4.1 Flashcards

1
Q

BYOD

A

bring your own device
cost effective for employers
drawback is less security control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

COPE

A

coporate owned personally enabled
high intial investment
employees may have privacy concerns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

CYOD

A

employees select devices from a company approved list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data remnants

A

residual data left behind after deletion or erasure processes. in the cloud it may not be completely removed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

virtualization

A

emulates servers each with its own OS within a virtual machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

containerization

A

lightweight alternative encapsulting apps within their OS environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Hype 1 hypervisor

A

bare metal
runs directly on hardware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Type 2 hypervisor

A

hosted
operates within a standard OS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

VM Escape

A

attackers break out of isolated VMs to access hypervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Live VM migration

A

attacker captures unencryped data between servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Resource reuse

A

improper clearing of resources may expose sensitive data to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

FaaS

A

developers write and deploy individual functions triggered by events (serverles)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

IoT

A

internet of things
network of physical devices with sensors software and connectivity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Hub/Control system

A

central component connecting IoT devices to

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

ICS

A

industrial control system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

DCS

A

distributed control system
used in control production systems within a single location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

PCL

A

programmabe logic controllers
used to control specific processes such as assembly lines and facotires

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

SCADA

A

supervisory control and data acquisition systems
type of ICS used for controlling geographically dispersed industrial processes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Risks and vu,nerabilities of ICS and SCADA

A

unauthroized access
malware attacks
lack of updates because of running outdated software
physical threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Embedded systems

A

specialized computing components designed for dedicate functions within larger devices
they integrate hardware and mechanical elemants

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

RTOS

A

real time operatin system
critical for time sensitive apps like flight navigation and medical equipment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

vulnerabilities in embedded systems

A

hardware failure (harsh environments)
software bugs
outdated systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

wrappers IPsec

A

protect data during transfer by hiding interception points
way to protect embedded systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

firmware code control

A

manage low level software to maintin system integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

OTA

A

over the air updates for embedded systems installed remotely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

bluetooth

A

wireless technology for short distance data exchange

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

bluetooth vulnerabilities

A

insecure pairing
spoofing
on path attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Bluetooth attacks

A

bluejacking
bluesnarfing
bluebugging
bluesmack
blueborne

29
Q

Bluejacking

A

sending unsolicited messages to a bluetooth device
often use for pranks and testing vulnerabilities

30
Q

Bluesnarfing

A

unauthorized access to a device to steal information like contacts, call logs, and text messages

31
Q

Bluebugging

A

allows attackers to take full control of a device’s bluetooth functions
make calls, send messages, or access the internet

32
Q

Bluesmack

A

denail of service

33
Q

blueborne

A

spreads through the air to infect devices without user interaction

34
Q

Sideloading

A

installing apps from unofficial sources by bypassing the device’s default app store

35
Q

jailbreaking/rooting

A

gives users escalted privileges on their devices

36
Q

insecure mobile connection methods

A

using open wifi networks or pairing to unknown devices

37
Q

MDM

A

mobile device management
includes patching, configuration management and best practice enforcement

38
Q

Zero day vulnerabilities

A

discovered and exploited before vendor issues a patch

39
Q

zero day exploit

A

attacks that target previously unknown vulnerabilities

40
Q

zero day

A

refer to the vulnerability expolit or malware that exploits the vulnerability

41
Q

Secure Baseline

A

standard set of security configurations and controls applied to systems networks or apps to ensure minimum level fo security

42
Q

Wireless infrastructure security

A

placement of wireless access points impacts network performance and security

43
Q

WAP

A

wireless access point, allows wireless devices to connect to a wire network using wifi standards

44
Q

ESS

A

extended service set
multiple waps working together to provide seamless network coverage

45
Q

wireless access point interference

A

occurs when multiple WAPS use the same channels or overlapping frequencies

46
Q

Types of wireless access point interference

A

co channel
adjacent channel

47
Q

Site survey

A

essential for planning and designing wireless networks
involves a site visit to test for radio frequency intererence and identify optimal WAP installation locations

48
Q

heat maps

A

graphical representations of wireless coverage, signal strength, frequency utilization,

49
Q

WEP

A

wired equivalent privacy
outdated encryption protocol

50
Q

WPA3

A

wifi protected access 3
the most secure
utilizes AES for encryption
feature are
SAE
Enhanced Open
Updated cryotographic protocols
management frame protection

51
Q

SAE

A

simultaneous authentication of equals
replaces the 4 way handshake with a diffie hellman key
protects against offline dictionary attacks

52
Q

Enhanced Open

A

aka opportunistic wireless encryption
provides individualized data encryption even in open networks
protects people in open wifi scenarios

53
Q

Managment frame protection

A

ensures integrity of network management traffic
prevents eavesdropping, forging and tampering with management frames

54
Q

AAA protocols

A

important for centralized user authentication and access control

55
Q

Examples of AAA protocols

A

RADIUS
TACACS+

56
Q

RADIUS

A

remote authentication dial in user service
offers authentication, authorization and accounting services
widely used for secure access to network resources

57
Q

TACACS+

A

terminal access controller access control system plus
separates authentication, authorization and accounting functions
more granular control

58
Q

Authentication protocols

A

used to verify user identity and controk network access

59
Q

EAP

A

extensible authentication protocol
authentication frameowkr supporting multiple methods

60
Q

PEAP

A

protected extensible authentication protocol
encapsulates EAP within an encrypted TLS tunnel

61
Q

EAP-TTLS

A

extensible authentication protocol tunneled transport layer security
extends tls support accross platforms

62
Q

EAP-FAST

A

T (Extensible Authentication Protocol-Flexible Authentication via Secure
Tunneling)
● Developed by Cisco Systems for secure re-authentication

63
Q

Cookies

A

small data pieces stored by web browsers

64
Q

Secure cookies

A

transmitted over https

65
Q

SAST

A

Statis code analysis
reviewing and examining a source code before running the program
identifies issues like buffer overflows, sql injection and xss

66
Q

DAST

A

dynamic code analysis
analyzed app while running

67
Q

Fuzzing

A

inputs random data
to provoke crashes and exceptionsstr

68
Q

stress testing

A

evaluates system stability under extreme conditions

69
Q
A