Failed on 2nd practice exam Flashcards
a cloud network hub that allows users to interconnect virtual private clouds (VPC) and on-premises networks through a central console.
A transit gateway
Which value is the result of a quantitative or qualitative risk analysis?
Inherent risk
Which control types does a systems engineer implement when an initial locking mechanism does not perform as expected?
Compensating
Preventatve
control acts to eliminate or reduce the impact of an intrusion event.
A corrective control is used after an attack.
detective control
may not prevent or deter access, but it will identify and record any attempted or successful intrusion.
An organization remodels an office which results in the need for higher security during construction. Placing a security guard by the data center utilizes which control types?
Operational
Preventative
A control that acts to eliminate or reduce the likelihood that an attack can succeed.
A preventative control acts to eliminate or reduce the likelihood that an attack can succeed. A preventative control operates before an attack can take place.
A control implemented primarily by people rather than systems.
Operational control
What authentication protocol uses MSCHAP?
LEAP uses MSCHAP
What authentication protocl uses MSCHAPv2
PEAPv0 also known as EAP-MSCHAPv2.
What can assist in routing information on an attack to a honeynet?
Domain Name Service (DNS) sinkhole is used to intercept DNS requests attempting to connect to known malicious or unwanted domains and returning a fake IP address.
What authentication method does 802.1x framework use
EAP or extensible authentication protocol
What is a TAP?
A test access point (TAP) is a hardware device that copies signals from the physical layer and the data link layer
Test access points (TAPs) can be either active or passive.
Avoids frame loss
More reliable than SPAN
Can be active or passive
SPAN
SPAN (switched port analyzer) is simply mirroring ports.
Can only be active.
What is one way to protect against SSL stripping
HTTP Strict Transport Security (HSTS) forces browsers to connect using HTTPS only, mitigating downgrade attacks, such as Secure Socket Layer (SSL) stripping.
What replaced RC4/TKIP to make WPA2 significantly more secure than WPA?
For WPA2, AES (Advanced Encryption Standard) deploys within CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol). AES replaces RC4, and CCMP replaces TKIP. AES is for encryption, and CCMP is for message integrity
Devices deployed in a network and that send data to the local area network (LAN) level and process it with an Internet of things (IoT) sensor are which of the following?
Fog computing provides decentralized local access by deploying fog nodes throughout the network
OCSP stapling
Stapling addresses the privacy issues surrounding Online Status Certificate Protocol (OCSP) by having the SSL/TLS web server periodically obtain a time-stamped response from the Certificate Authority. Then, when a client submits an OCSP request, the web server returns the time-stamped response.
How does the General Data Protection Regulations (GDPR) classify data that can prejudice decisions, such as sexual orientation?
The sensitive classification is used in the context of personal data about a subject that could harm them if made public and could prejudice decisions made about them if referred to by internal procedures.
What could a hacker use to extract passwords from a database file?
Hashcat is a popular password cracker developed for Linux. It is one of many password crackers the hacker could potentially use to extract passwords from the hashed password database.
Identify types of metadata that would be associated with CDR (call detail records) of mobile devices.
List of towers connected
Call duration
SMS text timestamps
when using a SIEM what can help manage log collections
deploying listeners
A management server can be configured to be a listener or collector to gather logs from multiple sources and parse the data before sending it to the SIEM system. Multiple listeners can better manage collections to reduce the number of systems communicating with the SIEM.
What tool could a hacker us to obtain credentials from a Windows system?
Mimikatz
hybrid password attack
A hybrid password attack uses a combo of dictionary and brute force attacks. It is targeted against weak and/or re-used passwords.
