501 Chapter 1

Question 1

Describes a goal an organization wants to achieve

Answer 1

use case

Question 2

____ prevents unauthorized disclosure of data

Answer 2

Confidentiality

Question 3

____ scrambles the data

Answer 3

Encryption

Question 4

____ helps ensure that only authorized persons can access the data through Identification, Authentication, Authorization

Answer 4

Access Controls

Question 5

the practice of concealing a data on to another data

Answer 5

Steganography

Question 6

the practice of making a data uninterpretable

Answer 6

Obfuscation

Question 7

____ provides assurance that the data has not changed. Ensures that no one has modified, tampered with or corrupted the data.

Answer 7

Integrity

Question 8

A ____ is a number created by a hashing algorithm

Answer 8

hash

Question 9

commonly used in emails, provides nonrepudiation

Answer 9

digital signatures

Question 10

an electronic password that allows a user to securely transfer data over the Internet using PKI

Answer 10

digital certificate

Question 11

____ indicates that data and services are available when needed

Answer 11

Availability

Question 12

adds duplication to critical systems and provides fault tolerance

Answer 12

redundancy

Question 13

the common goal of redundancy is to remove

Answer 13

SPOF

Question 14

SPOF stands for

Answer 14

Single Point of Failure

Question 15

a redundancy technique: see RAID 1, RAID 5, RAID 10, allows a system to operate even if a disk fails

Answer 15

Disk Redundancies

Question 16

a redundancy technique: see backup servers, remote servers

Answer 16

Server Redundancies

Question 17

a redundancy technique: uses multiple servers to support a single service

Answer 17

Load Balancing

Question 18

a redundancy technique: see alternate site or hot site where in the event of the original site is no longer capable of functioning

Answer 18

Site Redundancies

Question 19

a site that is available 24/7 with employees

Answer 19

hot site

Question 20

a site where employees need to go move to and start systems

Answer 20

cold site

Question 21

a redundancy technique: see data backup, Grandfather-Father-Son backup

Answer 21

Backups

Question 22

a redundancy technique: see UPS, Generator

Answer 22

Alternate Power

Question 23

a redundancy technique: reduces outages from overheating

Answer 23

Cooling Systems

Question 24

use a set of changes to update, improve or debug

Answer 24

Patching

Question 25

basic goal of IT security is to

Answer 25

reduce risk

Question 26

is the possibility or the likelihood of a threat exploiting a vulnerability resulting in a loss

Answer 26

Risk

Question 27

is any circumstance or event that has the potential to compromise confidentiality, integrity, availability

Answer 27

Threat

Question 28

is a weakness. It can be in hardware, software, configuration or OS

Answer 28

Vulnerability

Question 29

is an adverse event or series of events that can negatively affect the CIA of an organization. includes: attacks, malware, data loss, etc

Answer 29

Security Incident

Question 30

reducing the risk or reducing the chance a threat will exploit a vulnerability: by implementing controls and many more actions to be discussed at later chapters

Answer 30

Risk Mitigation

Question 31

reduces risk

Answer 31

Security Control

Question 32

List the three primary control types

Answer 32

Technical Controls Administrative Controls Physical Controls

Question 33

____ is a technical control used to protect the confidentiality of data. This includes data transferred over a network and data stored in devices, such as servers, PC, mobile

Answer 33

Encryption

Question 34

once installed, provides protection against malware infection

Answer 34

Antivirus Software

Question 35

both can monitor a network or host for intrusions and provide ongoing protection against various threats

Answer 35

IDS (Intrusion Detection System) and | IPS (Intrusion Prevention System).

Question 36

this restrict network traffic going in and out of a network

Answer 36

Firewall.

Question 37

specifies that individuals or processes are granted only the privileges they need to perform their assigned task or function

Answer 37

Least privilege

Question 38

are combinations of rights and permissions

Answer 38

Privileges

Question 39

____ use methods mandated by organizational policies or other guidelines

Answer 39

Administrative Controls

Question 40

these help quantify and qualify risks within an organization so that the organization can focus on the serious risks

Answer 40

Risk Assessments

Question 41

use cost and asset values to quantify risks based on the monetary value

Answer 41

quantitative risk assessment

Question 42

uses judgments to categorize risks based on probability and impact

Answer 42

qualitative risk assessment

Question 43

these attempts to discover current vulnerabilities or weaknesses

Answer 43

Vulnerability Assessments

Question 44

are a step further from vulnerability assessments by attempting to exploit these vulnerabilities

Answer 44

Penetration Tests

Question 45

many administrative controls are also known as ____ | they help ensure that day-to-day operations of an organization comply with their overall security plan

Answer 45

operational or management controls

Question 46

training helps users maintain password security, follow a clean desk policy, understand threats such as phishing and malware and more

Answer 46

Awareness and Traning

Question 47

conf management use baselines to ensure the system started in a secure, hardened state. change mgmt helps ensure that changes don't result in unintended configuration errors"

Answer 47

Configuration and change management

Question 48

methods to help prepare for potential system outages

Answer 48

Contingency planning

Question 49

includes USB, external drives, backup tapes

Answer 49

Media protection

Question 50

such as cameras and door locks and heating and ventilation

Answer 50

Physical and environmental protection

Question 51

are any controls you can physically touch: lighting, signs, fences, security guards, etc

Answer 51

Physical Controls

Question 52

the goal is to prevent security incidents

Answer 52

Preventive Controls

Question 53

is the practice of making a system or application more secure than its default configuration. This uses a defense-in-depth strategy with layered security: includes disabling unnecessary ports and services, implementing secure protocols, using strong passwords along with robust password policy and disabling default and unnecessary accounts"

Answer 53

Hardening

Question 54

ensuring that users are aware of security vulnerabilities and threats helps prevents incidents

Answer 54

Security Awareness and Training

Question 55

guards prevent and deter many attacks

Answer 55

Security Guards

Question 56

attempt to detect when vulnerabilities have been exploited resulting in an incident

Answer 56

Detective Controls

Question 57

logs record details of all traffic that firewall blocked

Answer 57

Log Monitoring

Question 58

monitor logs to detect trends by analyzing past logs

Answer 58

Trend Analysis

Question 59

examines the security posture of an organization

Answer 59

Security Audit

Question 60

CCTV system records activity and detects what occurred. can be used as a deterrent control too

Answer 60

Video Surveillance

Question 61

detect motion from potential intruders

Answer 61

Motion Detection

Question 62

attempt to reverse the impact of an incident or problem after it has occurred

Answer 62

Corrective Controls

Question 63

attempts to detect an attack and then modify the environment to block the attack from continuing

Answer 63

IPS

Question 64

backups ensure that personnel can recover data if it is lost or corrupted. also system recovery procedures

Answer 64

Backups and system recovery

Question 65

attempt to discourage a threat

Answer 65

Deterrent Controls

Question 66

deters thieves from stealing laptops

Answer 66

Cable Locks

Question 67

such as locked doors

Answer 67

Hardware Locks

Question 68

are alternative controls used instead of a primary control

Answer 68

Compensating Controls

Question 69

is a popular technology used within large data centers and can also be used on a regular personal computer. It allows you to host one or more virtual systems or VMs (Virtual Machine) on a single physical system

Answer 69

Virtualization

Question 70

the software that creates, runs and manages the VMs

Answer 70

Hypervisor

Question 71

the physical system hosting the VMs

Answer 71

Host

Question 72

Operating systems running on the Host

Answer 72

Guest

Question 73

the ability to resize computing capacity based on the load

Answer 73

Host elasticity and scalability

Question 74

run directly on the system hardware. often called bare-metal hypervisors because they don't need to run within an operating system

Answer 74

Type I

Question 75

run as software within a host operating system

Answer 75

Type II

Question 76

is a specialized version of a Type II hypervisor. It allows services or applications to run within their own isolated cells or containers. Containers don't have a full operating system but instead, use the kernel of the host

Answer 76

Container Virtualization

Question 77

it captures the state of a VM at a moment in time. Administrators often take a snapshot before performing a risky operation.

Answer 77

Snapshot

Question 78

can occur if personnel within the organization don't manage the VMs.

Answer 78

VM sprawl

Question 79

attack allow an attacker to access the host system from the VM. Primary protection for this is to keep the host and guests up to date with current patches.

Answer 79

VM escape

Question 80

can be used to check the connectivity; check name resolution; verify that routers, firewalls, and IPS system block ICMP

Answer 80

Ping command

Question 81

on windows allows you to view the configuration of network interfaces

Answer 81

Ipconfig command

Question 82

on Linux and MAC allows you to view the configuration of network interfaces

Answer 82

Ifconfig command

Question 83

allows you to view statistics for TCP/IP protocols and view all active network connections. Can be useful if you suspect malware is causing a computer to connect with a remote computer

Answer 83

Netstat command

Question 84

lists the routers (also called hops) between two systems. It can be used to verify a path has not changed

Answer 84

Tracert command

Question 85

allows you to view and manipulate the ARP cache. This is useful is you suspect a system's ARP cache has been modified during an attack

Answer 85

Arp (Address Resolution Protocol) command