Chapters 11-14: Application/Cloud/Organizational security and Disaster planning

Question 1

Which application exploit accesses directories on the target machine that regular clients do not?

Answer 1

Directory traversal

Question 2

What is a type of injection attack which exploits a common XML parser feature. Attackers can use it to steal data or issue commands to other applications through an insecure parser

Answer 2

XML External Entities (XXE)

Question 3

Which type of attack allows remote code execution on client browsers using client side scripting in web pages. They allow the attacker to gain control of the end user’s browser or login session.

Answer 3

Cross-site scripting (XSS)

Question 4

Which type of attack occurs when data stored in some storage format like JSON is converted back into its original form and directly used as program input. If the serialized data is under user control, it can be malformed to cause DoS, SQL injection, or remote code execution.

Answer 4

Insecure de-serialization

Question 5

Which type of operation retrieves an object a pointer is pointing to. May be used on a null pointer to crash an application, bypass a security function, or return useful debug information.

Answer 5

De-referencing

Question 6

Which error occurs during race conditions when something is changed between when you checked something and used the result of the check?

Answer 6

Time of check to time of use (TOCTOU)

Question 7

Which attack inserts code into a running process by forcing it to load executable code from a shared library file?

Answer 7

DLL injection

Question 8

In which XSS technique is the script uploaded to the server?

Answer 8

Stored/Persistent

Question 9

In which XSS technique is the script placed into a server request?

Answer 9

Reflected/Non-persistent

Question 10

In which XSS technique does the script never get placed in the server, bu instead takes place entirely in the model browsers use to render content?

Answer 10

Document Object Model (DOM) based

Question 11

Which attack exploits the site’s trust of the user?

Answer 11

Cross-site request forgery (CSRF or XSRF)

Question 12

Which attack is like a CSRF, but exploits vulnerabilities in the server?

Answer 12

Server side request forgery (SSRF)

Question 13

What technique prevents attacks like injection and buffer overflow by validating all input received before processing it?

Answer 13

Input validation

Question 14

Which technique protects backend databases by adding escape characters so that input resembling code won’t be treated as such?

Answer 14

Input Sanitization

Question 15

Which cloud service model is subscription-based access to applications or databases. Sometimes referred to as “on-demand software”

Answer 15

Software as a Service (SaaS)

Question 16

Which cloud service model provides access to a computing platform or software environment the cloud customer (CC) can use to develop and host web-based applications

Answer 16

Platform as a Service (PaaS)

Question 17

Which cloud service model provides access to computing and networking resources themselves, such as storage devices, processing, entire computers, and even whole networks?

Answer 17

Infrastructure as a Service (IaaS)

Question 18

Which cloud service model includes storage as a service, information as a service, security as a service and so on?

Answer 18

Anything as a Service (XaaS)

Question 19

In which cloud deployment model is access to the service available to the general public, for free or for a fee? It can be owned and hosted by any sort of public or private organization.

Answer 19

Public

Question 20

In which cloud deployment model is the service accessible only to a single organization, though it is shared among multiple divisions or business units. It might be on-premises or off, and it might be owned and managed by the organization itself or a third party.

Answer 20

Private

Question 21

In which cloud deployment model is the service shared between a group of organizations with shared concerns and needs, for example, organizational mission or specific technical, policy, or security requirements. It may be hosted by one, by a third party, or as a cooperative venture.

Answer 21

Community

Question 22

The service has some combination of public, private, and community cloud characteristics under one shared hardware or software infrastructure. For example, a provider of public cloud services might also host private clouds for large customers with higher security needs or other specialized requirements.

Answer 22

Hybrid

Question 23

Which cloud technology can virtually segment and isolate a specific customer’s cloud within a larger public cloud to prevent one from affecting the other.

Answer 23

Virtual Private Cloud (VPC)

Question 24

What is a server on the local network which can perform data standardization, reduction, and preliminary analysis. In cloud computing, data is passed to this entity after a collection point.

Answer 24

Fog node (Fog computing)

Question 25

What is similar to a fog node, but performs processing directly on source devices and forms a peer-to-peer network.

Answer 25

Edge devices (Edge computing)

Question 26

Sender Policy Frameworks (SPF), Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) are examples of what?

Answer 26

Email security controls that help identify message which may be forged

Question 27

What is a business agreement that is a less formal agreement of mutual goals?

Answer 27

Memorandum of Understanding (MOU)

Question 28

What is a business agreement which is security focused and specifies the technical requirements involved in creating and maintaining a secure connection?

Answer 28

Interconnection Security Agreement (ISA)

Question 29

What is a written agreement defining the general relationship between business partners. At the least, it defines how each organization shares profits, losses, property, and liability

Answer 29

Business Partnership Agreement (BPA)

Question 30

What is a formal definition of a service provided to or by the organization, typically including expectations for
performance, reliability, and other service metrics.

Answer 30

Service-level agreement (SLA)

Question 31

What is an attack that only occurs when a modem is being used. It is used to perform mechanized scanning of a roll of telephone numbers.

Answer 31

War dialing

Question 32

What is a metallic enclosure that prevents the entry or escape of an electromagnetic field (EM).

Answer 32

Faraday cage

Question 33

What is a document that includes analysis of risks to business operations, controls to mitigate them, and procedure for maintaining or restoring service in the event of a disaster?

Answer 33

Business Continuity Plan (BCP)

Question 34

What document identifies critical business functions and how long the business can operate without them?

Answer 34

Business Impact Analysis (BIA)

Question 35

What document is a risk assessment that is specific to a single site or facility

Answer 35

Site risk assessment

Question 36

What document contains technical procedures for restoring services and operations after a significant disruption?

Answer 36

Disaster Recovery Plan (DRP)

Question 37

Which document contains procedures for restoring individual information systems after a disaster?

Answer 37

Information system contingency plan (ISCP)

Question 38

Which document contains procedures for moving critical operations to a temporary site?

Answer 38

Continuity of operations plan (COOP)

Question 39

What document contains procedures for communications in the event of a disaster?

Answer 39

Crisis Communications Plan

Question 40

What document contains procedures for managing sudden changes in personnel?

Answer 40

Succession Plan

Question 41

What are the 5 steps in creating a BIA

Answer 41

1. Identify mission essential functions (MEFs)
2. Identify systems, resources or even other functions used by each critical function
3. Prioritize critical functions according to maximum tolerable downtime (MTD)
4. Identify threats
5. Determine mitigation techniques for each threat

Question 42

Which recovery objective is the maximum expected amount of downtime?

Answer 42

Recovery Time Objective (RTO)

Question 43

Which recovery objective is the maximum expected period for which data will be lost in the case of disaster.

Answer 43

Recovery Point Objective (RPO)

Question 44

What redundancy strategy refers to connections allowing multiple paths between two points, so that an interruption to one won’t interrupt
service.

Answer 44

Multipathing

Question 45

What redundancy strategy is a form of link aggregation which joins multiple NICs on one host to the same network, while behaving as a single virtual adapter with a shared address.

Answer 45

NIC Teaming

Question 46

Which technology is like SIEM as in it automates and analyzes security data, but the goal is to streamline and standardize incident response workflows.

Answer 46

Security Orchestration, Automation, and Response (SOAR)

Question 47

What is a set of conditional steps that must be performed as part of any security process, such as a log review?

Answer 47

Runbook

Question 48

What is a looser workflow or checklist that is used to organize or document a security response process?

Answer 48

Playbook

Question 49

The goals of what process is to keep the incident from escalating and to minimize operational impact to the organization.

Answer 49

Containment

Question 50

Once you know you won’t be losing or destroying valuable evidence, you can get on with the next step: eliminating the root cause of a problem and repairing any affected systems. What is this process?

Answer 50

Eradication

Question 51

What is a notification sent from an organization’s legal team to employees instructing them not to delete electronically stored information (ESI) or discard paper documents that may be relevant to a new or imminent legal case?

Answer 51

Legal hold

Question 52

What are the 5 steps to eDiscovery?

Answer 52

1. Determine what data needs to be collected
2. Include any information placed on a legal hold
3. Security physical and remove access to any systems or data relevant to the investigation
4. Document the scene as you found it
5. Secure the confidentiality, integrity and authenticity of your finding

Question 53

Which cloud model is represented as a pay per use model?

Answer 53

SaaS

Question 54

This is a form of malicious link that prepends a special data string before the URL to hide the nature of a false login site. For example, the following link might open a fake login page for your bank while bypassing the browser security features that would
otherwise warn you in the address bar.

Answer 54

Prepending

Question 55

These are messages containing links or other content designed to steal user information. The archetypical example links to a facsimile of a secure website like a bank. When victims attempt to log in, the attacker captures their username and password.

Answer 55

Credential Harvesting

Question 56

This is spam sent by instant message

Answer 56

SPIM

Question 57

This is spam sent by VoIP

Answer 57

SPIT