1.0 Threat Management Flashcards

1
Q

<p>what is a public cloud?</p>

A

<p>the standard cloud computing model where a service provider makes resources available to the public over the internet</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

<p>what does OS fingerprinting involve?</p>

A

<p>using active fingerprinting to look at the ports (open/closed and the types of responses) and passive fingerprinting to examine the traffic to and from the computer (looking for the default window size or TTL of packets)</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

<p>what are the three main protocols that can be used for wireless networks?</p>

A

<p>wired equivalent privacy (WEP), WPAv1, WPAv2</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

<p>what is the purpose of infrastructure as a service (IaaS) in cloud computing?</p>

A

<p>it provides computer and server infrastructure, typically through a virtualization environment</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

<p>what do you use to control traffic from the internet to the LAN (local area network) by controlling the packets that are allowed to enter the LAN?</p>

A

<p>a firewall</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

<p>what is the most common type of system used to detect intrusions into a computer network?</p>

A

<p>NIDS</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

<p>what is the purpose of PaaS in cloud computing?</p>

A

<p>it provides not only a virtualized deployment platform but also a value-added solution stack and an application development platform</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

<p>what is the term for an unauthorized access that a network-based intrusion detection system (NIDS) fails to detect?</p>

A

<p>missed detection or false positive</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

<p>what does the acronym IDS denote?</p>

A

<p>Intrusion detection system</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

<p>what is the main difference between an IDS and an IPS?</p>

A

<p>an IDS detects intrusions. an IPS prevents intrusions</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

<p>what does the acronym ACL denote?</p>

A

<p>access control list</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

<p>what devices can limit the effectiveness of sniffing attacks: switches or routers?</p>

A

<p>switches</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

<p>what are the two major types of intrusion detection systems (IDS)?</p>

A

<p>network IDS (NIDS) and host IDS (HIDS)</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

<p>which type of IDS detects attack on individual devices?</p>

A

<p>host intrusion detection system (HIDS)</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

<p>which layer 3 device allows different logical networks to communicate?</p>

A

<p>router</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

<p>what is the default rule found in a firewall's access control list (ACL)?</p>

A

<p>deny all</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

<p>what does the acronym NIDS denote?</p>

A

<p>network-based intrusion detection system</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

<p>which security control is lost when using cloud computing?</p>

A

<p>physical control of the data</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

<p>what is the term for an authorized access that a network-based intrusion detection system (NIDS) incorrectly detects as an attack?</p>

A

<p>false positive</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

<p>what are the four types of cloud computing based on management type?</p>

A

<p>public, private, hybrid, and community</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

<p>what is hybrid cloud?</p>

A

<p>a cloud computing environment in which an organization provides and manages some resources in-house and has others provided externally via a public cloud</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

<p>what is multi-tenancy cloud?</p>

A

<p>a cloud model where multiple tenants share the resources. this model allows the service providers to manage the resource utilization more efficiently</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

<p>which type of system identifies suspicious patterns that may indicate a network or system attack?</p>

A

<p>intrusion detection system (IDS)</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

<p>why is data isolation used in cloud environments?</p>

A

<p>to ensure that tenant data in a multi-tenant solution is isolated from other tenant' data using a tenant ID in the data labels</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

<p>which information do routers use to forward packets to their destinations?</p>

A

<p>the network address and subnet mask</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

<p>what does the acronym HIDS denote?</p>

A

<p>host-based intrusion detection system</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

<p>what is a community cloud?</p>

A

<p>an infrastructure that is shared among several organizations from a specific group with common computing concerns</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

<p>what is the purpose of software as a service (SaaS) in cloud computing?</p>

A

<p>it ensures on-demand, online access to an application suite without the need for local installation</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

<p>what is a single-tenancy cloud?</p>

A

<p>a cloud model where a single client or organization uses a resource</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

<p>what OS footprinting do?</p>

A

<p>it performs the fingerprinting steps as well as gathering additional information, such as polling DNS (check the status/survey), registrar queries, and so on</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

<p>which type of IDS detects malicious packets on a network?</p>

A

<p>network intrusion detection system (NIDS)</p>

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

what is lightweight extensible authentication protocol (LEAP)?

A

a proprietary wireless LAN authentication method developed by Cisco Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

which type of analysis involves identifying traffic that is abnormal?

A

anomaly analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

which wireless protocol provides the best security: WEP, WAP, WPA, or WPA2?

A

WPA2 with CCMP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

which category of IDS might increase logging activities, disable a service, or close a port as a response to a detected security breach?

A

active detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

what does the acronym SIEM denote?

A

security information and event management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

what should you do to ensure that a wireless access point signal does not extend beyond it needed range?

A

reduce the power levels

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

which type of analysis involves examining information in the header of the packet?

A

protocol analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

what is the purpose of MAC filtering?

A

to restrict the clients that can access a wireless network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

what is protected extensible authentication protocol (PEAP)?

A

a protocol that encapsulates the EAP within an encrypted and authenticated TLS tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

what are the two modes of WAP and WPA2?

A

personal (also called preshared key or WPA-PSK / WPA2-PSK) and enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

what type of analysis focuses on the long term direction in the increase or decrease in a particular type of traffic?

A

trend analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

which security protocol is the standard encryption protocol for use with the WPA2 standard?

A

counter mode cipher block chaining message authentication code protocol (CCMP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

which security protocol was designed as an interim solution to replace WEP without requiring the replacement of legacy hardware?

A

temporal key integrity protocol (TKIP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

which intrusion detection system (IDS) watches for intrusions that match a known identity?

A

signature-based IDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

which software can collect logs from specified devices, combine the logs, and analyze the combined logs for security issues?

A

security information and event management (SIEM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

what doe heuristic analysis do?

A

it determines the susceptibility of a system towards a particular threat/risk using decision rules or weighing methods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

which protocol does the enterprise mode of WPA and WPA2 use for authentication?

A

extensible authentication protocol (EAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

which wireless mode ensures that wireless clients can only communicate with the wireless access point and not with other wireless clients?

A

isolation mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

which type of IDS or IPS uses an initial database of known attack types but dynamically alters their signatures base on learned behavior?

A

heuristic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

what doe packet analysis do?

A

it examines the entire packet, including the payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

what are the non-overlapping channels for 802.11g/n?

A

channels 1,6, and 11

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

what are the non-overlapping channels for 802.11b?

A

channels 1,6,11, and 14

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

what is the most secure implementation of file transfer protocol (FTP)?

A

secure file transfer protocol (SFTP)

55
Q

what is the name for a hole in the security of an application deliberately left in place by a designer?

A

backdoor

56
Q

which malicious software infects a system without relying upon other applications for its execution?

A

a worm

57
Q

what does an anti-virus application signature file contain?

A

it contains identifying information about viruses

58
Q

which application or services uses TCP/UDP port 3389?

A

remote desktop protocol (RDP)

59
Q

which port number is used by TFTP?

A

UDP port 69

60
Q

what is the name for a fix that addresses a specific windows system problem or set of problems?

A

hotfix

61
Q

which firewall port should you enable to allow SMTP trafic to flow through the firewall?

A

port 25

62
Q

how many TCP/UDP ports are vulnerable to malicious attacks?

A

65,536

63
Q

which type of virus can change its signature to avoid detection?

A

polymorphic

64
Q

what is the default PPTP port?

A

TCP port 1723

65
Q

what is the purpose of NAC?

A

network access control (NAC) ensures that the computer on the network meets an organization’s security policies

66
Q

using role-based access control (RBAC), which entities are assigned roles?

A

users or subjects

67
Q

what is the name of the area that connects to a firewall and offers services to untrusted networks?

A

DMZ

68
Q

which virus creates many variants by modifying its code to deceive antivirus scanners?

A

polymorphic virus

69
Q

which port should you block at your network firewall to prevent telnet access?

A

port 23

70
Q

what is a good solution if you need to separate two departments into separate networks?

A

VLAN segregation

71
Q

which port number does LDAP use for communications encrypted using SSL/TLS?

A

port 636

72
Q

which type of code performs malicious acts only when a certain set of conditions occurs?

A

a logic bomb

73
Q

which firewall port should you enable to allow IMAP4 traffic to flow through the firewall?

A

TCP port 143

74
Q

which two port does FTP use?

A

ports 20 and 21

75
Q

what does VLAN segregation accomplish?

A

it protects each individual segment by isolating the segments

76
Q

which port number does HTTP use?

A

port 80

77
Q

which port numbers are used by NetBIOS?

A

ports 137, 138, 139

78
Q

which type of malware appears to perform a valuable function, but actually performs malicious acts?

A

trojan horse

79
Q

which port number does LDAP use when communications are not secured using SSL/TLS?

A

port 389

80
Q

what does the acronym RBAC denote?

A

role-based access control

81
Q

which viruses are written in macro language and typically infect operating systems?

A

macro viruses

82
Q

who can change a resource’s category in a mandatory access control environment?

A

administrators only

83
Q

which port number does NNTP (network news transfer protocol) use?

A

TCP port 119

84
Q

what is a trojan horse?

A

malware that is disguised as a useful utility, but is embedded with a malicious code to infect computer systems

85
Q

which port number does NTP use?

A

port 123

86
Q

what does the acronym DAC denote?

A

discretionary access control

87
Q

which firewall port should you enable to allow POP3 traffic to flow through the firewall?

A

TCP port 110

88
Q

which port number does DHCP use?

A

port 67

89
Q

which port number is used by SSL, FTPS, and HTTPS?

A

TCP port 443

90
Q

which port number is used by SSH, SCP, and SFTP?

A

port 22

91
Q

what is the default L2TP port?

A

UDP port 1701

92
Q

which type of access control associates roles with each user?

A

role-based access control (RBAC)

93
Q

why should you install a software firewall and the latest software patches and hotfixes on your computer?

A

to reduce security risks

94
Q

what is the name for a collection of hotfixes that have been combined into a single patch?

A

a service pack

95
Q

which type of access control is the multi-level security mechanism used by the department of defense (DoD)?

A

mandatory access control (MAC)

96
Q

which port number does DNS use?

A

port 53

97
Q

which port number is used by SMB?

A

tcp port 445

98
Q

what is a file considered in a mandatory access control environment?

A

an object

99
Q

what is the purpose of anti-spam application or filters?

A

to prevent unsolicited e-mail

100
Q

which type of access control was originally developed for military use?

A

mandatory access control (MAC)

101
Q

when should you install a software patch on a production server?

A

after the patch has been tested

102
Q

which type of access control is most suitable for top-secret information?

A

mandatory access control (MAC)

103
Q

which port number does SNMP use?

A

UDP port 161

104
Q

in a secure network, what should be the default permission position?

A

implicit deny

105
Q

which port number does SSH use?

A

port 22

106
Q

which type of virus attempts to hide from antivirus software and from the operating system by remaining in memory?

A

stealth

107
Q

which port is used for LDAP authentication?

A

port 389

108
Q

which self-replicating computer program sends copies of itself to other devices on the network?

A

worm

109
Q

which port number is used by microsoft SQL server?

A

tcp port 1433

110
Q

which TCP port number does secure sockets layer (SSL) use?

A

port 443

111
Q

according to the CySA+ objectives, what are the six rules of engagement for penetration testing?

A

timingscopeauthorizationexploitationcommunicationreporting

112
Q

is a DHCP server normally placed inside a DMZ?

A

no

113
Q

what is meant by the term exploitation in regards to rules of engagement in penetration testing?

A

all exploits that will be attempted during a scan

114
Q

what is decomposition?

A

the process of breaking software or malware down to discover how it works

115
Q

what is meant by the term scope in regards to vulnerability testing?

A

the devices or parts of the network that can be scanned and the types of scans to be performed

116
Q

which technology enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic, while hiding internal addresses or address space?

A

NAT

117
Q

which assessment determines whether network security is properly configured to rebuff hacker attacks?

A

penetration test

118
Q

what is the purpose of network segmentation?

A

to isolate a group of devices

119
Q

what can be used to run a possibly malicious program in a safe environment?

A

sandbox

120
Q

which term is used for the process of verifying the integrity of a file by using a hashing algorithm?

A

fingerprinting or hashing

121
Q

what is the purpose of the blue team in a training exercise?

A

defending the device or network

122
Q

which documentation reduces the likelihood that you have received counterfeit equipment?

A

OEM (original equipment manufacturer) documentation

123
Q

which type of connectivity provides a remote user the ability to safely connect to his or her corporate network while maintaining data confidentiality and integrity?

A

VPN

124
Q

what is the purpose of the red team in a training exercise?

A

attacking the devices or network

125
Q

what is meant by the term timing in regards to penetration testing?

A

the time when the test should occur and when it should not occur

126
Q

what is the primary security advantage of using NAT?

A

NAT hides internal IP addresses from the public network

127
Q

what is meant by the term authorization in regards to penetration testing?

A

the written agreement and legal authority to perform a vulnerability test

128
Q

which type of test attempts to exploit vulnerabilities?

A

penetration test or pentest

129
Q

which type of test ONLY identifies vulnerabilities?

A

vulnerability test

130
Q

what is the purpose of rules of engagement for penetration testing?

A

they define how a penetration test should occur, including the factors that limit the penetration test

131
Q

what does the acronym OEM denote?

A

original equipment manufacturer

132
Q

which team acts as the referee during a training exercise?

A

white team

133
Q

what is the purpose of the Trusted Foundry?

A

it identifies trusted vendors and ensures a trusted supply chain for the united states department of defense (DoD)

134
Q

does each VLAN create its own collision domain or its own broadcast domain?

A

broadcast domain