Architecture and Design

Question 1

The primary reason nicknames are not allowed in naming conventions?

Answer 1

Is because they do not properly identify the user and make the user’s actions more anonymous and less auditable.

Question 2

What is a honeynet?

Answer 2

It is a group of honeypots that mimic the functionality of a network. Once the honeynet has been penetrated by the attacker, administrators can observe the actions and gather information on the event.

Question 3

What is a honeypot?

Answer 3

It is a server that is intentionally left open or available, so that an attacker will be drawn to it versus a live network.

Question 4

What is a mantrap?

Answer 4

is a physical security control designed to control access to secure areas. Mantraps provide the capability to lock a single person in an area if needed.

Question 5

What is a cold site?

Answer 5

A cold site is an alternate location where a network can be rebuilt after a disaster has occurred. A cold site can take some time to implement, as systems and assets (including data) are not readily configured and available for full use.

Question 6

What is a warm site?

Answer 6

A warm site is a dormant alternate location, or a location that performs noncritical functions under normal conditions, but can be rapidly converted to a main operations site with minimal effort.

Question 7

What is a hot site?

Answer 7

A hot site is a fully configured alternate network that can be quickly brought online after a disaster. With a hot site, systems and data are usually up-to-date.

Question 8

What is a standard naming convention?

Answer 8

A standard naming convention is a defined set of rules for choosing the character sequence to be used for identification in coding. A standard naming convention reduces the effort in code reviews and programming error.

Question 9

What is Code signing?

Answer 9

Code signing is a certificate-based digital signature to sign executables. It proves authentication and integrity but is not applicable to this situation.

Question 10

What is a Hardware Security Module (HSM) ?

Answer 10

A Hardware Security Module (HSM) is a device used to generate, maintain and store cryptographic keys. It can be an external device and can easily be added to a system. The HSM will maintain the integrity of the key.

Question 11

What is a The Trusted Platform Module (TPM)?

Answer 11

is a hardware-based encryption solution that is embedded in the system and provides secure key storage for full disk encryption.

Question 12

What is a hardware root of trust?

Answer 12

Is a known secure starting point by embedding a private key in the system. The key remains private until the public key is matched.

Question 13

What is “data at rest”?

Answer 13

Means that the data is in some sort of persistent storage media. Examples of data include financial information stored in databases, archived audiovisual media, system configuration data, etc.

Question 14

What is “data in transit”?

Answer 14

Is when data is transmitted over a network. The data can be sent over the WAN to its final location through a VPN.

Question 15

What is “data in use” state?

Answer 15

It’s present in volatile memory, such as system RAM or CPU cache. Examples of types of data may be an open document in a word processing application or a database data that is currently being modified.

Question 16

What is Tokenization?

Answer 16

is a database de-identification method where all or part of data in a field is substituted with a randomly generated token. The token is stored with the original value separate to the production database.

Question 17

What does Data sovereignty describe?

Answer 17

Data sovereignty describes the sociopolitical outlook of a nation concerning computing technology and information.

Some nations may respect data privacy more or less than others. Care needs to be considered when storing such data.

Question 18

How many characters are in md5 hash?

Answer 18

32

Question 19

What is Software Defined Network (SDN)

Answer 19

It separates data and control planes in a network. It uses virtualization to route traffic to its intended destination, instead of using proprietary hardware.

Question 20

What is edge computing?

Answer 20

It’s a distributed model that is accomplished at or near the source of the data where it is needed. These devices perform early processing of data to and from edge devices to enable prioritization.

Question 21

What is Fog computing?

Answer 21

Fog computing is the placement of a node or nodes for processing resources close to the physical location of Internet of things (IoT) sensors.

The fog node prioritizes traffic, analyzes and remediates conditions, and backhauls remaining data to the data center for storage and analysis.

Question 22

What is Virtualization sprawl?

Answer 22

Virtualization sprawl is a phenomenon that occurs when the number of VM’s on a network reaches a point where the administrator can no longer manage them effectively.

Question 23

What is Type 1 hypervisor?

Answer 23

Type 1 hypervisors run directly on hardware system hardware. They do not require operating system involvement.

Question 24

What does Platform as a Service (PaaS) provide?

Answer 24

Platform as a Service (PaaS) provides pre-configured environments for developing and managing environments. The service provides on-demand computing.

Question 25

What is Elasticity?

Answer 25

Elasticity is the ability to resize an environment based on the load. Elasticity is a part of virtualization and can reduce costs. A user can increase or decrease resources as necessary. It is commonly used with cloud technologies.

Question 26

What do Integrity measurements do? (network)

Answer 26

Integrity measurements are done to identify baseline deviations. Automated tools continuously monitor the system for any baseline changes. If changes are found, Group Policy will force the system back to its original state.

Question 27

What is Continuous deployment?

Answer 27

Continuous deployment is the process of delivery of software to a production environment using automation, which reduces the software development lifecycle.

Question 28

What is Continuous delivery?

Answer 28

Continuous delivery is an agile software engineering approach that allows for the building, testing, and releasing of software with greater speed and frequency. This provides the customer a continuous product.

Question 29

What is Continuous integration?

Answer 29

Continuous integration is the process of merging code changes into a central repository where the software is then built and tested on a continuous basis in development.

Question 30

What is DevSecOps?

Answer 30

DevSecOps is an agile-like process that continually focuses on security. It also demands continuous interaction between stakeholders but keeps security as a focus throughout the development.

Question 31

What is Normalization in databases?

Answer 31

Normalization is used to optimize database performance by removing duplicates, use of primary keys, and related data contained in separate tables.

Question 32

What is Server-Side Validation?

Answer 32

Server-side validations occur on the web server or back-end and take more time to complete. Validation on the server side is more secure than client-side validation.

Question 33

What does Version Control do?

Answer 33

Version control tracks the versions of software in real-time. It will record who has accessed the code, and what was changed. Version Control also allows for rollback if necessary.

Question 34

What is Change management?

Answer 34

Change management is a process that follows a change to a system from identification to implementation. It is used for controlled identification and implementation of required changes within a computer system.

Question 35

What is Provisioning?

Answer 35

Provisioning is the process of procuring, configuring and making available, an application or system on certain services. Provisioning an application allows it to run on its intended platform.

Question 36

What is Security Automation?

Answer 36

As new code is introduced to an application, security testing is important to check for bugs and vulnerabilities. Automating security testing ensures defects are not introduced in systems.

Question 37

What are the ateps Software Development Life Cycle (SDLC) of a project?

Answer 37

The software development lifecycle (SDLC) of a project consists of the following attributes: defining requirements, design, implementation, verification, and maintenance.

Question 38

What is Model verification?

Answer 38

Model verification is testing to ensure the software meets the customers functional and physical requirements.

Question 39

What are Stored Procedures?

Answer 39

A stored procedure is a set of Structured Query Language (SQL) statements stored in a database as a group, so it can be reused and shared by multiple programs. Stored procedures can validate input.

Question 40

What is a State Table?

Answer 40

A state table contains information about sessions between network hosts. This type of data is gathered by a stateful firewall.

Question 41

What is Scalability?

Answer 41

Scalability is the capacity to increase the workload on current resources.

Question 42

What can we say about Iris scanning?

Answer 42

Iris scanning can be implemented in higher-traffic areas, where throughput is a concern. At the same time, accuracy is high, while ease of spoofing is fairly low. The enrollment process for employees is less intrusive than retinal scans.

Question 43

What can we say about Retinal scanners?

Answer 43

Retinal scanners are intrusive, complex and expensive. They are not the best option for high-traffic areas, such as airports.

Question 44

Name a situation in which Voice recognition would have a disadvantage?

Answer 44

Voice recognition would be too difficult to implement in a situation with high levels of ambient noise in a busy place like an airport.

Question 45

What can we say about Fingerprint scanners?

Answer 45

Fingerprint scanners offer ease of enrollment, but in this high traffic area, it would be difficult to ensure the scanner remains clean and dry for hundreds of employees. relatively easy to forge and has stigma to criminal activity.

Question 46

Time synchronization do for One time Passwords?

Answer 46

Time synchronization adds an additional layer of safety, with time-based one-time password algorithm (TOTP). Devices must be synchronized to the server so the timestamp is accurate and timing algorithm on the OTP is activated at the appropriate time, when the OTP is issued.

Question 47

How do Signature recognition technologies match how the user applies their signature?

Answer 47

Signature recognition technologies match how the user applies their signature, analyzing aspects such as stroke, speed, and pressure, making it more difficult to spoof than a simple forgery.

Question 48

What can we say about Point-by-point signature matching?

Answer 48

Point-by-point signature matching only measures how consistent a signature is with a template signature, and as a result, could be easily forged.

Question 49

What is Pattern matching technology?

Answer 49

Pattern matching technology is associated with typing as a behavioral technology, matching the speed and pattern of user input.

Question 50

What is crossover error rate? What is it important for?

Answer 50

The crossover error rate is where false rejection rate and false acceptance rate meet. This figure is important for optimizing and fine-tuning the biometric system.

Question 51

What is Throughput in biometrics?

Answer 51

Throughput is an important consideration in the location a biometric scanner is installed, as chokepoints could become an issue in areas of high traffic, causing other security issues.

Question 52

What is False acceptance rate?

Answer 52

False acceptance rate is the rate at which a system lets unauthorized users in, which constitutes a security breach.

Question 53

What is a type II error or false positive? what is it measured by?

Answer 53

A type II error is also known as a false positive, measured by the False Acceptance Rate (FAR). This is the rate at which unauthorized personnel gain access to the secure facility. This number must be minimized.

Question 54

What is Revocability in Biometrics?

Answer 54

Revocability is an issue with all biometric factors, but because fingerprint scanning technology is cheaper in comparison to other technologies, accessing and revoking certificates is also easier to do.

Question 55

What is a Distinguished Name (DN)

Answer 55

Directory Services provide privilege management and authorization to a network by storing user information such as groups, roles, and services allowed into a Distinguished Name (DN). Directory services are used to structure user management and implement access security

Question 56

What is Rule-based access control (RBAC)?

Answer 56

Rule-based access control (RBAC) is an access control model that is based upon a predefined set of rules and instructions, such as Access Control Lists (ACL) to grant access to a system.

Question 57

What is Credential management?

Answer 57

Credential management is the use of a collection of user information that provides the identity of a user combined with a password.

Question 58

What is rate of return (RoR)

Answer 58

is considered the net gain or loss of an investment over a specified period of time and generally expressed as a percentage of the initial cost.

Question 59

What is Clustering?

Answer 59

Clustering provides for high availability for servers and can remove the single point of failure. Clustering is similar to load balancing but is more costly than RAID implementations.

Question 60

Define Redundant array of inexpensive disks (RAID)-10? Minimum disks requirements?

Answer 60

Combines mirroring and striping in a single system. It delivers better write performance than any other RAID level providing data protection. RAID 10 requires a minimum of four disks.

Question 61

Define RAID-6

Answer 61

RAID-6 requires four disks and can survive a failure on two.

Question 62

Define RAID-1

Answer 62

Provides data that is written to two disks simultaneously, providing redundancy in the event one disk fails.

Question 63

What is Control Diversity?

Answer 63

Control diversity includes the use of multiple control types such administrative, technical and physical. This can include security guards (physical), IDS or Intrusion Detection System (technical), and penetration testing (administrative).

Question 64

What is Active-Passive?

Answer 64

is a failover solution and not a security control.

Question 65

What is Single-layer security?

Answer 65

Single-layer security is the use of a single control to protect assets. Using two separate vendors for the firewalls makes this scenario diverse.

Question 66

Installing and manage embedded systems and Internet of Things (IoT) come with a set of operational constraints. What are some of those constraints that would affect the security of those devices ?

Answer 66

Implied Trust, Crypto (Cryptographic identification) and Authentication ( or lack thereof)

Question 67

What is Zigbee? What frequency does it use? What kind of limitation doesn't have?

Answer 67

Zigbee is a wireless communications protocol used primarily for home automation. Zigbee is an open source solution that uses 2.4 GHz frequency band. It has no communication hop limitation with multiple devices in a singular network

Question 68

What is Narrowband-IoT (NB-IoT) ?

Answer 68

Narrowband-IoT (NB-IoT) is a type of baseband radio that has limited data rates between 20 to 100 Kilobits per second (Kbps). This is more suitable for inaccessible locations that require signal penetrating power.

Question 69

What is LTE Machine Type Communication?

Answer 69

is a type of baseband radio that supports cellular network bandwidth of up to 1 Megabit per second (Mbps).

Question 70

What is Audrino and Raspberry Pi

Answer 70

They are examples of a SoC board that was initially devised as an educational tool. It is now widely used for industrial application and hacking.

Question 71

What is Real time operating system (RTOS)?

Answer 71

Real time operating system (RTOS) is a type of embedded system that operate devices that perform acutely time-sensitive tasks. These are not made for educational purposes.

Question 72

What is a Faraday Cage ?

Answer 72

A Faraday Cage is used to block electromagnetic, radio frequencies and electrostatic signals. The enclosure can keep signals out and block them from going into the secure area providing a physical security layer.

Question 73

What are "Hot and cold aisles"?

Answer 73

Hot and cold aisles are arranged with all the hardware expelling heat toward one aisle where the exhaust vents are placed. The other side of the aisle is designated for cool air. Avoiding the mixture of warm and cold air helps to improve the efficiency of the entire operation and reduce costs.

Question 74

What is Ad Hoc?

Answer 74

An Ad Hoc zone is created when two or more wireless devices connect to one another creating an on-demand network.

Question 75

What is Degaussing ?

Answer 75

Degaussing involves exposing magnetic media, such as hard disks or tapes, to a powerful electromagnet which disrupts the magnetic pattern that stores the data on the disk surface. This effectively "erases" the media.

Question 76

Provide Examples of Stegnography...

Answer 76

Embedding a watermark using the design and color of bank notes is an example of steganography. This method is employed by the Counterfeit Deterrence System (CDS) and can be used for anti-counterfeiting efforts. Encoding messages within TCP packet data fields to create a covert message channel is an example of steganography. Changing the least significant bit of pixels in an image file (the cover file) is another example. This can code a useful amount of information, without distorting the original image noticeably.

Question 77

How does cryptography assist having in resiliency? which mean compromise of one system doesn't compromise the whole?

Answer 77

A system is resilient if it prevents a compromise of a small part of the system compromising the whole system. Cryptography assists this goal by ensuring the authentication and integrity of messages delivered over the control system.

Question 78

What is the art obfuscasion?

Answer 78

The art of obfuscation is making messages difficult to understand. This can be implemented with computer code, however, sometimes even the computer may not be able to read it.

Question 79

Describe what Launching a side channel attack means?

Answer 79

Launching a side channel attack means monitoring things like timing, power consumption, and electromagnetic emanation. These have a physical relation.

Question 80

What is Operating system (OS) fingerprinting?

Answer 80

Operating system (OS) fingerprinting is a method used by Nmap to probe hosts for running OS type and version, and even application names and device type (e.g., laptop or virtual machine).

Question 81

What is Elliptic Curve Cryptography (ECC)? What is it better than? how does it's key length affect it?

Answer 81

Elliptic Curve Cryptography (ECC) is a trapdoor function used to generate public/private key pairs. Even at smaller key lengths, it is comparable to other asymmetric encryptions using larger key bits such as RSA using 2048-bit keys. A large key size will work with elliptical curve, but it will become slower. In this case, the application worked faster due to the smaller key size that can be used.

Question 82

What is a A secure hash, for example, like Secure Hash Algorithm (SHA) used for?

Answer 82

A secure hash, for example, like Secure Hash Algorithm (SHA) are used to create a message digest. It is a one-way cipher. It is mostly used for integrity and passwords.

Question 83

What is A session key ?

Answer 83

A session key is a secret key that is either shared or known by some secure means that is used in Secure Sockets Layer/Transport Layer Security (SSL/TLS) with RSA.

Question 84

What is Ephemeral key? How many keys per session?

Answer 84

Ephemeral key is the main component of ECDHE that gives it perfect forward secrecy. There is a different secret key for each session during transport.

Question 85

What is ECDHE (ECC with D-H ephemeral mode)?

Answer 85

ECDHE (ECC with D-H ephemeral mode) uses ephemeral keys for each session which provide perfect forward secrecy. It is a step above security for regular ECC, and better than RSA's algorithm.

Question 86

What can you say about Elliptic curve cryptography (ECC)? ... It's better than which algorithm? What's a common problem with ECC?

Answer 86

Elliptic curve cryptography (ECC), although better than RSA's algorithm, has the problem that a compromise of its encryption keys will affect all communications.

Question 87

What is Rivest, Shamir, Adleman (RSA) algorithm and what is it used for?

Answer 87

RSA is an asymmetric algorithm used to create digital signatures. It can be used to encrypt short messages. Rivest, Shamir, Adleman (RSA) is widely deployed as a solution for creating digital signatures and key exchange. Client browsers support RSA.

Question 88

Under what conditions can ECDHE work? Otherwhise what should be used instead?

Answer 88

ECDHE will only work if both client and server support the same PFS-compatible suite or ephemeral keys. Otherwise, Elliptic Curve Diffie-Hellman (ECDH) without Ephemeral should be used.

Question 89

What is Keystreching What does adding salt do? What algorithms does key stretching use?

Answer 89

Key stretching is creating a key using thousands of rounds of hashing. Adding a salt in the hashing process makes the hash or key much stronger. Uses Secure Hash Algorithm (SHA) its the second part of key stretching.

Question 90

What is Symmetric encryption?

Answer 90

Symmetric encryption is a two-way encryption algorithm in which encryption and decryption are both performed by a single secret key.

Question 91

What is RC4?

Answer 91

RC4 is a stream cipher meaning each byte or bit of data in the plaintext is encrypted one at a time. is not block cypher.

Question 92

What is 3DES? What is an attribute of 3DES?

Answer 92

3DES is a block cipher. n a block cipher, the plaintext is divided into equal-size blocks (usually 64- or 128-bit). Each block is then subjected to complex transposition and substitution operations, based on the value of the key used. It uses 64-bit blocks and a 56-bit key, but the plaintext is encrypted three times using different subkeys.

Question 93

What is Advanced Encryption Standard (AES)? Whats is it faster and more secure Than? How about only more secure than? What is it compatible with?

Answer 93

The Advanced Encryption Standard (AES) is a 128 bit symmetric block cipher and key sizes of 128, 192, or 256 bits. It is faster and more secure than 3DES.It's more secure than than RC4 and compatible with TLS

Question 94

What is Electronic Code Book (ECB)? What does it do? What is it faster than?

Answer 94

Electronic Code Book (ECB) is a mode operation that will process the encryption in blocks using the same key and . This is the simplest mod, and operates faster than CBC.

Question 95

What is Cipher Block Chaining (CBC)? What happens to the output of the first ciphertext block? What can you say about this process?

Answer 95

Cipher Block Chaining (CBC) is a mode of operation utilizing an Initialization Vector (IV). The output of the first ciphertext block is combined with the next plaintext block, and repeats. This is processing intensive and must run serially, hindering performance.

Question 96

What is Digital Signature Algorithm DSA? Who is it used by? What does it adopt Where does it use keys from? similar to what?

Answer 96

Digital Signature Algorithm (DSA) is an asymmetric algorithm used by NIST that adopts ElGamal's algorithm. It uses the private and public keys from Diffie-Hellman in a similar way to RSA key pairs.

Question 97

What is Data Encryption Standard (DES)?

Answer 97

is a symmetric block cipher using 64-bit blocks and a 56-bit key. 3DES (Triple DES) is where the plaintext is encrypted three times using different subkeys.