1

Question 1

Incident response phases

Answer 1

Preparation
Detection & Analysis
Containment, Eradication & Recovery
Post-event activity

From NiST

Question 2

Types of halon

Answer 2

1211 only in portable, streaming agent

1301 only in fixed, flooding agent

Question 3

Sha

Answer 3

Secure Hash Algorithm
Hashing algorithm
20 byte output

Question 4

AES

Answer 4

Advanced Encryption Standard 
Original name rijndael
Block cipher
Block size 128
Key length 128, 192, 256

Question 5

EAP

Answer 5

Extensible authentication protocol
Used by ppp
Support multi auth mechanisms
Token cards, smart cards, certs, opt, public key enc

Question 6

Usage gap

Answer 6

Total potential - actual current usage

Question 7

Used to authent asym keys

Answer 7

Password

Question 8

Circuit level firewall

Answer 8

Provides udp and tcp connection security

Operates transport and application layers such as session

Question 9

Stream cipher

Answer 9

Faster than block

Question 10

PEAP

Answer 10

Protected Extensible Authentication Protocol
Mschap
Gtc

Question 11

IDEA

Answer 11

International data encryption algorithm

Symmetric block cipher

Question 12

DES

Answer 12

Data encryption standard

Symmetric block

Question 13

Blowfish

Answer 13

Symmetric block

Key 32 to 448 bits

Question 14

Two fish

Answer 14

Symmetric block
Block 128
Key up to 256

Question 15

ECB

Answer 15

Electronic Code Book
Block Cipher
Same key on each block

Question 16

CBC

Answer 16

Cipher Block Chaining
Block cipher
Uses IV on first block
Plaintext XORed with previous ciphertext before being encrypted

Question 17

PCBC

Answer 17

Propagating Cipher Block Chaining
Block Cipher
uses IV on first block
Plaintext XORed with both previous plaintext and previous ciphertext before being encrypted

Question 18

CFB

Answer 18

Cipher Feedback
makes a block cipher into a self-syncronizing stream cipher
if part of encrypted message lost, only part of decryption lost.

Question 19

OFB

Answer 19

Output Feedback
makes a block cipher into a synchronous stream cipher
allows many error correction codes to function even when applied before encryption

Question 20

smart cards

Answer 20

typically credit card sized
embedded IC
some have electrical contacts
does not display

Question 21

MD5

Answer 21

Message Digest
Hash
128 hash output

Question 22

SOM

Answer 22

Service-Oriented Modeling
Comprehensive view of analysis, design and arch of all software entities
View software entities as assets referred to as services

Question 23

SOMF

Answer 23

Service-Oriented Modeling Framework
Modeling language for software development
practices, environments, disciplines, artifacts
SOA Value Proposition
Software Assets reuse
Architectural components abstraction
Business Traceability

Question 24

IPSEC Authentication Methods

Answer 24

Pre-shared key
Certificate
Kerberos

Question 25

Kerberos Components

Answer 25

3 main
Authentication Server
Ticket Granting Server
Principles Database

Question 26

IPComp

Answer 26

IP Payload Compression

Question 27

SABSA

Answer 27

Sherwood Applied Business Security Architecture
Business driven, risk and opportunity focused security architectures
traceably support business objectives

Question 28

SSH encrypt options

Answer 28

inlcude AES, Blowfish, 3DES, CAST128, Arcfour (RC4), IDEA

Question 29

L2TP

Answer 29

layer 2 Tunneling Protocol
operates at layer 2
Extenion of PPTP
Used to enable the operation of a VPN over Internet
Does not provide encryption or confidentiality by itself

Question 30

IPSec

Answer 30

protocol suite that authenticates and encrypts the packets of data sent over an IP network. used in VPNs.
Mutual Authentication

Question 31

RC4

Answer 31

aka ARC4

stream cipher

Question 32

RC5

Answer 32

Rivest Cipher
Symmetric
block cipher

Question 33

SKA

Answer 33

Shared Key Authentication

WEP encryption key shared in advance

Question 34

SwIPe

Answer 34

1993

Provides confidentiality, Integrity and authentication with end to end and intermediate hop security

Question 35

ALE

Answer 35

Annualized Loss Expectency

product of ARO (Annual Rate of Occurance) and SLE (Single Loss Expectancy)

Question 36

SLE

Answer 36

Single Loss Expectency

Question 37

ARO

Answer 37

Annual Rate of Occurance

Question 38

EF

Answer 38

Exposure Factor

Potential percentage of loss if a specific threat is realized

Question 39

AV

Answer 39

Asset Value

Question 40

MS-CHAPv2

Answer 40

Provides mutual authentication

Question 41

Layer 1 protocols

Answer 41

10BaseT
DSL, ISDN
Infrared

Question 42

Layer 2 protocols

Answer 42

ARP
ATM
CHAP
CDP
Ethernet
L2TP
MAC
PPP
PPTP
STP Spanning Tree Protocol
VLAN

Question 43

Layer 3

Answer 43

network layer
NAT
AppleTalk
IP
ICMP
ARP
RIP
OSPF
IPSec

Question 44

Layer 4

Answer 44

Transport Layer
ESP
NetBios
SPX
TCP
UDP

Question 45

layer 5

Answer 45

Session Layer - provides session management
netbios
RPC
SMB
SOCKS

Question 46

Layer 6

Answer 46

Presentation layer
TLS
SSL
FTP
IMAP
SSH

Question 47

Layer 7

Answer 47

Application Layer
SOAP
DHCP
DNS
HTTP/S
NFS
POP3
SNMP
Telnet
SSH
TFTP

Question 48

X.25

Answer 48

ITU-T protocol suite for packet switched WAN

Question 49

Skipjack

Answer 49

used by clipper chip

symmetric block cipher

Question 50

Clipper Chip

Answer 50

used Skip Jack to encrypt and Diffie Hellman key exchange

Question 51

MAC

Answer 51

Message Authentication Code

Question 52

SKIP

Answer 52

Simple Key Management for Internet Protocol
encryption tool used to protect sessionless datagram protocols.
designed to integrate with IPSec
layer 3

Question 53

ElGamal

Answer 53

Asymetric encryption

based on Diffie Hellman key exchange

Question 54

Blueprint

Answer 54

A detailed plan or program of action.

overall architecture first, then individual components

Question 55

Security Architecture

Answer 55

Think of same way home architecture
How many doors and windows are there?
Who is allowed in and out of each opening?
Must people in home identify self before going out and back in?
What possessions need protection?
What people need protection?