
  2. offer
  3. request
  4. acknowledge
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

what transport protocol uses secure shell (SSH) and encrypts both command and data

A
  1. SFTP, built on SSH
  2. uses only 1 port
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

what does ftps offer over ftp

A
  1. secured with SSL/TLS
    2 both still use TCP 20 (data) and 21 (control)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

what port number and protocol is FTP and FTPS

A
  1. TCP port 20 for data
  2. TCP port 21 for control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
what layer of OSI isolates traffic into broadcast domains 1. 4 2. 5 3. 3 4. 1
3 - domain 3
26
what port number is telnet and what protocol
TCP 23
27
what port number is IMAP and what protocol
TCP 143
28
what port number is netbios and datagram and what protocol
TCP and UDP port 138
29
what port numbers and protocol is DHCP
UDP 67 for server UDP 68 for client
30
port number and protocol for LDAP
TCP 389
31
port number and protocol for Kerberos authentication
TCP and UDP port 88
32
port number and protocol for DNS
TCP and UPD port 53
33
port number and protocol for SSH
TCP 22
34
port number and protocol for TFPT
UDP port 69
35
port number and protocol for SNMP
UDP port 161
36
port number and protocol for SNMP(trap)
TCP/UDP 162
37
port number and protocol for TACACS+
TCP/UDP 49
38
port number and protocol for Radius authentication
TCP/UDP port 1812
39
port number and protocol for Radius accounting
TCP/UDP 1813
40
what are the private address ranges
Class A 10.0.0.0 to 10.255.255.255 Class B 172.16.0.0 to 172.31.255.255 Class C 192.168.0.0 to 192.168.255.255
41
Asynchronous Communication transfers data by sending: A. bits of data sequentially B. bits of data sequentially in irregular timing patterns C. bits of data in sync with a heartbeat or clock D. bits of data simultaneously
B. bits of data sequentially in irregular timing patterns
42
cryptography does not help in? 1. detecting fraudulent disclosure 2. detecting fraudulent deletion 3. detecting fraudulent modification 4. detecting fraudulent insertion
1. detecting fraudulent disclosure
43
a momentary power outage is known as which electrical issue 1. fault 2. surge 3. spike 4. blackout
1. fault
44
which set of documents provides technical guidance for software developers and is published by the IETF internet engineering task force 1. ISO standards 2. IETF comments 3. RFC - request for comments publication 4. RFC group standards
3. RFC - request for comments publication
45
which software development model is actually a meta-model that incorporates a number of software development models 1. the critical path model (CPM) 2. the spiral model 3. the modified waterfall model 4. the waterfall model
2. the spiral model
46
Which ones are the placeholders for literal values in a SQL query that is being sent to database on a server? 1. Assimilation variables 2. Reduction variables 3. Blind variables 4. Resolution variables
3. Blind variables
47
similar to secure shell (SSH-2), secure sockets layer(SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses symmetric or public key cryptography for: 1. name resolution 2. server authentication 3. peer authentication 4. peer identification
3. peer authentication
48
What is defined as inference of information from other, intermediate, relevant facts? A. Secondary evidence B. Conclusive evidence C. Hearsay evidence D. Circumstantial evidence
D. Circumstantial evidence
49
Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it? Aggregation Inference Clustering Collision
The Internet Security Glossary (RFC2828) defines aggregation as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it.
50
Which of the following ACID property in DBMS ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other? A. Atomicity B. Consistency C. Isolation D. Durability
Isolation – The isolation property ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other.
51
Which of the following level in CMMI model focuses on process innovation and continuous optimization? A. Level 4 B. Level 5 C. Level 3 D. Level 2
Level 5 is the optimizing process and focus on process innovation and continuous integration.
52
What attack involves the perpetrator sending spoofed packet(s) which contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host? A. Boink attack B. Land attack C. Teardrop attack D. Smurf attack
A land (Local Area Network Denial) attack involves sending a spoofed TCP SYN packet (connection initiation) with the target host’s IP address to an open port as both source and destination. This causes the machine to reply to itself continuously.
53
in terms of risk analysis and dealing with risk, which of the four common ways listed below is the practice of coming up with alternatives so that the risk in question is not realized 1. transference 2. acceptance 3. mitigation 4. avoidance
4. avoidance
54
Identification and authentication are the keystones of most access control systems. Identification establishes: A. user accountability for the actions on the system B. top management accountability for the actions on the system C. EDP department accountability for the actions of users on the system D. authentication for actions on the system
A. user accountability for the actions on the system
55
which security operations position is responsible for examining logs from firewalls and IDS syst5em as as audit logs 1. security engineer 2. access admin 3. security analyst 4. security architect
3. security analyst
56
this position would be responsible for the overall protection of information assets with the company. what position would that be? 1. information systems security manager 2. data owner 3. custodian 4. executive management
4. executive management this would likely be the CISO or COO but both are part of executive management
57
what are the major components of SAML 1. profile, assertions, protocol and binding 2. profile, authentication, attribute and authorization 3. pre-authorization, assertions, protocols and authorization 4. profile, assertions, protocols and authentication
1. profile, assertions, protocol and binding
58
which term is described in the situation that a document is not available, and the court finds the excuse provided acceptable, and the party is allowed to use secondary evidence to prove the contents of the document? 1. exculpatory evidence 2. inculpatory evidence 3. circumstantial evidence 4. best evidence rule
4. best evidence rule
59
Which of the following is needed for System Accountability? Which of the following is needed for System Accountability? A. Audit mechanisms. B. Documented design as laid out in the Common Criteria. C. Authorization. D. Formal verification of system design.
Correct Answer: A Explanation/Reference: Is a means of being able to track user actions. Through the use of audit logs and other tools the user actions are recorded and can be used at a later date to verify what actions were performed. Accountability is the ability to identify users and to be able to track user actions.
60
In which phase of Internet Key Exchange (IKE) protocol is peer authentication performed? 1. Pre Initialization Phase 2. Phase 1 3. Phase 2 4. No peer authentication is performed
2. Phase 1 phase 2 is negotiate IPSec SAs to setup IPSec tunnel
61
which of the following is not a cryptographic attack 1. brute force 2. hybrid cryptosystem 3. frequency analysis 4. rainbow table
2. hybrid cryptosystem wrong answer frequency analysis: In cryptanalysis, frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers
62
what port uses udp port 69 1. sftp 2. tftp 3. scp 4. ftp
2. tftp
63
what is the difference between unit testing and regression testing
unit testing, is testing an individual piece of code. regression testing, focuses on testing the whole software or application functioning
64
what is not a MOM when talking about crimes motivation means opportunity methods
Answer: methods is not part of MOM MOM = motivation, opportunity and means
65
what is DCE
data circuit terminal equipment
66
which of the following device in frame relay WAN technique is a service provide device that does the actual data transmission and switching in the frame relay cloud? DTE DME DCE DLE
DCE
67
which of the following attacks would capture network user passwords sniffing smurfing data diddling ip spoofing
sniffing
68
which of the following tools is used to stress test applications, firewalling and IDS devices by sending large numbers of packets at them including randomly generated and/or malformed packets? wireshark snort ISIC or IP stack integrity checker security onion
ISIC or IP stack integrity checker
69
what is governance
The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles, and procedures the organization uses to make those decisions.
70
what is Identity as a service (IDaaS)
Cloud-based services that broker identity and access management (IAM) functions to target systems on customers’ premises and/or in the cloud.
71
what is Initialization vector (IV)
A non-secret binary vector used as the initializing input algorithm, or a random starting point, for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.
72
what is Key Clustering
When different encryption keys generate the same ciphertext from the same plaintext message.
73
what is Message authentication code (MAC) how do you use it
1. both parties have a shared key 2. both parties agree on the hash they are using 3. sender takes the message and hashes with hash (maybe sha256) and key 4. this creates a MAC or tag 5. sender sends message + tag/mac to other party 6. other party takes the message and hashes with their know key and hash 7. if the their mac/tag is the same as the one they received then they accept the message as not being changed 8. this method does not provide security
74
Oauth 2.0 basic operations
* resource owner - (you the person) * client (the application the wants access or perform actions on behalf of the resource owner) * authorization server - the application that knows the resource owner, where the resource owner already has an account * resource server - the API that client wants to use on behalf of the resource owner (sometimes the same server as the authorization server
75
code vs cipher
* code is not always secret. does not always provide confidentiality * symbols that operate on words or phrases * cipher - always meant to hide the true meaning of a message
76
digital signature standard (DSS) works with 3 algorithms (this is not PKI)
* DSA * RSA * ECDSA
77
what is birthday attack
* looking for collisions in a hash function
78
stream cipher algorithm
* RC4 128 bit
79
only currently used symmetric block cipher
* AES with 128 bit block * key size can be 128, 192 and 256
80
what are the accepted PKI (public key infrastructure) algorithms (this is not DSS (digital signature standard))
* RSA (prime numbers) * El Gamal - extension of Diffie-Hellman * modular arithmetic * Elliptic curve - discrete logarithm problem * more secure comparted to others if both keys are the same length * 256 bit ECC key is roughly the same strength as RSA 2048
81
PKI attributes
* ISO authentication framework * X.509 digital certificate standard * registration authority * certificate authority * certificate revocation (2 ways to accomplish this * certificate revocation list (CRL) * OCSP (online certificate status protocol
82
digital signature process - steps If I am sending you an email message and want to ensure that the message is not tampered with during transit and I also need to confirm you know the message really came from me, I will use a digital signature [https://www.techtarget.com/searchsecurity/feature/CISSP-cryptography-training-Components-protocols-and-authentication#:~:text=Some%20of%20the%20asymmetric%20algorithms,Diffie%2DHellman%20and%20El%20Gamal.](https://www.techtarget.com/searchsecurity/feature/CISSP-cryptography-training-Components-protocols-and-authentication#:~:text=Some%20of%20the%20asymmetric%20algorithms,Diffie%2DHellman%20and%20El%20Gamal.)
* my email client will take my message and pass it through a hashing algorithm * The result of this process is a message digest that is a set of bits (for example, it would be 128 bits if the hashing algorithm [_MD5_](https://www.techtarget.com/searchsecurity/definition/MD5) is used) * My email client then takes my private key and encrypts this message digest value, which results in a digital signature. * This digital signature and my message are then sent to your system. * Your email client takes my public key and decrypts the digital signature and then runs my message through the same hashing algorithm, comparing the hash value I sent with the one your system generated. If the hash values match, your system knows the message has not been modified during transmission. And if your system can decrypt the digital signature with my public key, then your system knows that the message came from me.
83
* remote journaling * less expensive - only worried about transactions * not maintaining a full copy of DB each day * recovery would be - take last backup available, then use the journal information to rerun all the transactions that had not occurred by the time the last backup had occurred * Electronic vaulting * copying the backup locally to a medium such as tape, then copying that to a remote site * need to think of encryption while data is in motion (moving from main site to backup site) * database shadowing * most expensive * mirroring data between sites
84
drive destruction
* clearing - * digitally wiping or overwriting with zeros and ones * least effective * purging * methods like degaussing * destruction * physical destruction - shredding, fire, pulverizing
85
specific techniques to data destruction on storage
* zeroing * erases data on the disk and overwrites with zeros * overwriting * data is written to storage locations that previously held sensitive data * random passes of zeros and ones, no patterns * the number of times this is done, depends on the storage media and sensitivity of data
86
scoping and tailoring
* scoping - considering which security controls apply and what assets they need to protect * tailoring - modifying the set of controls to meet the specific characteristics and requirements of the organization
87
brute force attack - which do they have * plaintext * neither plain or cipher text * both plain and cipher text * ciphertext
* cipher text explanation: attacker will try every key until the cipher text is decrypted
88
known plaintext - what does the attacker have
both plaintext and cipher
89
RSA is susceptible to what * side channel attack * meet in the middle attack * chosen ciphertext * known plaintext
* chose ciphertext explanation: * attacker can use the RSA public key to encrypt plaintext, then decrypt the resulting ciphertext in order to determine patterns * this can be mitigated with random padding
90
SAML components
**1. Client** The user trying to authenticate into a web-based application. **2. Identity Provider (IdP)** The server or authorization authority that the client ultimately authenticates with. It holds the client’s credentials. Example: When you log in to an application using Gmail credentials, Gmail is the IdP. **3. Service Provider (SP)** The web-based application that the client tries to access. Example: When you log in to GitHub using your Gmail credentials, then GitHub is the SP. SPs do not authenticate the user but delegate the task to the IdP. **4. Identity Management Service/Single Sign-On (IDM/SSO) Service** The service that enables communication between the SP with the IdP, allowing clients to access a service using a single account.
91
saml attributes
* SSO * web based authorization * Tokens * XML metadata
92
what does a land attack do
attacker sends a packet with the same source and destination address and port
93
change management steps
* **request the change** - * **review the change** - experts within the org. review the change * **approve/reject the change** - approve or reject based off the review, then record the response in change management documentation * **test the change** - tested on non production server if possible. verify changes do not cause any harm * **schedule and implement the change** - schedule change for the least impact on system and users. give time for rollback if needed. * document the change - update configuration management doc. updated docs ensures that administrators can return systems back to the state they were in if there are unrelated disasters after changes
94
groupings of subjects and objects that have the same security level requirements is what
security domain
95
which of the following prevents accidental data access by ensuring that a class defines only the data that is requires * polymorphism * encapsulation * polyinstantiation * inheritance
encapsulation explanation: * encapsulation ensures that a class defines only the data that it requires. * also known as data hiding, is a characteristic of object-oriented programming
96
which of the following software errors is least likely to produce user visible error message * use of expired session token * unauthorized use of admin privileges * tampering attempts * incorrect for input
tampering attempts explanation: of the available options, tampering attempts are the least likely to produce user visible error messages.
97
what must a user have for all information processed in system high mode
security clearance and access approval
98
what attacks are layer 1 of OSI
Signal Jamming - Wiretapping
99
what attacks are at layer 2 of OSI
Collision - DOS /DDOS - Eavesdropping, arp poison, mac spoofing
100
what attacks are at layer 3 of osi
smurfing flooding - ICMP spoofing - DOS
101
what attacks are at layer 4 of osi
SYN flood - fraggle
102
what attacks are at layer 5 of osi
sesion hijack
103
what attack is at layer 6
Phishing - Worms - Trojans
104
what attack is at layer 7
Phishing - Worms - Trojans

PCS CISSP MM, EC, Thor series (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions