D P10-13

Question 1

Cryptographic Concepts

A. OCSP
B. CSR
C. CA
D. CRC

Answer 1

OCSP (Online Certificate Status Protocol): A protocol used to check the revocation status of digital certificates in real time.

CSR (Certificate Signing Request): A request sent to a Certificate Authority (CA) to obtain a digital certificate.

CA (Certificate Authority): An entity responsible for issuing and managing digital certificates.

CRC (Cyclic Redundancy Check): An error-detecting code used to verify data integrity.

Question 2

Vulnerability and Threat Management

A. CVE
B. CVSS
C. CIA
D. CERT

Answer 2

CVE (Common Vulnerabilities and Exposures): A publicly available list of known security vulnerabilities.

CVSS (Common Vulnerability Scoring System): A standardized framework for assessing the severity of security vulnerabilities.

CIA (Confidentiality, Integrity, Availability): The core principles of cybersecurity ensuring data security.

CERT (Computer Emergency Response Team): A group that responds to security incidents and threats.

Question 3

Risk Management Concepts

A. Exception
B. Segmentation
C. Risk transfer
D. Compensating controls

Answer 3

Exception: A deviation from standard security policies, typically granted under specific conditions.

Segmentation: The practice of dividing a network into isolated sections to enhance security.

Risk Transfer: Shifting risk to a third party, such as through cyber insurance.

Compensating Controls: Alternative security measures used when primary controls are not feasible.

Question 4

Network Security Concepts

A. EAP
B. DHCP
C. IPSec
D. NAT

Answer 4

EAP (Extensible Authentication Protocol): A framework used for network authentication, commonly in wireless networks.

DHCP (Dynamic Host Configuration Protocol): A network protocol that automatically assigns IP addresses to devices.

IPSec (Internet Protocol Security): A suite of protocols for securing internet communications through encryption and authentication.

NAT (Network Address Translation): A method used to modify IP addresses in packets to enable multiple devices to share a single public IP.

Question 5

Emerging Technologies

A. Software as a service
B. Infrastructure as code
C. Internet of Things
D. Software-defined networking

Answer 5

Software as a Service (SaaS): A cloud computing model where applications are hosted and managed by a provider and accessed over the internet.

Infrastructure as Code (IaC): The practice of managing and provisioning infrastructure using machine-readable scripts.

Internet of Things (IoT): A network of interconnected devices that communicate and exchange data.

Software-Defined Networking (SDN): A network architecture that separates the control plane from the data plane for more flexible management.

Question 6

Security Threats and Vulnerabilities

A. Bastion host
B. Unsecured Bluetooth
C. Unpatched OS
D. Removable devices

Answer 6

Bastion Host: A hardened system exposed to external networks to protect internal systems.

Unsecured Bluetooth: A security risk where Bluetooth connections are left open, making devices susceptible to attacks.

Unpatched OS: An operating system lacking the latest security updates, increasing vulnerability to exploits.

Removable Devices: Portable storage devices like USB drives that pose a risk of data theft or malware introduction.

Question 7

Business Continuity and Disaster Recovery

A. Tabletop
B. Replication
C. Failover
D. Recovery

Answer 7

Tabletop Exercise: A discussion-based simulation to test an organization’s response to security incidents.

Replication: The process of copying data across systems to ensure availability and redundancy.

Failover: The automatic switching to a backup system in case of failure.

Recovery: The process of restoring operations after a system disruption or attack.

Question 8

Access Control and Security Policies

A. Group Policy
B. Content filtering
C. Data loss prevention
D. Access control lists

Answer 8

Group Policy: A set of rules used to manage user access and security settings in a Windows domain.

Content Filtering: A security measure that blocks or restricts access to certain websites or content.

Data Loss Prevention (DLP): A technology that prevents unauthorized access, transfer, or leakage of sensitive data.

Access Control Lists (ACLs): A set of rules that define permissions for users and devices to access network resources.