Domain 4

Question 1

Control traffic flow on networks and connect similar networks

Answer 1

Router

Question 2

Filter traffic based on a defined set of rules. Also called ACLs

Answer 2

Firewall

Question 3

Computer that provides info to other computers on a network

Answer 3

Server

Question 4

End of network communication link. A client makes a request to use a network resource.

Answer 4

Endpoint

Question 5

Represent network interface within the network and maintain communications when physical device when swapped with new hardware.

Answer 5

IP Address

Question 6

What is the Upper Layer of the OSI Model?

Answer 6

Layers 5-7 (SPA)

Question 7

What is the Lower Layer of the OSI Model?

Answer 7

Layers 1-4

Question 8

Framework for how protocols should function. Common reference to understand components of software interfaces to physical hardware

Answer 8

OSI Model

Question 9

Adds information to a packet as it travels to its destination

Answer 9

Encapsulation

Question 10

Referencing image file like JPEG or PNG

Answer 10

Presentation Layer 6

Question 11

Logical ports like NetBIOS

Answer 11

Session Layer 5

Question 12

Discussing TCP/UDP

Answer 12

Transport Layer 4

Question 13

Discussing Routers that are sending packets

Answer 13

Network Layer 3

Question 14

Discussing switches, bridges or WAPs sending frames

Answer 14

Data Link Layer 2

Question 15

Data moves up the OSI model layers from physical to application

Answer 15

De-Encapsulation

Question 16

How data moves through the network

Answer 16

Network Interface Layer (TCP/IP Layers)

Question 17

Creates/Inserts packets

Answer 17

Internet Layer (TCP/IP Layers)

Question 18

Permits data to move among devices

Answer 18

Transport Layer (TCP/IP Layers)

Question 19

Defines the protocols for the transport layer

Answer 19

Application Layer (TCP/IP Layers)

Question 20

Determine health of a network or specific link. By ping, traceroute and other network management tools.

Answer 20

Internet Control Message Protocol (ICMP)

Question 21

10.0.0.0 to 10.255.255.254
172.16.0.0 to 172.31.255.254
192.168.0.0 to 192.168.255.254

Answer 21

Private Addresses

Question 22

Ensure integrity and confidentiality of IP packets and allow communicating partners to authenticate each other

Answer 22

IPsec

Question 23

Help services obtain an appropriate share of a network’s bandwidth.

Answer 23

QoS

Question 24

Security event or multiple events where an intruder gains, attempts or access a system without authorization

Answer 24

Intrusion

Question 25

Event that actually/potentially jeopardize the CIA of an information system, which is processed, stored or transmitted

Answer 25

Incident

Question 26

Action that takes advantage of a flaw in a computer system or software. System vulnerabilities

Answer 26

Exploit

Question 27

Loss of control, compromise, unauthorized disclosure where a person non authorized accesses PII, other than an authorized purpose.

Answer 27

Breach

Question 28

Process of preparing, detecting, analyzing, containing, eradicating and recovering from a security incident

Answer 28

Incident Response

Question 29

Train staff, implement incident response team, identify roles & responsibilities and identify critical data, systems and any single points of failure

Answer 29

Incident Response Preparation

Question 30

Monitor all possible attack vectors, prioritize incident response and incident documentation

Answer 30

Incident Response Detection & Analysis

Question 31

Gather evidence, appropriate containment strategy, identify and isolate the attack

Answer 31

Incident Response Containment, Eradication and Recovery

Question 32

Senior management, info security professionals, public affairs and engineering representatives

Answer 32

Incident Response Team Members

Question 33

Act of developing plans and procedures for maintaining business operations in event of a disaster or security incident

Answer 33

Business Continuity

Question 34

Process to evaluate potential effects of threats that interrupt critical business functions for the purpose of determining recovery plans

Answer 34

Business Impact Analysis

Question 35

A set of standardized rules that allow computers to communicate on a network such as the internet.

Answer 35

TCP/IP

Question 36

Network Communications using the NetBIOS protocol

Answer 36

Ports 137, 138, and 139 (NetBIOS)

Question 37

A malicious attempt to disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic

Answer 37

DDoS

Question 38

Spreads after a user takes some type of user action

Answer 38

Virus

Question 39

Measure encryption footprints. Attackers use footprints monitor system activity and to retrieve information that is actively being encrypted.

Answer 39

Side Channel Attacks

Question 40

Monitors the computer infrastructure on which it is installed, analyzing traffic and logging malicious behavior.

Answer 40

Host-Based IDS (HIDS)

Question 41

Detects malicious traffic on a network.

Answer 41

Network-Based IDS (NIDS)