Sec + Finals Flashcards
(165 cards)
0
Q
What is a decentralized open source FIM that does not require specific software to be installed on the desktop?
A
OpenID
1
Q
What is using one authentication credential to access multiple accounts or applications
A
Single Sign On (SSO)
2
Q
What is using a single authentic credential that is shared across multiple networks
A
Identity Management
3
Q
What is Federal Identity Management (FIM)?
A
When multiple networks are owned by different organizations
4
Q
Which Single Sign On (SSO) relies on tokens?
A
OAuth
5
Q
What is the name given to a wireless technology that uses short range radio frequency transmissions and provides for rapid ad hoc device pairings?
A
Bluetooth
6
Q
What is Personal Area Network (PAN)?
A
Technology designed for data communications over short distances
7
Q
What are the two types of Bluetooth network topologies?
A
Piconet and Scatternet
8
Q
Which Bluetooth topology is it when two Bluetooth devices come within range of each other, they automatically connect with one another?
A
Piconet
9
Q
A group of piconets in which connections exists between different piconets is called a?
A
Scatternet
10
Q
What are the two Bluetooth attacks?
A
Bluejacking and bluesnarfing
11
Q
Which Bluetooth attack is it that sends unsolicited messages to Bluetooth enabled devices but is considered more annoying than normal because no data is stolen?
A
Bluejacking
12
Q
Which Bluetooth attack is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers?
A
Bluesnarfing
13
Q
What are the most common type of Authentication Services?
A
RADIUS (does not encrypt)
Kerberos (tickets)
TACACS (Unix)
LDAP (big phone book)
14
Q
Which Authentication service is suitable for what are called “high volume service control expectations” such as dial-in access to a corporate network?
A
Remote Authentication Dial In User Service (RADIUS)
15
Q
Which authentication service client is typically a device such as a wireless access point (ap) or dial-up server that is responsible for sending user credentials and connections in the form of a RADIUS message to a RADIUS server?
A
RADIUS
16
Q
Which authentication system utilizes a ticket?
A
Kerberos
17
Q
Which authentication device is commonly used on Unix devices?
A
Terminal Access Control Access Control System (TACACS)
18
Q
Which authentication service is referred to the big phone book since it works as a directory service and sometimes called X.500?
A
Lightweight Directory Access Protocol (LDAP)
19
Q
What is the attack that can occur when user input is not properly filtered?
A
LDAP injection attacks
20
Q
What is the defense against LDAP injection attacks?
A
Examine all user input before processing
21
Q
What are the two categories of symmetric algorithms?
A
Stream Cipher
Block Cipher
22
Q
What is stream cipher?
A
Takes one character and replaces it with another character
23
Q
What is block cipher?
A
Manipulates an entire block of plaintext at one time
24
What are the three protections in information security?
Confidentiality
Integrity
Availability
25
Ensures that only authorized parties can view the information
Confidentiality
26
Ensures that the information is correct and no unauthorized person or malicious software has altered the data
Integrity
27
Ensures that the data is accessible to authorized users
Availability
28
What are the steps of risk management?
```
Asset identification
Threat identification
Vulnerability appraisal
Risk assessment
Risk mitigation
```
29
A standard network device for connection multiple Ethernet devices together by using twisted-pair copper or fiber-optic cables in order to make them function as a single network segment?
Hub
30
What layer in the OSI model is the hub?
Layer 1
31
A device that connects network segments
Switch
32
What layer in the OSI model is the switch
Layer 2
33
Network device that can forward packets across computer networks
Router
34
What layer in the OSI model is the router?
Layer 3
35
Granting or denying approval to use specific resources
Access control
36
Duties in access control:
| Determines the level of security needed for the data and delegates security duties as required
Owner
37
Duties in access control:
| Periodically reviews security settings and maintains records of access by end users
Custodian
38
Duties in access control:
| Follows organizations security guidelines and does not attempt to circumvent security
End user
39
What are the two basic types of fingerprint scanners?
Static fingerprint scanner
| Dynamic fingerprint scanner
40
What scanner requires the user to place the entire thumb or finger on a small oval window on the scanner?
Static fingerprint scanner
41
What scanner has a small slit or opening?
Dynamic fingerprint scanner
42
What has no encryption when voice protocol is used?
IP Telephony
43
This layer is to send the signal to the network or receive the signal from the network
Layer 1
| Physical Layer
44
The function of this layer involves with encoding and signaling, data transmission, and reception
Later 1
| Physical Layer
45
This layer is responsible for dividing the data into packets; includes error detection and correction
Layer 2
| Data Link Layer
46
The function of this layer performs physical addressing, data framing, error detection, and handling
Layer 2
| Data Link Layer
47
This layer picks the route the packet is to take, and handles the addressing of the packets for delivery
Layer 3
| Network Layer
48
The function of this layer makes logical addressing, routing, fragmentation, and reassembly available
Layer 3
| Network Layer
49
What are the two basic types of Intrusion Detection System (IDS)?
HIDS and NIDS
50
What intrusion detection system is a software based application that runs on a local host computer that can detect an attack as it occurs?
Host Intrusion Detection System (HIDS)
51
What intrusion detection system watches for attacks on the network?
Network intrusion detection system
52
What are the (5) steps for securing the Operating System (OS)?
1) develop the security policy
2) perform host software baselining
3) configure operating system and settings
4) deploy the settings
5) implement patch management
53
What is sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information?
Phishing
54
What phishing attack automatically redirects the user to the fake site?
Pharming
55
What phishing attack targets only specific users?
Spear phishing
56
What phishing attack targets wealthy individuals?
Whaling
57
What phishing attack uses telephone call instead of emails?
Vishing
58
What are the three categories of authorization credentials?
1) what a user has (token or card)
2) what a user is (biometrics)
3) what a user knows (passwords)
59
Computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files
Honeypot
60
Software that enters a computer system without the user's knowledge or consent and then performs an unwanted and usually harmful action
Malware
61
What are the two types of malware that have the primary objective of spreading
Viruses and worms
62
A malicious computer code that, like it's biological counterpart, reproduces itself on the same computer
Computer virus
63
What are the different types of computer viruses?
- program virus
- macro virus
- boot virus
- comparison virus
64
Malicious program designed to take advantage of a vulnerability in a application or an operating system in order to enter a computer
Worm
65
An executable program advertised as performing one activity but actually does something else
Trojan horse
66
Set of software tools used by an attacker to hide actions or presence of other types of malicious software
Rootkit
67
Computer code that lies dormant until it is triggered by a specific logical event
Logic bomb
68
Software code that gives access to a program or service that circumvents any normal security protection
Backdoors
69
General term used to describe software that spies on users by gathering information without consent, thus violating their privacy
Spyware
70
Software program that delivers advertising content in a manner that is unexpected and unwanted by the user
Adware
71
Captures and stores each keystroke that a user types on the computers keyboard
Keyloggers
72
Technique that allows private IP addresses to be used on the public internet
Network Address Translation (NAT)
73
Examines the current state of a system or network device before it is allowed to connect to the network
Network Access Control (NAC)
74
Functions as a separate network that rests outside the secure network perimeter; untrusted outside users can access but cannot enter the secure network
Demilitarized Zone (DMZ)
75
Allows scattered users to be logically grouped together even though they may be attached to different switches
VLAN
76
Refers to any combination of hardware and software that enables remote users to access a local internal network
Remote access
77
Targets SQL servers by injecting commands
SQL injections
78
Attack that injects XLM tags and data into a database
XML injection
79
Similar to SQL injection attacks can occur when user input is not properly filtered
LDAP injection attacks
80
Difference between symmetric and asymmetric algorithms
Symmetric does CIA
| Asymmetric does CIA and Authenticity and Nonrepudiation
81
Steps for basic forensic procedures
1) Secure crime scene
2) collect the evidence
3) establish a chain of custody
4) examine the evidence
82
System that provide and regulate heating and cooling for data centers
HVAC
83
A defense for shielding electromagnetic field
Faraday cage
84
Form of eavesdropping in which special equipment is used to pick up telecommunication signals or data within a computer device by monitoring the electromagnetic fields
Van Eck phreaking
85
In order for a fire to occur, four entities must be present
- fuel
- oxygen
- heat
- reaction
86
Copying information to a different medium and storing it
Data backups
87
Starting point for all backups
Full backups
88
Backs up any data that has changed since last full backup
Differential backup
89
Backs up any data that has changed since last full backup or last incremental backup
Incremental backup
90
Defined as the maximum length of time that any organization can tolerate between backups
Recovery Point Objective (RPO)
91
The length of time it will take to recover the data that has been backed up
Recovery Time Objective (RTO)
92
What are the different port states?
- Open
- Closed
- Blocked
93
Application or service assigned to that port is listening for instructions
Open Port
94
No process is listening at this port
Closed Port
95
The host system does not reply to any inquiries to this port number
Blocked port
96
Process of inventorying item that has positive economic value
Asset identification
97
Determining the potential threats against the assets that come from any agents
Threat evaluation
98
Determining the current weakness in assets
Vulnerability appraisal
99
Determining the damage that would result from an attack and the likelihood that the vulnerability is a risk to the organization
Risk assessment
100
Deciding what to do with the risk
Risk mitigation
101
Symmetric encryption is also called
Private key cryptography
102
This stream cipher simply substitutes one letter or character for another
Substitution cipher
103
This stream cipher rearranges letters without changing them
Transposition cipher
104
Block cipher that divides plaintext into 64-bit blocks and then executes the algorithm 16 times
Data Encryption Standard (DES)
105
Uses three rounds of encryption instead of one
Triple Data Encryption Standard (3DES)
106
Set of algorithms set up by Ron Rivest
Rivest Cipher (RC)
107
Stream of cipher that accepts keys up to 128 bits in length
RC4
108
Asymmetric cryptographic algorithms are also known as
Public key cryptography
109
Is known to everyone and can be freely distributed
Public Key
110
Is known only to the individual whom it belongs to
Private key
111
Electronic verification of the sender
Digital signature
112
Most common asymmetric cryptography algorithm
RSA
113
Cryptology that uses sloping curves
Elliptic Curve Cryptography (ECC)
114
Attempts to use the unusual and unique behavior of microscopic object to enable users to securely develop and share keys as well as to detect eaves dropping
Quantum cryptography
115
Uses lattice based cryptography
NTRUEncrypt
116
Unsolicited email
Spam
117
Variation of spam that targets instead messaging
Spim
118
False warning, often contained in an email message claiming to come from IT Department
Hoax
119
Attack that injects scripts into a web application server that will then direct attacks at clients
Cross-Site Scripting (XSS)
120
Uses the server as a platform to launch attacks on the other computers that access it
Cross-Site Scripting (XSS)
121
An XSS attack requires a website to meet what two criteria
1) accepts user input without validating it
| 2) uses that input in an response without encoding it
122
Attack that targets vulnerabilities in client applications that interact with a compromised server or process malicious data
Client-side attack
123
Example of an attack:
| A users computer becoming compromised just by viewing a web page and not even clicking any content.
Drive-by download
124
When an attacker modifies the header
HTTP headed manipulation
125
Part of a HTTP packet that is composed of fields that contain the different characteristics of the data being transmitted
HTTP header
126
Specific directory on a web servers file system
Root directory
127
Programs that provide additional functionality to web browsers
Add-ons
128
A random string assigned to that session
Session token
129
An attack in which an attacker attempts to impersonate the user by using their session token
Session hijacking
130
Occurs when a process attempts to store data in RAM beyond of the fixed length storage buffer
Buffer overflow
131
Attacks attempts to prevent system from performing it's normal functions
Denial of service (DoS)
132
Attack uses the Internet Control Message Protocol (ICMP) which is a layer protocol that is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) to flood a victim with packets
Ping flood
133
Uses hundreds or thousands of zombie computers in a botnet to flood a device with requests
distributed denial of service (DDoS)
134
Attack by intercepting legitimate communication and forging a fictitious response to the sender
Man-in-the-middle
135
Makes a copy of the transmission before sending it to the recipient
Replay
136
An attacker could modify the MAC address in the ARP cache so that the corresponding IP address points to a different computer
ARP poisoning
137
Substitutes DNS addresses so that the computer is automatically redirected to another device
DNS poisoning
138
Exploiting a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining
Privilege escalation
139
Attack using third party to gain access rights
Transitive access
140
Privilege that are granted to users to access hardware and software resources
Access rights
141
Different ways to control risk
- privilege management
- change management
- incident management
142
The process of assigning and revoking privileges to objects; that is, it covers the procedures of managing object authorization
Privilege management
143
Enhanced type of server digital signature
Extended validation SSL certificate (EV SSL)
144
Most widely accepted format for digital signatures
X.509
145
The framework for all of the entities involved in digital certificates for digital certificate management -including hardware, software, people, policies, and procedures-to create, store, distribute, and revoke digital certificates
Public Key Infrastructure (PKI)
146
Refers to the type of trusting relationship that can exist between individuals or entities
Trust model
147
Assigns a single hierarchy with one master CA called the root
Hierarchal trust model
148
Class 1 digital certificate
Personal Digital Certificate
149
Class 2 Digital Certificate
Server Digital Certificates
150
Class 3 digital certificate
Software digital certificate
151
Trust model with one CA that acts as a facilitator to interconnect all other CA's
Bridge Trust Model
152
Trusted third party agency that is responsible for issuing the digital certificates
Certificate Authority (CA)
153
Protocol that guarantees privacy and data integrity between applications communicating over the internet
Transport Layer Security (TLS)
154
An encrypted alternative to the Telnet protocol that is used to access remote computers
Secure Shell (SSH)
155
Set of protocols developed to support the secure exchange of packets. Because it operates at a low level in the OSI model, considered to be a transparent security protocol
IPsec
156
What are the two encryption modes IPsec supports
Transport and tunnel
| -transport mode encrypts only the data portion
157
Two or more servers that are interconnected to appear as one
Server cluster
158
A standby server exists only to take over for another server in the event of failure
Asymmetric server cluster
159
Every server in the cluster performs useful work. If one server fails, the remaining servers continue to perform their normal work as well as that of the failed server
Symmetric server cluster
160
Uses multiple hard drives for increased reliability and performance
RAID
161
Striped desk array so the data is broken down into blocks and each block is written to a separate disk
RAID Level 0
162
Data written to separate drives
RAID Level 1
163
Each entire data block is written on a data disk and parity for blocks in the same rank as generated and recorded on a separate disk
RAID Level 5
164
A mirrored array whose segments are RAID 0 arrays
RAID Level 0+1
