Primary Definitions 19.0-22.0

Question 1

Hardening

Answer 1

Process of enhancing the security of a system, application, or network.

Question 2

Least Functionality

Answer 2

A process of configuring a workstation or server with only essential applications and services for the user.

Question 3

Secure Baseline Image

Answer 3

A standardized workstation setup, including OS, essential applications, and strict policies in corporate networks.

Question 4

Allowlisting

Answer 4

A security measure that permits only approved applications to run on an operating system.

Question 5

Blocklisting

Answer 5

Entails preventing listed applications from running, allowing all others to execute.

Question 6

Services

Answer 6

Background applications that operate within the OS, executing a range of tasks.

Question 7

Trusted Operating System (TOS)

Answer 7

Designed to provide a secure computing environment by enforcing stringent security policies that usually rely on mandatory access controls.

Question 8

Evaluation Assurance Level (EAL)

Answer 8

Based on a set of predefined security standard and certification from the Common Criteria for Information Technology Security Evaluation.

Question 9

SELinux (Security-Enhanced Linux)

Answer 9

Set of controls that are installed on top of another Linux distribution like CentOS or Red Hat Linux.

Question 10

Hotfix

Answer 10

A software patch that solves a security issue and should be applied immediately after being tested in a lab environment.

Question 11

Service Pack

Answer 11

Includes all the hotfixes and updates since the release of the operating system.

Question 12

Group Policy

Answer 12

Set of rules or policies that can be applied to a set of users or computer accounts within an operating system.

Question 13

Security Template

Answer 13

A group of policies that can be loaded through one procedure.

Question 14

Context-based Permissions

Answer 14

Permission schemes that are defined by various properties for a given file or process.

Question 15

Extended Service Set (ESS) configuration

Answer 15

Involves multiple wireless access points working together to create a unified and extended coverage area for users in a large building or facility.

Question 16

Adjacent Channel Interference

Answer 16

Occurs when the channels selected for adjacent wireless access points do not have enough space between the channels.

Question 17

Site Survey

Answer 17

Process of planning and designing a wireless network to provide a solution.

Question 18

Heat Map

Answer 18

Graphical representation of the wireless coverage, the signal strength, and frequency utilization data a different locations on a map.

Question 19

Wi-Fi Protected Access 3 (WPA3)

Answer 19

Latest version using AES encryption and introducing new features like Simultaneous Authentication of Equals (SAE), Enhanced Open, updated cryptographic protocols, and management protection frames.

Question 20

Simultaneous Authentication of Equals (SAE)

Answer 20

Enhances security by offering a key establishment protocol to guard against offline dictionary attacks.

Question 21

Enhanced Open/Opportunistic Wireless Encryption (OWE)

Answer 21

Major advancement in wireless security, especially for networks using open authentication.

Question 22

Galois Counter Mode Protocol (GCMP)

Answer 22

Supports 128-bit AES for personal networks and 192-bit AES for enterprise networks with WPA3.

Question 23

Management Protection Frames

Answer 23

Required to protect network from key recovery attacks.

Question 24

Remote Authentication Dial-In User Service (RADIUS)

Answer 24

Client/server protocol offering AAA services for network users.

Question 25

Terminal Access Controller Access-Control System Plus (TACACS+)

Answer 25

Separates the functions of AAA to allow for a more granular control over processes.

Question 26

Extensible Authentication Protocol (EAP)

Answer 26

Authentication framework that supports multiple authentication methods.

Question 27

Protected Extensible Authentication Protocol (PEAP)

Answer 27

Authentication protocol that secures EAP within an encrypted and authenticated TLS tunnel.

Question 28

Extensible Authentication Protocol-Tunneled Transport Layer Security (EAP-TTLS)

Answer 28

Authentication protocol that extends TLS support across multiple platforms.

Question 29

Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST)

Answer 29

Developed by Cisco, it enables secure re-authentication while roaming within a network without full authentication each time.

Question 30

Application Security

Answer 30

Critical aspect of software development that focuses on building applications that are secure by design.

Question 31

Static Code Analysis (SAST)

Answer 31

A method of debugging an application by reviewing and examining its source code before the program is ever run.

Question 32

Dynamic Code Analysis (DAST)

Answer 32

Testing method that analyzes an application while it's running. This finds errors that won't show until the code is running.

Question 33

Fuzzing

Answer 33

Finds software flaws by bombarding it with random data to trigger crashes and security vulnerabilities.

Question 34

Stress Testing

Answer 34

Type of software testing that evaluates the stability and reliability of a system under extreme conditions.

Question 35

Code Signing

Answer 35

Technique used to confirm the identity of the software author and guarantee that the code has not been altered or corrupted since it was signed.

Question 36

Sandboxing

Answer 36

Security mechanism that is used to isolate running programs by limiting the resources they can access and the changes they can make to a system.

Question 37

Network Access Control (NAC)

Answer 37

Scans devices for their security status before granting network access, safeguarding against both known and unknown devices.

Question 38

Web Filtering

Answer 38

Technique used to restrict or control the content a user can access on the Internet.

Question 39

Agent-based Web Filtering

Answer 39

Installing a small piece of software known as an agent on each device that will require web filtering.

Question 40

URL Scanning

Answer 40

Used to analyze a website's URL to determine if it is safe or not to access.

Question 41

Content Categorization

Answer 41

Websites are categorized based on content, like social media, adult content, or gambling, which are frequently restricted in workplaces.

Question 42

Block Rules

Answer 42

Specific guidelines set by an organization to prevent access to certain websites or categories of websites.

Question 43

Reputation-based Filtering

Answer 43

Blocking or allowing websites based on their reputation score.

Question 44

DNS Filtering

Answer 44

Technique used to block access to certain websites by preventing the translation of specific domain names to their corresponding IP addresses.

Question 45

DomainKeys Identified Mail (DKIM)

Answer 45

Allows the receiver to check if the email was actually sent by the domain it claims to be sent from and if the content was tampered with during transit.

Question 46

Sender Policy Framework (SPF)

Answer 46

Email authentication method designed to prevent forging sender addresses during email delivery.

Question 47

Domain-based Message Authentication, Reporting, & Conformance (DMARC)

Answer 47

An email-validation system designed to detect and prevent email spoofing.

Question 48

Email Gateway

Answer 48

Server or system that serves as the entry and exit point for emails.

Question 49

Spam Filtering

Answer 49

Process of detecting unwanted and unsolicited emails and preventing them from reaching a user's email inbox.

Question 50

Endpoint Detection and Response (EDR)

Answer 50

Category of security tools that monitor endpoint and network events and record the information in a central database.

Question 51

File Integrity Monitoring (FIM)

Answer 51

Used to validate the integrity of operating system and application software files using a verification method between the current file state and a known, good baseline.

Question 52

Extended Detection and Response (XDR)

Answer 52

Security strategy that integrates multiple protection technologies into a single platform to improve detection accuracy and simplify the incident response process.

Question 53

User Behavior Analytics (UBA)

Answer 53

Deploys big data and machine learning to analyze user behaviors for detecting security threats.

Question 54

Identifying Vulnerabilities

Answer 54

Systematic practice of spotting and categorizing weaknesses in a system, network, or application that could potentially be exploited.

Question 55

Vulnerability scanning

Answer 55

Automated method of probing networks, systems, and applications to discover potential vulnerabilities.

Question 56

Threat Intelligence

Answer 56

Continual process used to understand the threats faced by an organization.

Question 57

Open-Source Intelligence (OSINT)

Answer 57

Intelligence that is collected from publicly available sources including reports, forums, news articles, blogs, and social media posts.

Question 58

Proprietary or Third-Party Feeds

Answer 58

Threat intelligence feeds that are provided by commercial vendors, usually under a subscription service type of business model.

Question 59

Responsible Disclosure

Answer 59

Term used to describe the ethical practice where a security researcher discloses information about vulnerabilities in a software, hardware, or online service.

Question 60

Common Vulnerabilities Exposure (CVE)

Answer 60

System that provides a standardized way to uniquely identify and reference known vulnerabilities in software and hardware.

Question 61

Vulnerability Reporting

Answer 61

Process of documenting and communicating details about security weaknesses identified in software or systems to the individuals or organizations responsible for addressing the issue.

Question 62

Responsible Disclosure Reporting

Answer 62

Art of disclosing vulnerabilities ethically and judiciously to the affected stakeholders before making the announcement to the public at large.

Question 63

Log Aggregation

Answer 63

Process of collecting and consolidating log data from various sources into a centralized location.

Question 64

Quarantining

Answer 64

Isolating a system, network, or application to prevent the spread of a threat and limit its potential impact.

Question 65

Alert Tuning

Answer 65

Adjusting alert parameters to reduce errors, false positives, and to improve the overall relevance of the alerts being generated by a given system.

Question 66

Simple Network Management Protocol (SNMP)

Answer 66

Internet protocol for collecting and organizing information about manage devices on IP networks and for modifying that information to change device behavior.

Question 67

Management Information Base (MIB)

Answer 67

Used to describe the structure of the management data of a device subsystem using a hierarchical namespace containing object identifiers.

Question 68

SIEM

Answer 68

Solution that provides real-time or near-real-time analysis of security alerts that are generated by network hardware and applications.

Question 69

Data Loss Prevention Systems

Answer 69

Used to monitor and control data endpoints, network traffic, and data stored in the cloud to prevent potential data breaches from occurring.

Question 70

Security Content Automation and Protocol (SCAP)

Answer 70

Open standards that automate vulnerability management, measurement, and policy compliance for systems in an organization.

Question 71

Open Vulnerability and Assessment Language (OVAL)

Answer 71

XML schema for describing system security states and querying vulnerability reports and information.

Question 72

Extensible Configuration Checklist Description Format (XCCDF)

Answer 72

XML schema for developing and auditing best-practice configuration checklists and rules.

Question 73

Asset Reporting Format (ARF)

Answer 73

XML schema for expressing information about assets and the relationships between assets and reports.

Question 74

Common Configuration Enumeration (CCE)

Answer 74

Scheme for provisioning secure configuration checks across multiple sources.

Question 75

Common Platform Enumeration (CPE)

Answer 75

Scheme for identifying hardware devices, operating systems, and applications.

Question 76

Common Vulnerability Scoring System (CVSS)

Answer 76

Used to provide a numerical score to reflect the severity of a given vulnerability.

Question 77

Benchmark

Answer 77

Set of security configuration rules for some specific set of products to provide a detailed checklist that can be used to secure systems to a specific baseline.

Question 78

Flow Analysis

Answer 78

Relies on a flow collector, which records metadata and statistics rather than recording each frame that passes through the network.

Question 79

NetFlow

Answer 79

A Cisco-developed means of reporting network flow info to a structured database.

Question 80

IP Flow Information Export (IPFIX)

Answer 80

Defines traffic flows based on shared packet characteristics.

Question 81

Multi Router Traffic Grapher (MRTG)

Answer 81

Creates graphs showing traffic flows through the network interfaces of routers and switches by polling the appliances using SNMP.

Question 82

Single Pane of Glass

Answer 82

A central point of access for all the information, tools, and systems.