3.5

Question 1

security baseline

Answer 1

the minimum
amount of security controls needed for safeguarding an IT system based on its identified needs for confidentiality, integrity,
and/or availability protection

Question 2

center for internet security (cis)

Answer 2

The CIS Benchmarks are strict configuration recommendations for more than 25 vendor product
families

They represent a consensus-based initiative by cybersecurity experts globally to help organizations
protect their systems against threats more effectively and confidently

Question 3

hardening (server hardening)

Answer 3

a combination of
methods, tools, and best practices used to reduce vulnerability in servers and computers

Question 4

the goal of server hardening:

Answer 4

to lessen network and
IT security risks by shutting down ports and channels used by unnecessary services and
applications

It also includes removing default and automatic configuration settings and activating built-in security features

Question 5

challenges to hardening embedded/IOT systems

Answer 5

dependability
uneven security updates
attack replication
industrial protocols
device life cycles
remote deployment

Question 6

dependability

Answer 6

many critical aspects such as utility
grids, transportation infrastructure, and communication systems are controlled by difficult to
patch embedded systems

Question 7

uneven security updates

Answer 7

most of the embedded
and specialty systems are not upgraded regularly for
security updates

Question 8

attack replication

Answer 8

since embedded devices are
mass produced, the same version of components
have the same design and build as other devices in
the lot

Question 9

industrial protocols

Answer 9

embedded systems often
follow a set of custom procedures that are not protected or recognized by enterprise security tools

Question 10

device life cycles

Answer 10

specialty IoT devices typically
have a much longer lifespan than PCs

Question 11

remote deployment

Answer 11

many embedded devices are
deployed in the field, outside the enterprise security perimeter; therefore, they may be directly connected to the Internet without the security layers provided in the industrial environment

Question 12

wireless site surveys

Answer 12

1. The first phase of a wireless site survey is to identify all the wireless deployment requirements
2. Next, the surveyor should get a diagram of the area the network will cover, preferably with building blueprints:
   * Perform a walkthrough and document the infrastructure evaluation
3. The next step is to look out for places where wireless access points can be mounted, such as ceilings and pillars
   * After this, determine the areas to be covered:
   * Don’t forget utility rooms that may house wireless equipment
   * Indicate areas on the floor plan
   * Determine the tentative access point locations:
   * Make sure to check the coverage range of your access points
   * Build in some overlap between neighboring access points to guarantee seamless roaming,
   dynamic load balancing, and network resiliency

Question 13

wireless analysis

Answer 13

The initial decision should be to acquire an industry
leading wireless analysis and spectrum analysis
toolkit
* A Wi-Fi analyzer is a useful software application that
can report many things about the wireless network
and the networks around you, helping you optimize
your Wi-Fi for best performance

Question 14

heat map

Answer 14

A Wi-Fi heatmap tool generates a color-coded graphical representation of different wireless
metrics such as signal strength, signal-to-noise
(SNR) ratio levels, and interference in different
areas

Question 15

mobile deployment models

Answer 15

• bring your own device (BYOD)
• corporate-owned,personally-enabled (COPE)
  *choose your own device(CYOD)

Question 16

bring your own device (BYOD)

Answer 16

• Employees are permitted to use their personal mobile devices to access enterprise data and
  systems

Question 17

There are four basic options for BYOD:

Answer 17

• Unlimited access for personal devices
• Access only to non-sensitive systems and data
• Access with IT control over personal devices, apps,
  and stored data
• Access while preventing local storage of data

Question 18

corporate-owned, personally-enabled (COPE)

Answer 18

Company gives the employees or contractors mobile devices that are provisioned from vendors and cellular providers without end
user input

The users can handle as if they were their own
This model prevents the need for two smartphones

COPE programs should use containerization tools and extensive mobile device management and mobile application management

Question 19

choose your own device(CYOD)

Answer 19

• Much like BYOD, it lets employees work from anywhere using a mobile device
• CYOD devices must be approved by the organization, unlike BYOD
• Users often select from a list of approved devices, which are usually smartphones

demands device management

Question 20

three basic core competencies that all organizations need from an EMM solution:

Answer 20

• Visibility – understanding what’s running on mobile devices is
  the key to discovering potential risks and adhering to
  compliance policies
• Secure access – providing the ability for mobile users to
  securely authenticate and authorize access to apps and data
• Data protection – offering dynamic antimalware and data loss
  prevention (DLP) capabilities to help limit the risk of attacks and
  data breaches

Question 21

sandboxing ( partitioning
or compartmentalization)

Answer 21

These techniques involve orchestrating the
packaging, isolation, and encapsulation of
apps and work data in a separate segmented
user space within the device

Question 22

Storage sandboxing (segmentation)

Answer 22

comprises
partitioning various types of data on devices
to protect IP, personally identifiable
information (PII), and protected health
information (PHI) and support DLP initiatives

Question 23

WPA2 (info)

Answer 23

Wi-Fi Protected Access 2 (WPA2) was the replacement for WPA (2004)

All devices required testing and certification from Wi-Fi Alliance (2006)
* It uses Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) for security
* WPA2 supports pre-shared key (PSK) and enterprise authentication
* Management Frame Protection (MFP) was optional but highly recommended

Question 24

WPA3

Answer 24

• The Wi-Fi Alliance announced this new security protocol in 2018, with WPA3 support becoming mandatory for all routers carrying the Wi-Fi Certified label since July 2020
• All WPA3 networks use the latest security methods, disallow outdated legacy protocols, and require the
  use of Protected Management Frames (PMF)

*Authenticated encryption – GCMP-256

Question 25

Protected Management Frames (PMF)

Answer 25

• PMF enhances privacy protections already in place for data frames with mechanisms to improve the
  resiliency of mission-critical networks

Question 26

RADIUS

Answer 26

network protocol and a server client architecture widely used for centralizing authentication, authorization and accounting(AAA) functions in corporate networks

Question 27

application security

Answer 27

validation testing
functionality testing
secure cookies
code signing

Question 28

validation testing

Answer 28

• Validation testing is the process of ensuring that the tested and
  developed software application or mobile app fulfills the needs
  of the customer:
• The business requirement logic or use cases must be tested in full
  detail
• All the critical functionalities of an application must be tested here
• It is critical to know how to verify the business logic that is
  provided:
• A common technique is input validation which ensures only
  properly formed data is entering the workflow in an information
  system

Question 29

Design
qualification
(DQ)

Answer 29

Defines the functional and operational specification of the instrument and
details the conscious decision in the selection of the supplier

Question 30

Installation
qualification
(IQ)

Answer 30

Establishes that the instrument is received as designed and specified, that it
is properly installed in the selected environment, and that this environment
is suitable for the operation of the instrument

Question 31

Operational
qualification
(OQ)

Answer 31

The process of demonstrating that an instrument will function according to
the operational specification in the selected environment

Question 32

Performance
qualification
(PQ)

Answer 32

The process of demonstrating that an instrument performs according to a specification appropriate for its routine use

Question 33

secure cookies

Answer 33

• HTTP cookies are small packets of data stored
  in a browser client
• This data may contain sensitive data like
  passwords or user information and is therefore
  vulnerable for attacks
• To limit vulnerability, developers can enhance
  cookie security by adding specific attributes to
  the set cookies, making it difficult for attackers
  to manipulate

Question 34

method for securing cookies

Answer 34

• Really Simple Secure Sockets Layer (SSL) uses the
  HttpOnly, secure, and use_only_cookies parameters
  to make cookies more secure:
• The HttpOnly flag will tell the browser that this
  cookie can only be accessed by the server
• The secure parameter will make sure cookies are only
  sent over a secure SSL connection
• The use_only_cookies parameter will tell your
  website to use only cookies to store session data

Question 35

Static application security testing (SAST)

Answer 35

commonly defined as a clear-box (know all) test, where an analysis of the application source code, byte code, and binaries is carried
out by the application test without executing the code

Question 36

what is Static application security testing (SAST) used for?

Answer 36

• It is used to find coding errors and omissions that are symptomatic of security vulnerabilities
• SAST is often used as a test method when the tool is under development – earlier in the
  development life cycle
• It can be used to find SQL injection attacks,
  cross-site scripting errors, buffer overflows,
  unhandled error conditions, and probable
  back doors into the application

Question 37

Dynamic application security testing (DAST)

Answer 37

considered an opaque (know nothing) test
where the tool must find distinct execution
paths in the application being analyzed

Question 38

what is Dynamic application security testing (DAST) used for?

Answer 38

Unlike SAST, which analyzes code that is not
running, DAST is used against applications in
their running state
* It is primarily considered effective when testing exposed HTTP and HTML interfaces of web applications
* Static and dynamic application tests work in concert to improve the reliability of applications being built and bought by organizations

Question 39

acquisition/procurement (info)

Answer 39

process involves
possible assignment of ownership, custodians,
and/or stewards
* The labeling or tagging schema will be applied
* Classification and sensitivity levels are attached
* The accounting methodology will be
implemented which may include
* RADIUS/DIAMETER/LDAPS
* Automated and integrated inventory engines
* Integration with directory services,
configuration management database, human
resources, and legal