Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

PCS CISSP MM, EC, Thor series > testing questions missed > Flashcards

testing questions missed Flashcards

1
Q

what is MAC dealing with OSI and what layer

A
  • Media Access Control
  • Layer 2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

OSI layer 2 - what is it and what operates there

A
  • mac addresses
    1. 48 bits
    2. threats: mac spoofing and mac flooding
  • bridges and switches (L2) (asume L2 switch unless it says on the test)
  • LLC (logic link control)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is layer 4 of OSI model, what works there, what devices, what ports

A
  • Transport layer
  • responsible for end to end connection with error correction and detection
  • Ports - 65,535 total (know some common ports)
  • TCP/UDP and SSL/TLS(used to encrypt http and other data traffic) (makes sure to know tcp/udp nuances)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are three major public key cryptosystems (algorithms)

A
  • RSA
  • El Gamal (less used)
  • elliptic curve (strongest)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what type of network discovery scan only uses the fist two steps of the TCP handshake?

  1. tcp connect scan
  2. xmas scan
  3. tcp syn scan
  4. tcp ack scan
A
  1. tcp syn scan

Note: the syn scan is all you need because
* you send the syn and get the reply back of syn ack (first two steps)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what type of interface testing would identify flaws in a program’s command-line interface?

  1. application programming interface testing
  2. user interface testing
  3. physical interface testing
  4. security inteface testing
A
  1. user interface testing
    * user inteface testing includes assessments of boht graphical user interfaces (GUIs) and command line interfaces (CLI) for a software program
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Paul would like to test his application against slightly modified versions of previously used input. what type of test does Paul intend to perform?

  1. code review
  2. application vulernability review
  3. mutation fuzzing
  4. gereration fuzzing
A
  1. mutation fuzzing

uses bit flipping an other techniquest to slightly modifiy input testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what information security management task ensures that the organization’s data protection requirements are met effectively?

  1. account management
  2. backup verification
  3. log review
  4. key performance indicators
A
  1. backup verification

NOTE: this was slighly tricky. verifying the backup processes are running properly is a check to help verify data protection

just enough to provide an answer - try not to over think

I went after performance indicators, thinking backup verification was not enough but I was wrong

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

which of the following steps would be included in a change management process (select all that apply)

  1. immediately implement the change if it will improve performance
  2. request the change
  3. create a rollback plan for the change
  4. document the change
A
  1. request the change
  2. create a rollback of the change
  3. document the change

documentation is not after the change request, its part of it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

security administrators are regularly monitoring threat feeds and using that information to check systems with the network. their goal is to discover any infections or attacks that haven’t been detected by existing tools. what does this describe?

  1. threat hunting
  2. threat intelligence
  3. implementing the kill chain
  4. using artificial intelligence
A
  1. threat hunting.

Note: they are actively looking for attacks, not just using the intelligence gathered to build a better defense.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

you operate a grain processing business and are developing your restoration priorities. which one of the following systems would likely be your highest priority?

  1. order processing system
  2. fire suppression system
  3. payroll system
  4. website
A
  1. fire suppression system

Note: always choose human life - fire suppression equals saving human life

Human safety is always NUMBER one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Electronic Discovery steps (EDRM)

eDiscovery steps

A
  1. Identification
  2. Preservation
  3. Collection
  4. Processing
  5. Review and Production
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

which one of the following attacker actions is most indicative of a terrorist attack

  1. altering sensitive trade secret documents
  2. damaging the ability to communicate a respond to a physical attack
  3. trasferring funds from an unapproved source into your account
  4. selling a botnet for use in a DDoS attack
A
  1. damaging the ability to communicate a respond to a physical attack
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

UEBA is what

A
  • User and entity behavior analytices
  • baselines of behavior modeling
  • this typically involves machine learning
  • denys, alerting, etc. when something is outside the norm
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Cobit

A
  • framework developed by the information systems audit and control association (ISACA) and the IT governance Institution (ITGI)
  • defines goals for the controls that should properly manage IT and ensure IT maps to business needs, not just security needs
  • COBIT broadly focuses on risk management that can be applied to various business areas

COBIT address what is to be achieved… ITIL address how to achieve

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ITIL

A
  • The Information Technology Infrastructure Library
  • the de facto standard of best practices for IT service management
  • a customizable framework, ITIL provides the goals, the general activities necessary to achieve these goals, and the input and output value for each process requied to meet these goals

COBIT address what is to be achieved..ITIL address how to achieve

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

OECD

A
  • Organization for Economic Co-operationand Developement
  • develeped guidelines for various countries so that data is properly protected and everyone follows the same rules
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is IP Masquerade

A
  • IP Masquerade is a networking function in Linux similar to the one-to-many
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

a number of factors should be considered when assigning values to assets. which of the following is not used to determine the value of an asset?

  1. the assets value in the external marketplace
  2. the level of insurance required to cover the asset
  3. the initial and outgoing cost of purchasing, licensing, and supporting the asset
  4. the asset’s value to the organization’s production operations
A
  1. the level of insurance required to cover the asset

NOTE: the cost of insurance is not the important factor. you need to know the asset value before getting an isurance cost ( i guess duh)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

risk assessment has several different methodologies. which of the follwing official risk methodologies was not created for the purpoose of analyzing security risks

  1. FAP
  2. OCTAVE
  3. ANZ 4360
  4. NIST SP 800-30
A
  1. anz 4360 -
    * it can be used for risk assessment but was not created for that purpose
    * ANZ 4360 can be used to understand a complany’s financial, capital, human safety and business decisions risk
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

name some offical risk assessment methodologies

A
  • FRAP - (Facilitated Risk Analysis Process) aims to get conclusions about risks quicker.
  • OCTAVE - a risk-based strategic assessment and planning technique for security
  • NIST SP 800-30 - guide for conduction risk assessment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

threat modeling methodology uses one of 3 approaches - what are these approaches

A
  1. attacker centric
  2. asset centric
  3. system (software) - centric
    * according to CBK system or software centric methods like stride are the most useful
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

what is a threat modeling methodology that is an example of attacker centric and some attributes

A
  1. PASTA
    * focuses on each threat and its TTP (tactics, techniques and procedures)
    * starts by identifying threats then attempts to find vulnerability attack paths
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

what is an example of asset centric threat modeling methodology

A
  1. NIST 800-154
    * first identifies critical assets
    * then determines how threats might compromise them
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
of the 3 threat modeling methodoloies, according to CBK, one of them is more useful. which one are they refering to and list some attributes
1. system or (software) centric are the most useful * STRIDE is an example * they represent interconnected processes * often use data flow diagrams to access trust boundries and needed controls
26
what is 802.1x
* port based network access control (PNAC)
27
what is 802.1q
* Virtual Local Area Networking (VLAN)
28
In what phase of the Capability Maturity Model for Software (SW-CMM) are quantitative measures used to gain a detailed understanding of the software development process? 1. repeatable 2. defined 3. managed 4. optimizing
3. managed
29
NIST maturity model steps
1. Initial - no organized processes (adhoc) 2. Repeatable - some processes are reteatable, a formal program has been initiated. some processes defined an dcoumented 3. Defined - processes have become formal, standardized, and defined (consistency) 4. Managed - organization begins to measure, refine, and adapt their security processes. more effective and effecient based on information from the program 5. Optimizing - has processes that are automated, documented, and constantly analyzed for optimization. cybersecurity is part of the overall culture
30
type I biometric error
* False positive * False Reject Rate
31
you have been selected to manage a software development project. your supervisor asked you to follow the phases oin the systems/sofware develpment life cycle. In which phases will the system be tested by an independent third party 1. acceptance 2. testing and evaluation controls 3. documentation and common program controls 4. functional requirements definition
1. acceptance - is the phase at which the software is tested by an independent third party. the testing process includes functionality test and security test, which should verify that the software meets all the functional and security specifications that were documented in previous phases
32
What is an example to explain this process MAC (message authentication code) or HMAC (hased message authentication code) without using PKI
* bob and alice decide on a shared secret * bob hashes the mesage (sha2) * bob encrypts that hashed message with the shared secret known only by alice * this is MAC or HMAC * alice reverses the process to provide authentication
33
if something is cod signed does it mean its safe to use on your computer?
it does not! it simply means the creator has been verified
34
digital Signature - non-repudiation
* DSA (digital signature algorithm) * SHA1 or SHA2 * asymmetric (RSA or ECC) encryption and (RSA or ECC) keys on the hash
35
FM-200 question below
* Not to be confused with a CO2 System, FM 200 fire suppression systems are electrically non conductive and safe for humans.
36
what can be used to obtain the plaintext value of a hashed password
rainbow table * hashed algorithms like md5 and sha1 can be used to create a message digest of data
37
which of the follwing must a user have for all information precess in system high mode? 1. security clearance, access approval and a valid need to know 2. a security clearance and access approval 3. a security clearance and valid need to know 4. security clearance
2. a security clearance and access approval
38
is licensing part of the SDLC
no
39
what mode is AH typically used with ESP and why 1. transport 2. tunnel
Transport
40
what is double encoding used for
* the act of encoding data twice in a row using the same encoding scheme. It is usually used as an attack technique to bypass authorization schemes or security filters that intercept user input
41
what is forced browsing
* Forced browsing is an attack where the aim is to enumerate and access resources that are not referenced by the application, but are still accessible. * An attacker can use Brute Force techniques to search for unlinked contents in the domain directory, such as temporary directories and files, and old backup and configuration files. These resources may store sensitive information about web applications and operational systems, such as source code, credentials, internal network addressing, and so on, thus being considered a valuable resource for intruders
42
what is PIPEDA
The Personal Information Protection and Electronic Documents Act is a Canadian law relating to data privacy.
43
lockdown enclosure is for what
* Lockdown enclosure prevents theft of computer equipment
44
what are these fire extinquishers for 1. A 2. B. 3. C
1. A -- wooed, paper, cloth 2. B -- flammable liquids 3. C -- electrical panel, motor wiring etc.
45
Electronic vaulting
* Electronic vaulting makes a copy of data to a backup location. This is a batch process operation that functions to keep a copy of all current records, transactions, or files at an offsite location
46
what is CYOD
1. choose your own device * sometimes this is an option for devices to use at work. they are typically chosen from an approved list
47
with SDN what is plane is centralized * SDN management * SDN control * SDN data * SDN Policy
* SDN Architecture The **SDN control plane** is centralized
48
circuit switching
* once built the circuit is always there even when not used * this can be considered a waste of resources * common types * POTS * PSTN * T1, E1, T3, E3 * ISDN
49
packet switching
* Packet switching is how we think of networking today. We take our data, we put it into a wireless network, or a wired network, and we send the traffic on its way, and it finds its way to its destination. This might be data, it might be video, it might be voice– doesn’t matter. We’re sending this data out over the network and it’s finding its way and switching based on what’s in the packet. Usually this media is shared.
50
XOR
* if the values are the same its a 0 * if the values are different its a 1
51
ARP
translating IP to MAC * computer has the IP of the device, just needs to MAC so they can talk at lower layers
52
what is NAC
* NAC systems are there to ensure that only the right users with authenticated and reliable devices (whether they belong to the company or the individual themselves) can log on to the network. Once they are there, the NAC regulates the areas of the network users can access while monitoring and logging their activity * principle of 3 (AAA) * authentication, authorization, accounting
53
which is NOT likely a vulnerability with kerboros authentication method * theft of cached credentials * a single point of failure * a password guessing attack * susceptibality to eavesdropping
* susceptibality to eavesdropping
54
which of the following is not a method for protecting data at rest 1. network level encryption 2. database level encryption 3. folder level encryption 4. application level encryption
* network level encryption is not * note: i originally answered this wrong. I think application level, is data in use, apparently if its in flash its considered rest. I did not think about that data that could be stored on the application server
55
which of the following best describe the purpose of a key destribution center (KDC) * sending a service ticket (ST) to an authenticated user when the user requires a network service * enabling single single sign on services by acting as a trusted thirdparty authentication server * enabling an authenticated user to request access to network services * sending a second session key to an authenticated user when the user requires access to a network service
* enabling single single sign-on services by acting as a trusted third-party authentication server
56
what device increases broadcast domains
* router * in a router, each interface is a seperate broadcast domain * routers do not forward broadcast ***note: not for the test; however a L3 switch does this also. its why i got it wrong. I was thinking L3 not L2 when i answered. The test considers switches L2 unless they say different (remember)
57
ALE formula
SLE X ARO Note: remember if you are comparing something you are buying to a lease. you have to make sure the cost of the purchase is included in teh forumala over time. Example : cost of printer then figure your ale over X amount of years. you have to add the cost of original purchase to the ALE cost over that span of years compared to a lease over that same span of time.
58
a TFTP server recieves a request from a client devic on UDP 69. which port number will the server use to send a response back to the client
* The TFTP server listens continuously for requests on well-known UDP port number 69, which is reserved for TFTP * The client chooses for its initial communication an ephemeral port number, as is usually the case in TCP/IP **** ephemeral ports are short period communications RANGE - 1024-65535
59
what is the primary concern with bluetooth version 2.1
* weak encryption * verion 4.1 has a much stronger cipher EAS-CCM
60
which privacy act was created in 74 to provide citizens with access to private information that is being collected and maintained by teh governmant
U.S. Privacty act
61
what is the job duties of a security administrator
* responsible for user account management and reivews of audit data * assigning user accounts and security settings * usual lesser permissions compared to system administrators
62
what is the role of a system administrator
* monitors and maintains the systems and applications * can be more specialized such as DBA or network admin
63
what is true about OSPF
* it learns the entire network topology for the area
64
what best decribes groupings of subjects and objects that have the same security requirement * security domains * layering * obstraction * the ring model
* security domain
65
what database type does DNS use
* Hierarchical database
66
what is object reuse
the process of reusing data or authentication credentials that application or process has shared in memory or cachedd to disk. when data or credentials are retrieved and used by another user, applications, or process, unauthorized priveilege escalation can occur. *** object reuse can be mitigated by developing tight controls over the sharing of such objects in memory and by ensuring that a cached credentials are removed from memory when they are no longer required
67
what type of obfuscation deals with making a program obscure to computers
Pevention obfuscation
68
can a switch reduce collision domains
a switch creates seperate collision domains for each switch port
69
what type of physical lock is the most vulnerable to shoulder surfing and brute force(trying every combo possible)
* a lock with a keypad *** they are easier to see you put in your code and typically less digits, so easier to attempt a brute force
70
what secruity architecture model are you most likely to implement to avoid covert channel attacks
noninterference
71
what is the purpose is WS-secureconversation web services specifications
* to create security contexts for faster message exchanges
72
what is security marking for
reflects applicable laws, directives, policies, regulations and standards
73
which is correct regarding encapsulation 1. frames are encapsulated in segments 2. segments are encapuslated in packets 3. packets are converted into bits 4. bits are encapulated in frames
segments are encapsulated in packets
74
Do we want high coupling or low coupling
low coupling - an object that is mostly independent of other objects
75
high cohesion vs low cohestion
high cohesion - Cohesion refers to the degree to which the elements of a module/class belong together, it is suggested that the related code should be close to each other, so we should strive for high cohesion
76
is sso a federated identity managment (FIM)
* nope, they do similar things but * SSO is within the organization * FIM is across various enterprises (cloud for example or across multiple enterpises)
77
If a brute force is being attempted on a cipher what does the attacker normally have access to 1. ciphertext 2. neither th eplaintext nor the ciphertext 3. both the plaintext and the ciphertext 4. only the plaintext
they have access to only the ciphertext
78
having employees acknowledge that they have read and understood the complany security policy does what 1. ensure that they unerstand the policy 2. ensure that the company is protected 3. ensure that they have read the policy 4. ensure they they follow the policy
2. ensure the that company is protected if there was a breach and its covered in the policy, the company has to show proof that they employee knew that information
79
a dev team using a source code repository has achieved the diesired level of functionality on a current project. the last dev commits changes, what is the latest change to the code repository 1. code freezing 2. code commit 3. code check in 4. code check out
* code freezing
80
what does a database view contain
the results of a database query
81
government classifications (5) and level of damage
1. Top secret - severe (grave) damage to national securirty 2. Secret - critical damage to national secuirity 3. Confidential - some serious 4. Sensitive but unclassified - no damge to national securirty 5. unclassified - not sensitive
82
3 FIM (federated identity management) what are they
* cross site certifcation - enables participants to trust another partipants pubolick key infrastructure * trusted third party - uses a single organziation to manage the authentication and verification process for each company that is partipating in the model * bridge model - trust model also know as brige
83
different between PGP and SMIME
* PGP can be used to encrypt not only email messages, but also files and entire disk drives * both can be used for confidentiality, integrity and non repudiation for email * confidentiality is accomplished with 3DES * intengity is accomplished with sha1 * nonerepudiation by creating digital signatures with asymmetrick encription method such as RSA
84
what of the following is a legal liability concept that defines the minimum level of information protection that an organziation must achieve * due diligent * due care
due care NOTE: due care is the legal liability concept that defines the minimum level of information protection that an organization must achieve. due diligence - legal liability concept that requires an organization to continually review its practices.
85
kerberos attributes
* SSO using tickets * authentication service * uses ticket to allow users to security authenticate to a variety of network based servcies * weakness kerberos 1. KDC store plaintext keys of all principals(clients and servers) 2. KDC can be a single point of failure 3. short key suseptable to attack 4. password guessing, kerberos does not know if a dictionary attack is taking place 5. clock timing
86
the MAC model supports different environment types. which of the following grants users access using predefiend labels for specific labels? 1. a compartmentalized environment 2. hierarchical environment 3. centralized environement 4. hybrid environment
2. Hierarchical environment * Answer: In a hierarchical environment, the various classification labels are assigned in an ordered structure from low security to high security. * (MAC) model supports three environments: hierarchical, compartmentalized, and hybrid
87
A risk assessment includes the evaluation of threats for each identified asset. What are the potential areas of concern related to third-party connectivity? (Choose all that apply. 1. business partnership 2. cloud services 3. telecommuting 4. a business branch vpn link
1,2 and 3 Answer: The potential areas of concern related to third-party connectivity are those in which an actual outsider is to be directly connected to on-premises networks; these situations include business partnerships, cloud services, and telecommuting. Third-party connectivity is not involved when using VPN links to connect business branches.
88
A cloud-based provider has implemented an SSO technology using JSON Web Tokens. The tokens provide authentication information and include user profiles. Which of the following best identifies this technology? 1. OIDC 2. OAuth 3. SAML 4. OpenID
1. OIDC Answer: OpenID Connect (OIDC) uses a JavaScript Object Notation (JSON) Web Token (JWT) that provides both authentication and profile information for internet-based single sign-on (SSO). None of the other answers use tokens. OIDC is built on the OAuth 2.0 framework. OpenID provides authentication but doesn’t include profile information.
89
Customers frequently return to an e-commerce site to make additional purchases. The company wants to allow customers to be automatically logged on when they visit. Which of the following will meet this need? A. Service authentication B. The Credential Management API C. Single sign-on (SSO) D. Session management
The Credential Management application programming interface (API) will meet this need. It was published by the World Wide Web Consortium (W3C) as a working draft in January 2019.
90
What is the most common and inexpensive form of physical access control device for both interior and exterior use?
key locks
91
A company server is currently operating at near maximum resource capacity, hosting just seven virtual machines. Management has instructed you to deploy six new applications onto additional VMs without purchasing new hardware since the IT/IS budget is exhausted. How can this be accomplished? 1. Microservices 2. Docker 3. Service oriented archetecture (soa) 4. Containerization
4. Containerization Containerization is based on the concept of eliminating the duplication of OS elements in a virtual machine. Instead, each application is placed into a container that includes only the actual resources needed to support the enclosed application, and the common or shared OS elements are then part of the hypervisor. The system as a whole could be redeployed using a containerization solution, and each of the applications previously present in the original seven VMs could be placed into containers, as well as the six new applications. This should result in all 13 applications being able to operate reasonably well without the need for new hardware.
92
Which of the following approaches uses mathematical algorithms to analyze data, developing models that may be used to predict future activity?
Machine learning
93
The Board of Directors of a firm would like to hire an auditor to review the firm’s financial statements. Which one of the following groups would be best suited for this engagement? A. Internal audit group B. Finance team C. Independent auditor D. Board committee
* Independent auditors External audits, such as the one requested by the Board, should always be conducted by independent, qualified audit firms.
94
is cros site request forgery (XSRF) what is the mitigations methods
websites use of completely automated public turing test to tell computers and humans apart (captcha), two facctor authentication or by adding a nonce to web requests
95
ipv6 loopback
::1
96
what dept is a security person least likely to be a part of
* the internal audit deptartment
97
common criteria - breaksdown into 4 terms
* target of evaluation (ToE): systme or produc to that is to be tested * security target (ST): documentation that describes the ToE and any secuity requirements * PP: a set of security rquirements and objects for the type of product to be tested * evaluation assurance level (EAL): a ratign level that is assigned to the product after the product has been tested
98
7 ratings of Common Criterea
* EAL1: functionally tested * EAL2: structrually tested * EAL3: Methodically tested and checked * EAL4: methodically designed, tested, and reviewed * EAL5: semi-formally designed and tested * EAL6: semi-formally verfied, designed, and tested * EAL7: formally verified, designed, and tested
99
which protocol data unit (PDU) exist at the data link layer of the OSI model * frames * packets * segments * bits
* frames
100
what pdu (protocol data unit) is at the transport layer
segments
101
what pdu (protocol data unit) is at the network layer
packets
102
what pdu (protocol data unit) is at the data link layer
frames
103
what pdu (protocol data unit) is at the physical link
bits
104
which access control principle ensures that information does not flow between groups of users
* compartmentalization A nonhierarchical grouping of sensitive information used to control access to data more finely than with hierarchical security classification alone. The isolation of the operating system, user programs, and data files from one another in main storage to protect them against unauthorized or concurrent access by other users or programs
105
object reuse can be memory and/or hard drive true or false
True
106
what is the weakest form of biometrics
* Fingerprint
107
CPU pipelining
The CPU is capable of executing a series of basic operations, including fetch, decode, execute, and write. Pipelining combines multiple steps into one process. The CPU has the capability to fetch instructions and then process them. The CPU can function in one of four states: Ready state—Program is ready to resume processing Supervisor state—Program can access entire system Problem state—Only nonprivileged instructions executed Wait state—Program waiting for an event to complete
108
Non-interference Model
This model ensures that the actions of different objects and subjects aren’t seen by (and don’t interfere with) other objects and subjects on the same system.. By implementing this model, the organization can be assured that covert channel communication does not occur because the information cannot cross A covert channel is a policy-violating communication that is hidden from the owner or users of a data system.
109
WPA3 attributes
* enterprise supports AES-GCMP (galois/counter mode protrocol) * personal suppports AES-CCMP at minimum, like WPA2 * supports (PFM) protected management frames * supports (SAE) simultaneous athentication of equals
110
smurf attack
* ICMP echo request * DOS * attacker sends ICMP echo requests packets with a spoofed source address to a directeed broadcast address
111
fraggle attack
* DoS ICMP echo request * UDP * attacker sends UDP packets witha spoofed source address to a directed broadcast attack * every device the recieves a UDP broadcast will reply to the spoofed source address
112
Teardrop attack
* DoS ICMP echo requests * several large overlapping IP fragments
113
LAND attack
* DoS ICMP * malformed IP packets * victim recieves the packets, becomes confused and can crash
114
garbage collection
A language mechanism that automatically deallocates memory for objects that are not accessible or referenced.
115
malware taht does not leave any trace of its presence nor saves itself to a storage devcie, but is still able to stay resident and active on a computer is know as what
fileless malware
116
what software development concept was pioneered by teh defese department in the 1990s as an effor tto bring together divers product development teams 1. integrated product team 2. agile methodology 3. scrum approach 4. user stories
integrated product team
117
what 3 types of interfaces are typically test during software testing 1. netowrk, physical and application 2. APIs, UIs, and physical interfaces 3. network interfaces, APIs and UIs 4. application programmatic, and user interfaces
2.. APIs, UIs, and physical interfaces tested during the software testing perocess
118
charlie is seeking a common naming scheme that he can use to describe system configurations during vulerability analysis. which one of the follow SCAP components would be best suited to the task. 1. CVE 2. CPE 3. CVSS 4. CCE
* CCE common configuraion enumeration (CCE) provides a naming system for system configiguration issues
119
OWASP SAMM software assurance maturity model
* SAMM steps * there are levels at each category * similar to L1 - L3
120
using the OSI model, what format does the data link layer use to format messages recieve from higher up the stack * data stream * frame * segment * datagram
frame
121
which is not a typical part of a penetration test report 1. a list of identified vlunerabilities 2. all sensitive data that was gathered during the test 3. risk rating for each issue discovered 4. mitgation guidance for issues identified
2. all sensitive data that was gathered during the test
122
which of the folowing security controls cannot be reversed and is the best choice to permanently protect personal information in a dataset transferred out of the EU? 1. psedonymization 2. encryption 3. tokenization 4. randomized masking
4. randomized masking answer: randomized masking is one of many anonymization methods and is the best choice of the given answers. when done correctly, it cannot be reversed to discover the original data.
123
tom is investigation a security incident and found that the attacker was able to directly modify the contents of a system's memory. what type of application vlunerability would most directly faccilitate this action 1. rootkit 2. back door 3. TOC/TOU 4. buffer overflow
4. buffer overflow Answer: buffer overflow attacks allow an attacker to modify the contents of a systems memory by writing beyond the space allocated for the variable
124
types of mandatory access control
1. hierarchical 2. campartmentalized 3. hybrid
125
serverless architecure attributes
* microservice features scalable but can be complex * is part of FaaS (function as a service) * FaaS is a subcategory of (Paas) * remember this if a question answer should be FaaS and only PaaS is an option
126
what principle states that an individual should make every effrot to complete his or her responsibliities in an accurate and timely manner * least privilege * seperation of duties * due care * due diligence
* due diligence Answer: due diligence is a more specific component of due care, that states that an individual assigned a responsiblitiy should exercise due care to complete it accurately and in a timely manner
127
SPML (services provisioning markup language) attributes
* services provisioning markup language * XML-based standard that facilitates the exchange of account provisioning information among applications, services and organizations * SPML allows organizations to securely create, update and delete end-user accounts for many web services and applications using a single request from a central point.
128
dana is selecting a hash function for use in her organization and would like to balance a concern for a cryptographically strong hash with the speed and efficiency of the algorithm which hash functions would best meet her needs 1. MD5 2. ripemd 3. sha-2 4. sha-3
3. sha-2 Answer: dont over think it. md5 and ripemd suck. sha-3 is less effecient comparted to sha-2
129
SSAE-18
130
rons organization does not have the resouces to conduct penteration testing that uses time-intesive manual techniques, but he would like to achieve some of the benefits of penetration testing. which technique could he engage in the requires the least manual effort 1. white box testing 2. black box testing 3. gray box testing 4. breach and attack simulation
4. breach and attack simulation * allow you to create a wide array of attacks on prodcution netowrk without risk to data, applications or users Answer: platforms are intended to automate some aspects of penetration testing. these systems are designed to inject threat indicators onto systems and networks in an effort to trigger other security controls
131
In a single lvel security environment. when classifying information systems according to the type of information that they process. what procedure would be teh best way to assign assets classifications 1. assign system the classification of the highest level of information they they are expected to process regularly 2. assign systems the classification of the highest level of information they they are ever expected to process 3. assign systems the classification of information they they most commonly process
2. assign systems the classification of the highest level of information they they are ever expected to process Answer: in a single level security environment. this is the way
132
darren is troubleshooting an authentication issue for kerberized applicaton used by his organizaton. he believes the issue is with teh generation of session keys. what kerberos servic should he investigate first? 1. kdc 2. tgt 3. as 4. tgs
4. TGS (ticket granting service)
133
kim is the system admin for a small business network as she was in the office after hours with nobody else there. one moment systems across the office were working fine but now are exhibiting signs of infection one after the other. what type of malware is kim likely dealing with 1. virus 2. worm 3. trojan horse 4. logic bomb
2. worm answer: **worms** - have built in progagation mechanisms that do not require user interactions, such as scanning for systems containing known vulnerabilities and then exploiting those vulnerabilities to gain access. **Logic Bombs** - do not spread from system to sytem
134
a chief audit executive (CAE) should report to who 1. CIO 2. CISO 3. CEO 4. CFO
3. CEO answer: CAE should report to teh most seior possible leader to avoid conflichs of interest.
135
jitter vs latency
* latency - delay in teh deilver of packets * jitter - is a variation in the latency for different packets latency delay (packets are the same) jitter- packets are not in correct order when they arrive
136
OpenID Connect attributes
* OpenID Connect (OIDC) uses a JavaScript Object Notation (JSON) Web Token (JWT) that provides both authentication and profile information for internet-based single sign-on (SSO). * maintained by openid foundation but uses RFC 6749 as a framework * decentralized authentication maintained by OpenID foundation * open authentication protocol that works on top of the OAuth 2.0 * Targeted toward consumers, OIDC allows individuals to use single sign-on (SSO) * Each time users sign on to an application or service using OIDC, they are redirected to their OP (OpenID provider), where they authenticate and are then redirected back to the application or service.
137
Differences between SAML, OpenID Connect
* SAML is known for its flexibility, but most developers find OIDC easier to use because it is less complex. * SAML is used to access browser-based applications and does not support SSO for mobile devices or provide API access. OAuth provides API access and OIDC provides access to APIs, mobile native applications, and browser-based applications. * OIDC is about who someone is. OAuth 2.0 is about what they are allowed to do. * SAML uses tokens written in XML and OIDC uses JWTs, which are portable and support a range of signature and encryption algorithms. *
138
OAuth biggest difference compared to SAML and OIDC (openid connect)
* The primary difference between these standards is that OAuth is an authorization framework used to protect specific resources, such as applications or sets of files, while SAML and OIDC are authentication standards used to create secure sign-on experiences.
139
what are two factors for accountability
* identification * authentication
140
techique used to exploit TOC/TOU
* algorithmic complexity
141
smart card uses what standard 1. X.500 2. X.509 3. 802.11x 4. X.516
2. X.509 answer: standards for public key certs
142
what you should set to ensure that syslog notifies you of actual issues not just normal operations 1. facility code 2. log priority 3. security level 4. severity level
4. severity level
143
during which phase of the incident reponse process would an organization determine whether it is required to notify law enforcment officials or other regulators of the incidnet 1. detection 2. recovery 3. remidiation 4. reporting
4. reporting Answer: during reporting, incident responders assess thier obligations under laws and regulation to report the incident go government agencies and other regulators
144
which one of the following components should be included in an organizations emergency response guildlines 1. immediate response procedures 2. long term business continuity protocols 3. activation procedures for the organiazations cold sites 4. contact ifnromation for ordering equipment
1. immediate response procedures
145
false acceptance rate is what error type
Type II Answer: FALSE ACCEPTANCE RATE. WHEN BIOMETRIC SYSTEM ACCEPTS IMPOSTORS WHOE SHOULD BE REJECTED | False acceptance is TYPE II -reverse alphabet (acceptance type II)
146
real evidence
Real Evidence: Tangible and Physical objects, in IT Security: Hard Disks, USB Drives – NOT the data on them.
147
system logs
* System Log (syslog): a record of operating system events. It includes startup messages, system changes, unexpected shutdowns, errors and warnings, and other important processes. Windows, Linux, and macOS all generate syslogs * Log files are a historical record of everything and anything that happens within a system, including events such as transactions, errors and intrusions. That data can be transmitted in different ways and can be in both structured, semi-structured and unstructured format.
148
SSAE18
* SSAE 18 and SOC 1 are used interchangeably or together to describe this audit, thus for clarity just remember the SSAE 18 is actually the professional AICPA standard used for issuing SOC 1 Type 1 and SOC 1 Type 2 reports by a licensed CPA firm.
149
what passwords are the hardest to manage 1. dynamic password 2. one time password (OTP) 3. passphrase 4. static password
2. one time password * Note: (short string of characters) hardest to remember maybe and deal with if forgotten or misplaced * remember there are one time passwords that are generated and good until they are used
150
which of the following oasis standards is most commonly used by (SDN) software defined networking systems 1. oauth 2.0 2. security assertion markup language (SAML) 3. security provisioning markup langauge (SPML) 4. extensible access control markup language (XACML)
4. extensible access control markup language (XACML) Answer: of the avialable choices, xacml is the oasis standard that is most commonly used by SDN system * XML based, typically used to define access control policies (attribute or role based)
151
security assertion markup language (SAML) attributes
* OASIS standard * commonly used by web applications for single sign-on * XML based open standard * can be used to exchange authentication and authorization
152
security provisioning markup langauge (SPML) attributes
* OASIS standard * XML based * used for federated identitity SSO * also based on directory services markup language (DSML) * DSML is xml based and can be used to present LDAP information in XML format
153
what keys are created with TPM chip
* storage root key - Each TPM has a master wrapping key, called the storage root key, which is stored within the TPM itself * endorsement key - is created in a TPM is never exposed to any other component, software, process, or user. Computers that incorporate a TPM can create cryptographic keys and encrypt them so that they can only be decrypted by the TPM. This process, often called wrapping or binding a key, can help protect the key from disclosure
154
Take-Grant Model
* another confidentiality-based model * four basic operations: take, grant, create, and revoke * allows subjects with the take right the ability to remove take rights from other subjects. * the grant right allows a subject to grant this right to other subjects. * The create and revoke operations work in the same manner: Someone with the create right can give the create right to others, and those with the revoke right can remove that right from others.
155
Brewer and Nash Model
* similar to the Bell-LaPadula model and is also called the Chinese Wall model. * It was developed to prevent conflict of interest (COI) problems. * example, imagine that your security firm does security work for many large firms. If one of your employees could access information about all the firms that your company has worked for, he might be able to use this data in an unauthorized way. Therefore, the Chinese Wall model would prevent a worker consulting for one firm from accessing data belonging to another, thereby preventing any COI.
156
Clark-Wilson
* integrity based * created in 1987 * separation of duties must be enforced * subjects must access data through an application, and auditing is required * differs from the Biba model in that subjects are restricted meaning: subject at one level of access can read one set of data, whereas a subject at another level of access has access to a different set of data.
157
Noninterference model
* As its name states, this model’s job is to make sure that objects and subjects of different levels don’t interfere with the objects and subjects of other levels.
158
Direct Evidence
* Testimony from a first hand witness, what they experienced with their 5 senses.
159
Best Evidence Rule
* The courts prefer the best evidence possible. * Evidence should be accurate, complete, relevant, authentic, and convincing.
160
Secondary Evidence
Secondary Evidence – This is common in cases involving IT. * Logs and documents from the systems are considered secondary evidence.
161
pets, cattle, chicken, insect - is what
an anology comparing * servers - like pets, name them, care for them, they last for years * instances (AWS, AZIURE)- like cattle - you number them, if they get sick, you terminate. add more and reduce your stock as needed - short lifespans, do not expect to see uptimes of years * containers - like chickens, short liftespan comparted to cattle, less resource intensive, take up less space, consume less resources (cpu, ram), takes seconds to launch. they last a few days to a few hours or minutes * serverless -function as a service (FaaS) -Insects have a much lower life expectancy than chickens; This fits in with serverless and Functions as a Service as these have a lifespan of seconds Organizations who have pets are slowly moving their infrastructure to be more like cattle. Those who are already running their infrastructure as cattle are moving towards chickens to get the most out of their resources. Those running chickens are going to be looking at how much work is involved in moving their application to run as insects by completely decoupling their application into individually executable components.
162
containerless architecture
diagram
163
cipher suites
example
164
TCB flow
165
NIST 800-161 - what is it
supply chain
166
you have ciphertext and the corresponding plaintext, what attack is this
known plaintext
167
used against public key cryptosystem
chosen ciphertext
168
man in the middle is a type of what
eavesdropping
169
what attack are you trying whe you are trying all possible combinations
brute force
170
the attacker can capture ciphertext and along with plaintext attempt to determine the key
known plaintext
171
the hardest type of this attack becasue you only have the encrpted message
ciphertext only
172
question below
answer below
173
which of the following data encryption standards (DES) moes propagate encryption errors * electronic code book (ECB) mode * couter (CTR) mode * cipher block chaining (CBC) mode * output feedback (OFB) mode
* cipher block chaining (CBC) mode
174
which of the following is least likely to be included in a noncompete aggreement (NCA) * nondisclosure demand * geopgraphic restriction * job description * expiration date
* nondisclosure demand
175
what is in system logs
* service modifications * computer system events (computer starts and stops) * operating system events (services start and stop)
176
a few GDRP requirements
* inform of a major breach 72 hrs * each EU member nation must create a centralized data protection authority * individuals must have access to their own data * information regarding an individual must be transferrable to another service provider at the individuals request * individuals retain the right be forgotten and have their information deleted if it is no longer required * organizations located outside the EU must adhere to the GDPR if they collect information about EU residents
177
if the questions is about object oriented programming and the answers are polymorphism or polyinstantiation - answer is
polymorphism

PCS CISSP MM, EC, Thor series (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions