Book Cards (set 4) Flashcards
How can you confirm the reliability of a system?
Check the Mean Time Between Failures (MTBF)
What holds the private keys for third parties and where are they stored?
Key Escrow stores third party private keys in the Hardware Security Module (HSM)
What type of attack uses a .ryk file extension?
Ransomware (Ruyk, in this case)
What type of system would generate a PII error?
Data Loss Prevention (DLP)
What tells you if your certificate is valid?
The Certificate Revocation List (CRL) will do so by default, even if you have no internet
What type of interception attack involves data forwarded at a later date, and what authentication protocol can prevent it?
A replay attack. This can be prevented using Kerberos.
What type of attack uses the path ......\etc\shadow?
Directory Traversal
What type of attack is it when someone pretends to be from the helpdesk and calls you to reset your password?
A Social Engineering impersonation attack
What type of virus attack cannot be detected by anti-virus software, NIDS, NIPS, or a SIEM system? How can you detect it?
A Zero-Day virus has no updates to be identified by any anti-virus software or system until 2-3 days after discovery. The only way to detect it is by comparing the original baseline with the current baseline.
What type of attack is it when the HR Manager sends you an email demanding that you complete a form that has your personal details?
A social engineering authority attack sends you an email apparently from a high-level executive such as the CEO or HR manager to obtain your details.
DELETE
DELETE
What authentication model uses tokens?
OAuth 2.0
What authentication model uses tickets?
Kerberos
What authentication model uses cookies?
Federated Services
What authentication model prevents replay attacks?
Kerberos, using USN and time stamps
What authentication model uses extended attributes?
Federated Services
What is the file extension and format of a Public Key?
The Public Key has a file extension of .cer and a P7B format
What authentication model reduces the number of times you need to authenticate within a system?
Single sign on (SSO)
What authentication protocol supports OpenID Connect?
OAuth
What authentication model prevents the hash attack?
Kerberos
What authentication model do IaaS, PaaS, and SaaS all use?
Federation Services is the authentication model used by the cloud, though it can also use SAML tokens
When a users certificate becomes corrupt, what support person will help them get their data back, what key will they need, and where will they obtain that key?
The Data Recovery Agent (DRA) will obtain a copy of your Private Key from the Key Escrow to decrypt your data
What is the file extension and format of a Private Key?
The Private Key has a P12 format with an extension of .pfx
What authentication model is third party to third party?
Federated Services