Security, encryption, exploitation Flashcards
What capabilities does encryption provides?
- Authentication
- Integrity
- Non-repudiation
How could someone break a cypher text?
- Flaw in the encryption algorithm (older algorithm or algorithm relying on obfuscation)
- Brute force
Explain the difference between encryption and encoding.
Encoding is the transformation of data from one form to another (method). Encryption is the transformation of data from one form to another, with the use of a key (method and key).
What is AES?
Advanced Encryption Standard. Symmetric encryption (one key). Key size of 128, 192 or 256.
What is a SSL certificate?
A certificate delivered by a CA on behalf of a website. It acts as the public key for the website. On login, the SSL certificate is used to negotiate a symmetric key.
What is hashing?
Hashing is one way encryption. It produces a message digest that can be used to validate a message. MD5, SHA1, SHA2, SHA3, SHA256, SHA512.
Explain the purpose of the Red Team.
The Red Team is responsible for offensive operations.
Explain the purpose of the Blue Team.
The Blue Team is responsible for defensive operation.
Explain the concept of defense in depth.
The idea that defensive positions should be built in depth to produce redundancy in depth.
Name the three key areas of risk.
- Confidentiality
- Integrity
- Availability
What are the 20 most important security controls.
- Inventory of authorized and unauthorized devices
- Inventory of authorized and unauthorized software
- Secure configuration for hardware and software
- Continuous vulnerability assessment and remediation
- Controlled use of administrative privilege
- Maintenance, monitoring and analysis of log files
- Malware defenses
- Limitation and control of network ports, protocols and services
- Email and Web Browser Protections
- Data recovery capability
- Secure configuration for Network devices such as Firewalls, Routers and Switches
- Boundary defense
- Data protection
- Controlled access based on the need to know
- Wireless access control
- Access monitoring and control
- Security skills assessment and appropriate training to fill gaps
- Application software security
- Incident response and management
- Penetration tests and red team exercises
What are the 5 stages of an attack?
- Reconnaissance
- Initial exploitation
- Persistence & Privilege
- Move laterally
- Exfiltration
What is Slingshot?
Distribution packaged by SANS institute.
What is SIFT?
Distribution focused on forensic.
What is Kali Linux?
Made by a company named Offensive Security.