Missed questions Flashcards
(106 cards)
1
Q
Roles of a security admin
A
- User who is most likely to be responsible for user account management and reviews of audit date in a client/server architecture
- Usually have lesser privileges than system admins, but usually responsible for auditing sys admins
- Often work directly with sys admins and applications admins
2
Q
Roles of a System Administrator
A
- User who monitors and maintains the system and applications in a distributed computing environment
3
Q
Role of a System Operator
A
- Users who administer and maintain a mainframe system
4
Q
Role of a Power User
A
- A heightened privilege account that enables a user to perform some tasks that ordinary users cannot
- A role that is found in a distributed computing environment
5
Q
SP 800-30
A
Used to assess risk - 9 step process
6
Q
SP 800-66
A
Similar to SP 800-30, but written for healthcare companies that must comply with HIPAA
7
Q
CRAMM
A
CCTA Risk Analysis and Management Method - establishes a 3-stage approach to risk evaluation that analyzes technical and non-technical security aspects
8
Q
FRAP
A
Facilitated Risk Analysis Process - a low-cost method of evaluating risk for one system or process at a time
9
Q
SOMAP
A
Security Officers Management and Analysis Project - an open-source method for evaluating and managing risk
10
Q
Spanning Tree Analysis
A
Creates a tree of all possible threats and prunes branches that do not apply to an asset 
11
Q
VAR
A
Value at risk – identifies a profile of acceptable risk for a company in order to determine the most cost-effective risk mitigation method 
12
Q
ITIL
A
IT infrastructure library – a methodology created by the UK government that is focused on improving IT service management processes 
13
Q
COBIT
A
Control objectives for information and related technology - an ISACA framework that establishes 34 processes in 214 control objectives to assist in developing an IT security management plan 
14
Q
ISO 27000
A
Establishes a framework for developing security management standards 
15
Q
SP 800-37
A
Risk management framework (RMF) is a security compliance framework for government entities 
16
Q
What provides authentication, integrity, and confidentialities over an L2TP tunnel?
A
AH (auth and integrity) and ESP (confidentiality)
17
Q
POODLE attack
A
MITM that exploited vulns in SSL (and TLS fall back to SSLv3)
18
Q
3 Layers of SSH
A
The transport layer, the user authentication layer, and the connection layer 
19
Q
Five primary methods of testing a DRP
A
Disaster Recover Plan (DRP) Tests
- Read through test
- Structured walk through (table top exercise)
- Simulation test
- Parallel test (move to recovery site)
- Full interruption test (move to recovery site and full shut down at primary location)
20
Q
Five phases of penetration testing 
A
1) Planning, 2) information gathering and discovery, 3) vulnerability scanning, 4) exploitation, and 5) reporting 
21
Q
SDL
A
A Seven phase Security development lifecycle (SDL) model developed my by Microsoft: 1) training, 2) requirements, 3) design (threat modeling), 4) implementation (static analysis) 5) verification (dynamic analysis, fuzz testing, attack surface review) 6) release (incident response plan and final Security review) 7) response
22
Q
XOR
A
Used for encryption - compares x and y. If they match = 0, if the don’t = 1
23
Q
Technology that uses RFC 6749
A
OAuth 2.0 and OpenID Connect
24
Q
OpenID Connect
A
- Used OpenID technologies, but is constructed around the OAuth 2.0 framework, defined by RFC 6749
- used JSON Web Tokens (JWTs)
- operates as a REST web service
25
OAuth 2.0
- an open standard to find an RFC6749 - an authorization framework that provides a third-party application with delegated access to resources, without providing the owners credentials to the application
- the version of OAuth that is in most to spell social media sites
26
OpenID
- an open standard method for decentralized authentication that is defined by the open ID foundation
- redirects a user to an open ID provider. the user is prompted for an open ID password. If the password is correct, the user is then authenticated on the third-party site
27
OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data
1) the collection limitation principle
2) the data quality principle
3) the purpose, pacification principle 4) do use limitation principle
5) the security safeguards principal
6) the openness principle
7) the individual participation principle 8) the accountability principle
28
What principle limits personal data collection to legal means and requires the individuals permission?
The collection limitation principle 
29
What principle requires that the integrity of the personal data be intact and maintained? 
The data quality principle 
30
What principle requires the disclosure of an adherence to the purpose for collecting the personal information 
The purpose specification principle 
31
What principle requires that the information not be disclosed to other parties without the individuals permission? 
Do use limitation principle 
32
What principle requires the reasonable protection of data against modification by or disclosure to an unauthorized individual? 
The security safeguards principal 
33
What principle requires that the information collection policy be open and available for scrutiny? 
The openness principal
34
What principle requires than an entity allow individuals to inquire about whether the entity is storing the individuals personal information? In addition, this principle enables the individual to challenge and update the content of the personal information 
The individual participation principle 
35
What principle requires that the entity adhere to the other principles? 
The accountability principle 
36
What is the first ring of the ring model
Kernel
37
What is the second ring of the ring model?
OS components that are not the kernel
38
What is the third ring of the ring model 
Device drivers 
39
What is the fourth ring of the ring model 
Users 
40
What is a COPE
A corporate owned, personally enabled device policy - a cope policy requires employees to use equipment that is purchased for them but they are also allowed to use for personal use 
41
ISO 27001
- focused on security governance, the process of directing and controlling IT security
- used to establish an information security management system (ISMS)
42
ISO 27002
- provides 14 objectives for security controls based on industry best practices
43
How many security associations (SAs) does ISAKMP establish for a VPN tunnel?
ISAKMPs are unidirectional, at least two SAs are required. If ESP and AH are used, then four SAs are required.
44
What is forced browsing?
- a brute force attack
- another name for predictable resource location, file enumeration, directory enumeration, and resource enumeration
45
What is a multi-homed device?
- A device that has more than one network connection
- Most firewalls are multi-homes
46
MTD
Maximum Tolerable Downtime
- the sum of the Recovery Time Objective (RTO) and the Work Recovery Time (WRT)
- sometimes considered synonymous with RTO
47
MTBF
Mean Time Between Failures
- typically assigned by the hardware manufacturer
48
MTTR
Mean Time to Repair
49
Relation in a relational database
A table with rows, columns, and cells
50
Tuple in a relational database
A row
51
Attribute in a relational database
A column
52
Cell in a relational database
A cell - contains the data
53
Objects that are greatly dependent on other objects in Object Oriented Programming are...
High coupling and low cohesion
54
How long does it take to bring a warm site online?
1-3 days (contains equipment and data circuits, but no data)
55
How long does it take to bring a cold site online?
Several days to week (does not contain equipment or data)
56
How long does it take to bring a hot site online?
Minutes to hours
57
What are the four security modes for systems that process classified information?
- Dedicated mode
- System high mode
- Compartmented mode
- Multilevel mode
58
How long do companies have to report a data breach under the GDPR?
72 hours
59
Pharming
DNS cache poisoning attacks
60
Teardrop
Denial of Service attack that sends several large overlapping IP fragments (a network layer protocol attack)
61
What are the steps of a Business Continuity Plan?
1) Develop the BCP policy statement
2) Conduct a BIA
3) Identify preventive controls
4) Develop recovery strategies
5) Develop an IT contingency plan
6) Perform DRP training and testing
7) Perform BCP/DRP maintenance
62
Code freezing
The point at which the application is considered ready for production and no further changes to the code are allowed
63
Code commit
AKA Code check-in, occurs when a developer has written and tested code on a local copy of a given project and then uploads the local changes to the code repository
64
Regression testing
Performed to ensure that a change has not broken existing functionality or introduced new problems
65
Combinational testing
A type of black-box testing that involves entering every possible variation of input data into the application
66
LAND
Local Area Network Denial (LAND) - a type of attack where the attacker sends an IP (network layer protocol) packet with the same source and destination address and port
67
Fraggle
A denial of service (DOS) attack that sends UDP echo and chargen packets with a spoofed source address.
68
Smurf
A DOS attack that sends ICMP echo request packets with a spoofed source address
69
Vigenere cipher
Uses a square matrix to encrypt text - constructed by repeating the alphabet 26 times
70
What is a policy?
A high-level overview of the company's security posture that contain mandatory directives. They should contain purpose, scope, responsibilities, and compliance.
71
What is a procedure?
Mandatory, low-level guides that explain how to accomplish a task.
72
What are standards?
Mandatory technical aspects of a security program, including any hardware and software that is required.
73
What is are baselines?
Somewhat discretionary minimum level of security that a company's employees and systems must meet
74
What are guidelines?
Discretionary that recommend helpful bits of advice to employees
75
What standards were developed by OASIS?
SAML, SPML, and XACML
76
Bluetooth Info
- IEEE 802.15 standard
- 2.4 GHz range
- uses FHSS and AFH
- v4.1 uses strong encryption (AES-CCM)
- v2.1 uses weak encryption cipher (E0)
77
What can be used to create multiple broadcast domains?
A router or level-3 switch
78
What can be used to create separate collision domains
Each port on a bridge, switch, or router creates a separate collision domain
79
Who is the data owner?
The information/business owner - responsible for classifying data. It's typically a manager who is responsible for the security of a particular information asset
80
Who is the data custodian?
The data steward - responsible for the hands-on protection of data - like data back-ups, system recovery, etc.
81
The Bell-LaPadula Model
No read up, and no write down policy to protect confidentiality
82
The Biba Model
No read down and no write up policy to protect data integrity
83
The Lipner Model
Uses Bell-LaPadula and Biba models to provide both confidentiality and integrity
84
Chinese Wall Model
AKA Brewer-Nash security model, designed to mitigate conflicts of interest - mitigates security risks from third-parties
85
Graham-Denning Model
Uses an access control matrix to map subjects and objects to a series of eight rules
86
Harrison-Ruzzo-Ullman Model
Extends the Graham-Denning model by including a rights integrity protection system that prevents a subject or object from being created if that subject or object already exists in the ACM
87
ToE, ST, PP, and EAL
Terms of Common Criteria:
ToE: target of evaluation, the system or product to be tested
ST: security target, the documentation that describes the ToE and any security requirements
PP: a set of security requirements and objects for the type of product to be tested
Evaluation Assurance Level: a rating level that is assigned to the product after the product has been tested
88
EAL1-EAL7
EAL1: functionally tested
EAL2: structurally tested
EAL3: methodically tested and checked
EAL4: methodically designed, tested, and reviewed
EAL5: semi-formally designed and tested
EAL6: semi-formally verified, designed, and tested
EAL7: formally verified, designed, and tested
89
ISC2 Code of Ethics (rank ordered)
1) Protect society, the common good, necessary public trust and confidence, and infrastructure
2) Act honorably, honestly, justly, responsibly, and legally
3) Provide diligent and competent service to principals
4) Advance and protect the profession
90
KDC
Key Distribution Center (Kerberos)
- Enables SSO services by acting as a trusted third-party authentication server
91
Safest fire suppression system for electrical fires
FE-13
92
What are the two modes that IPsec operates in?
Transport and Tunnel modes.
- In transport mode, ESP encrypts only the packet data leaving the IP headers unencrypted. AH typically is only used in transport mode because it needs unencrypted headers for authentication
- In tunnel mode, ESP encrypts encrypts both the packet data and IP headers.
93
Serving Parameter Index
For IPsec, a 32 bit number generated by the sending device and used to identify each unidirectional SA
94
What are the four types on investigations?
1) Civil
2) Criminal
3) Administrative
4) Regulatory
95
Five rules of evidence
1) be authentic
2) be accurate
3) be complete
4) be convincing
5) be admissible
96
ALE =
ALE = ARO x SLE
Annual loss expectancy = Annualized rate of occurrence x single loss expectancy
97
VLAN Hopping Attack
- attacker attempts to inject packets into other VLANs by accessing the VLAN trunk and double-tagging 802.1Q frames
- a successful VLAN hopping attack enables an attacker to send traffic over other VLANs without using a router
- could occur from a VOIP system on the same switch as a data network
98
Due Care
A legal liability concept that defines the minimum level of information protection that a business must achieve
99
Due Diligence
A legal liability concept that requires an organization to continually review its practices to ensure that protection requirements are met
100
Piracy
An IP attack the focuses on infringement of copyright
101
2 FIM Models
Federated Identity Management:
1) third-party certification/bridge model
2) cross-certification
FIM is the process of providing access to a company's data resources to organizations of parties that are not owned by the company. WS-Fed protocol is an example.
102
Class A fire suppression (UK A)
wood, paper, and other combustibles
103
Class B fire suppression (UK B)
Liquids
104
Class B fire suppression (UK C)
gasses
105
Class C fire suppression (UK E)
electrical
106
Class D fire suppression (UK D)
metals
