Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ CS0-001 > 4.5 Security Architecture and Tool Sets > Flashcards

4.5 Security Architecture and Tool Sets Flashcards

1
Q

what are the FIVE monitoring tools analyst need to know?

A 
MRTG (multi router traffic grapher)
Nagios
SolarWinds
Cacti
Netflow Analyzer
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is wireshark?

A

a protocol analyzer or packet sniffer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what are the THREE IPS tools?

A

sourcefire
snort
bro

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what is unit testing?

A

the debugging performed by the programmer while coding instructions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what are the THREE categories of exploit tools?

A

interception proxy
exploit framework
fuzzers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what error condition arises because data is not checked before input to ensure that it has an appropriate length?

A

buffer overflow errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what is the purpose of content inspection?

A

to search for malicious code or behavior

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what are the TWO exploit framework tools analyst need to know?

A

Metasploit, Nexpose

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

what are the six SIEM tools analyst need to know?

A

Arcsight, QRadar, Splunk, AlienVault, OSSIM, Kiwi Syslog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

what is microsoft baseline security analyzer?

A

a microsoft application that creates security reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

what are TWO examples of input validation errors?

A

buffer overflow and boundary condition errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

what is a proxy server?

A

a server that caches and filters content

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

what are the seven categories of preventive tools?

A

IPS
Firewall
Anti-Virus
Anti-malware

Enhanced Mitigation Experience Toolkit (EMET)

Web proxy
Web application firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

which error occurs when the length of the input data is more than the length that processor buffers can handle?

A

a buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

what is the most popular intrusion detection system (IDS)?

A

network-based IDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

what are the three interception proxy tools analyst need to know?

A

Burp Suite
Zap
Vega

17
Q

what does the acronym IDS denote?

A

intrusion detection system

18
Q

what are the SEVEN command-line tools analyst need to know?

A 
netstat
ping
tracert/traceroute
ipconfig/ifconfig
nslookup/dig
Sysinternals
OpenSSL
19
Q

what is the difference between a password checker and a password cracker?

A

there is no difference. they are the same tools

20
Q

what are the SIX vulnerability scanning tools analyst need to know?

A 
Qualys
Nessus
OpenVAS
Nexpose
Nikto
Microsoft Baseline Security Analyzer
21
Q

what are the TWO password cracking tools analyst need to know?

A

john the ripper

cain and abel

22
Q

what are the five forensic suite tools analyst need to know?

A 
EnCase
FTK (forensic toolkit)
Helix
Sysinternals
Cellebrite
23
Q

which type of control is an intrusion detection system (IDS)?

A

detective technical

24
Q

which type of vulnerability assessment is more likely to demonstrate the success or failure of a possible attack?

A

a double-blind test

25
Q

what is Nessus?

A

a network vulnerability scanner

26
Q

what are the THREE categories of analytical tools?

A

vulnerability scanning
monitoring tools
interception proxy

27
Q

what are the THREE web application firewalls (WAFs) analyst need to know?

A

ModSecurity
NAXSI
Imperva

28
Q

what is the imaging tool analysts need to know?

A

DD

29
Q

what are the two hashing tools analyst need to know?

A

MD5sum

SHAsum

30
Q

what is the network scanning tool analyst need to know?

A

NMAP

31
Q

what activity provides identification of security flaws and verification of levels of existing resistance?

A

penetration testing

32
Q

what are the THREE fuzzer tools analyst need to know?

A

Untidy
Peach Fuzzer
Microsoft SDL File/Regex Fuzzer

33
Q

what are the FOUR categories of forensics tools?

A

forensics suites
hashing
password cracking
imaging

34
Q

what are the four packet capture tools analyst need to know?

A

wireshark
tcpdump
network general
aircrack-ng

35
Q

which tool obtains a visual map of the topology of your network, including all devices on the network?

A

a network mapper, also referred to as a network enumerator

36
Q

what are the THREE firewall vendors analyst need to understand?

A

Cisco, Palo Alto, Check Point

37
Q

which tool should you use to retrieve the contents of a GET request: a protocol analyzer or port scanner?

A

protocol analyzer

38
Q

what are the SIX categories of collective tools?

A 
SIEM
Networking scanning
Vulnerability scanning
Packet capture
Command-line utilities
IDS

CySA+ CS0-001 (26 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions