14 Flashcards

1
Q

A security feature of a network switch that provides countermeasures against rogue DHCP servers is called:

A

DHCP snooping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following answers refers to an endpoint security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats?

A

** EDR **

Endpoint Detection and Response (EDR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:

A

** DLP **
DLP, or Data Loss Prevention, is a cybersecurity solution that detects and prevents data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which functionality allows a DLP system to fulfill its role?

A

Content inspection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following answers refers to a firewall type that improves upon first- and second-generation firewalls by offering additional features, such as more in-depth inspection of network traffic and application-level inspection?

A

NGFW

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The term “Intrusion Detection System” (IDS) refers to a device or application designed to detect malicious activities and violations of security policies on a network or computer host. An IDS designed to monitor networks is known as Network Intrusion Detection System (NIDS), an IDS installed on a host monitoring only that host is called Host Intrusion Detection System (HIDS). IDSs do not take any active steps to prevent or stop the intrusion relying only on passive response which may include sending an alert to a management console or saving information about the event in logs.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following answers illustrates the difference between passive and active network security breach response?

A

IDS vs. IPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers)

A
  • Host-based firewall
  • Software firewall
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which firewall would provide the best protection for an ingress/egress point of a corporate network? (Select 2 answers)

A
  • Hardware firewall
  • Network-based firewall
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Unified Extensible Firmware Interface (UEFI) is a firmware interface designed as a replacement for BIOS. UEFI offers a variety of improvements over BIOS, including Graphical User Interface (GUI), mouse support, or secure boot functionality designed to prevent the loading of malware and unauthorized operating systems during the computer startup process.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The term “Measured Boot” refers to a security mechanism first introduced by Microsoft in Windows 8. Measured Boot checks system startup components and stores the resulting boot configuration log in the Trusted Platform Module (TPM). The log is then sent for remote attestation to a trusted server on the network to verify the integrity of the Windows startup process. Measured Boot allows for neutralization of hard-to-detect malware and rootkits which are run before the OS.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following security solutions can be used to protect database contents? (Select all that apply)

A
  • Tokenization
    Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security
  • Hashing
    Hashing is the practice of transforming a given key or string of characters into another value for the purpose of security
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The term “Secure cookie” refers to a type of HTTP cookie that has Secure attribute set. The Secure attribute prevents the transmission of a cookie over an unencrypted channel (i.e. the cookie is not sent over HTTP; HTTPS is used instead).

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A web server and a client exchange data through HTTP messages. The two types of HTTP messages include: request from client to server (an HTTP request) and response from server to client (an HTTP response). An HTTP header is a name-value pair separated by a colon. It forms a part of the HTTP message and enables transferring additional information between the client and the server with the request or the response. Some HTTP headers can be used to improve security. As an example, for a website that has a valid SSL certificate (can be accessed via HTTPS), HTTP Strict Transport Security (HSTS) response header (if set) will block communication via HTTP and force the browser to use only secure HTTPS.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the purpose of code signing? (Select 2 answers)

A
  • Confirms the application’s source of origin
  • Validates the application’s integrity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The term “Static code analysis” refers to the process of discovering application run-time errors

A

False

17
Q

A dynamic code analysis allows for detecting application flaws without the need for actual execution of the application code

A

False

18
Q

Which of the following terms refers to an automated or manual code review process aimed at discovering logic and syntax errors in the application’s source code?

A

Static code analysis

19
Q

The practice of finding vulnerabilities in an application by feeding it incorrect input is called:

A

** Fuzzing **
Fuzzing is a testing technique that involves sending malformed or unexpected data to an application to identify vulnerabilities. While it helps identify security weaknesses, it is not a method for protecting database contents itself.

20
Q

Which of the following measures can be used in the hardening process?

A
  • Disabling unnecessary ports and services
  • Introducing changes to the Registry (MS Windows)
  • Implementing disk encryption
  • Keeping the system up to date via patch management process
    All of the above
21
Q

Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality?

A

** SED **

A data storage device equipped with hardware-level encryption functionality is referred to as “SED,” which stands for Self-Encrypting Drive. SEDs have built-in encryption capabilities, and they automatically encrypt data as it is written to the drive and decrypt it as it is read, all without the need for additional software or user intervention.

22
Q

A software technology designed to provide confidentiality for an entire data storage device is known as:

A

** FDE **
A software technology designed to provide confidentiality for an entire data storage device is known as “FDE,” which stands for Full Disk Encryption

23
Q

Which of the following answers refers to a specification for SEDs?

A

** Opal **

The specification for Self-Encrypting Drives (SEDs) is referred to as “Opal.” Opal is a set of specifications developed by the Trusted Computing Group (TCG) that defines standards for self-encrypting storage devices, including hard drives and solid-state drives, to ensure data security through hardware-based encryption.

24
Q

Which of the following answers list examples of hardware root of trust? (Select 2 answers)

A

** TPM **

TPM (Trusted Platform Module): TPM is a hardware-based security chip that provides a secure foundation for various security functions, including encryption, key management, and secure boot

** HSM **
HSM (Hardware Security Module): HSM is a hardware device or appliance designed to provide secure storage and management of cryptographic keys and perform cryptographic operations in a secure and tamper-resistant manner.

25
Q

Which of the following terms refers to an embedded cryptoprocessor that can be found on the motherboards of newer PCs and laptops?

A

** TPM **

TPM (Trusted Platform Module): TPM is a hardware-based security chip that provides a secure foundation for various security functions, including encryption, key management, and secure boot