comptia security

Question 1

EAP

Answer 1

extensible authentication protocol

Question 2

802.1X

Answer 2

802.1X is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network. The user’s identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server

Question 3

SRTP

Answer 3

secure real time transport protocol - to encrypt and provide authentication for RTP - real time transport protocol traffic - used for audio/video streaming

Question 4

HIDS

Answer 4

host based intrusion detection system
sw installed on the system to detect attacks
HIPS - host based intrusion prevention system is an extension of a HIDS to detect and block attacks

Question 5

HIPS

Answer 5

extension of HIDS // host based intrusion prevention system

Question 6

mail gateway

Answer 6

• is placed between an email server and the internet and it can filter out spam (spam filter)
• typically includes DPL (data loss prevention) capabilities
• can inspect the contents of outgoing traffic looking for key words and block any traffic containing proprietary data

Question 7

reverse proxy

Answer 7

protects an internal web server

Question 8

media gateway

Answer 8

converts data from one format to another such as telephony traffic to IP-based traffic

Question 9

web application firewall

Answer 9

protects a web server

Question 10

SSID

Answer 10

service set identifier
A service set identifier (SSID) is a unique identifier assigned to a wireless network. It allows devices on the network to identify and connect to the correct network. Most SSIDs are case-sensitive and can be up to 32 characters long

Question 11

WEP

Answer 11

wired equivalent privacy

Question 12

WPA2

Answer 12

Wi-Fi protected access II

Question 13

NAC

Answer 13

network access control - can inspect VPN clients for health status, e.g. having up to date OS and antivirus sw
after they connect to a network

Question 14

PaaS

Answer 14

platform as a service - a cloud computing model that provides cloud customer with a preconfigured computing platform they can use as needed
- provides an easy to configure OS and on demand computing

–> IaaS and SaaS

Question 15

PAP

Answer 15

password authentication protocol - an older one where pwds are sent across the network in cleartext –> CHAP, MS-CHAPv2

Question 16

passive reconnaissance

Answer 16

a penetration testing method used to collect information, typically uses open-source intelligence –> active reconnaissance

Question 17

pass the hash

Answer 17

pwd attack that captures and uses the pwd hash, attempts to log on as the user with the hash commonly associated with the Microsoft NTLM protocol

Question 18

PBKDF2

Answer 18

pwd based key derivation function 2
- a key stretching technique that adds additional bits to a pwd as a salt
- it helps prevent brute force and rainbow table attacks

Question 19

NTLM

Answer 19

new technology LAN manager
a suite of protocols that provide confidentiality, integrity and authentication within Windows Systems
versions: NTLM, NTLMv2, NTLM2 Session

Question 20

nonce

Answer 20

a number used once
cryptography elements frequently use a nonce to add randomness

Question 21

steganography

Answer 21

uses obfuscation to hide data within data

Question 22

OCSP

Answer 22

online certificate status protocol
an alternative to using a CRL
allows to query a CA with the serial number of a certificate
CA answers with good, revoked, unknown

Question 23

DLP

Answer 23

data loss prevention
can reduce the risk of emailing confidential info outside the organisation

Question 24

Saas

Answer 24

sw as a service provides sw or applications such as webmail via the cloud

Question 25

TPM

Answer 25

trusted platform module
provides full drive encryption

Question 26

COPE

Answer 26

corporate owned personally enabled
mobile device deployment model

= MDM mobile device mgmt that gives centralized control over COPE
–> BYOD, CYOD

Question 27

CYOD

Answer 27

choose your own device
a mobile device deployment model
employees can connect their personally owned device to the network as long as the device is on a preapproved list

=storage segmentation to protect company data on mobile devices owned by users

Question 28

ISA

Answer 28

interconnection security agreement specifies technical and security requirements for planning, establishing, maintaining, and disconnecting a secure connection between two or more entities:
BETWEEN ANY FEDERAL AGENCY AND A THIRD PARTY INTERCONNECTING THEIR SYSTEMS

Question 29

ALE

Answer 29

annual (annualized) loss expectancy
the expected loss for a year
it is used to measure risk with ARO and SLE in a quantitative risk assessment
SLE x ARO = ALE

Question 30

ARO

Answer 30

annual (annualized) rate of occurrence
the number of times a loss is expected to occur in a year
it is used to measure risk with ALE and SLE in a quantitative risk assessment

Question 31

SLE

Answer 31

single loss expectancy
the monetary value of any single loss
used to measure risk with ALE and ARO in a quantative risk assessment
SLE x ARO = ALE

Question 32

S/MIME

Answer 32

secure/multipurpose internet mail extensions
popular standard used to secure email
provides:
confidentiality
integrity
authentication
non-repudiation

Question 33

signature-based detection tool

Answer 33

type of monitoring used on intrusion detection and intrusion prevention systems
detects attacks based on KNOWN ATTACK PATTERNS documented as attack signatures
- signature based IDS systems use signatures similar to antivirus software

a unique identifier is established about a known threat so that the threat can be identified in the future

Question 34

SIEM

Answer 34

security information and event mgmt
attempts to look at security events throughout the organisation

Question 35

sideloading

Answer 35

copying an app package to mobile device
useful to developers when testing apps

Question 36

shimming

Answer 36

driver manipulation method
uses additional code to modify the behaviour of a driver

Question 37

Shibboleth

Answer 37

open source federated identity solution

Question 38

SHA

Answer 38

secure hash algorithm
hashing function used to provide INTEGRITY
versions: SHA-1, SHA-2, SHA-3

Question 39

SFTP

Answer 39

secure file transfer protocol
TCP port 22
an extension of SSH (secure shell) used to encrypt FTP traffic

Question 40

session hijacking

Answer 40

an attack that attempts to impersonate a user by capturing and using a session ID
session IDs are store in COOKIES!!

Question 41

SED

Answer 41

self-encrypting drive

Question 42

secure boot

Answer 42

process that checks and validates system files during the boot process
TPM typically uses a secure boot process

it is a security system offered by UEFI

it is designed to prevent a computer from being hijacked by a malicious OS

under secure book UEFI is configured with digital certs from valid OS vendors
the system fw checks the OS boot loader using the stored certificate to ensure that the OS vendor has digitally signed it
this prevents a boot loader that has been changed by malware or an OS installed without authorization from being used.

the TPM can also be invoked to compare hashes of key system state data (boot fw, boot loader, and OS kernel) to ensure they have not been tampered with by a rootkit

Question 43

SAML

Answer 43

security assertion markup language
XML-based standard used to exchange authentication and authorization information between different parties
SAML provides SSO for web-based application

Question 44

SDN

Answer 44

software defined network
uses sw and virtualization technologies to replace hw routers
SDNs separate the data and control planes

Question 45

LDAP

Answer 45

lightweight directory access protocol
used to communicate with directories such as microsoft active directory
it identifies objects with query strings using codes such as CN=Users and DC=GetCertifiedGetAhead

Question 46

LDAPS

Answer 46

lightweight directory access protocol secure
used to encrypt LDAP traffic with TLS

Question 47

bollards

Answer 47

short vertical posts that act as a baricade
block vehicles but not ppl

Question 48

HVAC

Answer 48

heating
ventilation
air conditioning
- physical security control that increases availability by regulating airflow within DCs and server rooms

Question 49

RTO

Answer 49

recovery time objective
the max amount of time it should take to restore a system after an outage
it is derived from the max allowable outage time identified in the BIA

Question 50

bcrypt

Answer 50

a key stretching algorithm
used to protect pwds
bcrypt salts pwds with additional bits before encrypting them with Blowfish
this thwarts rainbow table attacks

Question 51

BIA

Answer 51

bussiness impact analysis
includes info on potential losses

Question 52

DRP

Answer 52

disaster recovery plan
includes methods to recover from an outage

Question 53

symmetric encryption algorithms

Answer 53

AES - advanced encryption standard
DES - data encryption standard
RC4 - Rivest Cipher 4

Question 54

hashing

Answer 54

provides integrity for digital signatures and other data
hash=checksum
hashing verifies integrity for data such as email, d/l files, and files stored on a disk
hash is a number created with a hashing algorithm
HASHES ARE ONE-WAY FUNCTIONS

Question 55

digital signature

Answer 55

is a hash of the message encrypted with the senders private key but the encryption doesnt provide integrity
the digital signature provides non-repudiation which doesnt provide integrity

Question 56

SHA-2

Answer 56

secure hash algorithm version 2
is used for integrity

Question 57

ECC

Answer 57

elliptic curve cryptography has minimal overhead and is often used with mobile devices for encryption

Question 58

key stretching techniques

Answer 58

1) PBKDF2 = pwd-based key derivation function 2
2) bcrypt

that salt pwds with additional bits to protect agains brute force attempts

Question 59

OCSP

Answer 59

online certificate status protocol
provides real time responses to validate certs issues by a Certificate Authority (CA)

Question 60

CRL

Answer 60

certificate revocation list
includes a list of revokes certs

Question 61

DSA

Answer 61

digital signature algorithm
creates a digital signature

Question 62

HMAC

Answer 62

hash based message authentication code
creates a hash

Question 63

AUP

Answer 63

acceptable use policy
informs users of their responsibilities when using an organisations equipment

Question 64

cognitive pwd attack

Answer 64

utilizes information that a person would know eg name of a first pet and use it to change the users pwd

–> Sarah Palin example

Question 65

rainbow table attack

Answer 65

is a pwd attack that uses a DB of precalculated hashes
- PBKDF2 and bcrypt thwart rainbow table attacks

Question 66

SRTP

Answer 66

• secure real-time transport protocol
• used to encrypt and provide authentication for RTP traffic
• used for audio/video streaming

Question 67

honeynet

Answer 67

group od servers configured as honeypots

Question 68

an 802.1x server

Answer 68

provides port-based authentication and can authenticate clients
clients that cant authenticate (eg guests) can be redirected to the guest network which grants them Internet access but not access to the internal network

Question 69

NAT

Answer 69

network address translation
translates private IP addresses to public IP addresses

Question 70

PEAP

Answer 70

protected extensible authentication protocol
an extension of EAP
sometimes used with 802.1x
PEAP requires a cert on the 802.1x server

Question 71

PEM

Answer 71

privacy enhanced mail
common format for PKI certs
it can use either CER (ASCII) or DER (binary) formats and can be used for almost any type of certs

Question 72

chroot

Answer 72

Linux command used to change the root directory
often used for sandboxing

Question 73

chmod

Answer 73

linux admins use it to change permissions for files

Question 74

FDE

Answer 74

full disk encryption

Question 75

SED

Answer 75

self-encrypting drive
a drive that includes the hw and sw necessary to encrypt a hard drive
- users typically enter credentials to decrypt and use the drive

Question 76

runtime code # compiled code

Answer 76

runtime code = code that is interpreted when it is executed

compiled code = has been optimized by an application and converted into an executable file

Question 77

RADIUS

Answer 77

remote authentication dial-in user service

Question 78

DNS

Answer 78

domain name system

Question 79

DHCP

Answer 79

dynamic host configuration protocol

Question 80

SCADA

Answer 80

supervisory control and data acquisition system

Question 81

trojans

Answer 81

commonly create backdoors

Question 82

spear phishing

Answer 82

eg email targeting users in the same organisation

Question 83

vishing

Answer 83

similar to phishing - but uses telephone technology

Question 84

salting

Answer 84

method used to prevent brute force attacks to discover pwds

Question 85

account lockout control

Answer 85

locks an account after the wrong pwd is guessed too many times

Question 86

DNS poisoning

Answer 86

domain name system poisoning
attempts to redirect web browsers to malicious URLs

Question 87

replay attack

Answer 87

attempts to capture packets to impersonate one of the parties in an online session

Question 88

SLA

Answer 88

service level agreement
between a company and a vendor that stipulates performance expectations such as min uptime and max downtime levels

Question 89

BPA

Answer 89

business partners agreement

Question 90

MOU/MOA

Answer 90

memorandum of understanding or memorandum of agreement - a type of agreement that defines responsibilities of each party
- compare with ISA

Question 91

ISA

Answer 91

interconnection security agreemenr
specifies technical and security requirements for connections between two or more entities

Question 92

arp (not ARP)

Answer 92

a command-line tool to show and manipulate ARP (address resolution protocol) cache

Question 93

ARP poisoning

Answer 93

an attack that misleads systems about the actual MAC address of the system

Question 94

XSS attack

Answer 94

cross-site scripting attack
protection against:
- input validation
- WAF: web application firewall = monitors, filters, and or blocks HTTP traffic to a web server

Question 95

normalization

Answer 95

organising tables and columns in a DB to reduce redundant data and improve overall DB performance

Question 96

netcat

Answer 96

useful for remotelly administering servers but it doesnt collect and analyze packets
- can be used for banner grabbing and will provide info on the operating system

Question 97

protocol analyzer=sniffer

Answer 97

can capture traffic sent over a network and identify the type of traffic , the source of the traffic and protocol flags used within individual packets
to EXAMINE PACKETS
used to VIEW DATA sent in CLEAR TEXT

Question 98

fault tolerance

Answer 98

the capability of a system to suffer a fault, but continue to operate
the system can tolerate the fault as if it never occurred

Question 99

RAID

Answer 99

a redundant array of inexpensive disks
row cost solution for fault tolerance for disks
RAID increases data availability

Question 100

load balancing

Answer 100

round-robin is one of the methods used in load balancing

Question 101

rainbow table

Answer 101

a file containing precomputed hashes for character combination
rainbow tables are used to discover pwds

Question 102

bcrypt

Answer 102

a key stretching technique designed to protect against brute force and rainbow table attacks

Question 103

PBKDF2

Answer 103

pwd based
key derivation
function 2

both (bcrypt as well) salt the pwd with additional bits

bcrypt- based on Blowfish

Question 104

confusion (in the context of encryption)

Answer 104

means that the ciphertext is significantly different than the plaintext

Question 105

diffusion (cryptography)

Answer 105

ensures that small changes in the plaintext result in large changes in the ciphertext

Question 106

obfuscation

Answer 106

attempt to hide data or make sth unclear

Question 107

collision

Answer 107

hashing algorithm vulnerability
a has vulnerability that can be used to discover pwds
a hash collision occurs when two different pwds CREATE THE SAME HASH

Question 108

ECDHE

Answer 108

elliptic curve diffie-hellman ephemeral
allows entities to negotiate encryption keys securely over a public network

Question 109

CASB

Answer 109

cloud access security broker

• sw tool that enforces cloud-based security requirements
• placed between the organisation’s resources and the cloud
• monitors all network traffic
• can enforce security policies

Question 110

CTM

Answer 110

counter mode
a mode of operation used for encryption that combines IV with a counter
the combined result is used to encrypt blocks

Question 111

pinning

Answer 111

a security mechanism used by some web sites to PREVENT WEB SITE IMPERSONATION

web sites provide clients with a list of PUBLIC KEY HASHES

clients store the list and use it to validate the web site

Question 112

stapling

Answer 112

the process of appending a digitally signed OCSP response to a certificate

it reduces the overall OCSP traffic sent to a CA

Question 113

perfect forward secrecy

Answer 113

a characteristic of encryption key ensuring THAT THE KEYS ARE RANDOM

perfect forward secrecy methods do not use DETERMINISTIC ALGORITHMS

Question 114

IPsec (internet protocol security)
TLS (transport layer security)
often use

Answer 114

HMAC-MD5
HMAC-SHA1

HMAC= hash-based message authentication code

Question 115

hashing algorithms

Answer 115

MD5
SHA
HMAC
RIPEMD

Question 116

RIPEMD

Answer 116

race integrity promitives evaluation message digest

Question 117

SHA

Answer 117

secure hash algorithm

Question 118

MD5

Answer 118

message digest 5

Question 119

IV

Answer 119

initialization vector provides a starting value for a cryptographic algorithm

it is a fixed-size random or pseudo-random number that helps create random encryption keys

ideally the IV should be large enough so that the algorithm doesnt reuse the same IV and re-create the same encryption keys

Question 120

RADIUS

Answer 120

remote authentication dial-in user service

encrypts pwd packets

uses shared keys for symmetric encryption

when users authenticate, RADIUS servers and clients use the shared key to encrypt and decrypt data exchanged in a CHALLENGE/RESPONSE session

without the shared key, clients are unable to decrypt the data and respond appropriately

Question 121

RTO

Answer 121

recovery time objective
= the amount of time it takes to identify a problem and then perform recovery eg restore from back up or switch in an alternative system

Question 122

RPO

Answer 122

recovery point objective
the amount of data loss that a system can sustain measured in time

if a virus destroys a DB an RPO of 24 hours means that the data can be recovered from a backup copy to a point not more than 24 hours before the DB was infected

Question 123

MTBF

Answer 123

mean time between failure

expected lifetime of a product before it fails and must be replaced or repaired

Question 124

MTTR

Answer 124

mean time to repair
mean time to recover
is a measure of the time taken to correct a fault to restore the system to full operation

often specified in the maintenance contracts

Question 125

virtual machine escape vulnerabilities

Answer 125

most severe issue that may exist in a virtualized environment

the attacker can access a single virtual host and then leverages that access to intrude on the resources assigned to a different virtual machines

Question 126

DATA REMNANT

Answer 126

the residual representation of digital data that remains even after attempts have been made to remove it or erase it

Question 127

VIRTUALIZATION SPRAWL

Answer 127

when the number of virtual machines on a network reaches a point where the administrator can no longer manage them effectively

Question 128

virtual machine migration

Answer 128

moving a virtual machine from
one physical hardware environment to the other

Question 129

syslog

Answer 129

system logging protocol
port 514
is a way network devices can use a standard message format to communicate with a logging server

designed to make it easy to monitor network devices

devices can use a syslog agent to send out notification messages

Question 130

nslookup

Answer 130

used to query the Domain Name System to obtain the mapping between a domain name and an IP address or to view other DNS records
“set type=ns” tells nslookup only reports information on name servers

“set type=mx” -> info only about mail exchange servers

Question 131

risk

Answer 131

results from the combination of
a THREAT and a VULNERABILITY

Question 132

BCP

Answer 132

bussiness continuity plan

Question 133

credentialed scan

Answer 133

logs into a system and retrieve their configuration information

Question 134

non-credentialed scan

Answer 134

relies on external resources for config settings that can be altered or incorrect

Question 135

TACACS+

Answer 135

is an extension to TACACS =
terminal access controller access control system

developed as a proprietary protocol by Cisco

Question 136

RADIUS

Answer 136

REMOTE AUTHENTICATION DIAL-in USER SERVICE
is a networking protocol that operates on port 1812 and provides centralized Authentication
Authorization
Accounting mgmt
for users who connect and use a network service

Question 137

KERBEROS

Answer 137

a network authentication protocol designed to provide strong mutual authentication for client/server applications using secret-key cryptography developed by MIT

Question 138

CHAP

Answer 138

challenge-handshake authentication protocol is used to authenticate a user or network host to an authenticating entity

AUTHENTICATION PROTOCOL
DOES NOT PROVIDE AUTHORIZATION OR ACCOUNTING SERVICES

Question 139

the simplest load balancing scheduling algorithm

Answer 139

round-robin

Question 140

affinity

Answer 140

a scheduling method used with load balancers
it uses the clients IP address to ensure the client is redirected to the same server during a session

Question 141

Shibboleth

Answer 141

one of the federated identity solutions
open source and freely available
includes Open libraries written in C++ and Java

Question 142

OAuth

Answer 142

open standard for authorization
instead of creating a diff account for each web site you access, you can often use the same account that you have created with Google, FB, paypal etc

Question 143

OpenID Connect

Answer 143

works with OAuth 2.0
allows clients to verify the identity of end users without managing their credentials

exemple Skyscanner - after logging using FB credentials Skyscanner provides more personalized experience for the users

Question 144

TFTP

Answer 144

trivial file transfer protocol
port 69

Question 145

SMTP

Answer 145

simple mail transfer protocol
port 25

Question 146

DNS

Answer 146

domain name service
protocol port 53

Question 147

IDOR

Answer 147

insecure direct object references

cybersecurity issue when a web app developer uses an identifier for direct access to an object but provides no additional access control and/or authorization checks

Question 148

race condition

Answer 148

sw vulnerability when the resulting outcome from execution processes is directly dependent on the order and timing of certain events
those events fail to execute in the order and timing intended by the developer - hacker gamer example !!

Question 149

IMAP

Answer 149

internet message access protocol
a TCP/IP application protocol that provides a means for a client to access email messages stored in a mailbox on a remote server using TCP port number 143
unlike POP3 messages persist on the server after the client has d/l them
IMAP also supports mailbox mgmt functions such as creating subfolders and access to the same mailbox by more than one client at the same time

Question 150

dereferencing

Answer 150

attempts to access a pointer that references an object at a particular memory location

Question 151

WEP

Answer 151

wired equivalent privacy
an older mechanism for encrypting data sent over a wireless connection

uses 24-bit initialization vector to secure its pre-shared key

replaced by WPA -wifi protected access
that uses RC4 cipher and a temporal key integrity protocol (TKIP)

replaced by WPA2 after the completion of the 802.11i security standard
uses improved AES cipher with counter mode with cipher-block chaining message authentication protocol CCMP for encryption

replaced by WPA3 most secure wireless encryption method
uses the simultaneous authentication of equals SAE to increase the security of preshared keys
provides the enhanced open mode

WPA3 Enterprise mode supports AES with the Galois/counter mode protocol GCMP-256 for the highest levels of encryption

Question 152

measured boot

Answer 152

a feature where a log of all boot actions is taken and stored in a trusted platform module for later retrieval and analysis by anti-malware sw on a remote server

Question 153

master boot record analytics

Answer 153

used to capture the hard disks required information to support a forensic investigation
it would not detect malware during the systems boot-up process

Question 154

startup control

Answer 154

determines which programs will be loaded when the operating system is initially booted

Question 155

risk response acctions

Answer 155

accept
avoid
mitigate or
transfer

Question 156

FTP

Answer 156

file transfer protocol
port 20 and 21

Question 157

data anonymization

Answer 157

is the process of removing personally identifiable information from data sets so that the ppl whom the data describe remain anonymous

Question 158

hybrid pwd cracking approach

Answer 158

combining diff methods such as the dictionary and brute force methods into a single tool

Question 159

proximity badge

Answer 159

embeds an RFID chip into the card or badge
when the user swipes their card over the reader, it sends an RF signal that uniquely identifies the cards holder

RFID - radio-frequency identifcation systems

Question 160

RFID attacks

Answer 160

attacks against radio-frequency identification systems

such as

eavesdropping
replay
DoS

Question 161

access control vestibule

Answer 161

physical security access control system
comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens

Question 162

VDI

Answer 162

virtual desktop infrastructure

Question 163

VPC

Answer 163

virtual private cloud

Question 164

UEBA

Answer 164

user and entity behaviour analytics

can provide an automated identification of suspicious activity by user accounts and computer hosts

Question 165

ABAC

Answer 165

attribute-based access control

provides most detailed and explicit type of access control over a resource because it is capable of making access decisions based on a combination of subject and object attributes, as well as context-sensitive or system-wide attributes

info such as the group membership, the OS being used or even the machines IP could be considered when granting or denying access

Question 166

order of volatility

Answer 166

order in which you should collect evidence

Question 167

legal hold

Answer 167

process that an organization uses to perserve all forms of potentially relevant information when litigation is pending or reasonably anticipated

Question 168

access control model with a network switch if it requires multilayer switches to use authentication via RADIUS/TACACS+

Answer 168

you need to use 802.1x for the protocol

the IEEE 802.1x standard is a network authentication protocol that opens ports for network access when an organization authenticates a user’s identity and authorizes them for access to the network
this defines port security
the users identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server

Question 169

nmap

Answer 169

the worlds most popular open-source scanning utility

Question 170

services. msc

Answer 170

the services console allows to disable or enable Windows services

Question 171

dd tool

Answer 171

used to copy files, disks, and partitions, and it can also be used to create forensic disk images

Question 172

Nessus

Answer 172

proprietary vulnersbility scanner developed by Tenable
it does contain the ability to conduct a port scan, its primary role is as a VULNERABILITY SCANNER

Question 173

LDAPS

Answer 173

provides mutual authentication of the client and the server
- because its using TLS

Question 174

the five factors of authentication

Answer 174

knowledge - sth you know
possession - sth you have
biometric - sth you are
action - sth you do
location - somewhere you are

Question 175

PHI

Answer 175

protected health information

any info that identifies so as the subject of medica and insurance records, plus their associated hospital and laboratory test results

this type of data is protected by the Health Insurance Portability and Accountability Act = HIPAA

it requires notification of thr individual, the Secretary of the US Department of Health and Human Services -HHS, and the media if more than 500 individuals are affected in the case of a data breach

Question 176

credit card information is protected under

Answer 176

the PCI DSS information security standard

Question 177

war walking

Answer 177

walking around a build while locating WIRELESS networks and devices

it will not help find a WIRED ROGUE DEVICE
on wired network
- checking valid MAC addresses against a known list
- scanning for new systems or devices
- physically surveying for unexpected systems
can be used to find rogue devices on a WIRED NETWORK

Question 178

ICMP

Answer 178

internet control message protocol

Question 179

nbtstat

Answer 179

diagnostic tool for NetBIOS over TCP/IP
used to troubleshoot NetBIOS name resolution problems

Question 180

harvesting

Answer 180

process of gathering data, normally user credentials

Question 181

SOW

Answer 181

statement of work

Question 182

MSA

Answer 182

master service agreement
parties agree to the terms that wil govern future transactions/future agreements

Question 183

SLA

Answer 183

service level agreement

outlines the detailed terms
under which a service is provided
including reasons the contract may be terminated

Question 184

pass the hash = PtH

Answer 184

is the process of harvesting an account’s cached credentials when the user logs in to a single sign-on

Question 185

golden ticket

Answer 185

a Kerberos ticket that can grant other tickets in an Active Directory environment
attackers who can createna golden ticket can use it to grant admin access to other domain members even to domain controllers

Question 186

lateral
movement

Answer 186

an umbrella term for variety of attack types
compromising host credentials

Question 187

pivoting

Answer 187

attackers compromise one central host
- the pivot
that allows them to spread out to other hosts that would otherwise be inaccessible

Question 188

CSMA/CA

Answer 188

carrier-sense multiple access with collision avoidance

is a network multiple access method in which carrier sensing is used, but nodes attempt to avoid collisions by beginning transmission only after the channel is sensed to be idle

Question 189

IoC

Answer 189

indicators of compromise

Question 190

degausser

Answer 190

used to wipe magnetic media

Question 191

TTX

Answer 191

tabletop exercise:

RED TEAM - the adversary, attempting to penetrate the network or exploit it as a rogue internal attacker

BLUE TEAM - consists of system administrators, cybersecurity analysts and network defenders

Question 192

MECM

Answer 192

microsoft endpoint configuration mgmt

provides remote control
patch mgmt
sw distribution
OS deployment
network access protection
hw & sw inventory

Question 193

SaaS

Answer 193

sw as a service
any sw or application provided to users over a network such as the internet

eg Gmail

Question 194

private IP addresses

Answer 194

10.x.x.x
172.16-31.x.x
192.168.x.x

Question 195

ATP ATTACK

Answer 195

An advanced persistent threat (APT) is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.[1][2] In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.

Question 196

CVSS

Answer 196

common
vulnerability
score
system

Question 197

OSINT

Answer 197

open-source
intelligence –>
refers to legally gathered information from free, public sources = information found on the internet

Question 198

TCP

Answer 198

Transmission Control Protocol
Transmission Control Protocol (TCP) is a communications standard that enables application programs and computing devices to exchange messages over a network. It is designed to send packets across the internet and ensure the successful delivery of data and messages over networks.

Question 199

FDE

Answer 199

full disk encryption

Question 200

CVE

Answer 200

common vulnerabilities & exposures

Question 201

IoCs

Answer 201

indicators of compromise:
telltale
signs that an attcack has taken place
may include:
- file signatures
- log patterns
- etc
- may be found in file and code repositories

Question 202

OSINT

Answer 202

open source threat inteligence

Question 203

CISA

Answer 203

cybersecurity & infrastructure security agency