Chapter 18

Question 1

APT

Answer 1

Advanced Persistent Threat

Question 2

DLP

Answer 2

Data Loss Prevention

Question 3

EDR

Answer 3

Endpoint Detection Response

Question 4

FDE

Answer 4

Full Disk Encryption

Question 5

HIDS

Answer 5

Host-based Intrusion Detection System

Question 6

HIPS

Answer 6

Host-based Intrusion Prevention System

Question 7

HSTS

Answer 7

HTTP Strict Transport Security

Question 8

Malware is short for

Answer 8

Malicious Software

Question 9

NGFW

Answer 9

Next Generation Fire Wall

Question 10

PCR

Answer 10

Platform Configuration Registers

Question 11

SDLM

Answer 11

Software Development Lifecycle Methodology

Question 12

SED

Answer 12

Self-Encrypting Drive

Question 13

SP in Windows SP means

Answer 13

Service Pack

Question 14

TPM

Answer 14

Trusted Platform Module

Question 15

UEFI

Answer 15

Unified Extensible Firmware Interface

Question 16

UEM

Answer 16

Unified Endpoint Management

Question 17

UTM

Answer 17

Unified Threat Management

Question 18

A secure mechanism to verify the integrity of an IoT gateway during boot time.

Answer 18

Boot Attestation

Question 19

What is the purpose of HIDS?

Answer 19

To detect undesired elements in network traffic to and from the host.

Question 20

What is the purpose of a HIPS?

Answer 20

To detect undesired elements in network traffic but also protect the network from the malicious activity.

Question 21

Served to prevent sensitive data from leaving the network without notice.

Answer 21

Data Loss Prevention

Question 22

Ensures that a device boots using only software that is trusted by the Original Equipment Manufacturer.

Answer 22

Secure Boot.

Question 23

Process of adding random strings of characters to passwords in a database or each password before they are hashed to make them more secure.

Answer 23

Salting.

Question 24

A software application made by Microsoft used to scan, detect, and remove viruses, spyware, and malware.

Answer 24

Windows Defender

Question 25

A free open source utility for network discovery and security auditing.

Answer 25

NMap.

Question 26

An open source GUI which aims to make NMap easier for beginners.

Answer 26

ZenMap

Question 27

Services are accessed using what two ports?

Answer 27

TCP and UDP

Question 28

Small blocks of data created by a web server while a user is browsing a website and placed on the user’s computer or other device.

Answer 28

Cookie

Question 29

A physical or embedded security technology that resides on a computer’s motherboard or processor.

Answer 29

TPM (Trusted Platform Module)

Question 30

The process of testing input received by an application for compliance against a standard defined within the application.

Answer 30

Input Validation

Question 31

What are allow and deny lists?

Answer 31

An allow list is a list of approved applications. A block/deny list is a list of applications that should not be allowed to run.

Question 32

A directive that declares browsers should only interact via HTTPS, never HTTP, with a max time of 3600 seconds.

Answer 32

HSTS [HTTP Strict Transport Security]

Question 33

What is the purpose of input validation?

Answer 33

To validate data input by the user, and repeat the request for the data in the case where input of the user is not valid.

Question 34

A source that can always be trusted within a cryptographic system.

Answer 34

Hardware Root of Trust

Question 35

Hardware based standard that is used for applying hardware-based encryption to mass storage devices.

Answer 35

Opal

Question 36

What is the challenge in allow listing?

Answer 36

The number of potential applications that are run on a typical machine.

Question 37

What host-based firewall is included in Windows OS?

Answer 37

Windows Defender Firewall

Question 38

A physical device that connects to a computer network and exchanges data or commands with other devices.

Answer 38

Endpoint

Question 39

The quarantine or isolation of a system from its surroundings.

Answer 39

Sandboxing

Question 40

Two other server operating systems other than Windows.

Answer 40

Linux and VM/Hypervisor

Question 41

What’s the purpose of hotfixes, patching, and service packs?

Answer 41

To make sure the software and hardware of a system is up to date on the latest updates to better keep them secured and working efficiently.

Question 42

What are FDE and SDE?

Answer 42

Methods of implementing encryption on hard drives.

Question 43

What is the difference between Heuristic-scanning and signature-scanning?

Answer 43

Heuristic scanning looks for specific commands or instructions that would not typically be found in an application, signature scanning uses a virus dictionary to look for malware and viruses.

Question 44

What is the purpose of a security appliance?

Answer 44

To keep a system protected from malicious activity.

Question 45

Why does encryption and obfuscation pose problems for anti-malware?

Answer 45

If a virus or malware is encrypted then the antimalware won’t be able to find it in its signature dictionary.

Question 46

What code has weaknesses and vulnerabilities?

Answer 46

All code.

Question 47

How Root of Trust applies to UEFI

Answer 47

To ensure that a known, certified boot loader is used to load the next stage loader/manager or O/S kernel.

Question 48

Why would a security specialist run Netstat?

Answer 48

To have a statistics of all active connections in a system, making it easier to monitor and identify problems.

Question 49

A repository of all information related to configurations.

Answer 49

Registry

Question 50

What are hive keys?

Answer 50

Keys use to access the registry.

Question 51

In what three ways can antimalware resolve malware issues?

Answer 51

Quarantine, Remove, and block.

Question 52

How often are new security advisories released?

Answer 52

Once a week, every monday.

Question 53

What does high-level software mean?

Answer 53

Applications close to user level.

Question 54

What is MITRE and OWASP?

Answer 54

Websites that list all known software exploits and vulnerabilities.