Domain 4: Operational Procedures Flashcards

1
Q

3 considerations when allowing remote access to a host or network

A
  • Least privilege
  • Encryption
  • Digital certificate on the server (to mitigate evil twin)
  • Server software supporting the connection is safe
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What to enter in Remote Desktop Connection to connect to a server

A
  • The server’s IP or FQDN
  • Domain\Username or host\Username
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False: RDP is natively encrypted

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or false: RDP client software supports Windows only

A

False
It is also available in Linux, macOS, iOS, & Android

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Screen Sharing

A

MacOS remote access app based on VNC protocol, which means any VNC client can connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

NLA

A

Network Level Authentication

Authenticates an RDP client user before configuring a desktop, preventing the ability to create a DoS attack using pending connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Means of mitigating risk associated with vulnerable user credentials when connecting to a malware-infected server via RDP

A

RDP Restricted Admin (RDPRA) Mode
&
Remote Credential Guard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

RDP port number

A

TCP 3389

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How to run RDP on a Linux host

A

Use the open-source implementation XRDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

MSRA

A

Microsoft Remote Assistance

Precursor to Quick Assist that used a dynamically assigned ephemeral port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an SSH server’s host key pair used for?

A

To set up an encrypted channel so that the client can submit authentication credentials securely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

2 commonly implemented methods of SSH client authentication

A
  • Password (& username)
  • Public key
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A key SSH security task

A

Monitoring for & removing compromised client public keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

RMM

A

Remote monitoring and management

Tools principally designed for use by MSPs for ensuring every host communicating on it’s client’s network is authorized & is running in a secure configuration.

[It is able to distinguish client accounts & provide support for recording & reporting billable support activity]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

EDR

A

Endpoint detection and response

Software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

8 common features of desktop management & remote monitoring tools

A
  • Reporting
  • Ticket integration
  • EDR
  • Push deployment of changes
  • Network boot
  • Firmware updates & OS installs
  • Network access control
  • Live chat & remote connection to hosts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

VNC port number

A

TCP 5900

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Synthetic full backup

A

Combines all incremental backups with the original full backup to create a new full one

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

3-2-1 backup rule

A

3 copies of data (including production copy)
Across 2 media types
With 1 copy held offline & off site

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

When should you re-test backup recovery procedures?

A

Whenever there is a change to the backup schedule or requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Regulated data

A

Information that must be collected, processed, & stored in compliance with federal &/or state legislation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

True or false: an IP address is considered PII

A

Both/neither 😈
It is if it’s static, but may not be if it’s dynamic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Regulations on the protections to be provided for stored credit card data

A

PCI DSS
Payment Card Industry Data Security Standard

25
Q

Latent evidence

A

Evidence that cannot be seen with the naked eye

26
Q

7 step procedure for ensuring data integrity & preservation from a security incident

A
  1. Identify the scope
  2. Video document the procedure
  3. Gather evidence (cache, etc.)
  4. Disable encryption & screen lock & power off devices
  5. Copy disks
  6. Hash the disks & copies
  7. Bag, fill out form, & transport
27
Q

SE

A

Secure Erase

On HDDs: writes all zeros
On SSDs: marks all blocks as empty & erases over time

28
Q

ISE/Crypto Erase

A

Instant Secure Erase/Crypto Erase

Encrypts the drive & deletes the key

29
Q

What chain-of-custody documentation proves

A

Who has access to evidence collected from a crime scene and where and how it has been stored

30
Q

What a script syntax error will prevent

A

The script from running

31
Q

What a script logical error will cause

A

Different operation from what was intended

32
Q

Extension for the PowerShell script format

A

.PS1

33
Q

JavaScript extension

A

.JS

34
Q

JavaScript

A

Scripting language for interactive web-based content & web apps

35
Q

Python file extension

A

.PY (associated with python.exe)
.PYW (associated with pythonw.exe)

36
Q

Python cmdlet to reboot & ignore warnings about doing so

A

Restart-Computer -Force

37
Q

3 [broad] dangers of using scripts

A
  • Malware
  • Inadvertent system-setting changes
  • Browser or system crashes due to mishandling of resources
38
Q

Visual Basic programming language extension

A

.VBS

39
Q

Linux shell script extension

A

.SH

40
Q

Policy

A

Overall statement of intent

41
Q

SOP

A

Standard operating procedure

A step-by-step list of actions that must be completed for any given task to conform with policy

42
Q

Guidelines

A

Used when no procedure exists or when a procedure should be deviated from

43
Q

Request ticket type

A

For provisioning things the IT department has an SOP for

44
Q

Incident ticket type

A

Involve errors or unexpected situations faced by end-users

45
Q

Problem ticket type

A

Problems are causes of incidents. This type of ticket is likely to be generated internally.

46
Q

Incident report

A

Aka after-action report. Lessons learned. Identify causes, recommend remediation, or preventive measures.

47
Q

5 assets procurement lifecycle stages

A

Change
Procurement
Deployment
Maintenance
Disposal

48
Q

4 ways to deal with angry customers

A
  1. Low voice, soothing language, & focusing on positive actions
  2. Don’t take complaints personally
  3. Let the customer explain the problem while you actively listen
  4. Hang up. Warn them 1st & if necessary end the call or escalate to a manager
49
Q

Most common source of safety regulations in the United States

A

OSHA Occupational Safety and Health Administration

50
Q

Best type of fire extinguisher to use on electrical equipment

Color of the label

A

Carbon dioxide

Typically black but sometimes red or white

51
Q

Ideal humidity level

A

Around 50%

52
Q

How to avoid condensation in equipment

A

Avoid warming it too quickly

53
Q

Dissipative packaging

A

Light pink or blue packaging that reduces the buildup of static in the general vicinity of the contents by being slightly more conductive than normal

54
Q

Difference between a power surge and spike

A

Spike is more intense

55
Q

Surge protector clamping voltage

A

The level at which the protection will activate (400/300V) or lower is better)

56
Q

Surge protector joules rating

A

Amount of energy it can absorb (600 or more is better). Each surge event will degrade its capability

57
Q

Surge protector amperage

A

Maximum current that can be carried (number of devices you can attach)

58
Q

How to calculate the minimum VA needed for a UPS

A

Add the wattage of all attached devices and multiply by 1.67 to account for a conversion factor