Exam 2

Question 1

Data person who manages access rights to the data.

Answer 1

Data Steward

Question 2

Directed attack that attempts to obtain private or personal information. Unlike general phishing attacks, this is tailored to the victim and often includes personal information to make the attack more convincing.

Answer 2

Spear Phishing

Question 3

Vulnerability that allows communication between separate VMs.

Answer 3

VM escape

Question 4

Type of wireless attack in which attacker sends unsolicited messages to bluetooth-enabled devices. Usually done to surprise or annoy the user.

Answer 4

Bluejacking

Question 5

Allows you to create separate virtual local networks within a single physical network. Each separated network acting as its own private network.

Answer 5

VLAN - Virtual Local Network

Question 6

A method used by routers to allow multiple devices on a local network to share a single public IP address. It translates private IP addresses to the public IP address for outgoing traffic and vice versa for incoming traffic, providing address conservation and an added layer of security.

Answer 6

NTA - Network Address Translation

Question 7

Security solution that enforces policies to control which devices can access a network and what they can do once they are connected.

Answer 7

NAC - Network Access Control

Question 8

Segmentation strategy that separates devices or networks by physically disconnecting them from each other.

Answer 8

Air Gap

Question 9

Time concept that defines how much data loss would be acceptable during a recover.

Answer 9

RPO - Recovery Point Objectives

Question 10

Network protocol that centralizes the authentication, authorization, and accounting of network access. It simplifies managing user access, enhances security, and provides detailed usage tracking, making it an ideal solution for network environments that require centralized control.

Answer 10

RADIUS

Question 11

Suite of protocols designed to secure internet communications by encrypting and authenticating data packets. Used for securing network communications.

Answer 11

IPSec

Question 12

Type of cyber attack where an attacker gains unauthorized control over a client device or its communications.

Answer 12

Clint Hijacking

Question 13

Actions taken to reduce the impact or likelihood of a risk. For example, using security measures like backups to lessen the damage from a ransomware attack.

Answer 13

Mitigation

Question 14

Ackwnoledging a risk and choosing to deal with the consequences if it occurs, rather than trying to avoid or transfer it.

Answer 14

Acceptance

Question 15

Shifting the risk to another party, such as by purchasing insurance.

Answer 15

Transference

Question 16

Process of installing applications on a device from other source other than the official app store.

Answer 16

Sideloading

Question 16

Used for sending multimedia messages, such as pictures and videos, via text messaging.

Answer 16

MMS - Multimedia Messaging Service

Question 17

Sharing a mobile device’s internet connection with another device, such as using a phone’s data connection to provide internet access to a laptop.

Answer 17

Tethering

Question 18

Technology used to combine multiple physical hard drives or solid-state drives into a single logical unit to improve performance, increase storage capacity, or provide redundancy.

Answer 18

RAID - Redundant Array of Independent Disks

Question 19

RAID level that splits data across multiple drives, without making copies, and increases speed but no data protection. Preferably not to be use, considered a security risk.

Answer 19

RAID 0 (Striping)

Question 20

RAID level that creates an exact copy of data on another disk. If one drive fails, the other still has all data, and requires double the storage (50% usable). Imagine making a copy of every document (mirroring) to ensure you have a backup.

Answer 20

RAID 1 (Mirroring & Duplexing)

Question 21

RAID level data is ‘striped’ across multiple disks with parity; makes sure data can be recovered in case of failure. Requires 3 or more disks, and is the most common used RAID.

Answer 21

RAID 5 (Striping with Parity)

Question 22

RAID Level that similar to RAID 5 but with extra parity, can tolerate the failure of up to two drives, and usable space is total drives minus two. Think of a double backup system—two extra copies of your document to cover more risks.

Answer 22

RAID 6

Question 23

RAID level that mirrors data and then stripes it. Provides both high redundancy and performance, and usable space is half the total storage due to mirroring. Combine both mirroring and striping—having a backup of your backup, plus splitting the work for faster access.

Answer 23

RAID 10 (RAID 1+0)

Question 24

Request to sent to a Certificate Authority (CA) to obtain a digital certificate.

Answer 24

CSR - Certificate Signing Request

Question 25

Storing a copy of encryption keys with a trusted third party.

Answer 25

Key Escrow

Question 26

Method used to check if a website’s security certificate has been revoked without needing to contact the Certificate Authority (CA) directly.

Answer 26

OCSP Stapling

Question 27

Provides authentication and integrity for IP Packets. Ensures the data has not been altered and that it comes forma legitimate source.

Answer 27

AH - Authentication Header

Question 28

Key exchange protocol used to securely share encryption keys over an insecure channel.

Answer 28

Diffie-Hellman

Question 29

Provides both encryption and authentication, it encrypts the data to keep it confidential and authenticates it to ensure it has not been tampered with.

Answer 29

ESP - Encapsulating Security Payload

Question 30

Cryptography hash function used to ensure data integrity and authenticity.

Answer 30

SHA-2 (Secure hash algorithm 2)

Question 31

Replaces sensitive data with non-sensitive placeholders or tokens that have no meaningful value outside a specific context.

Answer 31

Tokenization

Question 31

Principle that involves collection only the data that is necessary for a specific purpose.

Answer 31

Minimization

Question 32

This process removes or obscures personal identifiers. Involves altering data so that individuals cannot be identified form it.

Answer 32

Anonymization

Question 33

Obscures specific data elements to protect sensitive information while preserving the format and usability of the data.

Answer 33

Masking

Question 34

Network diagnostic terminal tool to trace path packets from your computer to a destination.

Answer 34

tracert

Question 35

Terminal command tool used to check the reachability of a host on a network and measure roundtrip time for packets.

Answer 35

ping

Question 36

Command tool used to query DNS records. It can provide information about domain names, IP addresses, and other DNS related details.

Answer 36

dig (Domain Information Groper)

Question 37

Provides backup power to keep servers running during a power outage. Ensures business continuity.

Answer 37

UPS

Question 38

Comprehensive penetration testing framework used to find and exploit vulnerabilities in systems.

Answer 38

Metasploit

Question 39

Network utility used for reading from and writing to network connections. Cann be used for debugging, port scanning, and data transfer.

Answer 39

Netcat

Question 40

Formal contract between a service provider and a customer that defines the expected level of service.

Answer 40

SLA - Service Level Agreement

Question 41

Advanced type of firewall that provides enhanced security features beyond those of traditional firewalls.

Answer 41

NGFW (Next Generation Firewall)

Question 42

Outdated and insecure wireless security protocol with known vulnerabilities.

Answer 42

WEP - Wired Equivalent Privacy

Question 43

Key establishment protocol in WPA3-Personal that enhances security against offline dictionary attacks.

Answer 43

SAE - Simultaneous Authentication of Equals