D P7-9 II Flashcards

1
Q

Cryptographic Solutions
A. Key escrow
B. TPM presence
C. Digital signatures
D. Data tokenization
E. Public key management
F. Certificate authority linking

A

Key Escrow: A mechanism to securely store and recover encryption keys.

TPM Presence (Trusted Platform Module): A hardware-based security module for storing cryptographic keys.

Digital Signatures: Cryptographic proofs verifying the origin and integrity of data.

Data Tokenization: Replacing sensitive data with non-sensitive substitutes.

Public Key Management: Managing public and private keys for encryption and authentication.

Certificate Authority Linking: Establishing trust between entities using a shared certificate authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Network Security
A. ACL
B. DLP
C. IDS
D. IPS

A

ACL (Access Control List): Rules defining permissions for accessing resources.

DLP (Data Loss Prevention): Solutions that protect sensitive data from being shared or accessed without authorization.

IDS (Intrusion Detection System): Monitors network traffic to detect potential threats.

IPS (Intrusion Prevention System): Actively blocks identified threats in network traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Specialized Systems
A. RTOS
B. Containers
C. Embedded systems
D. SCADA

A

RTOS (Real-Time Operating System): An OS designed for real-time applications requiring quick response times.

Containers: Lightweight environments for running applications with isolated dependencies.

Embedded Systems: Specialized systems designed for dedicated functions within devices.

SCADA (Supervisory Control and Data Acquisition): Systems managing industrial processes and infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

IT Standards and Practices
A. Off-the-shelf software
B. Orchestration
C. Baseline
D. Policy enforcement

A

Off-the-Shelf Software: Prebuilt software available for general use.

Orchestration: Coordinating automated tasks and workflows across systems.

Baseline: A minimum set of security standards to be met.

Policy Enforcement: Ensuring compliance with defined organizational policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Roles and Responsibilities
A. Processor
B. Custodian
C. Subject
D. Owner

A

Processor: An entity processing data on behalf of a controller.

Custodian: Responsible for managing and protecting data assets.

Subject: The individual or system that data pertains to.

Owner: The person or entity responsible for the data and its security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Security Technologies
A. SPF
B. GPO
C. NAC
D. FIM

A

SPF (Sender Policy Framework): Email authentication to prevent spoofing.

GPO (Group Policy Object): A Windows feature for managing security and configurations across systems.

NAC (Network Access Control): Controlling access to a network based on compliance and policies.

FIM (File Integrity Monitoring): Detecting changes to files for security and compliance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Incident Response Phases
A. Preparation
B. Recovery
C. Lessons learned
D. Analysis

A

Preparation: Developing and implementing plans to handle incidents effectively.

Recovery: Restoring systems and operations after an incident.

Lessons Learned: Reviewing the incident to identify improvements for future responses.

Analysis: Investigating the cause and impact of an incident to prevent recurrence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Network Administration
A. Console access
B. Routing protocols
C. VLANs
D. Web-based administration

A

Console Access: Direct connection to a device for management and configuration.

Routing Protocols: Standards for exchanging routing information between devices.

VLANs (Virtual Local Area Networks): Segments within a network to isolate traffic and enhance security.

Web-Based Administration: Managing systems or devices through a web interface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Metrics and Performance
A. MTTR
B. RTO
C. ARO
D. MTBF

A

MTTR (Mean Time to Recovery): The average time required to restore functionality after a failure.

RTO (Recovery Time Objective): The targeted duration to recover systems after an outage.

ARO (Annualized Rate of Occurrence): The expected frequency of a risk occurring within a year.

MTBF (Mean Time Between Failures): The average time between system failures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Security Threats
A. End of life
B. Buffer overflow
C. VM escape
D. Jailbreaking

A

End of Life (EOL): When a product is no longer supported, making it vulnerable to new threats.

Buffer Overflow: Exploiting a software flaw by overloading memory to execute malicious code.

VM Escape: A vulnerability where an attacker accesses the host system from a virtual machine.

Jailbreaking: Removing manufacturer-imposed restrictions on devices, potentially exposing them to risks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly