Deck D Prt. 1 Flashcards

1
Q

Asymmetric Cryptography

A

Is Computationally Expensive in Comparison with Symmetric Encryption. However, it is well Suited to Securely Negotiate Keys for use with Symmetric Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Audit Feature

A

Determining The Impact of Enabling the AUDIT Feature on a Server should be the First Step to take Before you Enable Audit Feature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

BBProxy

A

Is Used for Blackjacking Attack in which the Attacker Could Circumvent Perimeter Defenses and Gain Access. Blackjacking is a TECHNIQUE Used to Connect Internally to a Corporate Network using a Typical BES Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Backups

A

To SECURE the Backups Tapes in Transit, You Should Encrypted the Backup Tapes and Transport Them in a Lock Box.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Biometric Processing

A

Is the Amount of Time it takes to be Either Accepted or Rejected from when an Individual Provides Identification and Authentication Information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Botnet Attack

A

Is Easy to Spot when you see Large Number of OUTBOUND Connections and Internal IP is Communicating with a Blacklisted Public IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Brute Force

A

Method of Password Cracking Takes the Most time and Effort

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

C++

A

Programming Languages is most susceptible to buffer Overflow Attacks, due to its Lack of Build in Bounds Checking Mechanism

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Clickjacking Attack

A

Occurs when the USER thinks He/She is clicking on a NORMAL URL but actually He/She Clicks on the content or URL that exists in the Transparent “Iframe” which is setup by the Attacker.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Counter Based Authentication System

A

A Counter Based Authentication System is an Authentication System that Creates ONE TIME PASSWORDS that are Encrypted with Secret Keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DNS Spoofing

A

Occurs when that attackers Gain Access to the DNS Server and redirect the direction of a website like www.google.com to their OWN IP ADDRESS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Digital Signature

A

Two Important Conditions of a Digital Signature is that is Has to be Unforgeable and has to be Authentic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

ESP Transport Mode

A

ESP(Encapsulating Security Payload) Transport Mode is the Mode of IPSEC that Provides you with Security and Confidentiality of Data Within the Same LAN(NETWORK)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Encryption Protocols

A

Using ENCRYPTION Protocols to Secure Network Communications is the Vest way to Defend Against Network Sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Bettercap

A

Is a TOOL that is USED by ATTACKERS to inject HTML Code to Embed Malicious Applets into HTTP Connections Using A Rogue wireless AP in Order to carry out an MITM Attack and Inject an HTML Code to Embed a Malicious Applet in all HTTP Connections.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

False Positive

A

Example Of False Positive is an ALERT Created when the External Router Was Accessed from the ADMINISTRATOR’S Computer to update the Router Configuration since the External and Internal Routers and Firewall is Supposed to be Managed by the ADMIN, and it was updated and managed by the ADMIN Computer, There is no INTRUSION. It is a FALSE POSITIVE. True Positive IDS Referring a behavior as an Attack, in real Life it is. True Negative-IDS Referring a behavior not an attack and in real life it is not. False Positive - IDS Referring a behavior as an Attack, in real life it is not. False Negative- IDS Referring a behavior not an Attack, but in real Life is an Attack

17
Q

File System Permission

A

Vulnerability Allows Hacker to place Several UNKNOWN Files in the Root Directory of the LINUX FTP Server.

18
Q

FireWall Rule

A

The Firewall RULE “If (SOURCE MATCHES 10.10.10.0/24 and Destination Matches 10.20.20.1 and port Matches 443) then permit” will ensure that workstation in network 10.10.10.0/24 can only reach the appropriate web site 10.20.20.1 using HTTPS.

19
Q

Google Search Query

A

The Google Search Query “Site:Target.com-Site:Marketing.Target.com accounting” will return results matching “accounting” in Domain target.com but not on the site Marketing.target.com

20
Q

Gray-Box Testing

A

The Gray Box Testing Methodology Enforces Restriction Such that the Internal Operation of a System in only Partly Accessible to the Tester.

21
Q

Hash

A

HASHING Provides INTEGRITY

22
Q

IPSec

A

Is a Security Protocol that Work on Layer 3 (Network Layer) and NOT LAYER 2 (Data Link Layer)

23
Q

IPSec

A

Is a Layer 3 (Network Layer) Protocol that ALLOWS for End-To-End Encryption of the Connection.

24
Q

Ideal Server Placement

A

Is the Situation when a Web Server Facing the Internet is Placed in the DMZ, an Application Server on The Internal Network is Placed behind the DMZ, WHEREAS a Database server on the Internal Network is Placed Behind the DMZ.

25
Q

Kube Scheduler

A

Is the Master Component in Kubernetes Cluster Architecture which Scans newly Generated Pods and Allocates a NODE to Them. This Component can also Assign Nodes based on Factors Such as The Overall Resource Requirement, Data Locality, Software/Hardware/Policy Restrictions