General Concept (Chapter 1)

Question 1

CIA Triad

Answer 1

Confidentiality
- protects systems and data form unauthorized access
Integrity
- ensures data and systems have not been tampered with
Availability
- ensures that data and systems can still be access by authorised users and systems when needed

Question 2

Security, Functionality, Usability

Answer 2

An interlocked systems where if security is increased both Usability and functionality decrease

Question 3

Defense in depth

Answer 3

Are layers of security control that provides redundancy incase one layer has been breached

Question 4

Vulnerability

Answer 4

Is a weakness/flaw in a system

Question 5

Threat

Answer 5

Anything that can potentially take advantage of a vulnerability

Question 6

Exploit

Answer 6

A mechanism that takes advantage of a vulnerability

Question 7

Payload

Answer 7

Is the part of an exploit that damages the system/steals information

Question 8

Zero-day attack

Answer 8

A new/unseen attack that the vendor has not seen

Question 9

Control

Answer 9

A policy that is employed to help protect systems

Question 10

Mitigation

Answer 10

An actions or control that helps reduce the impact of a negative attack

Question 11

Non-repudiation

Answer 11

A security concept that prevents the denial of involvement or responsibility of an individual by applying a digital signature to all actions of a user

Question 12

Principle of least privilege

Answer 12

A security concept that allows only the bare minimum access to the data that a user needs to perform their job

Question 13

Accountability

Answer 13

Ensure that responsible parties are held liable for their actions

Question 14

Authenticity

Answer 14

The proven fact that something is legitimate

Question 15

Gap analysis

Answer 15

A thorough analysis of an organisations security defenses that identify security flaws

Question 16

Authentication, Authorization, Accounting

Answer 16

An Architectural framework to provide, enforce and audit access to a network or data resources.
- Authentication request are forwarded to a central AAA server (RADIUS, TACACS) which checks users credentials against the directory service server

Question 17

Zero Trust

Answer 17

A security strategy that assumes that all systems on the network (public & private) are compromised and each have to be authorised to access the rest of the network.

Question 18

Three principles of zero Trust

Answer 18

1) Least Privilege
2) Access Privileges must be constantly reauthorized
3) Continuous monitoring

Question 19

Honeypot

Answer 19

A decoy system intended to look legitimate to divert an attack so that information of the attacker can be gathered

Question 20

Honeynet

Answer 20

A decoy networking containing 1 or multiple honeypots,

Question 21

Honeyfile

Answer 21

A fake file located in a network file share or server

Question 22

Honey token

Answer 22

Fake data deployed that legitimate users won’t need access to it, so that only an attacker would access it thus signalling an attack

Question 23

Physical Control

Answer 23

Are tangible mechanisms designed to prevent unauthorized access to rooms, equipment, documents and other items

Question 24

Administrative/Managerial control

Answer 24

Procedures and policies that inform people on how the business is to be run and how day to day operations are to be conducted

Question 25

Technical control

Answer 25

Any measures taken to protect assets and reduce risk via technological means

Question 26

Operational Controls

Answer 26

Security controls that are primarily implemented and executed by people

Question 27

Preventive control

Answer 27

Designed to prevent attacks from occuring in the first place

Question 28

Detective Control

Answer 28

Designed to detect and promptly correct attacks that have occured

Question 29

Deterrent Control

Answer 29

Designed to discourage would-be attacked

Question 30

Mitigation/recovery control

Answer 30

Designed to minimise the impact of security incidents

Question 31

Compensating Control

Answer 31

Alternative fixes to cover any gaps in other control types

Question 32

Corrective control

Answer 32

Seeks to reverse/Remediate a security incident after it occurred

Question 33

Directive control

Answer 33

Designed to establish desired outcomes by guiding the execution of security within an organisation

Question 34

Cryptography

Answer 34

Is the process of converting plain text into unintelligible Cipher text and reverting it back. This creates data intrigity and confidentiality

Question 35

Block Cipher

Answer 35

**Symmetric Encryption** Is a Cipher that encrypted data in a fixed-size block (64-bits), it converts plain text into Cipher text one block at a time, often taki g part of the previous block into the new block. Good for large files and data at rest **AES (Advances Encryption Standard)** - a symmetric key algorithm that encrypts data in 128bits and has key sizes of either 128, 192, 256

Question 36

Stream Cipher

Answer 36

**Symmetric Encryption** Data encryption used for a continuous streams of data. It uses a pseudo randomly generated stream of bits that is used in an XOR function with the data stream to encode the data one bit at a time. The data is decrypt with the key and the pseudo randomly generated bits Used for real time communication

Question 37

Symmetric Encryption

Answer 37

Uses the same key to Encrypt and decrypt data Key management is very important so not to compromise the data

Question 38

Asymmetric Encryption

Answer 38

A form of encryption that uses a public and a private key to encrypt/decrypt data and confirm data integrity **Public key** - is a key of a devices that is known to other devices on a network which those devices will uses to encrypted data intended for the original devices **Private key** - is a key of a devices that is only know to itself. It is used to decrypt data that has been encrypted with it's public key

Question 39

RSA Cipher

Answer 39

The internet standard for asymmetric Encryption that is based on the practical difficulty of factoring the product of two large prime number

Question 40

Diffie-Hellman cipher

Answer 40

Is a protocol used for exchange asymmetric keys

Question 41

Elliptic Curve Cryptography (ECC)

Answer 41

A Cipher based on algebraic structure of elliptic curves over finite fields. Strong encryption will being very efficient

Question 42

Hashing

Answer 42

Is a type of encryption that uses a mathematical formula to created a fixed-length string of characters, the hashed result cannot be decrypted but is used to insure that the original data has not been tampered with

Question 43

Salting

Answer 43

Is a method of adding complexity to a hashing function by adding random bits to the beginning or end of the data. Allowing 2 or more data that are the same to have a different hash output. Both hash data and salt must be stored together

Question 44

Digital certificates

Answer 44

Is a public key stored in a document which includes metadata about the key. Certificate are issued by a **Certification Authority** accompanied by a related private key -Public keys are stored on **.cer or .der** file formats - Private keys are stored on **.pfx or .pvk** file format

Question 45

Certificate Authority

Answer 45

Is a service that issues certificates

Question 46

Certificate revocation (CRL)

Answer 46

A list of certificates that were administratively revoked before they expired

Question 47

Online Certificate Status Protocol (OCSP)

Answer 47

Used to balance the load for validating certificates by quickly responding to CRL requests

Question 48

Root of trust

Answer 48

Highly reliable hardware, software and firmware used to generate and protect root and CA keys

Question 49

Self-signed certificate

Answer 49

Is a certificate that is created locally, rather than by a CA, which is ment for internal uses.

Question 50

Certificate signing request (CSR)

Answer 50

A messages sent to a CA requesting a digital certificate - request files are stored as **.csr**

Question 51

Wildcard certificate

Answer 51

A certificate that includes any possible subdomain or host names under a parent domain. Represented by *

Question 52

Digital signature

Answer 52

Is a security property that uses asymmetrical cryptography to sign digital forms (document, network packets, certificates, ect) which can be used to verify the authenticity and identify of the users signing, by using the users **private key** and **hash**

Question 53

Public key Infrastructure (PKI)

Answer 53

Is an arrangement that **binds public keys with the respective entities** which uses policies and procedures to create, manage, distribute, store and revoke **digital certificate and manage public key encryption**

Question 54

PKI components

Answer 54

**Certificate Authority (CA)** - a service that registers and issues certificates **Registration Authority** - a service responsible for accepting digital certificate request and authenticating the entity making the request **Validation Authority** - validates the identity of the entity with the certificate

Question 55

Key Escrow

Answer 55

A component of PKI that is used to store the private key by a third party which helps protect against unauthorized access or compromise

Question 57

Key Stretching

Answer 57

The practice of taking a weak key (password) and transforming it into something that is computationally harder to crack

Question 58

Perfect forward Secrecy

Answer 58

Refers to an encryption system that changes the keys used to encrypt and decrypt data frequently and automatically, thus preventing an attack to use a compromised key to access the data

Question 59

Pass-the-hash Attack

Answer 59

Is a password craking attack that is used to authenticate by supplying the password hash over the network. - The password hash can be acquired by performing a hash dump

Question 60

Secure Socket Layer (SSL)

Answer 60

Is a protocol that establishes a secure connection between a clients and a host to secure confidentiality and integrity of data transmission (HTTPS). - It uses RSA asymmetry encryption to create a temporary secure session (perfect key secrecy) by exchanging public keys

Question 61

Transport Layer Security (TLS)

Answer 61

Is the successor of SSL which fixes its vulnerabilities

Question 62

OpenSSL

Answer 62

Is an open source implementation of SSL/TLS protocols

Question 63

Secure/Multipurpose Internet Mail Extension (S/MIME)

Answer 63

A protocol used for sending digitally signed encrypted email messages

Question 64

Pretty Good Privacy (PGP)

Answer 64

A system for creating asymmetric key pairs and trading public keys, Provides authentication and cryptographic privacy

Question 66

Blockchain

Answer 66

A mechanism used to store and secure digital data as an open ledger, each new entry becomes a block with a unique identifying hash. - Old blocks needs the approval of all parties to be able to change the data stored in the block

Question 67

Accessing data from a blockchain

Answer 67

It's too impractical to try to access data directly from the blockchain, so to get around that a local database is created that stores all previous blocks and is updated when new blocks are created. The local database can then be used to access data from the blockchain

Question 68

Steganography

Answer 68

A method of concealing secret data within a data form that is non-secret (image, text video)

Question 69

Data masking

Answer 69

A method of disguising data by replacing the data with a fake but realistic version, with the goal of creating a version that cannot be deciphered or reverse engineered

Question 70

Tokenization

Answer 70

The process of substituting sensitive data with a non-sensitive equivalent which acts as a pointer to the sensitive data