Book Cards (set 4)

Question 1

How can you confirm the reliability of a system?

Answer 1

Check the Mean Time Between Failure (MTBF)

Question 2

What holds the private keys for third parties and where are they stored?

Answer 2

Key Escrow stores third party private keys in the Hardware Security Module (HSM)

Question 3

What type of attack uses a .ryk file extension?

Answer 3

Ransomware (Ruyk, in this case)

Question 4

What type of system would generate a PII error?

Answer 4

Data Loss Prevention (DLP)

Question 5

What tells you if your certificate is valid?

Answer 5

The Certificate Revocation List (CRL) will do so by default, even if you have no internet

Question 6

What type of interception attack involves data forwarded at a later date, and what authentication protocol can prevent it?

Answer 6

A replay attack. This can be prevented using Kerberos.

Question 7

What type of attack uses the path ......\etc\shadow?

Answer 7

Directory Traversal

Question 8

What type of attack is it when someone pretends to be from the helpdesk and calls you to reset your password?

Answer 8

A Social Engineering impersonation attack

Question 9

What type of virus attack cannot be detected by anti-virus software, NIDS, NIPS, or a SIEM system? How can you detect it?

Answer 9

A Zero-Day virus has no updates to be identified by any anti-virus software or system until 2-3 days after discovery. The only way to detect it is by comparing the original baseline with the current baseline.

Question 10

What type of attack is it when the HR Manager sends you an email demanding that you complete a form that has your personal details?

Answer 10

A social engineering authority attack sends you an email apparently from a high-level executive such as the CEO or HR manager to obtain your details.

Question 11

!

Answer 11

!

Question 12

What authentication model uses tokens?

Answer 12

OAuth 2.0

Question 13

What authentication model uses tickets?

Answer 13

Kerberos

Question 14

What authentication model uses cookies?

Answer 14

Federated Services

Question 15

What authentication model prevents replay attacks?

Answer 15

Kerberos, using USN and time stamps

Question 16

What authentication model uses extended attributes?

Answer 16

Federated Services

Question 17

What is the file extension and format of a Public Key?

Answer 17

The Public Key has a file extension of .cer and a P7B format

Question 18

What authentication model reduces the number of times you need to authenticate within a system?

Answer 18

Single sign on (SSO)

Question 19

What authentication protocol supports OpenID Connect?

Answer 19

OAuth

Question 20

What authentication model prevents the hash attack?

Answer 20

Kerberos

Question 21

What authentication model do IaaS, PaaS, and SaaS all use?

Answer 21

Federation Services is the authentication model used by the cloud, though it can also use SAML tokens

Question 22

When a users certificate becomes corrupt, what support person will help them get their data back, what key will they need, and where will they obtain that key?

Answer 22

The Data Recovery Agent (DRA) will obtain a copy of your Private Key from the Key Escrow to decrypt your data

Question 23

What is the file extension and format of a Private Key?

Answer 23

The Private Key has a P12 format with an extension of .pfx

Question 24

What authentication model is third party to third party?

Answer 24

Federated Services