Info I Got Wrong Flashcards
(93 cards)
Error detecting used to detect accidental changes to data
Cyclic redundancy check (CRC)
What is another name for a directory traversal or a path traversal?
HTTP attack
What is a swap file?
Temporary files on a hard disk used as a virtual memory
Example of order of volatility
Processor cache, RAM, swap file, HDD
What is a false antivirus pop-up or notification
Rogue AV
What is the European version of PII?
Sensitive personal info (SPI)
Moving your servers and computers into the cloud
IaaS
What is a known threat?
When something can be identified using signatures and patterns
Cloud applications
SaaS
Runtime containers for running different language code
FaaS
What do you add at the end of a firewall’s ACL?
Implicit deny
A username and password is an example of what?
PAP Authentication
What are the most common vulnerabilities found on Windows and Linux systems?
Missing patches.
Automated injection of breached usernames and passwords to gain access fraudulently
Credential stuffing
If you run a vulnerability scan on a Network and only find a few critical vulnerabilities what did you do wrong?
You did not run a credential scan.
Buffer overflow’s are most easily detected by what?
Static code analysis
How do you renew a service certificate?
Certificate signing request (CSR)
What is a key escrow?
It stores keys.
OCSP
Status of certificates that tells if it is good, revoked, or unknown.
What is the strongest response to an incident?
Isolation
Is degaussing a method of purging or destruction?
Purging
What is a server area fire extinguishing system?
FM-200
Why is SMS not a good idea for multi factor authentication?
It may be accessible to attackers through VOIP.
Where does a user agent request a resource from during a SAML transaction?
A service provider (sp)