Basic security controls and data

Question 1

What is the DAD triad

Answer 1

Disclosure, Alteration, Denial

Question 2

What is the difference between strategic and operational risks

Answer 2

Strategic risks impact major goals and objectives, operational risks affect daily functions

Question 3

Define physical controls

Answer 3

controls used to limit physical access

Question 4

Define managerial controls

Answer 4

administrative controls associated with security design and implementation

Question 5

Define operational controls

Answer 5

processes put in place to manage technology in a secure manner

Question 6

What are the two mechanisms of action DLP uses?

Answer 6

watermarking- electronic tags applied by administrators
Pattern matching- flagging transmissions based on signs of sensitive information eg Top Secret or social security

Question 7

What is the difference between isolation and segmentation of networks?

Answer 7

Segmented networks allow free communication between devices on the same network but restrict outside communication. Isolated systems are completely cut off from outside networks.

Question 8

What is the difference between agent based and agentless DLP?

Answer 8

Agent based DLP uses software installed on systems and searches them for sensitive information, and blocks undesirable actions.

Agentless DLP is network based and monitors traffic and can block/allow or encrypt transmissions with sensitive data

Question 9

What is an MSP

Answer 9

Managed service providers remotely manage a customer’s IT infrastructure and end user systems

Question 10

What is a threat map

Answer 10

A geographic representation of where cyber attacks originate from

Question 11

What is an API key?

Answer 11

a security token used to authenticate and authorize requests made to an API

Question 12

What is the function of a decompiler

Answer 12

to translate compiled binary code back its source programming language eg Python or Java

Question 13

What do these abbreviations mean in relation to CVSS:
AV
AC
PR
UI
S
C
I
A

Answer 13

Attack vector
Attack complexity
Privileges required
User interaction
Scope
Confidentiality
Integrity
Availability

Question 14

What are these organizations examples of: Ernst & Young, Deloitte, PricewaterhouseCoopers PwC, KPMG

Answer 14

These are four of the biggest external audit firms

Question 15

What are the five steps of the vulnerability lifecycle

Answer 15

Identification, analysis, response and remediation, validation of remediation, reporting

Question 16

What are the eight steps of the SDLC

Answer 16

planning, requirements, design, coding, testing, training and transition, ongoing operations and maintenance, end of life decommissioning

Question 17

What are APIs used for

Answer 17

they are used as interfaces between clients and servers or applications and operating systems

Question 18

What is a file inclusion attack

Answer 18

executing code contained within a file hosted on the victim web server or on a remote server

Question 19

What is a cross site request forgery

Answer 19

Attackers embed code in one website that sends a command to a second website. The attack is only successful if the victim is already logged on to both sites.

Question 20

What is a server side request forgery

Answer 20

tricking a server into visiting a URL to retrieve information

Question 21

what is parameter pollution

Answer 21

sending more than one value for an input variable to bypass security controls

Question 22

what is a memory leak

Answer 22

when an application fails to return memory it no longer needs

Question 23

what is buffer overflow

Answer 23

when an attacker manipulates a program into placing more data into an area of memory than expected

Question 24

define key space and key length

Answer 24

key space is the range of values possible for use as a key, key length is the number of bits in a key

Question 25

What are the common encryption algorithms used for symmetric encryption

Answer 25

DES and AES

Question 26

what are the common encryption algorithms used for asymmetric encryption

Answer 26

RSA and elliptic curve

Question 27

what is the X.509 standard used for

Answer 27

guidance for constructing digital certificates to include information like the CA name, subject name, subject public key

Question 28

who are some of the major CAs

Answer 28

IdenTrust, AWS, DigiCert Group, Sectigo/Comodo, GlobalSign, Let's Encrypt, GoDaddy

Question 29

what is certificate chaining

Answer 29

using a series of intermediate CAs created by the root CA

Question 30

what are DV and EV certificates

Answer 30

Domain validation, the CA has verified that the subject controls the domain Extended validation, the CA has taken steps to verify that the subject is a legitimate business

Question 31

what are certificate pinning and certificate stapling

Answer 31

Certificate pinning instructs browsers to attach a certificate/public key to a subject Certificate stapling is when an OCSP server attaches a validation response to a certificate which web servers can use instead of repeatedly making OCSP requests

Question 32

what is key stretching

Answer 32

running a piece of data through a hashing algorithm multiple times to make it more resilient to brute force attacks

Question 33

what is homomorphic encryption

Answer 33

encryption methods that allow you to perform computations on the encrypted data and decrypt to get the same result as if calculated on plain text

Question 34

what is the difference between block and stream ciphers

Answer 34

block ciphers encrypt blocks of text at once stream ciphers operate on one character at a time

Question 35

what is an ssh key

Answer 35

a cryptographic key pair used for secure authentication, it replaces traditional password login for remote system login

Question 36

what is vertical vs horizontal scaling

Answer 36

vertical scaling improves the performance/capacity of a system or device horizontal scaling adds more systems or devices for use

Question 37

what is cloud bursting

Answer 37

utilizing a private cloud for the majority of work and a public cloud for needs over capacity

Question 38

what is the risk of resource reuse

Answer 38

unintended users could access data thus breaching confidentiality

Question 39

what is the difference between edge and fog computing

Answer 39

edge computing places processing power on remote sensors so they can process data before sending it to the cloud fog computing puts the processing burden on the local gateway which then sends data to the cloud

Question 40

what is an SNMP trap

Answer 40

error messages sent by devices configured to use SNMP that communicates issues to administrators

Question 41

what are telnet and SSH used for?

Answer 41

They're both used for remote access but telnet has been phased out since it sends data in plain text and SSH provides encryption

Question 42

What are the four security modes for bluetooth

Answer 42

1: no security 2: service level enforced security, offers PIN authentication 3: link level security, encrypts data between paired devices 4: standard pairing with security simple pairing SSP, uses public keys for authentication instead of PINs

Question 43

define bluejacking and bluesnarfing

Answer 43

bluejacking is sending unsolicited messages to bluetooth devices bluesnarfing is unauthorized access to a bluetooth devices usually with the purpose of gathering information like contacts

Question 44

what are the six steps of the incident response process

Answer 44

preparation detection analysis containment eradication recovery

Question 45

what is the difference between centralized and decentralized governance

Answer 45

in centralized governance a central authority dictates policies and standards which are followed by the entire organization in decentralized governance individual businesses have the authority to develop their own policies to achieve cybersecurity

Question 46

describe policies, standards, procedures, and guidelines

Answer 46

policies are high level statements of management intent standards dictate how an organization will carry out policies procedures are detailed processes that must be followed in specific circumstances guidelines provide best practices and recommendations for tasks or concepts

Question 47

what are the three standard elements of a risk register

Answer 47

KRI, risk owner, risk threshold information

Question 48

outline the roles of data subjects, controller, stewards, custodians, and processors

Answer 48

subjects are those whose personal data is being processed controllers determines the reasons for and methods of processing data stewards carry out the intents of the controller and are delegated responsibility custodians don't have controller/steward responsibilities but are accountable for safe handling of information processors are third parties that process information for a controller

Question 49

describe the contents of ISO 27001, 27002, 27701, and 31000

Answer 49

27001 information security management systems 27002 information security controls 27701 managing privacy controls 31000 risk management