CompTIA Security+ (SY0-701) Exam 2 Revision Flashcards
When deploying a new NIDS in an enterprise environment, where is the most effective placement considering typical network architecture?
Inline between the wireless access point and the endpoint devices.
Directly on the endpoint devices.
Inline between the internal network and the internet gateway.
On a mirrored port from the core switch.
The correct placement is on a mirrored port from the core switch because it allows the NIDS to monitor all network traffic without impacting the traffic flow. Placing it directly on endpoint devices would not provide visibility across the network and could degrade performance on the endpoints. Placing it inline, whether between the internal network and the gateway or between the access point and endpoints, would provide visibility but at the risk of creating a single point of failure and potentially degrading network performance.
What is the most effective measure to protect against attacks exploiting unsecured wired network connections?
Use VPNs for all data transmitted over the network.
Implement MAC address filtering on the network.
Encrypt data at rest using strong encryption standards.
Physically secure network ports and infrastructure.
Physically securing network ports and infrastructure is the most effective measure against attacks exploiting unsecured wired network connections. While VPNs, MAC address filtering, and data encryption are important security measures, they do not address the direct risk of someone physically connecting to the network through unsecured ports. Physical security controls such as locking network rooms and securing network ports are essential to prevent unauthorized physical access.
A company needs to ensure that only authorized employees can access its critical infrastructure data. Which method would be most effective in achieving this goal?
Obfuscation
Permission restrictions
Segmentation
Encryption
Segmentation involves dividing a network into smaller segments to control the flow of traffic and restrict access. This method is particularly effective for securing critical infrastructure data by limiting access to authorized personnel only. Encryption, permission restrictions, and obfuscation may complement segmentation but are not as directly related to controlling access to critical infrastructure data.
WAF
Web application firewall
What is key stretching?
Key stretching is the technique that should be implemented to enhance the security of stored passwords, especially in the face of brute-force attack risks. This method involves applying a hashing function multiple times or using a cryptographic algorithm to make the hashing process computationally more demanding. By doing so, it significantly increases the time and effort required to crack each password, even if the attacker has access to the hashed passwords. Unlike digital signatures or certificates, which are used for verifying integrity and establishing secure connections, or blockchain, which is used for decentralized record-keeping, key stretching specifically targets the enhancement of password security.
What is Ephemeral Credentials?
Ephemeral credentials offer a secure way to provide developers with temporary access to production environments as needed, automatically expiring after a set period or task completion. This method minimizes security risks by limiting the duration of access and reducing the potential for credentials misuse or theft. Permanent access, shared credentials, and solely relying on manual approvals can lead to security gaps, such as unauthorized access or inefficient access management processes.
What is Password Vaulting?
Password vaulting is a security practice where privileged passwords are stored securely and accessed by users when needed, often involving an additional layer of authentication to access the vault. This approach minimizes risks by ensuring that privileged credentials are not overexposed and are only available to authorized users on an as-needed basis, reducing the attack surface for potential credential theft. Assigning permanent admin rights, using a single shared account, and merely requiring complex passwords do not effectively minimize the risks associated with privileged account management as they either overexpose credentials or fail to address the root issue of credential management.
What method can you use to to mitigate SQL Injections and XSS?
Both SQL injection and XSS attacks exploit vulnerabilities that arise from improper handling of user input. By validating (ensuring input meets specific criteria) and sanitizing (removing or encoding dangerous characters) all user inputs, an application can significantly reduce the risk of these attacks. While CSP headers can help mitigate the impact of XSS attacks by restricting resources the browser can load, and while file permissions and security testing are important, they do not address the core issue of malicious user input directly.
What is an example of Steganography?
Steganography is the technique that should be used to conceal a message within an email, making it undetectable to unauthorized viewers. It involves hiding data within other data, such as embedding a text message within an image or another file type, in a way that makes the hidden data not apparent to the observer. This method is ideal for enhancing the privacy of email messages by ensuring that only intended recipients know of the existence and how to access the concealed message. Unlike tokenization or data masking, which replace or obscure data for protection, steganography uniquely hides the existence of the data itself. Secure Enclaves provide secure storage and processing environments but do not relate to the method of concealing data within communications.
How can you limit access to external contractors access to sensitive information?
Implementing network segmentation is the most effective way to limit the access of external contractors to only those parts of the network necessary for their work. This minimizes the risk of unauthorized access to sensitive information and systems. While enforcing multi-factor authentication adds a layer of security, segmentation directly addresses the problem by controlling access more granitely.
How can you check revocation list in real time?
The Online Certificate Status Protocol (OCSP) is the most efficient mechanism for an organization to ensure browsers and clients are immediately aware that a compromised certificate is no longer valid. OCSP allows browsers and clients to check the revocation status of certificates in real-time, providing quicker and more efficient verification compared to Certificate Revocation Lists (CRLs), which require downloading a list that may not be immediately updated. While Secure Enclaves and Blockchain provide security in different contexts, OCSP directly addresses the need for timely notification of certificate revocation to maintain secure communications.
What is a replay attack?
Replay attacks involve the malicious or fraudulent repeat of a valid data transmission. This is different from buffer overflow, injection, or privilege escalation, as it specifically relates to the unauthorized retransmission of data, not code execution or elevation of access.
What is ALE?
Estimating the Annualized Loss Expectancy (ALE) for unauthorized access incidents provides the most accurate assessment of the potential financial impact by combining the frequency of the event occurring within a year (ARO) with the financial impact of each occurrence (SLE). This method offers a clear financial metric that helps in decision-making and prioritization of mitigation strategies. While conducting risk assessments and analyzing probability and impact are crucial, ALE provides a specific financial perspective crucial for financial institutions.
What is DAC?
In Discretionary Access Control (DAC), the access rights are at the discretion of the data or resource owner, allowing them to decide who gets access. This contrasts with MAC, where access is determined by system-enforced policies, RBAC, which is based on roles, and ABAC, which uses attributes for decision-making.
What is a credential replay attack?
A credential replay attack involves an attacker capturing and reusing credentials to gain unauthorized access. The pattern of multiple unsuccessful logins from various locations suggests that stolen credentials are being tested. This is not characteristic of an on-path attack, which involves intercepting data; a DDoS attack, which aims to overwhelm systems with traffic; or a wireless attack, which targets wireless network vulnerabilities.
