Exam 1

Question 1

What is a “passive foot print”

Answer 1

Learning as much as your can from open sources like social media, web sites, reedit,dumpster diving etc..

Question 2

A third party is going to gather information about your company from open sources

Answer 2

Passive footprint

Question 3

What is TLS

Answer 3

“Transport layer security”
A cryptographic protocol used to encrypt network communications

Question 4

What is HTTPS

Answer 4

“Hypertext Transfer Protocol Secure”
It is a protocol that secures communication and data transfer between a user’s web browser and a website

Question 5

What is ftps

Answer 5

“File transfer protocol secure” uses tls to provide secure communication also https

Question 6

What is SSH and what is it used for

Answer 6

“Secure shell”

secure protocol user to connect to computers remotely using a secure connection

Question 7

What is SRTP

Answer 7

“Secure real time protocol”
Adds encryption when talking over a company phone, the encryption used for this is called (aes) to encrypt voice in video

Question 8

What is DNSSEC

Answer 8

“Domain name system security extensions” a way to validate with the information you’re getting from the DNS server is actually coming from the devil server by using a public key cryptography

Question 9

What kind of actor is organize crime

Answer 9

Usually does things for money

Question 10

What is a Hacktivist?

Answer 10

Focus or political agenda not commonly on financial gain

Question 11

What is partition data in temporary file systems part of

Answer 11

The file storage subsystem

Question 12

What is “MFD”

Answer 12

“Multifunction device”

An all in one printer that can print, scan and fax is a

Question 13

What is IoT

Answer 13

“Internet of things”

Wearable technology and home automation devices


Question 14

What is RTOS

Answer 14

“Real time operating systems “

Are used in manufacturing and automobiles

Question 15

What is SoC

Answer 15

“System on a chip”

Multiple component is the one on the single chip or categorize

Question 16

What is SOAR

Answer 16

“Security orchestration automation and response”

SOAR seeks to alleviate the strain on IT teams by incorporating automated responses to a variety of events

Question 17

What is PKI

Answer 17

“Public key infrastructure”

PKI uses cryptographic public keys that are connected to a digital certificate, which authenticates the device or user sending the digital communication

Question 18

What is IaaS

Answer 18

“Infrastructure as a service”

A cloud service that provides the hardware required for deploying, application, instances, and other cloud-based applications

delivers IT infrastructure like compute, storage, and network resources on a pay-as-you-go basis over the internet

Amazon, Google

Question 19

What is a another word for “on path attack”

Answer 19

Man in the middle

Question 20

Federation

Answer 20

Would allow one member of organization to use credentials of another organization

Question 21

What is MTBF

Answer 21

“Mean time between failures”

Is a prediction of how often a repairable system will fail

Question 22

What is RTO

Answer 22

“Recovery time objectives”

A set of objectives needed to restore a particular service level

Question 23

What is MTTR

Answer 23

“Mean time to restore”

The amount of time it takes to repair a component

Question 24

What is MTTF

Answer 24

“Mean time to failure”

The expected lifetime of a non-repairable product or system

Question 25

What is EAP-TTLS

Answer 25

“Extensible authentication protocol tunneled transport layer security”

Allows the use of multiple authentication protocols transported inside of an encrypted TLS tunnel

Question 26

What is a CASB

Answer 26

“Cloud, excess security broker”

Can be used to apply security policies to cloud based implementations

Question 27

Common functions of CASB

Answer 27

visibility into application used in data security policy use, Verification of compliance with formal standards, and the monitoring, and identification of threats