3.1 - 3.2

Question 1

Secure real tine protocol

Answer 1

Take non encrypted convos and add encryption to it it uses AES to encrypt audio and video

Hmac-sha1 hashing

Question 2

Time synchronization

Answer 2

Ntpsec from ntp has cleaned up vulnerabilities

Question 3

S/mime

Answer 3

Public private key encryption for emails and includes digital signatures

Pipulat to use pop3 with start tls and ssl

With imap can use secure imap

Briwsers should always use ssl

Question 4

Ssl/tls

Answer 4

Secure sockets layer replaced by transport layer security via http

Question 5

Ipsec tunnel

Answer 5

Security for osi layer
Encryption and packet signing

First authentication header, then encapsulation payload for encryption

Question 6

Ftps and sftp

Answer 6

Ftps uses uses ssl

Sftp - ssh file transfer protocal, more management capabilities, listing interruptions, manipulate file system

Question 7

Ldap

Answer 7

Lightweight directly access protocol

Standard for having a directory on network, used tcp/ip

Ldap secure - uses ssl for secure communication

Sasl is used by ldap and is a simple authentication and security layer

Question 8

Ssh and dns

Answer 8

Secure shell replaces old telnet

Domain name system originally had no security to be redirected by hackers. Dns sec extension is added to validate info given to ensure it came from the place requested without changes in transit

Question 9

Routing and switches

Answer 9

Snmpv3 protocol uses queuing and confidentiality of data simple network management protocol v3

Https not http

Question 10

Dhcp

Answer 10

Automatically assigns ip to netwrok and device

Hackers can manipulate so controls are added in active directory, assigns devices with permissions

Untrusted interfaces get blocked

Question 11

Defense in deptg

Answer 11

Multifaceted defense

Question 12

End point detection and response

Answer 12

Attacks usually from signatures but edr uses what the file is doing and other methods rather than block signature it blocks action

Question 13

Data loss prevention

Answer 13

Preventing data transfer from being seen, in the clear or encrypted form

Maybe a firewall cloud or clients system

Question 14

Ngfw

Answer 14

Next gen firewalls identifies apps regardless of hiding ip address can block at network level, includes decrypt and encrypt capability

Question 15

Host base firewalls

Answer 15

Firewalls also running on end points supported By host based firewall

Another is host bast intrusion detection system or host based intrusion prevention system

Can be integrated in host basted detection system

Question 16

Boot integrity

Answer 16

Attackers want to get into an os to stay there and come back on, with a rootkit at kernal level.

Question 17

Trusted platform module

Answer 17

For cryptographic functions in the os such as a number generator and memory to store keys and is password protected with anti bruteforce

Question 18

Uefi bios has secure boot

Answer 18

Protections for software bios and can see fake bios and can check boot loaders at boot level and uses trusted certs to match a digital signature

Question 19

Trusted boot

Answer 19

Boot drivers and start up and uses elam before any apps start up to match signatures to check drivers

Question 20

Measured boot

Answer 20

For a network of computers to check for malwarez stores Hash and firmware

An attestation server will ensure nothing has been modified

Question 21

Database security

Answer 21

Tokenization where data isn’t really stored in it cause its replaced with a token its not hashing or encrypting

As a hash, save as a message digest, and different inputs have different values. One way trip. Can add salt to avoid rainbow tables

Question 22

Input validation

Answer 22

For secure coding data needs to be documented to see all data inout and ensure nothings is out of scope, for normalization, like a zip-code not allowing for letters .

Hackers use fuzzers to see if they can bug it out dynamic analysis to see if crash or buffer overflow or other vulnerability

Question 23

Secure cookies

Answer 23

Temporary info like session management info should be protected as secure cookies using https

Question 24

Http secure headers

Answer 24

Allows or disallows certain actions when apps in use like restricting info thats not https or allowing some types of data to be loaded into the page

Question 25

Code signing

Answer 25

Where app recognizes device that has trust, that trust can be compromised

Question 26

Static code analyzers

Answer 26

Helps identify security flaws

Question 27

Application hardening

Answer 27

Protect from known and unknown lm flaws can use compliance for hardening likes pcidss or nist

Question 28

Open ports or services

Answer 28

With firewall or limited ip address or ngfw that limits apps

Use nmpa to see which ports currently open then limit to those ports

Question 29

Registry

Answer 29

Primary configuration database for all things on the os, can see what an app modifies. Third party tools can show changes by using baseline

Can configure permissions, disable smbv1

Question 30

Samdboxxing

Answer 30

Limits scope of app to limit access to production environment to only a testing environment like a virtual machine