Chapter 1 Flashcards

1
Q

Define Confidentiality:

A

prevents the unauthorized disclosure of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The different methods to ensure confidentiality is:

A

Encryption

Access Controls

Steganography

Obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Define Encryption:

A

scrambles data to make it unreadable by unauthorized personnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is included to provide access controls?

A

Identification

Authentication

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Define Identification:

A

a unique username

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define Authentication:

A

a password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Define Authorization:

A

grant or restrict access to resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Define Steganography:

A

the practice of hiding data within data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define obfuscation:

A

security through obscurity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The CIA security triads includes:

A

Confidentiality

Integrity

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Define Integrity:

A

provides assurances that data has not changed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What can you use to enforce integrity?

A

Hashing or Message Authentication Code (MAC)

Digital signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe hash:

A

a number created by executing a hashing algorithm against data, such as a file or message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are two key concepts related to integrity?

A

Integrity provides assurances that data has not been modified, tampered with, or corrupted

Hashing verifies integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Digital signatures provide:

A

non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Digital signatures requires:

A

the use of certificates

and

Public Key Infrastructure (PKI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Certificates include:

A

keys used for encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Public Key Infrastructure provides:

A

the means to create, manage, and distribute certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Define non-repudiation:

A

the ability to prevent a party from denying an action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Access logs provide:

A

non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Define availability:

A

indicates that data and services are available when needed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is a common goal of fault tolerance and redundancy?

A

To remove each single point of failure (SPOF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Some fault tolerance and redundancy techniques:

A

Disk redundancies

Server redundancies

Load balancing

Site redundancies

Backups

Alternate power

Cooling systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Define disk redundancies:

A

fault-tolerant disks allow a system to continue to operate even if a disk fails

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

RAID-1:

A

mirroring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

RAID-5:

A

striping with parity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

RAID-10:

A

striping with a mirror

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Define server redundancies:

A

Failover clusters include redundant servers and ensure a service will continue to operate, even if a server fails

Virtualization can also increase availability of servers by reducing unplanned downtime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Load balancing uses:

A

multiples servers to support a single service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Site redundancies provide:

A

an alternate site when a site can no longer function due to a disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Alternate power:

A

Uninterruptible power supplies (USPs) and power generators can provide power to key systems even if commercial power fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Cooling systems:

A

heating, ventilation, and air conditioning (HVAC) systems improve the availability of systems by reducing outages from overheating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

One of the basic goals of implementing IT security is to:

A

reduce risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Define Risk:

A

the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Define Threat:

A

any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Define Vulnerability:

A

a weakness in either the hardware, software, configuration, or even the users operating the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

When can a security incident occur?

A

When a threat exploits a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Define security incident:

A

an adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization’s information technology (IT) systems and data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Risk mitigation:

A

reduces the chances that a threat will exploit a vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Technical controls:

A

use technology to reduce vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Administrative controls:

A

use methods mandated by organizational policies or other guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Physical controls:

A

are any controls that you can physically touch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Preventive controls:

A

attempt to prevent security incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Detective controls:

A

attempt to detect when vulnerabilities have been exploited, resulting in a security incident

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Corrective controls:

A

attempt to reverse the impact of an incident or problem after it has occurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Compensating controls:

A

are alternative controls used when a primary control is not feasible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Example of technical controls:

A

Encryption

Antivirus software

Intrusion detection systems (IDSs) and Intrusion prevention systems (IPSs)

Firewalls

Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Define encryption:

A

a strong technical control used to protect confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Define antivirus software:

A

once installed, the antivirus software provides protection against malware infection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Define Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs):

A

can monitor a network or host for intrusions and provide ongoing protection against various threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Define firewalls:

A

restrict network traffic going in and out of a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Define least privilege:

A

specifies that individuals or processes are granted only the privileges they need to perform their assigned tasks or functions, but no more.

53
Q

Some common administrative controls are:

A

Risk assessments

Vulnerability assessments

Penetration tests

54
Q

Risk assessments help:

A

quantify and qualify risks within an organization so that the organization can focus on the serious risks

55
Q

Vulnerability assessment attempts to:

A

discover current vulnerabilities or weaknesses

56
Q

Penetration tests attempt to:

A

exploit vulnerabilities

57
Q

Many administrative controls are also known as:

A

operations or management controls

58
Q

Operational or management controls include the following families:

A

Awareness and training

Configuration and change management

Contingency planning

Media protection

Physical and environmental protection

59
Q

Training helps users:

A

maintain password security, follow a clean desk policy, understand threats such as phishing and malware, and much more

60
Q

Configuration management often uses:

A

baselines to ensure that systems start in a secure, hardened state

61
Q

Change management helps ensure that:

A

changes don’t result in unintended configuration errors

62
Q

The goal of contingency planning is to:

A

reduce the overall impact on the organization if an outage occurs

63
Q

Media protection includes:

A

physical media such as USB flash drives, external and internal drives, and backup tapes

64
Q

Physical and environmental protection includes:

A

physical controls, such as cameras and door locks, and environmental controls, such as heating and ventilation systems

65
Q

Technical and administrative controls categorize the controls based on:

A

how they are implemented

66
Q

Some examples of preventative controls are:

A

Hardening

Security awareness and training

Security guards

Change management

Account disablement policy

67
Q

Hardening is the practice of:

A

making a system or application more secure than its default configuration

68
Q

Security guards:

A

prevent and deter many attacks

69
Q

Change management ensures:

A

that changes don’t result in unintended outages

70
Q

Account disablement policy ensures:

A

that users accounts are disabled when an employee leaves

71
Q

Some examples of detective controls are:

A

log monitoring

trend analysis

security audit

video surveillance

motion detection

72
Q

Log monitoring:

A

record details of activity on systems and networks

73
Q

Trend analysis:

A

monitor logs to detect trends

74
Q

Security audits can:

A

examine the security posture of an organization

75
Q

Video surveillance can:

A

record activity and detect what occurred

76
Q

Motion detection can:

A

detect motion from potential intruders and raise alarms

77
Q

What are the differences between detection and prevention controls?

A

A detective control can’t predict when an incident will occur and it can’t prevent it

Prevention controls stop the incident from occurring at all

78
Q

Some examples of corrective controls are:

A

Intrusion prevention system (IPS)

Backups and system recovery

79
Q

Backups ensure:

A

that personnel can recover data if it is lost or corrupted

80
Q

System recovery procedures ensure:

A

administrators can recover a system after a failure

81
Q

Deterrent controls attempt to:

A

discourage a threat

82
Q

Some physical security controls used to deter threats:

A

Cable locks

Hardware locks

83
Q

Cable locks deter:

A

thieves from stealing the laptops

84
Q

Hardware locks:

A

locks such as locked doors securing a wiring closet or a server room

85
Q

Compensating controls are:

A

alternative controls used instead of a primary control

86
Q

Virtualization allows you to:

A

host one or more virtual systems, or virtual machines (VMs), on a single physical system

87
Q

Hypervisor is:

A

the software that creates, runs, and manages the VMs

88
Q

VM Host is:

A

the physical system hosting the VMs

89
Q

VM Guest is:

A

the operating systems running on the host system

90
Q

Host elasticity and scalability refer to:

A

the ability to resize computing capacity based on the load

91
Q

Type I hypervisors run:

A

directly on the system hardware

92
Q

Type II hypervisors run:

A

as software within a host operating system

93
Q

Application cell or container virtualization runs:

A

services or applications within isolated application cells (or containers)

94
Q

A benefit of container virtualization is that is uses:

A

fewer resources and can be more efficient than a system using a traditional Type II hypervisor virtualization

95
Q

A drawback of container virtualization is that:

A

containers must use the operating system of the host.

96
Q

VMs can provide:

A

segregation, segmentation, and isolation of individual systems

97
Q

Snapshot provides:

A

you with a copy of the VM at a moment in time, which you can use as a backup

98
Q

When do administrators commonly take snapshots of systems?

A

Prior to performing any risky operation

99
Q

Risky operations include:

A

applying patches or updates

testing security controls

installing new applications

100
Q

In a Virtual desktop infrastructure (VDI) or Virtual desktop environment (VDE) a:

A

user’s desktop operating system runs as a VM on a server

101
Q

One benefit of using a VDI/VDE is that:

A

user PCs can have limited hardware resources

102
Q

Persistence or non-persistence

A

In a persistent virtual desktop, each user has a custom desktop image

In a non-persistent virtual desktop, the users use the same desktop from a preconfigured snapshot for all users

103
Q

Risks associated with virtualization:

A

VM escape

VM Sprawl

Loss of confidentiality

104
Q

VM escape is:

A

an attack that allows an attacker to access the host system from within the virtual system

105
Q

VM sprawl occurs:

A

when an organization has many VMs that aren’t managed properly

106
Q

Kali Linux is:

A

a free Linux distribution used by many security professionals for penetration testing and security auditing.

107
Q

Ping is:

A

a basic command used to test connectivity for remote systems

108
Q

What else can you use ping for?

A

to verify a system can resolve valid host names to IP addresses

test the NIC

Check the security posture of a network

109
Q

How does the ping command check connectivity?

A

by sending Internet Control Message Protocol (ICMP) echo request packets

110
Q

What is the command that verifies that your computer can connect with another computer on your network?

A

ping 192.168.1.1

111
Q

Ping on Windows systems:

A

ping -t 192.168.1.1

112
Q

Windows ping on a Linux system:

A

ping -c 4 192.168.1.1

113
Q

How to get IP address from Windows command prompt?

A

ping getcertifiedgetahead.com

114
Q

The ipconfig (Internet Protocol configuration) command shows:

A

the Transmission Control Protocol/Internet Protocol (TCP/IP) configuration information for a system

115
Q

What is included in the Transmission Control Protocol/Internet Protocol (TCP/IP)?

A

computer’s IP address

subnet mask

default gateway

MAC address

the address of a Domain Name System (DNS) server

116
Q

Linux-based systems use what instead of ipconfig?

A

ifconfig (short for interface configuration)

117
Q

The netstat command:

A

allows you to view statistics for TCP/IP protocols on a system

gives you the ability to view active TCP/IP network connections

118
Q

The tracert command:

A

lists the routers between two systems. In this context, each router is referred to as a hop

119
Q

Windows-based systems use tracert and Linux-based systems use:

A

traceroute

120
Q

Tracing internet path Windows command prompt:

A

tracert blogs.getcertifiedgetahead.com

121
Q

Arp is related to:

A

the Address Resolution Protocol (also ARP)

122
Q

The arp command is used to:

A

view and manipulate the ARP cache

123
Q

Some of the common state of connections are:

A

Established

Listen

Close_Wait

Time_Wait

Syn_Sent

Syn_Received

124
Q

Established State:

A

the normal state for the data transfer phase of a connection

125
Q

Listen State:

A

indicates the system is waiting for a connection termination request

126
Q

Time_Wait State:

A

indicates the system is waiting for enough

time to pass to be sure the remote system received a TCP-based acknowledgment of the connection

127
Q

Close_Wait State:

A

indicates the system is waiting for a connection termination request

128
Q

Syn_Sent State:

A

indicates the system sent a TCP SYN (synchronize) packet as the first part of the SYN, SYN-ACK (synchronize-achknowledge), ACK (acknowledge) handshake process and it is waiting for the SYN-ACK response.

129
Q

Syn_Received State:

A

indicates the system sent a TCP SYN-ACK packet after receiving a SYN packet as the first part of the SYN, SYN-ACK, ACK handshake process