Módulo 08 - Network and Endpoint Security Flashcards

Question

Acronym: NTFS

Answer 1

New Technology File System.

Answer 2

Permissions that control access to files and folders on drives formatted with NTFS, applying both locally and over a network.

Answer 3

Permissions that control access to shared folders over a network but do not apply to local access.

Answer 4

A feature where folders pass down their permissions to subfolders and files, unless explicitly overridden.

Answer 5

A numeric representation of file permissions where read = 4, write = 2, and execute = 1.

Answer 6

A Linux command used to change file permissions in symbolic or absolute (octal) mode.

Answer 7

Discretionary Access Control List.

Answer 8

False. NTFS permissions apply to both local and network access.

Answer 9

Share Permissions: Apply only to network access; control at the folder level; limited to Reader, Contributor, and Co-owner. NTFS Permissions: Apply to both local and network access; can control at the file level; highly granular.

Answer 10

Symbolic Mode: Uses letters (e.g., u=rwx) to specify permissions. Absolute Mode: Uses octal numbers (e.g., 755) to represent permissions.

Answer 11

d: Directory. Owner: Read, write, execute. Group: Read, execute. Others: Read, execute.

Answer 12

The process of disabling unused physical interfaces, such as USB or HDMI, to reduce physical attack vectors.

Answer 13

Software-based communication endpoints used for data exchange between applications or services.

Answer 14

Firewalls installed on individual devices to control incoming and outgoing network traffic.

Answer 15

A system that monitors network traffic to detect and prevent potential intrusions.

Answer 16

Configuring services to minimize vulnerabilities by disabling unnecessary features and applying security updates.

Answer 17

A security policy that blocks all traffic unless explicitly permitted.

Answer 18

Unified Extensible Firmware Interface.

Answer 19

Basic Input/Output System.

Answer 20

Network Mapper

Answer 21

Socket Statistics.

Answer 22

Host-Based Firewalls: Protect individual devices and filter traffic specific to that host. Network Firewalls: Protect an entire network and filter traffic entering or leaving the network.

Answer 23

nmap: Scans for open TCP/UDP ports on a network. netstat: Displays active network connections and listening sockets on a system.

Answer 24

nmap -sT ipaddress.

Answer 25

Use systemctl disable servicename to prevent the service from starting on boot.

Answer 26

A device that broadcasts wireless signals, connects wireless clients to a network, and may link to a wired network.

Answer 27

A WAP that relies on a wireless controller for management and client handling.

Answer 28

A device used to manage multiple access points in an enterprise environment.

Answer 29

The name of a wireless network that allows users to identify and connect to it.

Answer 30

A Wi-Fi security protocol using a pre-shared key for group authentication.

Answer 31

A WPA3 protocol for secure password exchange, resistant to offline brute force attacks.

Answer 32

A visual representation showing wireless signal strength across an area.

Answer 33

Wireless Access Point.

Answer 34

Wireless LAN Controller.

Answer 35

Wireless Distribution System.

Answer 36

Wi-Fi Protected Setup.

Answer 37

Device Provisioning Protocol.

Answer 38

Remote Authentication Dial-In User Service.

Answer 39

Extensible Authentication Protocol.

Answer 40

False. Thin access points rely on a WLC for client management.

Answer 41

True. WPA3-Enterprise mandates 192-bit AES encryption.

Answer 42

True. WPA2-PSK uses a pre-shared key for group authentication.

Answer 43

False. Site surveys are essential for ensuring optimal WAP placement and coverage.

Answer 44

Fat Access Points: Standalone devices that manage clients and broadcast the network independently. Thin Access Points: Require a wireless LAN controller for client and network management.

Answer 45

WPA2: Uses AES with CCMP for encryption and is vulnerable to handshake attacks. WPA3: Introduces SAE for secure password exchange and enhanced encryption protocols.

Answer 46

PSK: Uses a shared passphrase, vulnerable to brute force attacks. SAE: Uses a secure handshake resistant to offline attacks.

Answer 47

1. Simultaneous Authentication of Equals (SAE). 2. Enhanced Open for encryption on open networks. 3. Updated cryptographic protocols using AES-GCMP. 4. Support for Wi-Fi Easy Connect for simplified configuration.

Answer 48

1. Personal (PSK or SAE). 2. Open (unencrypted or Enhanced Open). 3. Enterprise (RADIUS with unique credentials).

Answer 49

WPA3-SAE uses a secure handshake to prevent offline attacks, unlike WPA2-PSK, which is vulnerable to brute force.

Answer 50

By connecting two wireless networks through a wired or wireless distribution system (WDS).

Answer 51

To visualize signal strength and channel overlap for optimizing WAP placement.

Answer 52

A replay attack targeting the WPA and WPA2 4-way handshake, allowing offline brute-force attempts to recover keys.

Answer 53

An attack where a rogue access point mimics a legitimate network to intercept user data.

Answer 54

A cryptographic attack exploiting the reuse of initialization vectors in WEP encryption to decrypt keys.

Answer 55

Sending unsolicited messages to nearby Bluetooth devices in discovery mode.

Answer 56

Exploiting vulnerabilities in Bluetooth to access sensitive data on a paired device.

Answer 57

Using an RFID reader to intercept communication between a tag and a legitimate scanner.

Answer 58

Capturing NFC data in transit to impersonate the original device.

Answer 59

Wired Equivalent Privacy.

Answer 60

Near Field Communication.

Answer 61

Radio Frequency Identification.

Answer 62

False. WPA3 addresses the vulnerabilities exploited in KRACK attacks.

Answer 63

True. Non-malicious interference can come from devices like microwave ovens or cordless phones.

Answer 64

False. Disassociation attacks exploit unencrypted management frames.

Answer 65

True. Passive RFID tags rely on energy from the scanner.

Answer 66

Rogue Access Point: Any unauthorized access point on a network. Evil Twin: A rogue access point designed to mimic a legitimate one.

Answer 67

RFID: One-way communication; longer range. NFC: Two-way communication; very short range.

Answer 68

1. Wireless denial-of-service (DoS). 2. Evil twin attack. 3. Initialization vector (IV) attack. 4. Jamming attack. 5. Disassociation/deauthentication attack. 6. Replay and key recovery attacks.

Answer 69

An unauthorized device providing wireless access, potentially used for malicious purposes.

Answer 70

A replay attack exploiting weaknesses in WPA2's 4-way handshake.

Answer 71

By creating a rogue access point with the same SSID as a legitimate one to capture user data.

Answer 72

Disabling the broadcast of the network's SSID to make it less visible to nearby devices, though determined hackers can still detect it.

Answer 73

Restricting network access to specific MAC addresses, which can be bypassed by spoofing a valid MAC address.

Answer 74

Reducing a WAP's broadcast strength to limit signal emanation outside the intended area, enhancing security.

Answer 75

A wireless security protocol using AES-CCMP for encryption and a 4-way handshake for authentication.

Answer 76

A wireless security protocol that replaces WPA2's 4-way handshake with Simultaneous Authentication of Equals (SAE), providing Perfect Forward Secrecy.

Answer 77

Service Set Identifier.

Answer 78

Media Access Control

Answer 79

Simultaneous Authentication of Equals.

Answer 80

WPA2-Personal: Uses a pre-shared key for authentication. WPA2-Enterprise: Uses a RADIUS server to authenticate individual users.

Answer 81

WPA2: Uses a 4-way handshake, vulnerable to offline attacks. WPA3: Uses SAE for secure authentication and Perfect Forward Secrecy.

Answer 82

SSID Broadcast: Makes the network easily discoverable. SSID Suppression: Hides the network's SSID but does not make it entirely undetectable.

Answer 83

A passphrase used for wireless network access; the most commonly used access method.

Answer 84

A method to connect devices securely to a network using PSK and WPA2 by pushing buttons or entering a unique PIN.

Answer 85

A wireless network with no authentication, allowing unrestricted access; suitable for public spaces.

Answer 86

A mechanism forcing users to interact with a web page before granting network access, often for agreement or payment.

Answer 87

A framework supporting multiple authentication methods, enabling secure communication between client and server.

Answer 88

EAP with SSL/TLS tunnel for secure authentication using a server-side certificate.

Answer 89

EAP with a Protected Access Credential (PAC) to authenticate users in a TLS tunnel; mitigates PAC compromise risks.

Answer 90

An EAP standard requiring client- and server-side certificates, known for its robust security.

Answer 91

An updated version of EAP-TLS that simplifies deployment by only requiring a server-side certificate.

Answer 92

Restricting network access to specific MAC addresses; prone to spoofing but adds an extra layer of control.

Answer 93

A standard requiring authentication when a device connects to a switch port, using EAP and RADIUS for validation.

Answer 94

The device requesting access, such as a PC or laptop.

Answer 95

A network device like a switch that forwards authentication requests between the supplicant and the authentication server.

Answer 96

The server validating authentication requests and managing authorization decisions in 802.1X.

Answer 97

A host physically isolated from any network to prevent unauthorized access, often used in high-security environments.

Answer 98

A network isolated from others, allowing communication only within itself; used in military or industrial facilities.

Answer 99

By pushing buttons on the access point and device or entering a PIN.

Answer 100

It redirects users to a page for terms agreement or payment before granting internet access.

Answer 101

The supplicant's credentials are sent to the authentication server via the authenticator for validation.

Answer 102

PSK: Requires manual entry of a passphrase. WPS: Automates connection using buttons or PIN.

Answer 103

Air-Gapped Host: A single device isolated from any network. Air-Gapped Network: A group of devices communicating only within their isolated network.

Answer 104

A secure tunnel over a public network connecting a user's PC or smartphone to a private network.

Answer 105

Remote Desktop Protocol

Answer 106

Accessing a physical machine on a one-to-one basis by transferring screen, audio, and input data.

Answer 107

A clientless remote desktop gateway using a web browser and WebSocket protocol for bidirectional communication.

Answer 108

A secure protocol for remote administration and file transfer, widely implemented via OpenSSH.

Answer 109

A public/private key pair identifying an SSH server for secure client-server communication.

Answer 110

A method where a remote user’s public key is authorized on the server for secure access.

Answer 111

ssh username@host

Answer 112

ssh-keygen -t rsa

Answer 113

ssh-copy-id username@host

Answer 114

A protocol for exchanging web content; uses plaintext and is unsecured.

Answer 115

HyperText Transfer Protocol Secure; uses SSL/TLS to encrypt data and operates on TCP port 443.

Answer 116

By the "https://" URL prefix or a lock icon in the address bar.

Answer 117

Secure HyperText Transfer Protocol; provides message security but is not widely used or as secure as HTTPS.

Answer 118

HTTPS: Encrypts the entire session, uses port 443, and is stateful. S-HTTP: Secures only messages, does not use port 443, and is connectionless.

Answer 119

Username/Password – Standard credentials. Public Key Authentication – Using a public key authorized on the server. Kerberos – Authentication via Ticket Granting Tickets.

Answer 120

Client-to-Site VPN: Allows individual users to connect securely to a corporate network. Site-to-Site VPN: Connects two private networks automatically via secure gateways. Host-to-Host Tunnel: Secures traffic between two specific computers.

Answer 121

They do not provide adequate security compared to modern protocols like TLS and IPsec.

Answer 122

Using digital certificates, with server certificates identifying the VPN gateway and optionally client certificates for mutual authentication.

Answer 123

A version of TLS over UDP, offering improved performance for latency-sensitive traffic like voice and video.

Answer 124

Datagram TLS

Answer 125

TLS 1.3 and TLS 1.2. Versions earlier than TLS 1.2 are deprecated.

Answer 126

Authentication Header (AH): Provides packet integrity but not confidentiality. Encapsulating Security Payload (ESP): Encrypts packet data and provides confidentiality and integrity.

Answer 127

Transport Mode: Encrypts only the payload, leaving the IP header intact. Tunnel Mode: Encrypts the entire packet, including the IP header.

Answer 128

It establishes mutual authentication, negotiates cryptographic settings, and creates a secure channel for key exchange.

Answer 129

Phase I: Establishes identity, performs key agreement, and creates a secure channel. Phase II: Negotiates ciphers and key sizes for the IPsec session.

Answer 130

IKEv2 supports EAP authentication, NAT traversal, and MOBIKE multihoming, making it more suited for remote access VPNs.

Answer 131

TLS: Operates at the application layer, suitable for specific applications like HTTPS. IPsec: Operates at the network layer, providing broader support for all traffic types.

Answer 132

Digital Certificates and Pre-Shared Key (PSK)

Answer 133

A cryptography method that generates unique keys for each session, ensuring that past communications remain secure even if a key is compromised.

Answer 134

A framework supporting multiple methods Used in: - WPA2/WPA3-Enterprise - 802.1X.

Answer 135

Method of establishing direct communication between two network endpoints over a network utilizing NAT UDP punching hole

Answer 136

An IKEv2 feature that maintains VPN connections during network changes (e.g., Wi-Fi to cellular) and supports multiple active interfaces.

Answer 137

Extra data (e.g., headers, encryption) added to packets for transmission, affecting payload size and bandwidth usage.

Answer 138

A web browser retrieves and displays internet information, but it can also pose security risks to a network.

Answer 139

- Unexpected domain names in URLs - Altered menu bars - Unlocked status line when SSL should be in use.

Answer 140

1. Browsing and download histories, 2. Cookies 3. Cached files 4. Passwords 5. Auto-fill data 6. Site permissions 7. Hosted app data.

Answer 141

Cookies store preferences and identify you to websites but can be misused to collect personal data or track activities.

Answer 142

First-party cookies come from the visited site; third-party cookies come from linked sites like ads.

Answer 143

A cache stores reusable data like images and passwords. It should be cleared on public computers to protect personal information.

Answer 144

1. Enable warnings for site add-ons 2. Web filtering, 3. No storing passwords. 4. Block pop-ups 5. No third-party cookies 6. Ask where to save files.

Answer 145

Add-ons add browser functionality but can be malicious. Review and uninstall unnecessary or inappropriate ones.

Answer 146

Horizontal: Accessing another user's data with the same privilege level. Vertical: Gaining elevated privileges, such as administrative access.

Answer 147

Retrieving a value stored in memory via a pointer.

Answer 148

It can lead to a denial-of-service (DoS) attack or kernel exploitation. (NullPointer)

Answer 149

An overflow occurs when more data is stored than a buffer can handle, potentially allowing arbitrary code execution or DoS.

Answer 150

Depleting system resources, like memory or CPU, to cause a denial-of-service.

Answer 151

They lead to resource exhaustion and can enable exploitation under low-memory conditions.

Answer 152

A vulnerability where multiple processes are exploited to perform unauthorized actions. Such as multiple process accessing the same data simultaneously

Answer 153

Lock files, use file handles instead of names, and prevent changes between system calls.

Answer 154

Displaying detailed error messages that reveal sensitive information attackers can exploit.

Answer 155

Failing to validate or sanitize input data, leading to vulnerabilities like SQL injection or buffer overflows.

Answer 156

Intercepting and replaying network traffic to impersonate the sender.

Answer 157

Use strong digital signatures, timestamps, and sequence numbers.

Answer 158

Using stored password hashes from a compromised machine to access other systems.

Answer 159

1. Limit domain admin access 2. Disable remote desktop 3. Use separate accounts for admin tasks.

Answer 160

Exploiting vulnerabilities in APIs to gain unauthorized access or data.

Answer 161

Implement rate limiting, monitor logs, and validate input data.

Answer 162

Downgrading an HTTPS connection to HTTP to intercept user data.

Answer 163

Use HSTS, encrypt all site elements, and add the domain to the HSTS preload list.

Answer 164

Altering or adding malicious functionality to device drivers.

Answer 165

Modifying driver code internally without changing its external behavior to hide malicious actions.

Answer 166

Using or modifying intermediary code between older APIs and updated systems to inject malicious functionality.

Answer 167

Client-side: Prevent errors locally. Server-side: Validate data after submission to prevent bypassing safeguards.

Answer 168

DNSSEC: Ensures secure connections with digital certificates. HTTPS: Encrypts HTTP traffic for secure communication.

Answer 169

A linear model where each step (Requirements, Design, Implementation, Testing, Deployment, Maintenance) must be completed before moving to the next.

Answer 170

Sequential steps, slow progress, limited flexibility, and fixed requirements.

Answer 171

A model that breaks development into smaller, iterative cycles called Sprints, focusing on continuous updates and testing.

Answer 172

Each Sprint lasts 2–3 weeks, focuses on a specific feature, and includes regular testing and iterative improvement.

Answer 173

Errors during the code-building phase, preventing the program from running.

Answer 174

Errors that occur when a program is running, often called bugs.

Answer 175

Programming techniques to manage unexpected issues without crashing or exposing vulnerabilities.

Answer 176

It limits the information disclosed to attackers, avoiding exposure of sensitive details.

Answer 177

Reviewing source code for vulnerabilities and errors before deployment.

Answer 178

Early bug detection, improved security, enforced coding standards, and developer education.

Answer 179

Black-box testing of applications after deployment to find vulnerabilities externally.

Answer 180

White-box testing that analyzes source code early in development to find vulnerabilities like SQL injection.

Answer 181

A hybrid testing method combining runtime and static analysis to identify vulnerabilities during runtime.

Answer 182

Isolating processes to restrict their access to the system, preventing widespread damage from malicious or faulty software.

Answer 183

Each tab and extension runs in an isolated process, preventing one from affecting others.

Answer 184

Apps are confined to their own data and resources, limiting access to other apps or system resources.

Answer 185

They isolate environments, ensuring a breach in one does not affect others or the host.

Answer 186

A process that reorganizes data to eliminate redundancy, improve performance, and reduce exploitation risks.

Answer 187

Predefined database statements that centralize logic, prevent code duplication, and mitigate injection attacks.

Answer 188

Deliberate creation of hard-to-understand code to prevent reverse engineering and tampering.

Answer 189

Vulnerabilities in reused code can propagate if not tested thoroughly before sharing or adapting.

Answer 190

Unused or non-executable code that should be removed to eliminate security risks.

Answer 191

Allocating and releasing memory efficiently to prevent vulnerabilities like buffer overflows or memory leaks.

Answer 192

Incorrect buffer size calculation, unchecked input size, and uncontrolled format strings.

Answer 193

Prewritten code or tools from external sources, which must be tested for flaws and unnecessary code.

Answer 194

Encrypt data in transit and at rest, disable form caching, and use salted, hashed passwords.

Answer 195

A technique providing random or unexpected input to applications to identify vulnerabilities.

Answer 196

Digital signatures verify a software’s integrity and origin but don’t guarantee its security.

Answer 197

Cookies configured with attributes like Secure, HttpOnly, and SameSite to prevent attacks like session hijacking and CSRF.

Answer 198

Ensures cookies are sent only over HTTPS connections, protecting them from interception.

Answer 199

Prevents client-side scripts from accessing cookies, mitigating XSS attacks.

Answer 200

Restricts cookies to same-site requests, mitigating CSRF attacks.

Answer 201

To restrict their usable life and reduce the risk of long-term exploitation.

Answer 202

Assume all installed applications are flawed.

Answer 203

Remove all unused applications from the system.

Answer 204

To reduce the potential attack surface and prevent unauthorized access.

Answer 205

Process spawning creates a new child process; blocking it prevents process-spawning attacks.

Answer 206

To protect them from modification by removing Write permissions for applications.

Answer 207

A feature that prevents applications from executing code in memory designated for data storage.

Answer 208

Administrators can bypass specific hardening rules for legitimate application needs.

Answer 209

To apply specific hardening rules to applications, libraries, and SDKs.

Answer 210

Captures important events for audits, incident response, and system troubleshooting.

Answer 211

To detect potential threats, such as repeated failed login attempts or unusual data transfers.

Answer 212

Masks sensitive debugging information to minimize risks of exploitation.

Módulo 08 - Network and Endpoint Security Flashcards

(239 cards)