4 Security Applications and Device

Question 1

Which operating system utilizes the PF and IPFW firewall

Answer 1

OS X

Question 2

Which operating system utilizes the iptables firewall

Answer 2

Linux

Question 3

What is a monitoring system that detects suspicious actives and generates alerts when they are detected

Answer 3

Intrusion Detection System (IDS)

Question 4

What are the two types of IDS’s

Answer 4

Host-based IDS and Network-based IDS

Question 5

What is a host based ids

Answer 5

it monitors the computer infrastructure on which it is installed, analyzing traffic and logging malicious behavior

Question 6

what is a network based ids

Answer 6

devices intelligently distributed within networks that passively inspect traffic traversing the devices on which they sit

Question 7

What are the three types of detection methods in an IDS

Answer 7

signature based, policy based, and anomaly based

Question 8

What is signature based detection method in an IDS

Answer 8

A specific string or byte triggers an alert

Question 9

What is policy based detection method in an IDS

Answer 9

relies on specific declaration of the security policy

Question 10

What is anomaly based detection method in an IDS

Answer 10

Analyzes the current traffic against an established baseline and triggers an alert if outside the statistical average

Question 11

What is malicious activity is identified as an attack:

A. True Positive
B. False Positive
C. True Negative
D. False Negative

Answer 11

A. True Positive

Question 12

What is legitimate activity is identified as an attack

A. True Positive
B. False Positive
C. True Negative
D. False Negative

Answer 12

B. False Positive

Question 13

What is legitimate activity is identified as legitimate traffic

A. True Positive
B. False Positive
C. True Negative
D. False Negative

Answer 13

C. True Negative

Question 14

What is malicious activity identified as legitimate traffic

A. True Positive
B. False Positive
C. True Negative
D. False Negative

Answer 14

D. False Negative

Question 15

What is the difference between an IDS and an IPS

Answer 15

An IDS detects and monitoring tools. Tools do not take action on their own. Requires human interaction. An IPS is a control system. They accept or rejects packets based on the ruleset. Require that the database gets updated regulated with new thread data.

Question 16

What is a software-based client that monitors the data in use on a computer and can stop a file transfer or alert an admin of the occurrence

Answer 16

Endpoint Data Loss Prevention System

Question 17

What is software or hardware-based solution that is installed on the perimeter of the network to detect data in transit

Answer 17

Network Data Loss Prevention System

Question 18

What is software installed on servers in the datacenter to inspect the data at rest

Answer 18

Storage Data Loss Prevention System

Question 19

What is cloud software as a service that protects data being stored in cloud services

Answer 19

Cloud DLP System

Question 20

What is the firmware interface that is similar to BIOS but stores its data in a file rather than on the firmware

Answer 20

UEFI

Question 21

What are the ways to secure the BIOS

Answer 21

Flash the BIOS, use a BIOS password, configure the BIOS boot loader, disable external ports and devices, and enable the secure boot option

Question 22

What type of storage device is connected directly to your organization’s network and often use RAID arrays to ensure high availability

Answer 22

Network Attached Storage (NAS)

Question 23

What is a storage device that is network designed specifically to perform block storage functions that may consist of NAS devices

Answer 23

Storage Area Network (SAN)

Question 24

What are some security characteristics with a Storage Area Network

Answer 24

Proper Data Encryption, Proper Authentication, and Log NAS access

Question 25

What is a security limitation place on a system in regards to the utilization of USB storage devices and other removable data

Answer 25

removing media controls

Question 26

What is a type of disk encryption that is utilized by a storage device that performs whole disk encryption by using embedded software

Answer 26

Self-Encrypting Drive

Question 27

File Vault and BitLocker are the most commonly used ______ software

Answer 27

encryption

Question 28

What is a type of disk encryption that utilizes a chip residing on the motherboard that contains an encryption key

Answer 28

Trusted Platform Module (TPM)

Question 29

If your motherboard doesn’t have a Trusted Platform Module what is something you can use as a key

Answer 29

A usb drive

Question 30

What is a type of disk encryption that uses physical devices that act as a secure crypto-processor during the encryption process

Answer 30

Hardware Security Module (HSM)

Question 31

What is a type of encryption standard that utilizes a symmetric block cipher that can encrypt and decrypt information

Answer 31

Advanced Encryption Standard (AES)

Question 32

What is a type of IDS/IPS that monitors a computer system for unexpected behavior or drastic changes to the system’s state on an endpoint

Answer 32

Host-based IDS/IPS (HIDS or HIPS)

Question 33

What is a software agent and monitoring system that performs multiple security tasks such as anti-virus, HIDS/HIPS, firewall, DLP, and file encryption

Answer 33

Endpoint Protection Platform (EPP)

Question 34

What is a software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats

Answer 34

Endpoint Detection and Response (EDR)

Question 35

What is a system that can provide automated identification of suspicious activity by user accounts and computer hosts

Answer 35

User and Entity Behavior Analytics (UEBA)

Question 36

What type of endpoint analysis is heavily dependent on artificial intelligence and machine learning

Answer 36

User and Entity Behavior Analytics (UEBA)

Question 37

What is the hybrid of EPP, EDR, and UEBA

Answer 37

NextGen AV (NGAV)

Question 38

What is the highest level of wireless security

Answer 38

WiFi Protected Access 2 (WPA2)

Question 39

What are some security attributes to do on mobile

Answer 39

Do not jailbreak