A+ Core II 2.0 Security Flashcards
What is the list of different PHYSICAL forms of security used in protecting a data center?
*Access control vestibule
*Badge reader
*Video surveillance
*Alarm systems
*Door locks
*Equipment locks
*Guards and access lists
*Barricades / Bollards
*Fences
What is an access control list?
A set of rules used to assign permissions or grant different levels of access to files and business-critical information.
What is NAT?
Network Address Translation: A way to map multiple private addresses inside a local network to a public IP address before transferring the information onto the internet
What is QoS?
Quality of Service: The use of mechanisms or technologies that work on a network to control traffic and ensure the performance of important apps with limited network capacity.
What is ICMP?
Internet Control Message Protocol: A protocol that devices within a network use to communicate problems with data transmission.
What is an Active Directory?
A database of everything on the network
What is an OU in an Active Directory?
Organizational Unit; is a subdivision within an Active Directory in which you can place users, groups, computers, and other organizational units (used in very large databases).
What are logon scripts?
Scripts that allow admins to configure the operating environment for webspace users. May perform an arbitrary set of tasks such as defining user-specific environment variables.
What is a central console that allows users to manage other users or computers?
Group Policy
What is the purpose of a home folder?
A centralized shared folder meant for users to store their files in instead of the local storage.
What encryption methods does WPA2 use?
CCMP- Cyber Crisis Management Plan
What encryption methods does WPA3 use?
GCMP - Galois/Counter Mode Protocol
What is the PSK authentication process?
Using a pre-shared key shared between two parties to log onto a network
What is the main issue with WPA2s PSK authentication method?
Attackers can listen in the four-way handshake and brute force the PSK using the hash
In what way is the PSK brute-force problem remedied with WPA3?
It uses SAE (Simultaneous Authentication of Equals) to include mutual authentication, meaning there is no longer a need for a four-way handshake to be sent over the network
What kind of encryption method allows two devices to derive a shared key without actually sending the keys across the network?
Diffie-Hellman key exchange
What is the RADIUS authentication mode?
One of the more common AAA methods thats supported on a wide variety of platforms and devices.
What remote authentication protocol is commonly used with Cisco devices?
TACACS/TACACS+
What network authentication protocol is commonly used in Windows OSes?
Kerberos
What authentication method should you use if; You have a RADIUS server and a VPN concentrator that can talk to a RADIUS server?
RADIUS
What authentication method should you use if you have a Cisco device?
TACACS/TACACS+
What authentication method should you use if you’re using a Microsoft Windows device?
Kerberos
List malware types and methods:
*Trojan Horse
*Rootkit
*Viruses
*Spyware
*Ransomware
*Keylogger
*Boot sector virus
*Cryptominers
Describe a Trojan horse
Software that pretends to be something helpful/harmless. Better trojan horses are built to circumvent your existing security.
Describe a rootkit
Originally a Unix technique, this is a form of malware that can modify the system core files and embed itself in the kernel
What are some ways to find and remove rootkits?
*Use anti-malware scans to find any unusual activity
*Use a remover specific to the rootkit
*Secure boot with UEFI
Describe a virus
Malware that can replicate itself through file systems or networks. May or may not cause problems.
Describe a boot sector virus.
A virus born from a boot loader being modified to run malware. This form of virus runs before the OS is even loaded
Describe spyware
Malware that spies on you via browser monitoring or keyloggers
Describe ransomware
A form of malware that encrypts your data. To get the encryption key for your data, you need to pay a ransom to the attackers
Describe how cryptominers work
Cryptocurrency mining requires “proof of work”, which usually consists of a difficult math problem. Attackers install malware into other people’s devices and use their CPU to process these calculations for their cryptocurrency.
What is a command line in Windows that can be used as a last resort to remove any malware from a system?
Windows Recovery Environment
How can you start the Windows recovery environment?
*All Windows versions: Hold the Shift key while clicking restart, or boot from installation media
*Windows 10: Settings>Update and Security>Recovery>Advanced Startup
*Windows 11: System>Recovery>Advanced Startup>Restart now
*After rebooting: Troubleshoot>Advanced options>Command Promts
What are some ways/techniques that can be used to prevent/rid of malware or viruses on a system?
*Windows Recovery Environment (Last resort)
*Anti-virus/ Anti-malware
*Software firewalls
*Anti-phishing training
*End-user education
*OS reinstallation
Contrive a list of different social engineering tactics
*Phishing/Vishing/Smishing
*Spear Phishing
*Tailgating/Piggybacking
*Impersonation
*Dumpster diving
*Wireless evil twin
*Shoulder Surfing
What is the definition of Denial of Service?
To force a service to fail by overloading, or exploiting a design flaw