Info I Got Wrong Flashcards
(93 cards)
1
Q
Error detecting used to detect accidental changes to data
A
Cyclic redundancy check (CRC)
2
Q
What is another name for a directory traversal or a path traversal?
A
HTTP attack
3
Q
What is a swap file?
A
Temporary files on a hard disk used as a virtual memory
4
Q
Example of order of volatility
A
Processor cache, RAM, swap file, HDD
5
Q
What is a false antivirus pop-up or notification
A
Rogue AV
6
Q
What is the European version of PII?
A
Sensitive personal info (SPI)
7
Q
Moving your servers and computers into the cloud
A
IaaS
8
Q
What is a known threat?
A
When something can be identified using signatures and patterns
9
Q
Cloud applications
A
SaaS
10
Q
Runtime containers for running different language code
A
FaaS
11
Q
What do you add at the end of a firewall’s ACL?
A
Implicit deny
12
Q
A username and password is an example of what?
A
PAP Authentication
13
Q
What are the most common vulnerabilities found on Windows and Linux systems?
A
Missing patches.
14
Q
Automated injection of breached usernames and passwords to gain access fraudulently
A
Credential stuffing
15
Q
If you run a vulnerability scan on a Network and only find a few critical vulnerabilities what did you do wrong?
A
You did not run a credential scan.
16
Q
Buffer overflow’s are most easily detected by what?
A
Static code analysis
17
Q
How do you renew a service certificate?
A
Certificate signing request (CSR)
18
Q
What is a key escrow?
A
It stores keys.
19
Q
OCSP
A
Status of certificates that tells if it is good, revoked, or unknown.
20
Q
What is the strongest response to an incident?
A
Isolation
21
Q
Is degaussing a method of purging or destruction?
A
Purging
22
Q
What is a server area fire extinguishing system?
A
FM-200
23
Q
Why is SMS not a good idea for multi factor authentication?
A
It may be accessible to attackers through VOIP.
24
Q
Where does a user agent request a resource from during a SAML transaction?
A
A service provider (sp)
25
Who has the ultimate responsibility for maintaining confidentiality, integrity, and authentication in a system
Data owner
26
Who is in charge of data quality, labeling, identification, and ensuring that data is collected and stored in accordance with laws?
Data steward
27
Who manages the system where data is stored, manages access control, encryption, back up and recovery?
Data custodian
28
Who is in charge of PII and PHI?
Privacy officer
29
What is the time that you must have services back up in?
RTO
30
What account do you use for a kiosk? And why?
A guest account, because it has limited capability no privacy and is disabled by default.
31
Who ensures that organization processes personal data in accordance with applicable data protection rules?
Data protection officer
32
What is a secure protocol for remote access services?
CHAP
33
What verifies the device drivers during Windows startup?
Early Launch Anti Malware (ELAM)
34
Where do you store certificates in a server?
Hardware Security Module (HSM)
35
What is the certificate that you see in the address bar of a website (the lock icon)?
Domain validation certificate (DV)
36
Certificate that validates that software was not altered?
Code signing certificate
37
DIG
Command used to look up information from DNS servers. More advanced than nslookup
38
Nslookup
Command used to look up information from DNS servers
39
SSO/ Federated identity solution which is open sourced?
Shibboleth
40
Get up and running quickly, get back to a particular service level.
Recovery Time Objective (RTO)
41
How much data loss is acceptable? How far back does data go?
Recovery Point Objective (RPO)
42
When something was approved but not supposed to be
False Acceptance Rate (FAR)
43
What is a Secure Web Gateway (SWG)
A device that all traffic is funneled through and prevents users from visiting sites that may have malware.
44
What is the most detailed/explicit access control?
Attribute-based Access Control (ABAC)
45
Amount of data loss a system can sustain, measured in time?
Recovery point objective (RPO)
46
Moving a virtual machine from one physical environment to another, it is not an attack method.
VM Migration
47
Machine is trained to analyze a baseline, deviation from it sets off an alarm.
Behavior based
48
What authentication method do captive portals usually rely on?
Radius
49
When app/platform updates are committed to a production environment rapidly.
Continuous deployment
50
When you substitute parts of a word with x’s
Data masking
51
Relies on mutual authentication of client and server
LDAPS
52
Detect malware that is loaded early in the system start a process or before the operating system can load
Measured boot
53
Used to capture the hard disks information to support a forensic investigation
Master boot record analysis
54
Validates the users identity when using SAML
IdP
55
Process of harvesting an accounts cached credentials when the user logs into single sign on system
Pass the hash
56
Kerberos ticket that can grant other tickets in active directories
Golden ticket
57
What kind of breach should you contact your credit card processor about?
PCI-DSS
58
Who provide services to members of a federation?
Relying parties (RP)
59
An encryption downgrade attack which causes a reversion to an earlier/less secure encryption.
POODLE
60
When a single bit is changed in the plaintext, there should be a drastic change in the cipher text.
Confusion
61
When a single bit is changed in the plaintext more than half of the bits should change in the cipher text.
Diffusion
62
A history of ownership
Provenance
63
A history of who handled the data
Chain of custody
64
Used in a cloud based environment to monitor the entire network and respond to security threats in real time?
Software-defined visibility (SDV)
65
Injecting client side scripts into a web page to be viewed by others (like making a pop up come up)?
Cross site scripting
66
Similar to identity fraud. Initiate bank transfers, send messages, etc while acting like a different person.
Cross site request forgery
67
Which authentication protocol utilizes an obfuscated password created from a shared secret?
Radius
68
802.1x usually relies on which protocol as the authentication method?
EAP
69
Utilizes carefully written scripts to orchestrate run books and generate server builds?
Infrastructure as code (IaC)
70
Approach to network-management that utilizes efficient programming to improve performance monitoring?
Software defined networking (SDN)
71
If you want a single ethernet port to redirect different users to different networks what do you use?
NAC
72
What do power shell scripts end in?
.ps1
73
A computer security project that provides info about security vulnerabilities and aids in pentesting and IDS Signature development?
Metasploit
74
An attack in which the goal is to execute arbitrary commands on the host operating system through a vulnerable application
Command injection
75
How much risk an organization is willing to accept
Risk appetite
76
When an organization accepts the identified risk and doesn’t worry about transferring or mitigating it
Risk acceptance
77
What are three ways to sanitize a hard drive?
Crypto erase (CE), secure erase (SE), zero fill
78
What is secure erase used for?
Flashbased systems like solid state drives or a USB, when crypto erase is not possible
79
What is zero Fill not effective on?
Solid state drives and hybrid drives
80
What is clearing?
A logical way to overwrite data with ones and zeros. A factory reset.
81
What is the strongest level of protection for access control?
MAC
82
Algorithm for token-based authentication that does not expire?
HMAC-based One Time Password (HOTP)
83
What can help with a zero day attack?
An application allow list
84
What are four windows memory capture tools?
Memdump, Volatility Framework, DumpIt, Encase.
85
When an attacker captures packets, extracts info, then puts it back on the network.
Replay attack
86
I’m asymmetric key system, how do you encrypt the message to the recipient?
With their public key.
87
What is the difference between proprietary data and sensitive data?
Propriety data is shared with customers on a limited basis. Sensitive data can cause serious damage to company if shared.
88
If an attacker tries every word in the dictionary is this a brute force attack or a dictionary attack?
Dictionary attack
89
What assigns a random surrogate value with no mathematical relationship that can be reversed by being linked back to original data?
Tokenization
90
Which control type includes organizational culture and physical controls that form the outer layer of defense?
Operational
91
Which certificate format is associated with windows and Java tomcat?
P7B
92
Which certificate format is associated with Java platforms?
DER
93
The conversion of data to its simplest known form
Normalization
