CASP Flashcards
What is an IDS
Intrusion Detection System- a system that monitors traffic that transverses a network segment in real time.
What are the types of IDS’s
Host Based and Network Based
What is a Network Intrusion Prevention System (NIPS)
A
network security/threat prevention technology that examines network traffic to detect and prevent exploits.
What is a Web Application Firewall (WAF)
An appliance, plug in, or filter that applies a set of rules to an HTTP connection.
What are the types of WAF’s
1.Appliance Based
2.Cloud Based
3.Code Integrated
What are the WAF modes
1.Positive Mode
2. Negative Mode
What is Network Access Control (NAC)?
Steps taken to ensure that all security standards are met prior to connecting a device to the network.
What are the NAC types?
- Infrastructure
- Endpoint
- Hardware
What is the function of Domain Name Server Security Extensions
(DNSSEC)?
Provides integrity and authentication
for DNS responses.
What is Network Address Translation (NAT)?
A method of mapping an
IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device
What are the NAT types?
- Full-Cone
2.Address-Restricted-Cone - Port-Restricted-Cone
What are the types of Proxies?
- Forward
- Reverse
- Anonymous
4.Transparent
What is the function of an Apllication Programing Interface (API)?
It allows two applications to communicate with one another to access data.
What is Virtual Private Cloud (VPC)?
A virtual version of a physical network.
What are the types of Cloud Computing?
- Private
- Public
- Community
- Hybrid
What is a Federation in reference to networks?
The trust relationship that exists
between organizations
What is Vertical Scaling?
Adding additional
resources to a system so that it meets demand.
What is Horizontal Scaling?
Adding
additional nodes or machines to your infrastructure to
cope with new demands.
What are the Development Approaches?
- DevSecOps
- Agile
- Waterfall
- Spiral
- Versioning
- Continuous Integration/Continuous delivery (CI/CD)
What is the Waterfall Method?
A less flexible process in which development requires formal reviews
before moving into the next
phase
What is the Spiral Method?
A nested version of waterfall method
where the estimated costs and schedules are revised at the end of each risk assessmed
What is Continuous Integration/Continuous Delivery
(CI/CD) Pipelines method ?
A series of steps that include all the stages from the start of the CI/CD process responsible for creating seamless software delivery
What is Virtual Desktop Infrastructure (VDI)?
The process of running a user desktop inside a virtual machine that lives on a server in the datacenter.
What is the function of DIAMETER?
Replaces RADIUS but is not compatible with RADIUS. Provides better performance and encryption.
What is Kerberos?
The default authentication protocol for windows based single sign on.
What are the Authentication Factors?
- Something you Know (knowledge factor)
- Something you have (ownership factor)
- Something you are (characteristics factor)
- Somewhere you are (location factor)
- Something you do (action factor)
What is Single Sign On (SSO)?
It allows a user to login once and access all appropriate network resources.
What is JSON?
JavaScript object notation.
What is Virtual Desktop Infrastructure (VDI)?
Remote desktop services architectures that provide the flexibility to work anywhere.
What are the 3 models of VDI?
- Centralized
- Hosted
- Remote Virtual Desktop
What is Middleware?
Software that provides common
services and capabilities to applications outside of what’s offered by the operating system.
What are the types of privelage escalation?
- Vertical
- Horizontal
What is Database Activity Monitor (DAM)?
Tools that monitor, capture, and record database events in near real-time and provides alerts about security violations.
What are the 3 models of DAM?
- Interception Based
- Memory Based
- Log Based
What is the RFC that sets aside IP Addresses for NAT?
RFC 1918
What is a UTM?
Unified Threat Management- All in one security that bundles multiple security functions into one appliance.
What is API?
Application Programming Interface- Allows two apps to communicate each other to access data.
What are the types of Mobile Schemes?
- COBO (Company-Owned Business Only)
- COPE (Company-Owned Personal Enabled)
- CYOD (Choose Your Own Device)
- POCE (Personally Owned Corporate Enabled)
- BYOD (Bring Your Own Device)
What is resilience?
Resilience is the process and outcome of successfully adapting.
What is redundancy?
The inclusion of extra components in case of failure in other components.
What is whitebox testing?
Static Application Security
Testing (SAST)- code based testing.
What is black box testing?
Dynamic Application Security Testing (DAST)- functional testing.
What is Fault Tolerance?
A process that enables an operating system to respond to a failure in hardware or software.
What are the gateway protocols?
- RIP
- OSPF
- BGP
Why are the 3 SDN Planes?
- Control
- Data
- Application
What is an Unsecure Direct Object Reference?
Pages or services allow requests to be made to specific objects without the proper verification of the requestor’s right to the content.
What are the goals of pentesting?
- Determine if there is a vulnerability that can be exploited via blind test.
- Determine if the target’s is able to detect and respond to the attack via double blind test
What are the types of Pentest teams?
- Red- attackers
- Blue Defenders
- White- Referees
What are the types of Privilege Escalation?
- Vertical
- Horizontal
What are SCADA systems?
Supervisory Control And Data
Acquisitions- Systems that monitor utilities and control power distribution.
What is the Certificate Revocation List?
A list that Identifies certificates that
have been revoked due to fraud, theft, change in name or relationship with
the CA.
What is SE Linux?
Linux Kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls(MAC).