Sec + 2

Question 1

Secure enclave

Answer 1

Hardware security features in modern processors that provide a separate and isolated environment for secure operations like storing sensitive data and executing cryptographic operations.

Question 2

What is a crl?

Answer 2

Certificate revocation lists

Question 3

What is a ocsp?

Answer 3

Online certificate status protocol

Question 4

What is an apt?

Answer 4

Advanced persisted threat

Question 5

What is operational capacity?

Answer 5

Money and resources of attackers

Question 6

What is a ssid?

Answer 6

Service set identifier, network name

Question 7

What is a pan?

Answer 7

Personal area network, Bluetooth

Question 8

How to fight memory injection of apps?

Answer 8

Code signing, input validation, memory protections.

Question 9

How to prevent buffer overflow?

Answer 9

Input validation, proper memory management, programming languages with built-in safeguards

Question 10

What are race conditions?

Answer 10

When two instructions from separate threads try to access data at same time, theoretically the 1st person can manipulate the data of 2nd person

Question 11

What are some hardware vulnerabilities?

Answer 11

Outdated firmware, inadequate security programming, bad encryption.

Question 12

What is a vm escape?

Answer 12

Moving from vm to a host

Question 13

What is risk of shared tenancy and where is it relevant?

Answer 13

Share resources in the cloud where leaks from one user can effect the whole.

Question 14

What is a ssl/test downgrade?

Answer 14

Ssl traffic is intercepted and tricked into thinking it is going to a older/ less secure browser so it switches to a weaker encryption method.

Question 15

What is jailbreaking?

Answer 15

On apple devices. Unlocking.

Question 16

What is rooting?

Answer 16

Android jailbreaking.

Question 17

What is side loading?

Answer 17

Downloading unsupported apps.

Question 18

How does Spyware work?

Answer 18

With cookies.

Question 19

What is rfid?

Answer 19

Radio frequency id cloning. Copying signals from key cards or badges.

Question 20

How to do a syn flood attack?

Answer 20

Flood computer with syn requests that are never answered

Question 21

What is an amplified attack? What is an example?

Answer 21

Sending small requests that trigger a big response.

Smurf attack-arracker sends a large number of icmp requests to an intermediate device, like a router, 4 each request, there are 4 replies. Made to look like they came from a victims ip address clogging it up.

Question 22

What is icmp?

Answer 22

Internet control message protocol. A ping

Question 23

What is arp? Where in osi does it work?

Answer 23

Address resolution protocol. Maps ip addresses to mac addresses.

Layer 2

Question 25

What is dns cache poisoning?

Answer 25

Manipulating dns to redirect to malicious sites

Question 26

How to view dns cache?

Answer 26

Ip config/displaydns

Question 27

How to clean dns cache?

Answer 27

Ip config/flushdns

Question 28

How to check dns record in dns server?

Answer 28

Dnslookup computer 1

Question 29

What is an evil twin?

Answer 29

Sophisticated rogue access point. Can capture packets

Question 30

What is ssl stripping?

Answer 30

Intercepting and https and downgrading it to a http.

Question 31

Indications of attack

Answer 31

1. Account lockout 2. Concurrent session usage 3. Blocked content 4. Impossible travel 5. Resource consumption 6. Resource in accessibility 7. Out of cycle logging 8. Missing logs

Question 32

What is micro segmemtation?

Answer 32

Policy's for single endpoints. Crucial in cloud environments and data centers

Question 33

What is soar?

Answer 33

Security orchestration, automation, and response. Uses ai and playback. Good for mundane tasks.

Question 34

What is edr?

Answer 34

Endpoints detection and response. Uses ai.

Question 35

What are ioc's?

Answer 35

Indicators of compromise