CySA+ Flashcards

Question

The Family Educational Rights and Privacy Act (FERPA)

Answer 1

Requires the educational institutions implement security and privacy controls for student educational records.

Answer 2

Applies to the financial records of publicly traded companies and requires that those companies have a strong degree of assurance around the IT systems that store and process those records.

Answer 3

Provides detailed rules about the storage, processing, and transmission of credit and debit card information. A contractual obligation that applies to credit card merchants and service providers.

Answer 4

Started by the U.S. government to validate microelectronic suppliers throughout the supply chain.

Answer 5

Sending invalid or random data to an application to test its ability to handle unexpected data.

Answer 6

Directly inserts faults into error handling paths, particularly error handling mechanisms that are rarely used or might be otherwise missed during normal testing.

Answer 7

A system that resides in a segmented environment and is used to access and manage the devices in the segment where it resides. Span two different security zones.

Answer 8

Leverage existing network infrastructure to have network devices communicate with authentication servers and then reconfigure the network to grant or deny access as needed. Example 802.1x.

Answer 9

Use dedicated appliances that sit between devices and the resources that they wish to access. The deny or limit network access to devices that do not pass the authentication process.

Answer 10

Information should only be used for the reason it was collected.

Answer 11

A framework that offers a comprehensive approach to IT services management (ITSM) within the modern enterprise. It covers five core activities: services strategy, service design, services transition, service operation, continual service improvement.

Answer 12

A set of best practices for IT governance developed by the Information Systems Audit and Control Association (ISACA). It divides information technology into four domains: plan and organize, acquire and implement, deliver and support, monitor and evaluate.

Answer 13

The process of automating the provisioning, management, and deprovisioning of infrastructure services through scripted code rather than human intervention. A major feature of all major IaaS environments (AWS, Microsoft Azure, and Google Cloud Platform).

Answer 14

Provides the ability to transfer files between systems but does not incorporate security features.

Answer 15

Secure methods to transfer files between systems.

Answer 16

Linux command that shows processes, their PID (process ID), the user who is executing the process, and the command used to start it. It also provides a real-time view of the memory usage for a system on a per-process basis.

Answer 17

Linux command that provides information about processes and their CPU and memory utilization.

Answer 18

Linux command that changes permissions of a file or directory. It allows you to control who can read, write, and execute a file.

Answer 19

A protocol for collecting information like status and performance about devices on a network.

Answer 20

Linux command used to concatenate and display the contents of one or more files. It is often used to quickly view the contents of a file by printing them to the terminal.

Answer 21

A dedicated port on a switch that takes a mirrored copy of network traffic from within the switch and sends it to another port for analysis.

Answer 22

The procedure for mapping a dynamic IP address to a permanent physical MAC address in a local area network (LAN).

Answer 23

Linux command that lists open files and the processes that opened them.

Answer 24

A digital archive of information on the internet that allows users to view historic versions of websites.

Answer 25

Provides common nomenclature for describing product names and versions.

Answer 26

Provides a standardized approach for measuring and describing the severity of security-related software flaws.

Answer 27

A language for specifying low-level testing procedures used by checklists.

Answer 28

A flag on Nmap used for version detection.

Answer 29

The process of collecting information about a service by examining the details provided in its initial response, typically containing software and version information.

Answer 30

A set of rules that determines the best network routes for data transmissions on the internet.

Answer 31

A TCP/IP protocol used in sending and receiving emails. Uses port 25.

Answer 32

In Linux, a directory that is used to store variable data, such as log files, temporary files, and other data that may change during the normal operation of the system.

Answer 33

1. Incremental: The most powerful, tries all possible character combinations as defined by settings entered at the start. 2. Single Crack Mode: Tries to use login names with various modifications, good for initial testing. 3. External Mode: Relies on functions that are custom written to generate passwords. Useful in an organization has custom password policies. 4. Wordlist: Uses a dictionary file along with mangling rules to test for common passwords.

Answer 34

Provides network and system users with clear direction on permissible uses of information resources.

Answer 35

Describes the account life cycle from provisioning through active use and decommissioning.

Answer 36

A protocol that facilitates TCP traffic between a client and server through a proxy. Supported by Nmap.

Answer 37

A phase in the SDLC that occurs when a product or system reaches the end of its life.

Answer 38

A method used in networking to map private IP addresses of devices within a local network to a single public IP address, allowing them to access the internet.

Answer 39

Includes detailed descriptions, definitions, and examples for the complete threat lifecycle, from initial access through execution, persistence, privilege escalation, and exfiltration.

Answer 40

Describes a sequence where an adversary deploys a capability targeted at an infrastructure against a victim.

Answer 41

A framework that uses seven stages to describe an attack. 1. Reconnaissance 2. Weaponization 3. Delivery 4. Exploitation 5. Installation 6. Command and Control (C2) 7. Actions on Objectives

Answer 42

A method of sanitization that applies physical or logical techniques that render target data recovery infeasible using state of the art laboratory techniques.

Answer 43

The malicious script comes from the website database.

Answer 44

The malicious script comes from the current HTTP request.

Answer 45

The vulnerability exists in the client-side code rather than the server-side code.

Answer 46

A command-line network tool that provides the functionality for crafting and sending custom TCP/IP packets.

Answer 47

A python script that is a hybrid between passive and active reconnaissance. Initially it passively monitors the network waiting for systems to send broadcast requests out intended for devices running networked services. Once a request is passively identified, it switches to active mode and attempts to hijack the connection and gather information from the broadcasting system and its users.

Answer 48

Computer chips that allow the end user to reprogram their function, making them quite useful for embedded systems.

Answer 49

Computers integrated into the operation of another device, such as a vehicle, camera, or multifunction printer.

Answer 50

Slimmed-down operating systems designed to work quickly on IoT devices in a low-power environment.

Answer 51

An entire embedded system packaged onto a single chip, often including a processor, memory, networking interfaces, and power management on the chip.

Answer 52

Specialized networks designed to facilitate communication between embedded systems without the overhead of a TCP/IP network.

Answer 53

A type of industrial control system that monitors and manages processes in manufacturing, infrastructure, and other industries. They collect real-time data from sensors and devices, allowing operators to control and supervise industrial processes from a centralized location.

Answer 54

Computer-based systems that monitor and control industrial processes, machinery, and infrastructure.

Answer 55

Specialized hardware controllers designed to operate in an IoT environment. Often use a specialized communication protocol called Modbus to communicate with sensors and other IoT components over wired serial infrastructure.

Answer 56

A variant of buffer overflow where the result of an arithmetic operation attempts to store an integer that is too large to fit in the specified buffer.

Answer 57

A method that adds delays to a system's retry attempts when competing for a shared resource, reducing conflicts and enhancing overall efficiency in networking and distributed systems.

Answer 58

A standardized language for describing and sharing information about cybersecurity threats in a structured and machine-readable format.

Answer 59

A protocol used for sharing cyber threat intelligence and indicators of compromises (IoCs) between different organizations and security systems in a standardized way.

Answer 60

Apple's file system for its devices like macOS, iOS, watchOS and tvOS. It manages how data is stored, organized, and accessed on Apple devices, offering features such as enhanced encryption, snapshots, and improved performance.

Answer 61

Types of file systems used to organize and store data on computer storage devices.

Answer 62

A method or structure used by operating systems to organize and store data on a storage device, such as a hard drive or flash drive. It defines how files are names, accessed, and stored, providing framework for managing data on the storage medium.

Answer 63

A forensic technique used to recover fragmented or deleted files from storage media by identifying and extracting data based on file signatures and patterns, bypassing traditional file system structures. Its purpose is to retrieve lost or deleted information during digital forensic investigation.

Answer 64

Confidential, Secret, Top Secret

Answer 65

A hardware component, typically a circuit board or chip, which is installed on a computer so it can connect to a network.

Answer 66

A security process where one system remotely verifies the integrity and trustworthiness of another system, confirming that it runs the expected software without direct access. This ensures trust between networked systems.

Answer 67

A process that involves securely verifying and recording each set of a computer's startup sequence. Hashing functions are utilized to generate fixed-size representations (hashes) of different components in this process, facilitating the verification of their integrity and ensuring the system has not been tampered with.

Answer 68

A modern firmware standard. It serves as an interface between the computer's operating system and firmware, offering features like secure boot, faster startup, and enhanced hardware support.

Answer 69

A security technique that involves randomizing the memory address where system components and executables are loaded. This helps prevent attackers from predicting the location of specific functions or vulnerabilities in a computer's memory, making it more challenging to exploit software vulnerabilities.

Answer 70

A security feature in computer processors that designate certain areas of memory as non-executable. It helps prevent the execution of code in specific regions, making it more difficult for malicious software to exploit vulnerabilities by executing code in data storage areas.

Answer 71

A Linux command used to determine and display the type of a file. It examines the file's content and provides information about its format, helping users identify the file type, such as text, executable, or specific data format.

Answer 72

A security vulnerability that occurs when there's a time gap between checking the status of a resource and using it. During this gap, the resource's status may change, leading to potential security vulnerabilities.

Answer 73

In C programming, a standard library function that copies the contents for one string (source) to another (destination). It does not check if the destination string hads enough space to accommodate the source string, could cause buffer overflow.

Answer 74

In C programming, a special function that serves as the entry point of the program, where execution begins and ends.

Answer 75

In C programming, a standard library function that is primarily used to display information on the screen.

Answer 76

In C programming, a standard library function used for reading input from the input from the standard input, typically the keyboard. It is used to accept data form the user.

Answer 77

Develops virtualization software. Virtualization software creates an abstraction layer over computer hardware that allows the hardware elements of a single computer (processors, memory, storage, etc.) to be divided into multiple virtual computers, commonly called virtual machines (VMs). Each VM runs its own operating system and behaves like an independent computer.

Answer 78

The software component that enables virtualization, allowing multiple operating systems to run on a single physical machine concurrently. It manages and allocates the resource of the host system to create and run multiple virtual machines, each operating independently as if it were running on its own dedicated hardware.

Answer 79

A directory service developed by Microsoft that stores and organizes information about network resources, including users, computers, and other devices in a hierarchical database. It provides centralized authentication, authorization, and management of network resources in a Window's domain environment, simplifying tasks such as user login, access control, and resource administration.

Answer 80

A U.S. government standard outlining security requirements for cryptographic modules, ensuring their effectiveness in safeguarding sensitive information. It's widely adopted globally in government and various industries.

Answer 81

A network communication protocol used between controllers and forwarders in an SDN architecture.

Answer 82

An approach to networking that uses software controllers that can be driven by application programming interfaces (APIs) to communicate with hardware infrastructure to direct network traffic. The architecture is comprised of three layers that communicate using northbound and southbound APIs.

Answer 83

A critical component of computer memory that stores data and instructions for quick processing. It serves as an efficient temporary storage area where information can be accessed and manipulated quickly in order to carry out complex tasks. Highly volatile.

Answer 84

A chip-based computer component that makes retrieving data from the computer's memory more efficient. It stores program instructions and data that are used repeatedly in the operations of programs or information the CPU is likely to need next. Highly volatile. Has three levels.

Answer 85

The hardware in a computing device where the operating system (OS), application programs, and data in current use are kept so they can quickly be reached by the device's processor. Highly volatile.

Answer 86

A set of rules, often viewed in table format, that is used to determine where data packets traveling over an Internet Protocol (IP) network will be directed.

Answer 87

A collection of Address Resolution Protocols entries that are created when an IP address is resolved to a MAC address.

Answer 88

Contains an entry for each process present in the system. The entry is created when the process is created by a fork system call. Each entry contains several fields that stores all the information pertaining to a single process.

Answer 89

A special type of file used by the computer's operating system (OS) to manage memory. When a computer's physical RAM is filled up with running programs and data, the operating system may use a portion of the computer's storage (like hard drive or SSD) as virtual memory.

Answer 90

Refers to non-volatile storage that retains data even when the computer is powered off.

Answer 91

An electro-mechanical data storage device that stores and retrieves digital data using magnetic storage with one or more rigid rapidly routing platters coated with magnetic material. Non-volatile.

Answer 92

A solid storage device that uses integrated circuit assemblers to store data persistently, typically in flash memory. Non-volatile.

Answer 93

A digital forensics case management product created by Guidance Software with built-in pathways or workflow templates that show the key steps in many types of investigations.

Answer 94

A digital forensics investigation suite by AccessData that runs on a Window's server or server clusters for faster searching and analysis due to data indexing when importing evidence.

Answer 95

An open-source digital forensics collection of command line tools and programming libraries for disk imaging and file analysis that interfaces with Autopsy as a graphical user front-end interface.

Answer 96

Capture the contents of memory while the computer is running using a specialist hardware or software tool. Must be installed on system prior. Examples are Memoryze and TACTICAL.

Answer 97

The contents of memory are written to a dump file when Windows encounters an unrecoverable Kernel error.

Answer 98

A file that is written to the disk when the workstation is put into a sleep state. Some malware can detect the use of a sleep state and perform anti-forensics.

Answer 99

A file that stores pages of memory in use that exceed the capacity of the host's physical RAM modules. It is written on the hard drive, so it stays on the hard drive when the computer is turned off.

Answer 100

Capture the contents of the disk drive while the computer is still running. Contents of the drive could be changed during acquisition.

Answer 101

The computer is shut down through the operating system properly, and the disk is acquired. Malware may detect the shutdown and perform anti-forensics.

Answer 102

The system's power is disconnected by removing the power plug from the wall socket. Files can't be changed, and anti-forensics can't be done. Captures disk in state it's in.

Answer 103

Bit-by-bit copy of a disk that includes every non-bad sector on the target disk including deleted or hidden data. Takes time.

Answer 104

Copies files and folders from partitions using the file system table stored on the media. Fast but will miss files marked as deleted.

Answer 105

Forensic tool to prevent the capture or analysis device or workstation from changing data on a target disk or media. Can be hardware or software.

Answer 106

A software utility that conducts the disk imaging of a target. May will perform cryptographic hashing of data during acquisition.

Answer 107

A Unix/Linux/macOS command that can perform disk image acquisition.

Answer 108

A function that converts an arbitrary length string input into a fixed length string output.

Answer 109

A cryptographic hashing algorithm created to address possible weaknesses in the older MD5 hashing algorithm. The first version uses 160-bit hash digest and the second version uses a 256-bit or 512-bit hash digest.

Answer 110

A cryptographic algorithm created in 1990 with the most commonly used variant being MD5 which uses a 128-bit hash digest. No longer widely used.

Answer 111

In Windows, a command-line program installed as part of Certificate Services. It is used to display certificate authority (CA) configuration information, configure Certificate Services, and back-up and restore CA components. Also can be used to hash files.

Answer 112

A unique alphanumeric value generated by a mathematical algorithm, such as MD5 or SHA-256, to represent the content of a file.

Answer 113

A type of software that reviews system files to ensure they have not been tampered with.

Answer 114

A tool that shows the sequence of file system events within a source image in a graphical format.

Answer 115

A fixed-size group of consecutive data storage units on a storage device, such as HDDs and SDDs. It serves as the basic unit for storing and managing data. The default size is 4096 bytes.

Answer 116

A table that contains metadata with the location of each file in terms of blocks/clusters for disks formatted as New Technology File System (NTFS).

Answer 117

A file system used by Windows operating systems to organize and store files on a storage device. It provides features such as support for larger file sizes, file and folder permissions, encryption, and improved reliability compared to systems like FAT32.

Answer 118

The process of extracting data from a computer when that data has no associated file system metadata. It attempts to piece together data fragments from unallocated and slack space to reconstruct deleted files, or parts of them.

Answer 119

An open-source Windows and Linux command that is used to conduct file carving.

Answer 120

An attack that uses multiple compromised hosts (a botnet) to overwhelm a service with requests or response traffic.

Answer 121

Refers to efficiently distributing incoming network traffic across a group of backend servers.

Answer 122

A list or record that keeps track of the current status and interactions with clients (like web browsers) that are communicating with a web server.

Answer 123

A network-based attack where the attacker dramatically increases the bandwidth sent to a victim during a DDoS attack by implementing an amplification factor.

Answer 124

An internet protocol used to synchronize with computer clock time sources in a network.

Answer 125

Enterprise DDoS protection services.

Answer 126

Activity sent to a C&C system as part of a botnet or malware remote control system and is typically sent as either HTTP or HTTPS traffic.

Answer 127

Associating multiple IP addresses with a single domain name and changing out those IP addresses rapidly.

Answer 128

An adversary's use of random delay to frustrate indicators based on regular connection attempt intervals.

Answer 129

Attack indicator where hosts within a network establish connections over unauthorized ports or data transfers.

Answer 130

A network protocol used for sharing files, printers, and other resources between devices on a local network or over the internet.

Answer 131

Occurs when an attacker redirects an IP address to a MAC address that was not the intended destination.

Answer 132

A secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network.

Answer 133

An unauthorized device or service, such as a wireless access point, DHCP server, or DNS server, on a corporate or private network that allows unauthorized individuals to connect to the network.

Answer 134

A network device that transmits and revives data over a wireless local area network (WLAN). Relays over 802.11.

Answer 135

A network protocol that automatically assigns and manages IP addresses and other network configuration information to devices within a network.

Answer 136

The process of discovering unknown or unidentifiable service set identifiers (SSIDs) showing up within range of an office.

Answer 137

Processes used to identify the use of unauthorized protocols on the network and unusual peer-to-peer communication flows.

Answer 138

Enumerating the states of TCP and UDP ports on a target system using software tools.

Answer 139

Identifying they type and version of an operating system (or service application) by analyzing its response to network scans.

Answer 140

A scan directed at multiple IP addresses to discover whether a host responds to connection requests for particular ports.

Answer 141

The phase of an attack or penetration test in which the attacker or tester gathers information about the target before attacking it.

Answer 142

1024-49151

Answer 143

49152-65535

Answer 144

Communicating TCP/IP application traffic, such as HTTP (80), FTP (21), or DNS (53), over a port that is not the registered or well-known port established for the protocol.

Answer 145

A command-line interface or a program that allows users to interact with the operating system by entering commands.

Answer 146

An attacker opens a listening port on the remote host and causes the infected host to connect to it. A way to work around firewalls.

Answer 147

A versatile networking utility tool that operates at the command line. It can establish and manage network connections making it useful for a variety of tasks such as transferring files, port scanning, banner grabbing, and acting as a simple network server or client.

Answer 148

File Transfer Protocol (FTP)

Answer 149

Secure Shell/FTP over SSH (SSH/SFTP)

Answer 150

Simple Mail Transfer Protocol (SMTP)

Answer 151

Domain Name System (DNS) used for zone transfers.

Answer 152

Copies the DNS data from one DNS server to another.

Answer 153

POP3 (Post Office Protocol)

Answer 154

NetBIOS-SSN

Answer 155

A Microsoft protocol that facilitates communication between processes on a Windows network, enabling remote execution of procedures and facilitating distributed computing.

Answer 156

A networking protocol used for communication between computers on a local network. Replaces by SMB.

Answer 157

Internet Mail Access Protocol (IMAP)

Answer 158

An internet standard protocol used by email clients to retrieve email messages from a mail server. Replaced POP3.

Answer 159

MICROSOFT-DS

Answer 160

The SMB protocol over port 445 on TCP/IP networks commonly used for file and printer sharing, as well as other networking functionalities in Windows environment.

Answer 161

Internet Mail Access Protocol Secure (IMAPS)

Answer 162

POP3S (Post Office Protocol Secure)

Answer 163

Point-to-Point Tunneling Protocol

Answer 164

Remote Desktop Access Protocol (RDAP)

Answer 165

Virtual Network Computing (VNC)

Answer 166

HTTP-PROXY

Answer 167

Domain Name System (DNS) used for queries

Answer 168

Dynamic Host Configuration Protocol (DHCP), server port

Answer 169

Dynamic Host Configuration Protocol (DHCP), client port

Answer 170

Trivial File Transfer Protocol (TFTP)

Answer 171

Network Time Protocol (NTP)

Answer 172

NetBIOS-Name Service (NS)

Answer 173

NetBIOS-Datagram Service (DGM)

Answer 174

NetBIOS-Session Service (SSN)

Answer 175

Simple Network Management Protocol (SNMP)

Answer 176

Internet Security Association and Key Management Protocol (ISAKMP)

Answer 177

Routing Information Protocol (RIP)

Answer 178

Internet Printing Protocol (IPP)

Answer 179

Microsoft SQL

Answer 180

Universal Plug and Play (UPNP)

Answer 181

The process by which an attacker takes data that is stored inside of a private network and moves it to an external network.

Answer 182

Contains textual information associated with a domain, often used for verification, configuration, or storing additional data for various online services and protocols.

Answer 183

DNS record that resolves a domain or subdomain to another domain name (example.com, www.example.com)

Answer 184

Points to the server where emails should be delivered for that domain.

Answer 185

The use of SSH or VPNs to create a tunnel to transmit the data across a given network.

Answer 186

Communication path that allows data to be sent outside of the network without alerting any intrusion detection or data loss countermeasures.

Answer 187

The practice of concealing data within another file, message, or video.

Answer 188

A library that contains code and data that can be used by more than one program at the same time.

Answer 189

A Windows tool that monitors a wide range of devices and services, including energy, USB, and disk usage.

Answer 190

A Windows tool that monitors memory, CPU, and disk usage.

Answer 191

A Window's tool focused on monitoring and maintaining the health, performance, and availability of computer systems, applications, and devices within an enterprise network.

Answer 192

A Windows command-line utility used to display lists all running processes or tasks on a computer. When executed, it provides information such as the process name, PID, memory usage, process trees, and individual operations for each process.

Answer 193

A Window's proprietary software that has the ability to browse the structure of executable Windows files. It's useful to dig into processes and what they're calling.

Answer 194

In Linux, are background processes that quietly handle tasks like providing services (e.g., network or printing), run independently of user sessions, and ensure system functionality without needing constant support. Has the letter 'd' after it (hpptd, sshd, ftpd).

Answer 195

The initial deamon in Linux that is the first executed by the kernel during the boot up process and always has the PID of 1.

Answer 196

A Linux command that provides the parent/child relationship of the process on a given system.

Answer 197

Command in Linux that is used to display information about currently running processes. Information includes CPU and memory utilization, the time the process was started, how long the process has run, and the command that started the process. Point in time.

Answer 198

An open-source memory forensics tool that has many different modules for analyzing specific elements of memory such as a web browser module, command prompt history module, and others.

Answer 199

A component in the Window's operating system (OS) that help administrators and end users monitor, manage, and trouble shoot tasks. It provides information about running processes, performance metrics, and allows users to manage applications. You can see a list of all running programs, their resource usage (CPU and memory), and perform actions like ending tasks or launching new applications.

Answer 200

A Linux command that outputs the amount of used and freely available memory on the computer.

Answer 201

A Linux command that provides CPU utilization under CPU stats and also shows memory usage as well as other details about running processes. It also provides interaction via hotkeys, including allowing quick identification of top consumers by entering A. Dynamic.

Answer 202

A Linux command that indicates which accounts are logged in.

Answer 203

A Linux command that displays a report of the system's disk usage and available space, with various flags providing additional or formatting.

Answer 204

A Linux DNS lookup tool that provides detailed information about DNS queries, including domain name resolution, IP addresses, and other related DNS records.

Answer 205

A Windows command-line utility used to display a list of files and directories within a specific directory. It provides information such as file names, sizes, and modification dates. Filters all file/folder types that match the given parameter (x). Displays who owns each file, along with the standard information.

Answer 206

A Linux utility that provides detailed information about files and processes that are currently opened or in a Unix-like system. I can reveal which processes have a particular file open, the type of access they have, and other related details.

Answer 207

An individual or entity responsible for making decisions regarding the use, and protection of a dataset, typically holding legal or organizational authority over the data.

Answer 208

A person or team responsible for managing and ensuring the quality, integrity, and compliance of data throughout its lifecycle, often acting as a liaison between data owners and users.

Answer 209

The role or entity responsible for the physical storage, maintenance, and security of data, ensuring that it is stored and processed in accordance with established policies and procedures.

Answer 210

Replaces sensitive values with a unique identifier using a lookup table.

Answer 211

Partially redacts sensitive information by replacing some or all sensitive fields with blank characters.

Answer 212

A type of social engineering attack that involves a situation, or pretext, created by an attacker in order to lure a victim into a vulnerable situation and to trick them into giving private information.

Answer 213

A network protocol that allows users to access and manage remote computer systems over a network, providing a text-based interface for command-line interaction.

Answer 214

An application model that is an iterative process and relies on building prototypes. There is no planning phase; instead planning is done as the software is written. It involves five phases: business modeling, data modeling, process modeling, application generation, testing and turnover.

Answer 215

A widely accepted protocol for sending digitally signed and encrypted messages. It provides encryption and digital signatures for email messages.

Answer 216

An email authentication method that adds a digital signature to email messages, allowing the recipient to verify that the message was sent by the claimed sender and that it has not been altered in transit.

Answer 217

An email authentication method that allows the owner of a domain to specify which mail servers are authorized to send emails on behalf of that domain.

Answer 218

A Linux command that displays information about the network interfaces on your system. It typically shows details such as the IP address, MAC address, networks status, and other related information for each active network interface on your machine.

Answer 219

Identify, Protect, Detect, Respond, Recover

Answer 220

An open authorization standard that allows users to share elements of their identity or account information while authenticating via the original identity provider. Relies on access tokens, which are issued are an authorization server and then presented to resource servers like third-party web applications by clients.

Answer 221

A system that allows users to access multiple applications or services with a single set of longin credentials.

Answer 222

An XML-based standard for exchanging authentication and authorization data between parties, typically used in SSO.

Answer 223

A security model where access permissions are assigned based on roles, and individuals are assigned to those roles, simplifying the management of permissions by grouping users with similar responsibilities.

Answer 224

A security model that determines access permissions based on a set of attributes with the user, the resource, and the environment.

Answer 225

Command used to end a process in Linux.

Answer 226

An interactive user-friendly process viewer for Unix-like systems, offering a color-coded and feature-rich interface to monitor and manage system resources and processes.

Answer 227

A Linux command-line tool used to interact with the Linux Audit Framework, allowing users to configure rules for auditing system events and monitoring activities for security and compliance purposes.

Answer 228

A security control designed to create a pool of reserve candidates ready to step into positions when a vacancy occurs. It is an important continuity control.

Answer 229

The process of copying or replicating DNS data (such as domain records) from one DNS server to another, facilitating the synchronization of information across multiple servers.