Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > 4.1 Given a scenario, apply common security techniques to computing resources > Flashcards

4.1 Given a scenario, apply common security techniques to computing resources Flashcards

1
Q

Mobile Asset Deployments

A
  • BYOD (Bring Your Own Device): Employees use personal devices, cost-effective but with limited security control.
  • COPE (Corporate-Owned, Personally Enabled): Company provides devices, offering more control but with higher costs and potential privacy concerns. Sometimes, might be chosen from the list, but the company buys them
  • CYOD (Choose Your Own Device): Employees pick from approved devices, balancing flexibility with control, but still has privacy and cost concerns. Employee buys it
  • Selecting the Right Model:
    • Consider needs, budget, and risks.
    • BYOD: Hidden security and compatibility costs.
    • COPE: Supports MDM with tighter control.
    • CYOD: Balances employee choice with security.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Secure Baselines

A

Secure baselines in IT security are predefined standards and configurations that ensure systems and applications start with a minimum, consistent level of security to reduce vulnerabilities and maintain compliance. Safe starting point for the configurations of computer systems and networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Wireless Security Settings

A

WPA2-PSK uses a pre-shared key and does not provide individual authentication. Open mode doesn’t use security and allows all users to access the AP. Enterprise mode is more secure than Personal mode, providing strong authentication. Enterprise mode uses an 802.1X server (implemented as a RADIUS server) to add authentication.

  • Encryption Protocols:
    • WEP: Static keys; weak and easily cracked
    • WPA: Uses TKIP (dynamic keys) but still vulnerable
    • WPA2: Replaces TKIP with AES + CCMP; much stronger encryption
    • WPA3: Uses SAE (Simultaneous Authentication of Equals) instead of the 4-way handshake; protects against dictionary attacks and encrypts open networks
  • AAA Protocols (Authentication, Authorization, Accounting): RADIUS, TACACS+ etc. - see a separate card
  • Authentication Protocols:
    • EAP (Extensible Authentication Protocol): Framework supporting multiple authentication methods
    • PEAP: Wraps EAP in a TLS tunnel for encryption . Certificate: server-side
    • EAP-FAST: Cisco’s solution for quick re-authentication using TLS tunnels. Certificate: no, PAC (Protected Access Credential) is used
    • EAP-TLS: Extends TLS. One of the most secure! Certificate: server AND client side
    • EAP-TTLS: Extends TLS. Certificate: server-side
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Application Security

A

Six Key Areas:

  • Input Validation: Ensures data is secure and correctly formatted
    • Blocks attacks like SQL injection and XSS
    • Validates data early (e.g., front-end validation)
  • Cookies: Store data between client and server
    • Secure cookies use HTTPS, HttpOnly, and SameSite attributes to prevent misuse
  • SAST (Static Application Security Testing): Analyzes source code for vulnerabilities before executing the program
    • Detects buffer overflows, SQL injection, and XSS
  • DAST (Dynamic Code Analysis): Tests applications during runtime
    • Fuzzing: Inputs random data to find flaws
    • Stress Testing: Tests stability under heavy loads
  • Code Signing: Confirms the author’s identity and protects against code tampering
    • Uses digital signatures but doesn’t guarantee bug-free code
  • Sandboxing: Isolates programs to limit their access to resources
    • Safely runs untested or untrusted programs
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security+ (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions