3.2

Question 1

Is the concept of extending the security perimeter to the devices that are connected to the network.

Answer 1

Endpoint protection

Question 2

Are integrated solutions that combine individual endpoint security functions into a complete package.

Answer 2

Endpoint detection
and response (EDR)

Question 3

Serve to prevent sensitive data from leaving the network without notice.

Answer 3

Data Loss Prevention (DLP)

Question 4

Act by inspecting the actual traffic crossing the firewall-not just looking at the source and destination addresses and ports, but also at the actual content being sent.

Answer 4

Next-generation firewall (NGFW)

Question 5

Act to detect undesired elements in network traffic to and from the host.

Answer 5

Host-based intrusion detection
system (HIDS)

Question 5

Is a HIDS with additional components to permit it to respond automatically to a threat condition.

Answer 5

Host-based intrusion prevention
system (HIPS)

Question 6

Also referred to as personal firewalls. Are host-based protective mechanisms that monitor and control traffic passing in to and out of a single system.

Answer 6

Host-based firewall

Question 7

The assurance that the boot process of a computer system has not been compromised or tampered with by unauthorized entities.

Answer 7

Boot integrity

Question 8

Offers a solution to the [problem of boot integrity, called called Secure Boot, which is a mode that, when enabled, only allows signed drivers and OS loaders to be invoked.

Answer 8

Boot security/Unified Extensible
Firmware Interface (UEFI)

Question 9

Is a security feature designed to enhance the integrity of the boot process in computer systems. It works by processing hashes and comparing the hash values to known good values.

Answer 9

Measured boot

Question 9

Is a security mechanism used to verify the integrity of a computing platform’s boot process remotely. It involves generating and providing evidence to remote parties about the trustworthiness of the platform’s boot sequence.

Answer 9

Boot attestation

Question 10

Is the process of substituting a surrogate value, called a token, for a sensitive data element.

Answer 10

Tokenization

Question 11

Is the process of adding a random element to a value before performing a mathematical operation like hashing.

Answer 11

Salting

Question 12

Is a mathematical method of reducing a data element to a short form that is not reversible to the original form.

Answer 12

Hashing

Question 13

Is when code is examined without being executed.

Answer 13

Static code analysis

Question 14

Is analysis that is performed when the software is executed.

Answer 14

Dynamic code analysis

Question 15

Is a brute force method of addressing input validation issues and vulnerabilities. The basis for ____________ a program is the application of large numbers of inputs to determine which inputs cause faults and which ones might be vulnerable to exploitation.

Answer 15

Fuzzing

Question 16

Are methods of implementing cryptographic protection on hard drives and other similar storage media with the express purpose of protecting the data, even if the drive is removed from the machine. Are software only proprietary solutions.

Answer 16

Self-encrypting drive (SED)/
full-disk encryption (FDE)

Question 17

Is used for applying hardware-based encryption to storage mediums.

Answer 17

Opal

Question 18

Is the concept that if one has trust in a source’s specific security functions, this layer can be used to promote security to higher layers of a system.

Answer 18

Hardware root of trust

Question 19

Is a hardware solution on the motherboard, one that assists with key generation and storage as well as random number generation.

Answer 19

Trusted Platform Module (TPM)

Question 20

Refers to the quarantine or isolation of a system from its surroundings.

Answer 20

Sandboxing