Domain 4

Question 1

Control

Answer 1

High level description of a feature or activity that needs to be addressed and is not specific to a technology

Question 2

Benchmark

Answer 2

Contains security recommendations

Question 3

Baseline

Answer 3

Implementation of benchmark on individual service

Question 4

Configuration Management

Answer 4

Ensures that systems are configured similarly

Question 5

Change Management

Answer 5

Policy Outlining the procedures for processing changes helps reduce risks associated with changes

Question 6

Hardening

Answer 6

Is a practice of reducing a systems attack surface

Question 7

Unified Endpoint Management

Answer 7

Provides management of the hardware, such as desktops, tablets, smartphones, and IOT devices

Question 8

Mobile Application Management

Answer 8

Allows a security team to manage application and data security, even on unmanaged devices

Question 9

Sideloading

Answer 9

Enables directly installing an application package in .apk format on a mobile device

Question 10

Rooting/Jailbreaking

Answer 10

Rooting and Jailbreaking remove the vendor restrictions on a mobile device to allow unsupported software to be installed

Question 11

Wifi Direct

Answer 11

Wifi direct wireless network allows 2 wifi devices to connect to each other without requiring a WAP. It is a single path and therefore cannot be used for internet sharing

Question 12

Adhoc Wireless

Answer 12

Where 2 wireless devices can connect without a WAP but it is multipath and can share an internet connection

Question 13

Tehering

Answer 13

GPS enabled smartphone can be attached to a laptop or mobile device to provide internet access

Question 14

BYOD

Answer 14

Employee can bring their own device. Cost effective. AUP and Onboarding and Offboarding policies provide directions

Question 15

CYOD

Answer 15

Chooses from list of approved devices

Question 16

COPE

Answer 16

Company purchases the device and allows the employee to use it for personal use

Question 17

Bluejacking (Annoyance)

Answer 17

Pranksters push unsolicited messages to engage or annoy other nearby Bluetooth

Question 18

Bluesnarfing (data theft)

Answer 18

Data theft using Bluetooth

Question 19

Bluebugging (eavesdropping or hacking)

Answer 19

Creates backdoor attack before returning control of the phone to its owner

Question 20

Radio Frequency Identification

Answer 20

Uses radio frequency to identify electromagnetic field in a tag to track assets

Question 21

Near Field Communication

Answer 21

Built on RFID often used with payment systems

Question 22

GPS

Answer 22

Measure distance between two points

Question 23

Evil Twin

Answer 23

Malicious fake Wireless Access Points set up to appear legitimate

Question 24

Disassociation

Answer 24

Type of DOS attack attacker breaks the wireless connection between the victim device and access point

Question 25

Jamming

Answer 25

A DOS attack that prevents nodes from using the channel to communicate by occupying the channel

Question 26

CCMP

Answer 26

Created to replace WEP. Uses AES128

Question 27

WPA2

Answer 27

An encryption scheme that implemented the CCMP

Question 28

Simultaneous Authentication of Equals (SAE)

Answer 28

Used with WPA3. Protects against brute force. Uses a Diffie Hellman handshake called dragon fly. Immune to offline attacks

Question 29

WPA3

Answer 29

Uses GCMP-256

Question 30

WPA3 Personal

Answer 30

Uses SAE. Users can use passwords that are easier to remember

Question 31

WPA3 Enterprise

Answer 31

Supports 256 bit AES

Question 32

AAA Protocols

Answer 32

Radius and TACACS+

Question 33

Wifi Protected Setup (WPS)

Answer 33

Password is stored locally so could be brute forced

Question 34

IEEE802.1x

Answer 34

Authentication Protocol. Transparent to users because it uses certificate authentication. Can be used in conjunction with a Radius server

Question 35

Radius Federation

Answer 35

Enables members of one organisation to authenticate to another with their normal credentials - Trust is across multiple RADIUS servers

Question 36

EAP (Extensible authentication protocol)

Answer 36

Authentication Framework allows for new authentication technologies to be compatible with existing wireless or point to point connections

Question 37

PEAP (Protected Extensible Authentication protocol)

Answer 37

Encapsulates EAP methods within a TLS tunnel that provides authentication and potentially encryption

Question 38

LEAP (Lightweight)

Answer 38

CISCO proprietary alternative to WPA and TKIP

Question 39

Input Validation

Answer 39

Ensures buffer overflow, integer overflow and SQL injection attacks cannot be launched. Only accepts data in the correct format within a range of minimum and maximum values

Question 40

Secure Cookies

Answer 40

Used by web browser and contain information about your session. Can be stolen by attackers to carry out a session hijacking attack

Question 41

HTTP headers

Answer 41

Attacker can carry out XSS which is mainly delivered through HTTP response headers

Question 42

Code Signing

Answer 42

Uses a certificate to digitally sign scripts and executables

Question 43

Static Code Analysis

Answer 43

Code is not executed locally. Source code is run inside the tool. Requires access to source code

Question 44

Dynamic Code Analysis

Answer 44

Code is executed and technique is call fuzzing. Outside in. Does not require code access

Question 45

Fuzzing

Answer 45

Random information is input into an application

Question 46

WAF

Answer 46

Protect web applications by filtering and monitoring HTTP/HTTP traffic between a web application and the internet

Question 47

Next Generation Firewalls

Answer 47

Deep packet inspection firewall that moves beyond port/protocol inspection. Adds intrusion prevention, brings intelligence feeds

Question 48

Sandboxing

Answer 48

Application is installed in a virtual machine environment isolated from network

Question 49

Darkweb

Answer 49

Requires specialised software to able to access these private

Question 50

Trusted Automated exchange of Intelligence Information (TAXI)

Answer 50

How Real time cyber threat information can be shared via services and message exchanges

Question 51

Structured Threat Information Expression (STIX)

Answer 51

Defines a common language for expressing cyber threat information

Question 52

Known Environment

Answer 52

Substantial/ Full Information - White Box test

Question 53

Unknown Environment

Answer 53

Completely Blind - Black Box Test

Question 54

Partially Know Environment

Answer 54

Gray baox test - Some information is known

Question 55

Active Reconnaissance

Answer 55

Interacts directly with the target in some way

Question 56

Footprinting

Answer 56

Ethical hacking technique used to gather as much data as possible

Question 57

Passive Reconnaissance

Answer 57

Not integrating with the target

Question 58

Red Team (Offense)

Answer 58

Emulating the tools and techniques of likely attackers

Question 59

Blue Team (Defence)

Answer 59

Defences against both real attackers and Red team

Question 60

Purple Team

Answer 60

Process Improvement - Exist to ensure and maximize the effectiveness of Red and Blue teams

Question 61

Bug Bounty

Answer 61

Monetary Reward given to Ethical Hackers

Question 62

SCAP (Security Content Automation Protocol)

Answer 62

Is a set of open standards that facilitates the automated management of vulnerabilities and security policy compliance. Automation, Standardisation, Improved Accuracy, Compliance

Question 63

SIEM

Answer 63

Security Information Event Management

Question 64

SOAR - Security Orchestration Automation and Response

Answer 64

Centralised alert and response automation with threat specific runbooks

Question 65

User Entity Behaviour Analysis (UEBA)

Answer 65

Based on interaction of a user that focuses on their identity and the data that they would normally access

Question 66

Heuristic Analysis

Answer 66

Analyse files for suspicious characteristics even if they haven’t been encountered before

Question 67

SNMP - Simple Network Management Protocol

Answer 67

Monitors and manages network devices such as routers or switches. Can modify device configuration or report status to a management system. Agents installed on devices send info to an SNMP manager through notifications known as SNMP Traps . SNMP3 encrypts credentials

Question 68

Netflow

Answer 68

A feature available on many routers and switches that can collect IP traffic statistics and send the to Netflow collector

Question 69

Firewall

Answer 69

Controls incoming and outgoing network traffic

Question 70

Access Control List

Answer 70

Collection of firewall rules that define what traffic is allowed or denied

Question 71

Transmission Control Protocol (TCP)

Answer 71

Layer 4 of OSI model - Reliable connection for web browsing, file transfer

Question 72

User Datagram Protocol (UDP)

Answer 72

Connectionless protocol used for online gaming, streaming services

Question 73

Internet Control Message Protocol (ICMP)

Answer 73

Used for network. e.g ping

Question 74

Screened Subnet

Answer 74

Boundary layer between Internet and trusted network, Perimeter and DMZ

Question 75

Group Policy

Answer 75

Provides policy based control of windows systems and domain settings through Group Policy Objects (GPO)

Question 76

Authentication Protocol

Answer 76

Mechanism for authentication only

Question 77

Encapsulating Security Payload (ESP)

Answer 77

Provides data confidentiality, Data Integrity, data origin authentication, and replay protection

Question 78

IPSEC Mode - Transport Mode

Answer 78

Outer Header are used to determine the IPsec Policy that will be applied to the packet. It is good for ESP host-to-host traffic

Question 79

IPSEC Mode- Tunnel Mode

Answer 79

2 IP headers are sent

Question 80

DKIM (Domain key Identified Mail)

Answer 80

Acts like a digital signature for email. DKIM verifies message

Question 81

Sender Policy Framework (SPF)

Answer 81

List of authorised mail servers allowed to send emails on behalf of your domain. Acts like a whitelist. SPF verifies Sender

Question 82

DMARC

Answer 82

Combination of DKIM and SPF . Tells receiving mail servers what to do with emails. DMARC has 3 enforcement policies Monitor, Quarantine and Reject. DMARC leverages the information from SPF and DKIM to determine how to handle emails

Question 83

Email Gateway

Answer 83

Acts as a security checkpoint for all incoming and ongoing emails

Question 84

File Integrity Monitoring

Answer 84

Safeguards critical files and system configuration from unauthorised modification

Question 85

Network Access Control (NAC)

Question 86

XDR (Extended detection response)

Answer 86

Provides visibility into endpoints, cloud infrastructure, mobile devices, apps

Question 87

Provisioning