Messer Exam B

Question 1

CRL

Answer 1

Certificate Revocation List:
a CRL is a type of blocklist of digital certificates that CAs deem as untrustworthy or that they are no longer willing to vouch for.

Question 2

OCSP

Answer 2

Online Certificate Status Protocol:
an alternative to the certificate revocation list (CRL) and is used to check whether a digital certificate is valid or if it has been revoked.

Question 3

CA

Answer 3

Certificate Authority:
a trusted third party that issues digital certificates to verify the identity of websites, users, and organizations.

Question 4

CSR

Answer 4

Certificate Signing Request:
a message that asks a Certificate Authority (CA) to issue a digital certificate. Contains the public key.

Question 5

Host-based Firewall

Answer 5

works as a shield directly on a server or endpoint device. It analyzes and directs network traffic flow. Its primary role is to enforce security policies that determine what kind of data packets can enter or leave the host system.

Question 6

Anti-malware

Answer 6

software that protects computers from malware, which is software that can damage or destroy a computer.

Question 7

Full Device Encryption

Answer 7

a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive

Question 8

MDM

Answer 8

Mobile Device Management:
security software that lets organizations manage mobile devices like smartphones, tablets, and laptops.

Question 9

OSINT

Answer 9

Open Source Intelligence:
the practice of gathering, analyzing, and using information from public sources

Question 10

Hashing

Answer 10

the process of transforming any given key or a string of characters into another value.
Hashing is used to protect passwords, messages, and documents
Hashing is used to create digital signatures that can be verified with a public key

Question 11

Digital Signature

Answer 11

a mathematical method that verifies the authenticity of a digital document or message.
Uses:
-to confirm that information came from the signer and hasn’t been changed.
-to protect information in digital messages or documents.
-to identify users.

Question 12

SPF

Answer 12

Sender Policy Framework:
A DNS record that lists the IP addresses of authorized mail servers for a domain.
Used to stop phishing attacks

Question 13

Key Escrow

Answer 13

a system that stores keys used to decrypt encrypted data. A third party, or escrow agent, holds the keys and can access them under certain conditions.

Question 14

Journaling

Answer 14

Helps ensure data integrity by recording changes before they are committed
Can help restore data after a system crash or power failure

Question 15

Obfuscation

Answer 15

a cybersecurity technique that makes information harder to understand or access.

Question 16

Data in-Transit

Data at-Rest

Data in-Use

Answer 16

in-Transit: information that’s moving from one location to another, such as over a network or the internet.

at-Rest: data that is stored on a device, such as a computer or server, and is not being actively used. It can include files, spreadsheets, databases, and archived emails.

in-Use: information that is being actively used or processed by a user or application. In memory.

Question 17

IPS

Answer 17

Intrusion Protection System:
An intrusion prevention system (IPS) is a network security tool that continuously monitors a network for malicious activity and takes action to prevent it.

Question 18

Security Controls

Answer 18

Deterrent: security measures that discourage people from breaking security policies.

Compensating: alternative security measures used when primary controls are not feasible.

Directive: security measures that direct and guide activities to ensure compliance with security policies. They can include policies, mandates, and other directives.

Detective: detect, log, and alert to security incidents after they occur.

Question 19

Data Owner

Answer 19

a person or group that manages and is accountable for an organization’s data. Senior manager.

Question 20

Data Controller

Answer 20

A data controller manages the processing of the data. For example, a payroll department would be a data controller

Question 21

Data Steward

Answer 21

The data steward manages access rights to the data. The IT team may be the data steward.

Question 22

Data Processor

Answer 22

A third-party that processes data on behalf of
the data controller.

Question 23

SDN

Answer 23

Software Defined Networking:
enables efficient network configuration to create grouping and segmentation while improving network performance and monitoring

Question 24

Buffer Overflow

Answer 24

a vulnerability that lets a malicious hacker inject data into program memory and execute it by giving more data in user input than the program is designed to handle.

Question 25

DNS Poisoning

Answer 25

happens when fake information is entered into the cache of a domain name server, resulting in DNS queries producing an incorrect reply, sending users to the wrong website.

Question 26

Federation

Answer 26

a way to share security measures across multiple systems, organizations, and networks.

Question 27

RADIUS

Answer 27

a networking protocol that authorizes and authenticates users who access a remote network.

Question 28

DKIM

Answer 28

DomainKeys Identified Mail: a way to verify that an email is authentic and hasn't been changed using a digital signature.

Question 29

RBAC

Answer 29

Role-based access control (RBAC) is a security method that limits access to systems based on a user's role.

Question 30

HSM

Answer 30

Hardware security modules are hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates.

Question 31

MTBF

Answer 31

Mean Time Between Failures

Question 32

RPO

Answer 32

Recovery Point Objective: is a cybersecurity metric that measures the maximum amount of data loss that an organization can tolerate after an incident.

Question 33

RTO

Answer 33

"recovery time objective". It's the maximum amount of time that a system can be down after a cyber attack or disaster.

Question 34

MTTR

Answer 34

Mean Time to Repair

Question 35

Tokenization

Answer 35

Tokenization replaces sensitive data with a non-sensitive placeholder.

Question 36

Masking

Answer 36

hides data from being viewed. The full credit card numbers are stored in a database, but only a limited view of this data is available when accessing the information from the application.

Question 37

Salting

Answer 37

adds randomized data when performing a hashing function.

Question 38

COPE

Answer 38

Corporate-Owned Personally-Enabled: A device owned by an enterprise and issued to an employee. Both the enterprise and the employee can install applications onto the device.

Question 39

AAA

Answer 39

Authentication, Authorization, and Accounting (AAA) is a framework used to control and track access within a computer network.

Question 40

IPsec

Answer 40

a collection of protocols that protect data by encrypting and authenticating IP packets. IPsec is used to create secure connections over networks, such as virtual private networks (VPNs).

Question 41

SIEM

Answer 41

Security information and event management (SIEM) is a cybersecurity tool that helps organizations identify and respond to security threats. SIEM tools analyze data from various sources, such as servers, applications, and firewalls, to generate alerts and automate responses.

Question 42

Mitigation

Answer 42

the process of taking steps to prevent cyberattacks and protect systems and data

Question 43

Acceptance

Answer 43

a conscious decision to acknowledge a risk and allow it to persist within the IT environment, without immediate intervention.

Question 44

Transference

Answer 44

a risk management strategy that moves the financial impact of cyber threats to a third party.

Question 45

Avoidance

Answer 45

eliminating a specific risk by avoiding activities or situations that could lead to it.

Question 46

Watering Hole

Answer 46

a computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware.

Question 47

SQL Injection

Answer 47

a code injection technique used to modify or retrieve data from SQL databases. By inserting specialized SQL statements into an entry field, an attacker is able to execute commands that allow for the retrieval of data from the database, the destruction of sensitive data, or other manipulative behaviors.

Question 48

SCAP

Answer 48

Security Content Automation Protocol is used as a common protocol across multiple security tools.

Question 49

SLA

Answer 49

SErvice Level Agreement: defines the level of service expected from a vendor, laying out metrics by which service is measured, as well as remedies should service levels not be achieved.

Question 50

On Path Attack

Answer 50

a cyberattack where an attacker positions themselves between two devices and intercepts or alters their communication.

Question 51

WAF

Answer 51

A web application firewall (WAF) is a cybersecurity tool that protects web applications from malicious traffic.

Question 52

SASE

Answer 52

Secure Access Service Edge is a cloud-aware version of a VPN client, and it is commonly deployed as a client on the user device.

Question 53

Replay Attack

Answer 53

a cyberattack where an attacker intercepts and retransmits a valid data transmission to gain unauthorized access or cause harm.

Question 54

HIPS

Answer 54

Host Intrusion Prevention System: an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.

Question 55

LDAP

Answer 55

The Lightweight Directory Access Protocol (LDAP) is a vendor-neutral software protocol used to lookup information or devices within a network.

Question 56

Secure Enclave

Answer 56

a hardware-based security subsystem that protects sensitive data on Apple devices

Question 57

DLP

Answer 57

Data Loss Prevention: a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data.

Question 58

Mandatory Access Control

Answer 58

Mandatory access control (MAC) is a security system that limits access to resources based on a user's clearance level and the sensitivity of the information.

Question 59

Rule Based Access Control

Answer 59

an access control system that allows user access to network resources according to pre-defined rules.

Question 60

Discretionary Access Control

Answer 60

a policy that gives the owner of an object control over who can access it and how.

Question 61

Role Based Access Control

Answer 61

a security model where user access to systems, applications, and data is granted based on their predefined role within an organization

Question 62

DRP

Answer 62

Disaster Recovery Plan

Question 63

ALE

Answer 63

ALE (Annual Loss Expectancy) is the expected cost for all events in a single year.

Question 64

SLE

Answer 64

SLE (Single Loss Expectancy) is the monetary loss if a single event occurs.

Question 65

ARO

Answer 65

ARO (Annualized Rate of Occurrence) describes the number of instances estimated to occur in a year.