3. Security

Question 1

OPSEC

Answer 1

Operations Security - Process you use to protect your information

Question 2

Steps of OPSEC (5)

Answer 2

1. Identification of critical info (identify the assets that would cause you the most harm if exposed)
2. Analysis of threats (analyze any threats related to each critical info)
3. Analysis of vulnerabilities (analyze the vulnerabilities int he protections you’ve put in place to secure your info assets. HOW YOU INTERACT W/ ASSETS)
4. Assessment of risks (what issues you need to address in the rest of the ops sec process. RISK OCCURS WHEN YOU HAVE A MATCHING THREAT AND VULNERABILITY)
5. Application of COUNTERMEASURES (when you construct countermeasures for a risk, you need to mitigate either the threat or the vulnerability at a min)

Question 3

Laws of OPSEC - Kurt Haase (3)

Answer 3

1. Know the threats “If you don’t know the threat, how do you know what to protect?”
2. Know what to protect (determine critical info)
3. Protect the information

Question 4

Purple Dragon

Answer 4

Code study during the Vietnam War. Coined the term OPSEC

Question 5

Competitive Intelligence

Answer 5

Conducting intelligence gathering and analysis to support business decisions

Question 6

Competitive Counterintelligence

Answer 6

Managing info gathering activities directed at an organization

Question 7

OpSEC Support Staff (IOSS)

Answer 7

Provide multiple agencies w/ a wide variety of security awareness and trainings

Question 8

Social engineering attacks

Answer 8

manipulate people to gain info/access to facilities

Question 9

HUMINT

Answer 9

Human Intelligence - gathered by talking to people, torture, tricking people w/ scams

Question 10

OSINT

Answer 10

Open Source Intelligence - info collected from publicly available sources

Question 11

Metadata

Answer 11

Data about data found in almost any file
Ex forensic tool: EnCase

Question 12

EXIF data

Answer 12

Image/video file metadata

Question 13

Shodan

Answer 13

Search engine of service banner which are metadata that the server sends back to the client.
Web based search engine that looks for info saved on internet connected devices.

Question 14

FTP

Answer 14

File Transfer Protocol

Question 15

GEOINT

Answer 15

Geospatial info from satellites

Question 16

MASINT

Answer 16

Measurement and signature from sensors

Question 17

RADINT

Answer 17

Radar info

Question 18

TECHINT

Answer 18

Technical info about equipment, tech, and weapons

Question 19

FININT

Answer 19

Financial info about financial dealings

Question 20

CYBINT/DNINT

Answer 20

Cyber/Digital Network info from comp systems/networks

Question 21

Pretexting

Answer 21

Social engineering attack that utilizes credible scenarios to lure people into disclosing sensitive info

Question 22

Phishing

Answer 22

Social engineering technique that uses electronic communications to carry out an attack that is broad in nature

Question 23

Tailgating

Answer 23

Following someone through an access control point

Question 24

Malware

Answer 24

Application that makes unauthorized changes to a device

Question 25

Clean desk policies

Answer 25

Sensitive info shouldn’t be left out/unattended

Question 26

BCP - Business continuity planning

Answer 26

Plans put in place to ensure that critical business functions can continue in a state of emergency

Question 27

DRP - Disaster recovery planning

Answer 27

Plans put in place to prepare for a potential disaster. What to do during and after.

Question 28

Types of physical security controls (3)

Answer 28

Deterrent
Detective
Preventive

Question 29

Magnetic Media

Answer 29

Use movement and magnetically sensitive material to record data
Ex: hard drives, tapes

Question 30

Flash Media

Answer 30

Media that stores data on NONVOLATILE memory chips
Cheaper and faster

Question 31

Optical Media

Answer 31

Ex: CD, DVDs
Fragile

Question 32

RAID/RAID array

Answer 32

Redundant arrays of inexpensive disks - method of copying data to more than 1 storage device

Question 33

Computer Network

Answer 33

Group of computers/other devices that are connected to facilitate the sharing of resources

Question 34

DDoS

Answer 34

Distributed denial of service attacks

Question 35

Network Segmentation

Answer 35

Network design factor that controls the flow of traffic between subnets to prevent attacks and boost network performance

Question 36

Firewalls

Answer 36

Mechanism for controlling network traffic. Natural segmentation where level of trust changes.

Question 37

Types of firewalls (4)

Answer 37

Packet Filtering
Stateful Packet Inspection
Deep Packet Inspection
Proxy Servers

Question 38

Deep Packet Inspection Firewalls

Answer 38

Analyze content of traffic and can reassemble the content to determine what will be delivered to the destination application

Question 39

Disaster Recovery

Answer 39

Steps and organization will take during a state of emergency to REPLACE IT INFRASTRUCTURE

Question 40

Stateful Packet Firewall

Answer 40

Monitors and defends a system based on traffic patters over a given connection

Question 41

Packet Filtering

Answer 41

Makes a determination on each packet individually based on the source and destination IP addresses, port #, and protocol used

Question 42

Proxy Servers

Answer 42

Pertain specifically to applications. “Choke point”. Log traffic for later inspection. Single source for requests.

Question 43

DMZ

Answer 43

Demilitarized zone - Creates a zone that allows public facing servers to be accessed from the outside while providing protection and restricting traffic

Question 44

IDS

Answer 44

Network Intrusion Detection Systems

Question 45

Signature-based IDS

Answer 45

Maintain a database of the signatures that might signal an attack and compare incoming traffic to those signatures

Question 46

Anomaly-based IDS

Answer 46

Determine normal kinds of traffic/activity taking place on the network then measure present traffic against this.
Can produce a larger number of false positives

Question 47

VPN

Answer 47

Virtual private network - encrypted connection between 2 points

Question 48

Packet Sniffer

Answer 48

Network/protocol analyzer tool that can intercept traffic on a network
Ex: TcpDump, Ethereal, Wireshark, Kismet

Question 49

Honeypots

Answer 49

Network security tool that deliberately configures a system w/ fabricated vulnerabilities to detect and monitorthe activities of an attacker

Question 50

Buffer overflow attack

Answer 50

Inputting more data than an application is expecting

Question 51

HIDS

Answer 51

Host Intrusion Detection - Analyze activity on or directed at the network interface of a particular host

Question 52

Centrally Managed

Answer 52

Devices are under control of 1 main system that maintains them

Question 53

Baseband Operating System

Answer 53

Runs on it’s own processor and generally handles the phone’s hardware

Question 54

Supervisory Control and Data Acquisition System

Answer 54

Industrial control system that monitors and controls systems over long distances, often those related to utilities and other infrastructure

Question 55

Embedded Devices

Answer 55

Computer contained inside another device

Question 56

How to counteract a buffer overflow/buffer overrun attack?

Answer 56

Bounds checking

Question 57

Input validation attacks AKA Format string attacks

Answer 57

When certain print functions within a programming language can be used to manipulate/view internal memory of an app

Question 58

Software development vulnerabilities (6)

Answer 58

Buffer overflows
Race conditions
Input validation attacks
Authentication attacks
Authorization attacks
Cryptographic attacks

Question 59

AES

Answer 59

SYMMETRIC ALGORITHM
STANDARD US ENCRYPTION)
Advanced Encryption Standard (Cryptographic attack)

Question 60

Client-Side Attacks (3)

Answer 60

XSS (Cross-site scripting)
XSRF (Cross-site request forgery)
Clickjacking

Question 61

XSS

Answer 61

Cross-site scripting - attack carried out by placing code in the form of a scripting language into a Web Page or other media that is interpreted by a client browser

Question 62

XSRF

Answer 62

Cross-site request forgery - attack of a planed line on a Web Page in a way that will be automatically executed in order to initiate a particular activity on another page/app where the user is authenticated

Question 63

Clickjacking

Answer 63

Attack takes advantage of graphical display capabilities of browsers to click something we wouldn’t normally. Another layer over the web page.

Question 64

Server-side attacks (3)

Answer 64

Lack of input validation (Directory traversal attacks)
Improper/Inadequate permissions
Extraneous files (server moved from development to production, files not directly related to the running of the site)

Question 65

Database Vulnerabilities (4 main branches)

Answer 65

Protocol issues
Unauthenticated access
Privilege escalation
Arbitrary code execution

Question 66

Port 443

Answer 66

Provides HTTP Secure Services, which web pages secured with secure socket layer and or transport layer security

Question 67

TCPdump

Answer 67

Data network packet analyzer that runs under a cmd line interface

Question 68

RSA

Answer 68

Asymmetric encryption to secure web and email traffic

Question 69

What does endpoint protection help reduce?

Answer 69

Malware

Question 70

Residual Data

Answer 70

Leftover info after erasing a hard drive

Question 71

WPA3

Answer 71

Wireless protocol

Question 72

System hardening

Answer 72

Done to an organizations attack surface to protect its devices and network

Question 73

When are software updates performed?

Answer 73

After testing and vetting

Question 74

Port 53

Answer 74

Needs to be removed when running a web server

Question 75

Core Impact - Exploit framework

Answer 75

Centralized penetration testing that enables security teams to conduct multi-phased penetration tests

Question 76

What control protects against authorization attacks?

Answer 76

Principle of least privilege

Question 77

Wireshark

Answer 77

Packet sniffer used to monitor web traffic. Can intercept and troubleshoot traffic from wired and wireless sources.

Question 78

Burp Suite

Answer 78

Web assessment and analysis tool that looks for issues on websites such as XSS or SQL injection flaws

Question 79

Fuzzer

Answer 79

Analysis tool that bombards applications with all manner of data and inputs from a wide variety of sources in the hope that the application will fail/perform in unexpected ways

Question 80

Port 80

Answer 80

Provides HTTP Services - Web content

Question 81

Port 22

Answer 81

Provides remote access services and is secured with Secure Shell