Test Study

Question 1

CASB

Answer 1

Cloud Access Security Broker

applies security policies to the cloud

views application usage
enforces security policy
verification of compliance

Question 2

802.1x

Answer 2

uses a centralized authentication server, and all users can use their normal credentials to authenticate to an 802.1X network

Question 3

ABAC

Answer 3

Attribute Based Access Control

sets and enforces policies based on characteristics, such as department, location, manager, and time of day

Question 4

DAC

Answer 4

Discretionary Access Control

the principle of restricting access to objects based on the identity of the subject (the user or the group to which the user belongs)

Question 5

MAC

Answer 5

Mandatory Access Control

controls access to sensitive information in an organization

MAC grants access based on a user’s need to know. Users must prove they need the information before gaining access. The sensitivity of the resource is defined by a security label.

Question 6

RBAC

Answer 6

Role Based Access Control

assigns rights and permissions based
on the role of a user. These roles are usually assigned by group

Question 7

IPS

Answer 7

Intrustion Prevention System

a network security tool that monitors network traffic for potential threats

Question 8

HSM

Answer 8

Hardware Security Module

Appliance used on the network to store certs and keys for all devices

Question 9

TPM

Answer 9

Trusted Platform Module

A chip on individual computers that stores keys

Question 10

ALE

Answer 10

Annual Loss Expectancy

Question 11

SLE

Answer 11

Single Loss Expectancy

Question 12

key escrow

Answer 12

storing decryption keys with a third party

Question 13

hashing

Answer 13

one-way cryptographic algorithm that allows for the secure
storage of passwords

Question 14

OSINT

Answer 14

open source intelligence
process of obtaining
information from open sources, such as social media sites, corporate
websites, online forums, and other publicly available locations.

Question 15

footprinting

Answer 15

the process of using tools and techniques, like using the traceroute commands or a ping sweep – Internet Control Message Protocol sweep – to collect data about a specific target.

Question 16

IPsec

Answer 16

commonly used as an encrypted tunnel between sites or endpoints.
It’s useful for protecting data sent over the network

Question 17

Insecure Protocols

Answer 17

An insecure protocol will transmit information “in the clear,” or without
any type of encryption or protection.

Question 18

Incident Response Process

Answer 18

Preparation
Identification
Containment
Eradication
Recovery
Lessons learned

Question 19

netcat

Answer 19

reads and writes information to the network

Question 20

Obfuscation

Answer 20

Obfuscation is the process of taking something that is normally understandable and making it very difficult to understand. Many developers will obfuscate their source code to prevent others from following the logic used in the application.

Question 21

Confusion

Answer 21

Confusion is a concept associated with data encryption where the encrypted data is drastically different than the plaintext.

Question 22

Diamond Model

Answer 22

Intrusion Analysis

applies scientific principles to
provide a post-event analysis of an intrusion

Question 24

memory leak

Answer 24

a gradual decline in a computer’s performance over time. It occurs when a program’s RAM is fragmented because it doesn’t free up memory segments when they’re no longer needed. This reduces the amount of available memory, which can cause the system to slow down or stop working correctly.

DDoS and injection attacks

Question 25

functions of a TPM

Answer 25

• store artifacts like passwords, certificates, and encryption keys
• protect against threats like firmware, ransomware, and DDoS attacks
• ensure that a host is a known good state and hasn’t been modified

Question 26

ARO

Answer 26

Annualized Rate of Occurence

describes the number of instances that an event would occur in a year