Comptia

Question 1

What measures the average amount of time that a system or component can operate before it fails?

Answer 1

MTTF - Mean time to failure

Question 2

What is the term given to the risk that remains after risk mitigation measures have been implemented?

Answer 2

Residual Risk

Question 3

What is the formula used to calculate Single Loss Expectantcy (SLE) ?

Answer 3

SLE measures the anticipated cost of a single instance of an incident. It is calculated as the product of the Asset Value (AV) and the Exposure Factor (EF), which measures the percentage of loss.
SLE=AVxEF

Question 4

What does ALE stand for?

Answer 4

Asset Loss Evaluation

Question 5

What does AUP stand for?

Answer 5

Acceptable Use Policy
An acceptable use policy defines the rules that restrict how a computer, network or other systems may be used. It tells the users what they can and cannot do with the infrastructure.

Question 6

What role under the GDPR determines how data should be collected and processed?

Answer 6

Data Controller

Question 7

What is considered the first line of defense for network security?

Answer 7

Physical Security

Question 8

What is SAML?

Answer 8

Security Assertion Markup Language - an open standard for exchanging authentication and authorization data between parties, mostly between an identity provider and a service provider. (Single sign on for web browsers accessing multiple sites)

Question 9

Which tool is used to collect memory before a device is shut down?

Answer 9

memdump - (Linux command line tool) Used to create a forensic image of a drive.

Question 10

What does NFC stand for?

Answer 10

Near Field Communication - a short range wireless connectivity standard that uses magnetic field induction over short distances. (TAP for debit or credit)

Question 11

What does MTBF stand for?

Answer 11

Mean time between failure - measures the average time between failures of a system or component.

Question 12

What is an access control vestibule also known as?

Answer 12

A mantrap

Question 13

What is a birthday attack?

Answer 13

A birthday attack exploits has collisions in a weak hash algorithm.

Question 14

How does a packet filtering firewall work?

Answer 14

You can block or allow traffic based on Port - example HTTP on Port 80 or FTP on Port 21

Question 15

How does a Proxy Firewall work?

Answer 15

This is a dual-homed firewall. (Meaning it was two network interfaces, typically one on each network) it will segment internal users from the outside world. It masks IP addresses using NAT (Network address translation)

Question 16

What is NAT?

Answer 16

Network Address Translation - it gives an added layer of security. The outside world does not know who is communicating, all they see if the address of the proxy firewall.

Question 17

What is an SPI?

Answer 17

Stateful Packet Inspection Firewall - it only allows packets from known active connections. Better than simple packet filtering.

Question 18

What does MDM stand for?

Answer 18

Mobile Device Management

Question 19

What are some mitigation techniques to use in the case of a data/security breach?

Answer 19

DLP, Data Loss prevention - Content Filtering/URL filtering and Updating or Revoking Certificates.

Question 20

What does SOAR stand for?

Answer 20

Security Orchestration, Automation and Response. This compliments SIEM software versus replacing it.

Question 21

What does SIEM stand for?

Answer 21

Security Information and event management. This is a solution that helps organizations detect, analyze and respond to security threats before they harm business operations.

Question 22

What is Non-Repudiation?

Answer 22

Accountability/inability to refute an action, ownership, etc.

Question 23

What is Bluesnarfing?

Answer 23

When a user’s device gets paired with an attacker’s device, and the users device makes its data available for unauthorized access, modification and deletion.

Question 24

What is a CAC?

Answer 24

Common Access Card - a smart card used in military, reserve officer, and military contractor identity authentication systems.

Question 25

What does SNMP stand for?

Answer 25

Simple Network Management Protocol - An application layer protocol whose purpose is to collect statistics from TCP/IP devices. SNMP is used to monitor the health of network equipment.

Question 26

What is BitLocker?

Answer 26

BitLocket is a Full Disk Encryption (FDE) feature included with Microsoft Windows Operating systems.

Question 27

What is the CIA triad?

Answer 27

Confidentiality, Integrity and Availability.

Question 28

What is XSS?

Answer 28

Cross site scripting. This is the injection of malicious code into a vulnerable web application or back end database that will execute scripts in a victims browser.

Question 29

What is CSRF/XSRF?

Answer 29

Cross site request forgery. Tricking a web browser into executing a malicious action on a trusted site for which the user is currently authenticated.

Question 30

What is OSINT?

Answer 30

Open Sourced Intelligence. Refers to the data collected from publicly available sources to be used in an intelligence context.

Question 31

What is ISACS?

Answer 31

Information Security and Analysis Center. A trusted sector specific entity that facilitates information sharing.

Question 32

What are the simulation teams for pen testing?

Answer 32

The red team (offense) they emulate the behaviours and techniques of likely attackers. The blue team (defense) they are tasked with detective and defensive activities. The purple team (integrated) actively engaged in monitoring, detection and response activities during testing processes.