A+ Core II 2.0 Security

Question 1

What is the list of different PHYSICAL forms of security used in protecting a data center?

Answer 1

*Access control vestibule
*Badge reader
*Video surveillance
*Alarm systems
*Door locks
*Equipment locks
*Guards and access lists
*Barricades / Bollards
*Fences

Question 2

What is an access control list?

Answer 2

A set of rules used to assign permissions or grant different levels of access to files and business-critical information.

Question 3

What is NAT?

Answer 3

Network Address Translation: A way to map multiple private addresses inside a local network to a public IP address before transferring the information onto the internet

Question 4

What is QoS?

Answer 4

Quality of Service: The use of mechanisms or technologies that work on a network to control traffic and ensure the performance of important apps with limited network capacity.

Question 5

What is ICMP?

Answer 5

Internet Control Message Protocol: A protocol that devices within a network use to communicate problems with data transmission.

Question 6

What is an Active Directory?

Answer 6

A database of everything on the network

Question 7

What is an OU in an Active Directory?

Answer 7

Organizational Unit; is a subdivision within an Active Directory in which you can place users, groups, computers, and other organizational units (used in very large databases).

Question 8

What are logon scripts?

Answer 8

Scripts that allow admins to configure the operating environment for webspace users. May perform an arbitrary set of tasks such as defining user-specific environment variables.

Question 9

What is a central console that allows users to manage other users or computers?

Answer 9

Group Policy

Question 10

What is the purpose of a home folder?

Answer 10

A centralized shared folder meant for users to store their files in instead of the local storage.

Question 11

What encryption methods does WPA2 use?

Answer 11

CCMP- Cyber Crisis Management Plan

Question 12

What encryption methods does WPA3 use?

Answer 12

GCMP - Galois/Counter Mode Protocol

Question 13

What is the PSK authentication process?

Answer 13

Using a pre-shared key shared between two parties to log onto a network

Question 14

What is the main issue with WPA2s PSK authentication method?

Answer 14

Attackers can listen in the four-way handshake and brute force the PSK using the hash

Question 15

In what way is the PSK brute-force problem remedied with WPA3?

Answer 15

It uses SAE (Simultaneous Authentication of Equals) to include mutual authentication, meaning there is no longer a need for a four-way handshake to be sent over the network

Question 16

What kind of encryption method allows two devices to derive a shared key without actually sending the keys across the network?

Answer 16

Diffie-Hellman key exchange

Question 17

What is the RADIUS authentication mode?

Answer 17

One of the more common AAA methods thats supported on a wide variety of platforms and devices.

Question 18

What remote authentication protocol is commonly used with Cisco devices?

Answer 18

TACACS/TACACS+

Question 19

What network authentication protocol is commonly used in Windows OSes?

Answer 19

Kerberos

Question 20

What authentication method should you use if; You have a RADIUS server and a VPN concentrator that can talk to a RADIUS server?

Answer 20

RADIUS

Question 21

What authentication method should you use if you have a Cisco device?

Answer 21

TACACS/TACACS+

Question 22

What authentication method should you use if you’re using a Microsoft Windows device?

Answer 22

Kerberos

Question 23

List malware types and methods:

Answer 23

*Trojan Horse
*Rootkit
*Viruses
*Spyware
*Ransomware
*Keylogger
*Boot sector virus
*Cryptominers

Question 24

Describe a Trojan horse

Answer 24

Software that pretends to be something helpful/harmless. Better trojan horses are built to circumvent your existing security.

Question 25

Describe a rootkit

Answer 25

Originally a Unix technique, this is a form of malware that can modify the system core files and embed itself in the kernel

Question 26

What are some ways to find and remove rootkits?

Answer 26

*Use anti-malware scans to find any unusual activity
*Use a remover specific to the rootkit
*Secure boot with UEFI

Question 27

Describe a virus

Answer 27

Malware that can replicate itself through file systems or networks. May or may not cause problems.

Question 28

Describe a boot sector virus.

Answer 28

A virus born from a boot loader being modified to run malware. This form of virus runs before the OS is even loaded

Question 29

Describe spyware

Answer 29

Malware that spies on you via browser monitoring or keyloggers

Question 30

Describe ransomware

Answer 30

A form of malware that encrypts your data. To get the encryption key for your data, you need to pay a ransom to the attackers

Question 31

Describe how cryptominers work

Answer 31

Cryptocurrency mining requires “proof of work”, which usually consists of a difficult math problem. Attackers install malware into other people’s devices and use their CPU to process these calculations for their cryptocurrency.

Question 32

What is a command line in Windows that can be used as a last resort to remove any malware from a system?

Answer 32

Windows Recovery Environment

Question 33

How can you start the Windows recovery environment?

Answer 33

*All Windows versions: Hold the Shift key while clicking restart, or boot from installation media

*Windows 10: Settings>Update and Security>Recovery>Advanced Startup

*Windows 11: System>Recovery>Advanced Startup>Restart now

*After rebooting: Troubleshoot>Advanced options>Command Promts

Question 34

What are some ways/techniques that can be used to prevent/rid of malware or viruses on a system?

Answer 34

*Windows Recovery Environment (Last resort)

*Anti-virus/ Anti-malware

*Software firewalls

*Anti-phishing training

*End-user education

*OS reinstallation

Question 35

Contrive a list of different social engineering tactics

Answer 35

*Phishing/Vishing/Smishing
*Spear Phishing
*Tailgating/Piggybacking
*Impersonation
*Dumpster diving
*Wireless evil twin
*Shoulder Surfing

Question 36

What is the definition of Denial of Service?

Answer 36

To force a service to fail by overloading, or exploiting a design flaw

Question 37

What is a zero-day attack?

Answer 37

An attack that uses a vulnerability that hasn’t been yet discovered or remedied.

Question 38

What is an on-path attack?

Answer 38

When a user sits in a conversation and can view and even alter the data being sent between two devices

Question 39

What is an on-path attack that takes place on a local IP subnet called?

Answer 39

ARP poisoning

Question 40

What does ARP stand for in ARP poisoning?

Answer 40

ARP=Address Resolution Protocol: A protocol that connects an ever-changing IP address to a fixed physical machine address (or MAC address)

Question 41

What does it mean to store passwords “in the clear”?

Answer 41

To store account passwords with no encryption, meaning anyone with access to the server can see them. (Not a recommended way to store passwords)

Question 42

What is an insider threat in terms of Cyber Security?

Answer 42

Cyber attack threats within an organization

Question 43

What is code injection?

Answer 43

Adding your information into a datastream. Usually enabled because of bad programming

Question 44

What is Cross-site scripting (XSS)?

Answer 44

An attack that takes advantage of vulnerabilities within the JavaScript program

Question 45

Break down a non-persistent (reflected) XSS

Answer 45

*Run some type of script in a user’s browser (Search box is a common source)

*Attacker emails a link that takes advantage of this vulnerability

*Runs a script that sends credentials/session IDs/Cookies to the attacker

*Script embedded in URL executed in the victim’s browser as if it came from the web server

*Attacker uses credentials/session IDs/Cookies to steal victims info without their knowledge

Question 46

What does a firewall exception do?

Answer 46

Allows an app or feature through the Windows Firewall

Question 47

Where can you go to temporarily disable your firewall?

Answer 47

Control Panel>Windows Defender Firewall(Requires elevation)

Question 48

What are a few ways to log on to a Windows System?

Answer 48

*Local Accounts

*Microsoft accounts (Sync between devices, integrate apps like Skype or Office with OneDrive)

*Windows Domain Accounts

Question 49

What is the order of the User Hierarchy in Windows systems?

Answer 49

*Administrators

*Standard Users

*Guest (Limited Access)

Question 50

What is the function of BitLocker?

Answer 50

You can select it to encrypt all of your data in a drive, even the Operating System.

Question 51

What is EFS?

Answer 51

Encrypting File System: A service integrated into NTFS that allows you to encrypt files at the file system level. This can be used if you don’t wanna encrypt an entire Windows system, but you wanna encrypt specific files.

Question 52

What is the best practice for protecting data on a USB drive?

Answer 52

Make sure all data on USB drives are encrypted, as losing them can pose a risk of your data being leaked.

Question 53

What are some good practices in protecting your encrypted data?

Answer 53

*Have a decryption key
*Keep the decryption key backed up/ a copy
*You can integrate the key into Active Directory

Question 54

True or false: An attacker can use the default username and password found in a system to gain access to a server or machine.

Answer 54

True

Question 55

What are some ways to secure your information when working in public spaces?

Answer 55

*Use a privacy filter on your screen to keep onlookers from peeking at your screen

*Keep your monitor away from windows and hallways

Question 56

True or False: Encrypting the data on a USB device is just as important as encrypting any data on a drive?

Answer 56

True

Question 57

What are some ways to protect/retain the decryption key?

Answer 57

*Have a copy backed up somewhere

*You can integrate it into Active Directory

Question 58

What are some good practices for maintaining strong passwords in an organization?

Answer 58

*Have a mandatory password change every 30, 60, or 90 days

*Have critical systems change their passwords even more frequently

*The recovery process should not be trivial

*Change default usernames/passwords

Question 59

What is the best practice for AutoRun and AutoPlay?

Answer 59

Generally wanna have these features turned off, that way when removable media is installed its contents aren’t automatically displayed on the screen

Question 60

Why don’t mobile phones include a firewall? And what are some ways to remedy this vulnerability?

Answer 60

Mobile phones dont have a firewall because most activity initiates outbound instead of inbound. To remedy this, there are firewall apps available (mostly on android).

Question 61

What is a way an enterprise can centrally manage an employee’s personal phones?

Answer 61

Admins can use what is called an MDM, or mobile device manager to set policies on apps, camera, etc.

Question 62

List some examples of IoT devices

Answer 62

*Sensors
Heating, cooling, Lighting

*Smart devices
Home automation, video doorbells

*Wearable tech
Watches, health monitors

*Facility Automation
Temperature, air quality, lighting

Question 63

What are some things to consider when there is an IoT device involved in your network?

Answer 63

IoT manufacturers are not security professionals, so they may not consider the security risks when making these devices. To remedy this issue, you can add all of your IoT devices to a guest network to isolate them from other devices within the same network.

Question 64

What are some ways you can safely and effectively destroy a device that contains sensitive data?

Answer 64

*Shredder

*Drill/Hammer through all platters on a storage device or drill through any chips in an SSD

*Electromagnetic (degaussing)
Removes the magnetic field, which
destroys the drive data and
electronics

Question 64

What is low-level formatting in disk formatting?

Answer 64

This is the default formatting provided at the factory. This is not a recommended format for the user.

Question 64

What is a certificate of destruction?

Answer 64

A certificate that a third-party company hands you after destroying a device. This is to show validation that the device was successfully destroyed without the risk of any data being leaked.

Question 65

What is standard formatting [Quick formatting] in disk formatting?

Answer 65

This is the format a disk takes on when a user sets up the file system and installs a boot sector. This clears out the master file table but keeps the data within it intact.

Question 66

What is standard formatting [Regular format] in disk formatting?

Answer 66

In this format, the system overwrites every sector with zeros. This is the default format for Windows Vista systems and later. In this format, the data cannot be recovered.

Question 67

Whats a SOHO?

Answer 67

A small office or home office

Question 68

What is an allow list?

Answer 68

A list of different IP addresses that cannot pass through the firewall unless it’s approved

Question 69

What is a deny list?

Answer 69

A list of specific URLs, domains, or IP addresses that are not allowed to be accessed going outbound

Question 70

What is content filtering?

Answer 70

A feature that allows you (parent, admin, or regular user) to regulate allowing or disallowing access to certain locations.

Question 71

True or False: Content filtering is often done within a single device, such as a router, switch, access point, firewall, etc.

Answer 71

True

Question 72

In a SOHO environment, how are IP addresses distributed often?

Answer 72

They’re manually distributed

Question 73

What are DHCP reservations?

Answer 73

This is a feature with DHCP servers that lets you assign a specific IP address to a specific MAC address

Question 74

What is UPnP (Universal Plug and Play)?

Answer 74

A protocol that lets UPnP-enabled devices on your network automatically discover and communicate with each other

Question 75

What are the best practices as far as UPnP goes?

Answer 75

The best practice is to have UPnP disabled unless an app requires it. This feature is used mainly for peer-to-peer apps, and there is no approval needed.

Question 76

What is a screened subnet (AKA DMZ- Demilitarized zone)?

Answer 76

This is essentially a network that is put outside a firewall to mitigate attackers from gaining access to the rest of the network

Question 77

What is SSID (Service Set Identifier)

Answer 77

This is the name of a wireless network. Some examples include: LINKSYS, DEFAULT, NETGEAR

Question 78

What is an open system in networking terms?

Answer 78

A network that requires no authentication (i.e. Coffe shop or Hotel)

Question 79

What encryption methods are typically used in a SOHO environment?

Answer 79

WPA/2/3-Personal or WPA/2/3-PSK

Question 80

What encryption methods are typically used in an enterprise setting?

Answer 80

WPA/2/3-Enterprise or WPA/2/3-802.1X

Question 81

What is LDAP?

Answer 81

A protocol that helps users find data about organizations, persons, and more (lightweight version of DAP [Directory Access Protocol])

Question 82

What is a guest network? And what are some good practices when it comes to guest networks?

Answer 82

A guest network is a feature that allows you to create a separate network from your main one. Though it may be best to disable this feature, using a guest network either for IoT devices or Lab network can be helpful, as this will keep these devices isolated from the main network

Question 83

What is port forwarding?

Answer 83

This function takes traffic that is inbound to your router, determines which port is being used, and redirects the network traffic onto the device that is being communicated with

Question 84

True or false: Having you download malicious browser extensions is yet another way attackers can install malware on your device

Answer 84

True

Question 85

What can you use to verify a browser’s or app’s hash?

Answer 85

You can use a hash-checking app

Question 86

What’s a tool you can use to have all of your credentials from different websites and sources on one centralized website?

Answer 86

Password managers

Question 87

What is one way to check the legitimacy of a website?

Answer 87

Check the certificate to see if the dates are aligned, the certificate is properly signed, and the domain name matches the certificate

Question 88

How can you find a website’s certificate details in Chrome?

Answer 88

Click the menu button on the top right-hand corner of the screen. then go to; More tools>Developer tools, then click on the Security tab