Sec + 6 Flashcards
(27 cards)
Kerberos port?
88
Ipsec port?
500
Rdp port?
3389
What does dns protect against?
- Blocks access to malicious sites
- Content filtering
- Enhancing privacy by blocking sites that may collect user data
- Security reinforcement.
How to secure email?
- S/MIME-uses PKI to either encrypt emails or digitally sign them. Does not scale well due to key exchanges.
- Pretty good privacy (PGP)- end to end encryption. Like PKI but not using PKI
- Domain based message authentication reporting and conformance (DMARC) - let’s users decide what to do with detected emails
- Domainkeys identified Mail (DKIM)- Uses digital signatures. Which can be read only by the recipient.
- Sender policy framework (SPF)-
- Gateway
What is File integrity Monitoring (FIM)?
Establishes a baseline of normal file and system configurations. Alerts when it changes.
What ensures that every remote device is fully patched and uses agents carried out by the health authority (HAuth)?
Network access control (NAC)
What is XDR?
Extended detection and response.
How does EDR work?
Data collection
Detection-signature based and behavior analysis
Alerting
Response - tools that the cyber team can use to resolve
XDR components?
- Geta data from various sources including the EDR, Network detection and response (NDR) and cloud
- Enhanced analytics
- Automation and orchestration
- Scalability
What is the active directory and its protocol?
Microsoft provisioning tool
Lightweight directory access protocol (LDAP)
What is a SID?
Security identifier.
Object identifier in active directory
What language is used for federation services?
Security assertion markup language (SAML)
What does kerberos use to obtain service tickets?
TGT
Ticket granting ticket
Token
3 sso options
- Kerberos
- OAuth- like signing into Google to get into a different website. Uses tokens
- SAML
Attestation methods for system interoperability?
- Certificates
- Tokens
- Federation
- Microsoft active directory
What is mandatory access control (MAC) and what are the management roles?
Mandatory access control
- Owner - writes data and determines initial classification ( top secret, secret..
) - Steward - ensures data accuracy, consistency, and reliability over time.
- Custodian- handles technical and physical data management. Data storage and encryption
- Security Administrator - provides auth
What is RBAC?
Role based access control
What is ABAC?
Attribute based access control.
Location, job title, access time etc…
What is discretionary based accessed control (DAC)?
Owner gives access. Uses ACL’s
What is soft authentication? Give examples.
Leverages intangible assets like passwords, pins, or mobile authentication. Only something they know. Can be intercepted
- One time password sent to phone
- Biometrics
- Knowledge based auth (KBA) - Like security questions.
What is two-factor auth?
Having a token (phone), something you have with a password
What is multi factor auth?
Something you have
Something you do
Something you know
What is NIST?
National Institute of standards and technonlogy.
