Chapter 1 Mastering Security Basics

Question 1

What is a “Use Case”?

Answer 1

A “Use Case” describes a goal that an organization wants to achieve.

Question 2

___________prevents the unauthorized disclosure of data.

Answer 2

Confidentiality

Question 3

_______scrambles data to make it unreadable by unauthorized personnel.

Answer 3

Encryption

Question 4

What are the key elements of access controls?

Answer 4

Identification, authentication, authorization

Question 5

Stegnaography is a method of confidentiality.

Answer 5

Stegnaography obscures the data and can be used in a use case to support obfuscation.

Question 6

What is obfuscation?

Answer 6

to make something unclear of difficult to understand.

Question 7

Hiding data in plain sight is referred to as

Answer 7

steganography

Question 8

to provide assurance that data has not changed or been modified or corrupted.

Answer 8

Integrity

Question 9

How can integrity be enforced with data?

Answer 9

hashing techniques

Question 10

What are examples of hashing algorithms?

Answer 10

Message Digest 5 (MD5), Secure Hash Algorithm (SHA), Hash-based Message Authentication Code (HMAC).

Question 11

MAC has three different meanings..

Answer 11

Media access control, Mandatory access control, Message authentication code

Question 12

What do digital signatures ensure?

Answer 12

authentication, non-repudiation and prevents attackers from impersonating others.

Question 13

Availability indicates that data and services are available when needed.

Answer 13

Organizations commonly implement redundancy and fault-tolerant methods to ensure availability for key systems.

Question 14

Why is redundancy important?

Answer 14

it adds duplication to critical systems and provides fault tolerance. continue service with no interruptions.

Question 15

What does SPOF mean?

Answer 15

Single point of failure

Question 16

What is the common goal of fault tolerance and redundancy?

Answer 16

to remove single point of failure (SPOF)

Question 17

______the possibility of a threat exploiting a vulnerability and resulting in a loss

Answer 17

Risk

Question 18

_______can occur if personnel in a organization don’t manage the VMs correctly.

Answer 18

VM sprawl

Question 19

Louie hid several plaintext documents within an image file. He then sent the image file to Tony. Which of the following best describe the purpose of his actions?

Answer 19

support obfuscation

Question 20

_______allow an attacker to access the host system from the VM.

Answer 20

VM escape attacks

Question 21

_________the state of a VM at a moment in time.

Answer 21

Snapshot

Question 22

_________ a specialized version of a Type II hypervisor that has use the kernal of the host.

Answer 22

Container virtualization

Question 23

__________ runs as a software within a host operating system

Answer 23

Type II Hypervisor

Question 24

_______run directly on the system hardware.

Answer 24

Type I Hypervisor

Question 25

________reduces risk by reducing the chanes that a threat will exploit a vulnerability or by reducing the impact of the risk.

Answer 25

Risk mitigation

Question 26

What are the three primary security control types

Answer 26

technical, administrative, physical

Question 27

Additional control methods are

Answer 27

corrective, preventive, detective, compensating,and deterrent

Question 28

You run command-line tools in the command Prompt window in Windows and terminal in Linux

Answer 28

Ping command is used to check connectivity, name resolution, verify routers, firewalls, and intrusion prevention block ICMP

Question 29

ipconfig command on Windows allows you to view configuration of network interfaces.

Answer 29

Linux uses “ifconfig and ip” to view and change configurations of a network interfaces.

Question 30

You can enable promiscuous mode on a NIC with ifconfig

Answer 30

Netstat allows you to view statistics for TCP/IP protocols and view all active network connections.

Question 31

Netstat is useful if you suspect malware is causing a computer to connect with a remote computer

Answer 31

Tracert list the router or hops between two systems and verify a path has not changed

Question 32

The arp command allows you to view and manipulate the ARP cache.

Answer 32

ARP can be useful if you suspect a system’s ARP cache has been modified during an attack.

Question 33

What does ARP stand for?

Answer 33

Address Resolution Protocol

Question 34

One benefit of using a VDI/ VDE is that user PCs can have limited hardware resources. If the PC can connect to a server over a network, it can run a full-featured desktop operating system from the server.

Answer 34

In a persistent virtual desktop, each user has a custom desktop image.

Question 35

Virtual desktops that support non-persistence serve the same desktop for all users. When a user accesses the remote server, it provides a desktop operating system from a preconfigured snapshot.

Answer 35

Although non-persistent users can make changes to the desktop as they’re using it, it reverts to a known state (the original snapshot) when they log off.

Question 36

ipconfig /all. This command shows a comprehensive listing of TCP/ IP configuration information for each NIC. It includes the media access control (MAC) address, the address of assigned DNS servers, and the address of a Dynamic Host Configuration Protocol (DHCP) server if the system is a DHCP client. You can use ifconfig-a on Linux systems.

Answer 36

ipconfig /displaydns. Each time a system queries DNS to resolve a host name to an IP address, it stores the result in the DNS cache and this command shows the contents of the DNS cache. It also shows any host name to IP address mappings included in the hosts file.

Question 37

ipconfig /flushdns. You can erase the contents of the DNS cache with this command. Use this when the cache has incorrect information and you want to ensure that DNS is queried for up-to-date information.

Answer 37

Netstat. Displays a listing of all open TCP connections.

Question 38

Netstat-a. Displays a listing of all TCP and User Datagram Protocol (UDP) ports that a system is listening on, in addition to all open connections.

Answer 38

Netstat–r. Displays the routing table.

• Netstat-e. Displays details on network statistics, including how many bytes the system sent and received.

Netstat-s. Displays statistics of packets sent or received for specific protocols, such as IP, ICMP, TCP, and UDP.

Question 39

Netstat-p protocol. Shows statistics on a specific protocol, such as TCP or UDP. For example, you could use netstat-p tcp to show only TCP statistics.

Answer 39

Network administrators typically use tracert to identify faulty routers on the network.