all domains - quick learning and terms

Question 1

what is OSI layer 1 and what devices are there and protocol data unit (PDU)

Answer 1

1. Physical
2. PDU - bits
3. Hubs, repeaters and gateways
4. 802.11 (wireless family) radio frequency, infrared, microwave, bluetooth
5. ethernet, wired (twisted, pair, coax, fiber optics, SONET

Question 2

what is OSI layer 2 and what devices are there and what protocol data unit (PDU), protocols

Answer 2

1. Data
2. PDU - frames
3. gateways, switches, Bridges, WAPs
4. arp, rarp, PPTP, L2TP(vpn tunnels) , ppp (encapsulates IP traffice over analog, provides authentication, encryption (poor) and compression))
5. authentication protocols pap, chap and eap
6. FDDI, ISDN,

Question 3

what is OSI layer 3 and what devices are there and what protocol data unit (PDU), protocols

Answer 3

1. Network
2. PDU - packets
3. Routers, gateways and packet filtering firewall
4. IP, ICMP(ping), IPSEC, IKE, ISAKMP, PING, IGMP IGMP, NAT, SKIP, OSPF (routing protocols)

Question 4

what is OSI layer 4 and what devices are there and what protocol data unit (PDU)

Answer 4

1. Transport
2. ports 65535
3. pdu -segments
4. TCP/UDP and SSL/TLS(used to encrypt http and other data traffic) (makes sure to know tcp/udp nuances)-

Question 5

TCI/IP model layers

Answer 5

4. Application
5. Transport
6. internet
7. Network access

Question 6

what is the TCP 3 way handshake

Answer 6

1. syn
2. syn/ack
3. ack

Question 7

what does network access layer in TCP/IP model map to in the OSI

Answer 7

TCP IP Network layer access maps to physical layer and data layer

Question 8

what does the Internet layer in TCP/IP model map to in OSI

Answer 8

Internet maps to the OSI Network layer

Question 9

what does the transport layer in TPC/IP model map to in OSI

Answer 9

transport layer maps to the transport layer

Question 10

what does the application layer in the TCP/IP model map to in the OSI model

Answer 10

the TCP/IP application layer maps to the OSI session, presentation and application layers

Question 11

1. mnemonic for protocol data units (PDU)
2. what layer
3. what are they

Answer 11

1. some people fear birthdays from 4 to 1
   Transport layer - segments
   Network layer - packet
   Data layer - frame
   physical layer - bits

Question 12

what is OSI layer 5 and what devices are there

Answer 12

1. Session
2. circuit proxy firewall, gateways, PC’s
3. socks is an example of proxy firewall
4. session management capabilities between hosts
5. remember session information like passwords, so verification does not need to repeat, dialog control
6. Netbios, SMB, RPC, NFS, and SQL
7. RPC - remote procudure protocol
8. attacks – Session hijack

Question 13

what layer is encryption decrypted

Answer 13

layer 6 - presentation

Question 14

1. what layers can gateways operate in
2. what are they also called
3. what logical function do the perform

Answer 14

1. layers 1-7
2. protocol translators
3. they break broadcast and collision domains

Question 15

what is OSI layer 6 and what devices are there

Answer 15

1. Presentation
2. coding and conversation functions on application layer data
3. responsible for “presentation” character conversion, codecs, compression and decompression for streaming audio and video, image conversion, formatting (TIFF, JPEG, MPEG)
4. establishes, manages, and terminates communication sessions between presentation layer entities
5. encryption/decryption
6. attacks – Phishing - Worms - Trojans

Question 16

what is OSI layer 7 and what devices are there

Answer 16

1. Application
2. application firewalls, gateways, computers
3. greatest intelligence to make decisions
4. human computer interaction and where applications can access network services
5. application firewalls (very intelligent, very advanced decisions like deep packet inspection, slow)
6. HTTP/S, DNS, SSH, SNMP, LDAP, DHCP, Telnet, POP3 IMAP,
7. attacks - Phishing - Worms - Trojans

Question 17

what port number and protocol is POP3

Answer 17

1. TCP 110
2. TLS TCP 995

Question 18

what port number and protocol is SMTP

Answer 18

TCP port 25
possibly TCP 587

Question 19

what port number and protocol is IMAP

Answer 19

1. TCP 143
2. TLS TCP 993

Question 20

what port number and protocol is RDP

Answer 20

1. TCP and UDP 3389

Question 21

what is the DHCP request flow look like

Answer 21

1. discovery
2. offer
3. request
4. acknowledge

Question 22

what transport protocol uses secure shell (SSH) and encrypts both command and data

Answer 22

1. SFTP, built on SSH
2. uses only 1 port

Question 23

what does ftps offer over ftp

Answer 23

1. secured with SSL/TLS
   2 both still use TCP 20 (data) and 21 (control)

Question 24

what port number and protocol is FTP and FTPS

Answer 24

1. TCP port 20 for data
2. TCP port 21 for control

Question 25

what layer of OSI isolates traffic into broadcast domains

1. 4
2. 5
3. 3
4. 1

Answer 25

3 - domain 3

Question 26

what port number is telnet and what protocol

Answer 26

TCP 23

Question 27

what port number is IMAP and what protocol

Answer 27

TCP 143

Question 28

what port number is netbios and datagram and what protocol

Answer 28

TCP and UDP port 138

Question 29

what port numbers and protocol is DHCP

Answer 29

UDP 67 for server
UDP 68 for client

Question 30

port number and protocol for LDAP

Answer 30

TCP 389

Question 31

port number and protocol for Kerberos authentication

Answer 31

TCP and UDP port 88

Question 32

port number and protocol for DNS

Answer 32

TCP and UPD port 53

Question 33

port number and protocol for SSH

Answer 33

TCP 22

Question 34

port number and protocol for TFPT

Answer 34

UDP port 69

Question 35

port number and protocol for SNMP

Answer 35

UDP port 161

Question 36

port number and protocol for SNMP(trap)

Answer 36

TCP/UDP 162

Question 37

port number and protocol for TACACS+

Answer 37

TCP/UDP 49

Question 38

port number and protocol for Radius authentication

Answer 38

TCP/UDP port 1812

Question 39

port number and protocol for Radius accounting

Answer 39

TCP/UDP 1813

Question 40

what are the private address ranges

Answer 40

Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255

Question 41

Asynchronous Communication transfers data by sending:
A. bits of data sequentially
B. bits of data sequentially in irregular timing patterns
C. bits of data in sync with a heartbeat or clock
D. bits of data simultaneously

Answer 41

B. bits of data sequentially in irregular timing patterns

Question 42

cryptography does not help in?

1. detecting fraudulent disclosure
2. detecting fraudulent deletion
3. detecting fraudulent modification
4. detecting fraudulent insertion

Answer 42

1. detecting fraudulent disclosure

Question 43

a momentary power outage is known as which electrical issue

1. fault
2. surge
3. spike
4. blackout

Answer 43

1. fault

Question 44

which set of documents provides technical guidance for software developers and is published by the IETF internet engineering task force

1. ISO standards
2. IETF comments
3. RFC - request for comments publication
4. RFC group standards

Answer 44

3. RFC - request for comments publication

Question 45

which software development model is actually a meta-model that incorporates a number of software development models

1. the critical path model (CPM)
2. the spiral model
3. the modified waterfall model
4. the waterfall model

Answer 45

2. the spiral model

Question 46

Which ones are the placeholders for literal values in a SQL query that is being sent to database on a server?

1. Assimilation variables
2. Reduction variables
3. Blind variables
4. Resolution variables

Answer 46

3. Blind variables

Question 47

similar to secure shell (SSH-2), secure sockets layer(SSL) uses symmetric encryption for encrypting the bulk of the data being sent over the session and it uses symmetric or public key cryptography for:

1. name resolution
2. server authentication
3. peer authentication
4. peer identification

Answer 47

3. peer authentication

Question 48

What is defined as inference of information from other, intermediate, relevant facts?
A. Secondary evidence
B. Conclusive evidence
C. Hearsay evidence
D. Circumstantial evidence

Answer 48

D. Circumstantial evidence

Question 49

Which of the following is best defined as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it?

Aggregation
Inference
Clustering
Collision

Answer 49

The Internet Security Glossary (RFC2828) defines aggregation as a circumstance in which a collection of information items is required to be classified at a higher security level than any of the individual items that comprise it.

Question 50

Which of the following ACID property in DBMS ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other?
A. Atomicity
B. Consistency
C. Isolation
D. Durability

Answer 50

Isolation – The isolation property ensures that the concurrent execution of transactions results in a system state that would be obtained if transactions were executed serially, i.e. one after the other.

Question 51

Which of the following level in CMMI model focuses on process innovation and continuous optimization?
A. Level 4
B. Level 5
C. Level 3
D. Level 2

Answer 51

Level 5 is the optimizing process and focus on process innovation and continuous integration.

Question 52

What attack involves the perpetrator sending spoofed packet(s) which contains the same destination and
source IP address as the remote host, the same port for the source and destination, having the SYN flag, and
targeting any open ports that are open on the remote host?
A. Boink attack
B. Land attack
C. Teardrop attack
D. Smurf attack

Answer 52

A land (Local Area Network Denial) attack involves sending a spoofed TCP SYN packet (connection initiation)
with the target host’s IP address to an open port as both source and destination. This causes the machine to
reply to itself continuously.

Question 53

in terms of risk analysis and dealing with risk, which of the four common ways listed below is the practice of coming up with alternatives so that the risk in question is not realized

1. transference
2. acceptance
3. mitigation
4. avoidance

Answer 53

4. avoidance

Question 54

Identification and authentication are the keystones of most access control systems. Identification
establishes:
A. user accountability for the actions on the system
B. top management accountability for the actions on the system
C. EDP department accountability for the actions of users on the system
D. authentication for actions on the system

Answer 54

A. user accountability for the actions on the system

Question 55

which security operations position is responsible for examining logs from firewalls and IDS syst5em as as audit logs

1. security engineer
2. access admin
3. security analyst
4. security architect

Answer 55

3. security analyst

Question 56

this position would be responsible for the overall protection of information assets with the company. what position would that be?

1. information systems security manager
2. data owner
3. custodian
4. executive management

Answer 56

4. executive management

this would likely be the CISO or COO but both are part of executive management

Question 57

what are the major components of SAML

1. profile, assertions, protocol and binding
2. profile, authentication, attribute and authorization
3. pre-authorization, assertions, protocols and authorization
4. profile, assertions, protocols and authentication

Answer 57

1. profile, assertions, protocol and binding

Question 58

which term is described in the situation that a document is not available, and the court finds the excuse provided acceptable, and the party is allowed to use secondary evidence to prove the contents of the document?

1. exculpatory evidence
2. inculpatory evidence
3. circumstantial evidence
4. best evidence rule

Answer 58

4. best evidence rule

Question 59

Which of the following is needed for System Accountability?
Which of the following is needed for System Accountability?
A. Audit mechanisms.
B. Documented design as laid out in the Common Criteria.
C. Authorization.
D. Formal verification of system design.

Answer 59

Correct Answer: A
Explanation/Reference:
Is a means of being able to track user actions. Through the use of audit logs and other tools the user actions are recorded and can be used at a later date to verify what actions were performed.
Accountability is the ability to identify users and to be able to track user actions.

Question 60

In which phase of Internet Key Exchange (IKE) protocol is peer authentication performed?

1. Pre Initialization Phase
2. Phase 1
3. Phase 2
4. No peer authentication is performed

Answer 60

2. Phase 1

phase 2 is negotiate IPSec SAs to setup IPSec tunnel

Question 61

which of the following is not a cryptographic attack

1. brute force
2. hybrid cryptosystem
3. frequency analysis
4. rainbow table

Answer 61

2. hybrid cryptosystem

wrong answer frequency analysis:
In cryptanalysis, frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers

Question 62

what port uses udp port 69

1. sftp
2. tftp
3. scp
4. ftp

Answer 62

2. tftp

Question 63

what is the difference between unit testing and regression testing

Answer 63

unit testing, is testing an individual piece of code.
regression testing, focuses on testing the whole software or application functioning

Question 64

what is not a MOM when talking about crimes
motivation
means
opportunity
methods

Answer 64

Answer: methods is not part of MOM

MOM = motivation, opportunity and means

Question 65

what is DCE

Answer 65

data circuit terminal equipment

Question 66

which of the following device in frame relay WAN technique is a service provide device that does the actual data transmission and switching in the frame relay cloud?

DTE
DME
DCE
DLE

Answer 66

DCE

Question 67

which of the following attacks would capture network user passwords

sniffing
smurfing data diddling
ip spoofing

Answer 67

sniffing

Question 68

which of the following tools is used to stress test applications, firewalling and IDS devices by sending large numbers of packets at them including randomly generated and/or malformed packets?

wireshark
snort
ISIC or IP stack integrity checker
security onion

Answer 68

ISIC or IP stack integrity checker

Question 69

what is governance

Answer 69

The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles, and procedures the organization uses to make those decisions.

Question 70

what is Identity as a service (IDaaS)

Answer 70

Cloud-based services that broker identity and access management (IAM) functions to target systems on customers’ premises and/or in the cloud.

Question 71

what is Initialization vector (IV)

Answer 71

A non-secret binary vector used as the initializing input algorithm, or a random starting point, for the encryption of a plaintext block sequence to increase security by introducing additional cryptographic variance and to synchronize cryptographic equipment.

Question 72

what is Key Clustering

Answer 72

When different encryption keys generate the same ciphertext from the same plaintext message.

Question 73

what is Message authentication code (MAC) how do you use it

Answer 73

1. both parties have a shared key
2. both parties agree on the hash they are using
3. sender takes the message and hashes with hash (maybe sha256) and key
4. this creates a MAC or tag
5. sender sends message + tag/mac to other party
6. other party takes the message and hashes with their know key and hash
7. if the their mac/tag is the same as the one they received then they accept the message as not being changed
8. this method does not provide security

Question 74

Oauth 2.0 basic operations

Answer 74

• resource owner - (you the person)
• client (the application the wants access or perform actions on behalf of the resource owner)
• authorization server - the application that knows the resource owner, where the resource owner already has an account
• resource server - the API that client wants to use on behalf of the resource owner (sometimes the same server as the authorization server

Question 75

code vs cipher

Answer 75

• code is not always secret. does not always provide confidentiality
  
  • symbols that operate on words or phrases
• cipher - always meant to hide the true meaning of a message

Question 76

digital signature standard (DSS) works with 3 algorithms (this is not PKI)

Answer 76

• DSA
• RSA
• ECDSA

Question 77

what is birthday attack

Answer 77

• looking for collisions in a hash function

Question 78

stream cipher algorithm

Answer 78

• RC4 128 bit

Question 79

only currently used symmetric block cipher

Answer 79

• AES with 128 bit block
• key size can be 128, 192 and 256

Question 80

what are the accepted PKI (public key infrastructure) algorithms (this is not DSS (digital signature standard))

Answer 80

• RSA (prime numbers)
• El Gamal - extension of Diffie-Hellman
  
  • modular arithmetic
• Elliptic curve - discrete logarithm problem
  
  • more secure comparted to others if both keys are the same length
  • 256 bit ECC key is roughly the same strength as RSA 2048

Question 81

PKI attributes

Answer 81

• ISO authentication framework
• X.509 digital certificate standard
• registration authority
• certificate authority
• certificate revocation (2 ways to accomplish this
  
  • certificate revocation list (CRL)
  • OCSP (online certificate status protocol

Question 82

digital signature process - steps

If I am sending you an email message and want to ensure that the message is not tampered with during transit and I also need to confirm you know the message really came from me, I will use a digital signature

https://www.techtarget.com/searchsecurity/feature/CISSP-cryptography-training-Components-protocols-and-authentication#:~:text=Some%20of%20the%20asymmetric%20algorithms,Diffie%2DHellman%20and%20El%20Gamal.

Answer 82

• my email client will take my message and pass it through a hashing algorithm
• The result of this process is a message digest that is a set of bits (for example, it would be 128 bits if the hashing algorithm MD5 is used)
• My email client then takes my private key and encrypts this message digest value, which results in a digital signature.
• This digital signature and my message are then sent to your system.
• Your email client takes my public key and decrypts the digital signature and then runs my message through the same hashing algorithm, comparing the hash value I sent with the one your system generated. If the hash values match, your system knows the message has not been modified during transmission. And if your system can decrypt the digital signature with my public key, then your system knows that the message came from me.

Answer 83

• remote journaling
  
  • less expensive - only worried about transactions
  • not maintaining a full copy of DB each day
  • recovery would be - take last backup available, then use the journal information to rerun all the transactions that had not occurred by the time the last backup had occurred
• Electronic vaulting
  
  • copying the backup locally to a medium such as tape, then copying that to a remote site
  • need to think of encryption while data is in motion (moving from main site to backup site)
• database shadowing
  
  • most expensive
  • mirroring data between sites

Question 84

drive destruction

Answer 84

• clearing -
  
  • digitally wiping or overwriting with zeros and ones
  • least effective
• purging
  
  • methods like degaussing
• destruction
  
  • physical destruction - shredding, fire, pulverizing

Question 85

specific techniques to data destruction on storage

Answer 85

• zeroing
  
  • erases data on the disk and overwrites with zeros
• overwriting
  
  • data is written to storage locations that previously held sensitive data
  • random passes of zeros and ones, no patterns
  • the number of times this is done, depends on the storage media and sensitivity of data

Question 86

scoping and tailoring

Answer 86

• scoping - considering which security controls apply and what assets they need to protect
• tailoring - modifying the set of controls to meet the specific characteristics and requirements of the organization

Question 87

brute force attack - which do they have

• plaintext
• neither plain or cipher text
• both plain and cipher text
• ciphertext

Answer 87

• cipher text
  explanation: attacker will try every key until the cipher text is decrypted

Question 88

known plaintext - what does the attacker have

Answer 88

both plaintext and cipher

Question 89

RSA is susceptible to what

• side channel attack
• meet in the middle attack
• chosen ciphertext
• known plaintext

Answer 89

• chose ciphertext

explanation:

• attacker can use the RSA public key to encrypt plaintext, then decrypt the resulting ciphertext in order to determine patterns
• this can be mitigated with random padding

Question 90

SAML components

Answer 90

1. Client

The user trying to authenticate into a web-based application.

2. Identity Provider (IdP)

The server or authorization authority that the client ultimately authenticates with. It holds the client’s credentials. Example:
When you log in to an application using Gmail credentials, Gmail is the IdP.

3. Service Provider (SP)

The web-based application that the client tries to access. Example: When you log in to GitHub using your Gmail credentials, then GitHub is the SP. SPs do not authenticate the user but delegate the task to the IdP.

4. Identity Management Service/Single Sign-On (IDM/SSO) Service

The service that enables communication between the SP with the IdP, allowing clients to access a service using a single account.

Question 91

saml attributes

Answer 91

• SSO
• web based authorization
• Tokens
• XML metadata

Question 92

what does a land attack do

Answer 92

attacker sends a packet with the same source and destination address and port

Question 93

change management steps

Answer 93

• request the change -
• review the change - experts within the org. review the change
• approve/reject the change - approve or reject based off the review, then record the response in change management documentation
• test the change - tested on non production server if possible. verify changes do not cause any harm
• schedule and implement the change - schedule change for the least impact on system and users. give time for rollback if needed.
• document the change - update configuration management doc. updated docs ensures that administrators can return systems back to the state they were in if there are unrelated disasters after changes

Question 94

groupings of subjects and objects that have the same security level requirements is what

Answer 94

security domain

Question 95

which of the following prevents accidental data access by ensuring that a class defines only the data that is requires

• polymorphism
• encapsulation
• polyinstantiation
• inheritance

Answer 95

encapsulation

explanation:

• encapsulation ensures that a class defines only the data that it requires.
• also known as data hiding, is a characteristic of object-oriented programming

Question 96

which of the following software errors is least likely to produce user visible error message

• use of expired session token
• unauthorized use of admin privileges
• tampering attempts
• incorrect for input

Answer 96

tampering attempts

explanation: of the available options, tampering attempts are the least likely to produce user visible error messages.

Question 97

what must a user have for all information processed in system high mode

Answer 97

security clearance and access approval

Question 98

what attacks are layer 1 of OSI

Answer 98

Signal Jamming - Wiretapping

Question 99

what attacks are at layer 2 of OSI

Answer 99

Collision - DOS /DDOS - Eavesdropping, arp poison, mac spoofing

Question 100

what attacks are at layer 3 of osi

Answer 100

smurfing flooding - ICMP spoofing - DOS

Question 101

what attacks are at layer 4 of osi

Answer 101

SYN flood - fraggle

Question 102

what attacks are at layer 5 of osi

Answer 102

sesion hijack

Question 103

what attack is at layer 6

Answer 103

Phishing - Worms - Trojans

Question 104

what attack is at layer 7

Answer 104

Phishing - Worms - Trojans