Security Threat Landscape

Question 1

A Virus requires _________ to spread

Answer 1

Human interaction

Question 2

What is Data Exfiltration

Answer 2

When data leaves an organization without authorization

Question 3

Spoofing is where an attacker _____ their identity

Answer 3

fakes

Question 4

ARP spoofing is a well know _____ _____ _____ ______ attack

Answer 4

man in the middle

Question 5

False positive vs False negative

Answer 5

False positive - there is NO attack but triggers an alert
False negative - there IS an attack but doesn’t trigger an alert

Question 6

IPS uses ____ to inspect packets. While Firewalls uses ____ to block traffic

Answer 6

signatures, rules

Question 7

Stateful Firewalls maintain a ______ ______ which tracks the two-way ‘state’ of traffic passing through the firewall

Answer 7

connection table

Question 8

Packet Filters don’t _____ the state of two-way connections

Answer 8

track

Question 9

For stateful firewalls, only ___ ___ is allowed back into the network

Answer 9

valid traffic (traffic already in the connection table)

Question 10

What are 3 symmetric encryption algorithms

Answer 10

DES, 3DES, and AES

Question 11

What are 2 Asymmetric Encryption algorithms?

Answer 11

RSA and ECDSA

Question 12

Hash-Based Message Authentication Codes (HMAC) provide what and uses what kind of encryption?

Answer 12

data integrity, symmetric

Question 13

What are 2 HMAC algorithms?

Answer 13

MD5, SHA

Question 14

How does Public Certificate Authorities verify certificate request?

Answer 14

Out-of-band checks before issuing legitimate certificates

Question 15

For IP sec, what is commonly used to protect against replay attackes

Answer 15

Encapsulating Security Payload (ESP)

Question 16

Remote Access VPN, how does full tunneling differ from split tunneling for internet traffic?

Answer 16

Full tunneling required you to go through the full tunnel then go to the internet web server.
Split can “split off” the tunnel and go straight to the web server