Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Sec+ SYO-601 > Full Test > Flashcards

Full Test Flashcards

(142 cards)

Start Studying
1
Q

What is RipeMD

A
  • RACE integrity Primitive Evaluation Message Digest
  • open source hashing algo
    160-320 bit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is BPDU Guard

A
  • Bridge Protocol Data Unit
  • Enhancement to Spanning Tree Protocol
  • CISCO calls it “port fast”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is EAP TTLS

A
  • Extensible Auth Protocol Tunnelled TLS
  • Used with other protocols
  • Auth Server needs a certificate
  • WPA2 enterprise
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is VMI?

A
  • Virtual Mobile Infrastructure

- Mobile Apps actually run from remote server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is CASB?

A
  • Cloud Access Security Broker “Caz-Bee”

- OnPrem or Cloud software that provides visibility, security, compliance, and threat prevention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is conditional access?

A
  • Manage access through SaaS

- Condtions like Geography, IP, used device, browser, OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is PAM?

A
  • Privilege Access Managment

- Admins “check out” admin privileges for a set length of time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is NIST SP800-61?

A

-Computer Security Incident Handling Guide

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is ISO 27001?

A
  • International Standard for Information Security Management Systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is ISO 27002?

A
  • Code of practice for implementing security controls.

- if ISO 27001 is the “what and why” then 27002 is the “how”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is ISO 27701?

A
  • Intl standard for Privacy Information Managment Systems

- Extends 27001 to deal with GDPR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is ISO 31000?

A
  • Intl Std for Risk Management

- Generic guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is CSA?

A
  • Cloud Security Alliance
  • Organization dedicated to defining best practices for secure cloud computing
  • Cloud Control Matrix is the framework
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does the Data Steward do?

A
  • Oversight or governance role
  • Responsibility for accuracy, privacy, & security
  • Applies sensitivity labels
  • Ensures legal and compliance standards are met
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Data Controller?

A
  • How and why data is used within organization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a Data Custodian?

A
  • Responsible for the safe custody, transport, and storage of data.
  • IT function more than business function.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is a Data Protection Officer?

A
  • Responsible for Overall Data Privacy Policy.
  • GDPR compliance
  • All PII/PHI data is handled correctly
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is SASL?

A
  • Simple Authentication and Security Layer
  • Used with various auth schemes. Eg.
    Kerebos
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is SNMPv3?

A
  • Simple Network Managment Protocol v 3
  • Provides CIA for Network Managment
  • UDP 161
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is STP?

A
  • Spanning Tree Protocol
  • Prevents Layer 2 loops
  • Leaves single active path between nodes
  • 802.1D/802.1Q-2014
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is RFC?

A
  • Request For Comments
  • Standard Setting bodies on Internet like Internet Engineering Task Force (IETF)
  • Shape Internet internal workings since 1969.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is TTP?

A
  • Tactics, Techniques, & Procedures

- Codified playbook for individual attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is IRM?

A
  • Information Rights Management
  • E-DRM
  • “remote-control” of documents
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is RTO?

A
  • Recovery Time Objective
  • Time after EVENT before normal operations resume
  • “Acceptable levels” of ops
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is WRT?
- Work Recovery Time - Verifying all is back to normal - Resume production
26
What is MTD?
- Max Tolerable Downtime | - RTO + WRT = MTD
27
What is SIAM?
- Service Integration and Management - Integrates multiple Cloud Service Providers - multisourcing
28
What is SDN?
- Software Defined Networking - Centrally defined networking through logical means - OpenFlow protocol - Data Plane (packets) - Control Plane (routing process)
29
What is VXLAN?
- Virtual Exensible LAN - Layer 2 - Scales to 16 million logical networks
30
What is Baseband?
- Uses all available BW. 0% or 100%. - 1 direction per wire - Ethernet standard BASE - more signals via multiplexing
31
What is SSL VPN?
- Secure Socket Layer VPN - Operates in browser - Uses HTTPS TCP/443 - “Lightweight” - Good for remote access vice site-to-site
32
What is EAP-FAST?
- Extensible Auth Protocol - Flexible Auth via Secure Tunnel - Supplicant and Auth Server share protected secret to mutually auth a tunnel - Replaces LEAP - 802.1x protocol
33
What port is Netbios on?
- TCP/UDP 137-139
34
What communicates on ports 137-139?
Netbios (TCP/UDP)
35
Define WPA2
- Wireless protected access version2 - Uses CCMP block cipher - Counter mode with cipher block chaining - AES encryption - Potential for brute-forcing 4-way handshake - Hash Capture vuln
36
Define Site-to-Site VPN
- Uses L2TP (Layer 2 Tunneling Protocol) - Acts like layer 3 - IPSec for encryption (vice SSL VPN) - L2TP uses udp/1701
37
Define WPA3
- Wifi Protected Access v. 3 - Uses Galois/counter mode - AES encryption (as WPA2) - simultaneous auth of Equals (SAE) - perfect forward secrecy
38
Define Perfect Forward Secrecy?
- Changes keys automatically and frequently - Protects PAST communication - ECDHE_RSA
39
What is RAID 6?
- RAID = Redundant Array of Independent Disks - Raid 6 is striping with Double Parity - Requires at least 4 disks - 2 disks can fail
40
What service uses port 143?
- IMAP - Internet Measafe Access Protocol - TCP
41
What port does IMAP use?
- TCP/143
42
Define DES?
- Digital Encryption Standard - symmetric - 64 bit blocks with 56 bit keys - old as fuck
43
Define sdelete?
- Windows CLI program | - individual files
44
What is SAST?
- Static Application Security Testing - Helps ID flaws like buffer overflow and Database Injection - Doesn’t get everything - Can help check for false positives
45
What service uses port 445?
- Server Message Block (SMB) | - TCP
46
What port does SMB use?
- TCP/445
47
What service uses port 587?
- SMTP w/SSL - TCP - Also TCP/465
48
What ports are used by SMTP w/SSL?
- TCP/465 | - TCP/587
49
What services use port 161?
- SNMP (Simple Network Management Protocol) | - UDP
50
What port does SNMP use?
- udp/161
51
What is WAF?
- Web Application Firewall - Layer 7 - Applies rules to HTTPS - Recognize SQL injection - Heavy PCI DSS use
52
Define Raid 5
- Striping with parity - Requires at least 3 disks - only 1 drive can fail
53
Define RAID 10?
- Striped and Mirrored - Requires 4 disks - Up to 2 can fail
54
What are http secure headers?
- Instructions to a browser to enforce security settings | - Https only, only allow local scrips, no I-frames allowed, etc
55
What service uses port 993?
- IMAP4 ssl | - tcp
56
What port is used by IMAP4 ssl?
- tcp/993
57
What is SED?
- Self Encrypting Drive - Hardware based - Cleared by overwriting the encryption keys
58
What service uses port 53?
- DNS | - tcp/udp
59
What port does DNS use?
- tcp/udp/53
60
What service uses port 1433?
- SQL server | - tcp
61
What port does SQL server use?
- tcp/1433
62
What service uses port 514?
- Syslog | - udp
63
What port does Syslog use?
- udp/514
64
What service uses port 636?
- LDAP w/ssl | - tcp/udp
65
What port does LDAP w/ssl use?
- tcp/udp/636
66
What service uses port 3868?
- Diameter | - tcp
67
What port does DIAMETER use?
- tcp/3868
68
What is EAP?
- Extensible Auth Protocol - Auth framework - Integrates with 802.1x
69
What is AES?
- Advanced Encryption Standard - symmetrical - 128 through 256 bit
70
What service uses port 1723?
- PPTP - point to point VPN - tcp/udp
71
What port does PPTP use?
- tcp/udp 1723
72
Define IDEA?
- International Data Encryption Algorithm | - 64 bit, 128 key
73
What service uses port 989-990?
- FTPS - uses ssl for security - different from S(sh)FTP
74
What port does FTPS use?
- tcp 989-990
75
What service uses 993?
- POP3 w/ssl | - tcp
76
What port does POP3 w/ssl use?
- tcp/995
77
What service uses port 465?
- SMTP w/SSL - tcp - also port 587
78
What is SAE?
- Simultaneous Auth of Equals - WPA3 characteristic - Diffie-helmann based - everyone has a different session - dragonfly handshake key exchange
79
What is Trusted Boot?
- software validation that the kernel, bootloader, etc has not changed - Early Launch Anti-Malware (ELAM) - verifies OS signature
80
What service runs on port 135?
- Remote Procedure Call (RPC) | - tcp/udp
81
What port does Remote Procedure Call use?
- tcp/udp 135
82
What is RPC?
- Remote Procedure Call | - allows one system to call a subroutine on another
83
What is EAP TLS?
- EAP Transport Layer Security - WPA2 - all devices need x.509 cert - mutual auth - PKI needed
84
What is PEAP?
- Protected EAP - AS needs a certificate, supplicant doesnt - MS-CHAPv2 (microsoft challenge handshake Auth protocol) - often used with token generator - Cisco, MS, and RSA developed
85
What is SEAndroid?
- Security Enhanced Android - uses MAC (mandatory access control) - SELinux in Android OS
86
What are Cloud Security Groups?
- level 4 firewall port | - level 3: ipaddr, cidr, ipv4/6
87
What is Instance Awareness?
- cloud concept | - granular security controls
88
What is a Next-gen Secure Web Gateway?
- Protect users and devixes regardless of location - goes beyond URL and GET requests - Examines JSON and API calls - instance aware
89
What is IdP?
- Identity Provider - Who are you? Who vouches? - Authorization as a Service - Single Sign on (sso) - SAML, OAuth, OpenID
90
Command to create a ssh keypair?
$ssh-keygen -t $ENCRYPTION$ | - ed25519, rsa
91
What is CHAP?
- Challenge Handshake Auth Protocol - encrypted challenge 1. Server sends challenge 2. Client sends PW bas 3. Server compares 4. Ongoing and invisible during session
92
What is SAML?
- Security Assertion Markup Language - open standard for auth - not good for mobile
93
What is OAuth?
- Auth framework - Determine whar resources can be accessed - Not a protocol - Used w/OPENID - Google, FB, Twitter - “Xapp wants to access your Google acct”
94
Describe the Key Management Lifcycle
1. Key generation of requested str w proper cipher 2. Certificate gen - allocate key to user 3. Distribution - securely xfer to user 4. Storage 5. Expiration/Revocation
95
What is a Public Key Certificate?
- binding of public key with digital signature and other details
96
Describe a Domain Validation Certificate
- owner of certificate has control over domain
97
What is an Extended Validation Certificate?
- Additional verification checks for certificate owner - Like a bank - Outdated
98
What is a SAN?
- Subject Alternate Name - Extension to an x.509 - Allows wildcards - *.jacklawton.com mail. jacklawton.com training. jacklawton.com
99
What is a .der?
- Distinguished Encoding Rules - x.509 cert - binary, not human readable - often used with Java
100
What is a .pem?
- Privacy Enhanced Mail - 64-bit (ascii) encoded .der - what you normally get from CA
101
What is a .p12?
- Public Key Cryptography Standard #12 - container for multiple certs - also .pfx - used to transfer key pairs - can be password protected
102
What is a .cer?
- Windows x.508 certificate format | - can be binary like .der or ascii like .pem
103
What is .p7b?
- PKCS#7 - contains certs but only public key - ascii
104
Describe OCSP stapling
- “Staples” time stamped revocation info to the cert so clients don’t have to contact the CA for revocation info
105
What is pinning?
- obsolete technique to prevent website impersonation
106
Describe the netstat command
- CLI tool that displays tcp/ip connections, routing tables, and other network statistics $netstat -a = all $netstat -b = binaries (windows) $netstat -n = numbers only (no name)
107
Describe the routeprint command
- show routing tables | - same as $netstat -r
108
What is OpenSSL?
- toolkit & crypto library for ssl/tls - create x.509 certs, revoke, and sign - hashing protocols for mag digests - en/decryption
109
What is winhex?
- windows hexadecimal editor - edit disks - clone disls - secure wipe - forensics tool
110
Describe Data Sanitization
- secure and permanent erasure of sensitive data from media to guarantee no residual dara can be recovered even through forensic analysis
111
Describe the Incident Recovery phase of the Incident Recovery plan?
- The process of restoring and returning affected devices back to business environment. - Return to normal - Restore from backup
112
Describe the isolation and containment phase of the Incident Response Plan?
- Contain the breach. Sandboxing, disconnection, start redundant systems - Update and patch?
113
Describe the Identification Phase of Incident Response Plan?
- Indications an attack is happening - network is vulnscanned - indicators of compromise
114
Describe the Preparation phase of the Incident Response Plan?
- Establish communication methods. Remembering that normal comms may be compromised - Hardware and software toolkit - Documents, net diagrams, baselines, hashes - Mitigation software - OS images
115
Describe the phases of Incident Response Plan?
1. Preparation 2. Identification and analysis 3. Isolation, Containment, & Eradication 4. Recovery 5. Post event activity
116
What is outlined by RFC 3227?
- Guidelines for Evidence Collection and Archiving 1: Acquisition 2: Analysis 3: Reporting
117
Describe the Order of Volatility
1: CPU registers, CPU Cache 2: Router table, ARP cache, process table, kernel, RAM 3: Temp File Systems 4: Disk drive 5: Remote Logging/Monitoring 6: network topology 7: Archival Media
118
Describe the CIS CSC?
- Center for Internet Security Critical Security Controls - Improve Cyber Defense - 20 key sections - Scalable to different organization sizes
119
Describe the NIST RMF?
- National Institute Standards Techology Risk Management Framework - Federal Agency Requirement - 6 stages: Categorize, Select, Implement, Assess, Authorize, Monitor
120
Describe the NIST CSF?
- NIST Cybersecurity Framework - voluntary for civilian/commercial orgs - ID, Protect, Detect, Respond, & Recover
121
Describe the SSAE SOC2 type 1/2?
- American Institute of CPAs Auditing Standard Statement on Standards of Attestation Engagements #18 (SSAE18) - SOC2 is Trust Services Criteria - Firewalls, MFA, Intrusion Detection
122
What is ALE?
- Annualized Loss Expectancy - ARO x SLE ARO = Annual Rate of Occurance SLE = Single Loss Expense
123
What is RTO?
- Recovery Time Objective - Up and running quickly to service level - Not complete
124
What is EDR?
- Endpoint Detection & Response - Behavioral analysis, machine learning, process monitoring - Lightweight agent on endpoint - API automated - Root cause analysis
125
What is SRTP?
- Secure Real-Time Transport Protocol - VOIP - AES - HMAC - Hash-based auth code using SHA 1
126
What is a HIDS?
- Host-based IDS | - Log files to ID intrusion
127
What is bcrypt?
- Password hashing function | - Uses blowfish to do multiple rounds
128
What is PBKDF2?
- Password-based Key Derivation Function 2 | - Part of RSA public key cryptography
129
What is Homomorphic Encryption?
- Encryption scheme that allows operations to be performed on the encrypted data without decryption
130
What is a Stream Cipher?
- One bit or byte at a time - high speed, low hardware complexity - symmetric encryption - use IV for randomization
131
What is a Block Cipher?
- Fixed length groups - 64 or 128 bit blocks - en/decrypted independently - symmetric
132
Describe GCM?
- Galois/Counter Mode - Combines counter with authentication - Auth is part of block - SSH/TLS
133
What is ECB?
- Simplest mode of Block Ciphering | - same key for each block
134
Define CBC?
- Cipher Block Chaining - Each block is XOR with previous - additional randomization - uses IV for 1st block
135
Define Counter Mode?
- Encrypts successive value of a counter
136
Define POP3 & Secure IMAP
- Use STARTTLS to encrypt POP3 or IMAP w SSL
137
Elaborate the differences between FTPS and SFTP?
FTPS is FTP secure. Uses SSL on port 989 and 990 SFTP is SSH FTP. Uses SSH to send FTP
138
What is a NGFW?
- Next Generation Firewall - OSI Layer 7 application - Can allow or disallow features - all data in every packet - Deep packet inspection - Stateful multilayer inspection
139
What is the CTA?
- Cyber Threat Alliance | - Members validate forwarded threat intelligence
140
Define SOAR
- Security Orchestration Automation and Response | - Automated security that can apply tools automatically at any time without intervention
141
Define RPO?
- Recovery Point Objective | - Longest time an organization can lose data for
142
Define MTD?
- Max Tolerable Downtime | - Longest time ops can be down without catastrophic damage

CompTIA Sec+ SYO-601 (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions