Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CISSP Exam Prep > Exam Study Cards > Flashcards

Exam Study Cards Flashcards

1
Q

What are the primary objectives/goals of security?

A

To maintain confidentiality, Integrity, Availability (CIA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is confidentiality?

A

Confidentiality means that objects should not be disclosed to subjects that do not have authorization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is integrity?

A

Integrity means that data/objects remain unchanged and are not intentionally altered by unauthorized subjects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is availability?

A

Availability means that the subjects that are authorized have consistent and uninterrupted access to objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the CIA triad?

A

The CIA triad contains the concepts of confidentiality, integrity, and availability, which are the three vital principles of security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is identification and how does it work?

A

Identification is what a subject has to provide to a system in the first step of gaining authentication, authorization and accountability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is authentication and how does it work?

A

Authentication means to verify that the identity entered into the system is valid. Information (password) is entered by the subject after providing identification (login ID) and the two must correspond to each other to gain access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is security governance?

A

Security governance is the collection of practices related to defining, guiding, and supporting organizational security efforts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is auditing and how does it work?

A

Auditing is the systematic way for subjects to be held accountable for any actions they performed as authorized users of a system. Auditing detects unauthorized or nefarious activities on a system. Auditing also keeps track of attempted intrusions and any system failures/outages. Because of its tracking mechanisms, auditing can produce logs and analysis of those logs as well as provide them for prosecution evidence.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is accountability?

A

Accountability holds subjects accountable for their actions. Accountability can only successfully work once identity is authenticated. Security policies need accountability in order to be enforced.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is nonrepudiation?

A

This ensures that a subject cannot deny that they performed an action or an event occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What kind of plans are included in security management and what do they do?

A

Strategic plans - long-term and stable, defining the goals, missions, and objectives of the organization.

Tactical plans - mid-term plans that are formed to provide a more detailed account on how to accomplish the goals in the strategic plan.

Operational plans - short-term and very detailed and concise plans that revolve around strategic and tactical plans.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is data remanence?

A

This is the data that was deleted but actually ends up remaining until it is overwritten.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What can you do to eliminate residual data that still remains after it was deleted?

A 
Clearing
Purging
Degaussing
Overwrite with 1's and 0's
Destruction
Encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the most valuable asset to an organization?

A

People. Any risk that involves the loss of life is the highest risk and must be mitigated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is ROI?

A

The amount of money saved by implementing a safeguard. If the annual total cost of ownership (TCO) than the annual loss expectancy (ALE), this equates to a positive ROI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the objectives/goals of information risk management?

A
  1. Identify assets and their value
  2. Identify the vulnerabilities and threats to the assets
  3. Quantify the probability and business impacts of potential threats (risks)
  4. Determine the needs
  5. Deploy a positive ROI safeguard
  6. Monitor and evaluate systems and practice
  7. Promote and spread security awareness
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What does encryption provide?

A

Confidentiality by denying unauthorized reads.
Authenticity by validating the source of the message to ensure the sender is who they proclaim to be.
Integrity by denying unauthorized writes AND assurance that the message was not modified.
Non-repudiation by establishing that a subject cannot deny performing an action.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is Kerckhoff’s Principle?

A

Principle that maintains that only the key should be kept secret while algorithms are publicly known.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is a unbreakable cipher?

A

A one-time pad.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is hybrid encryption?

A

Using symmetric to encrypt messages and asymmetric to encrypt the symmetric key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is a digital certificate?

A

A public key signed with a digital signature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is HMAC?

A

HMAC (Hashed Message Authentication Code) gives integrity and authenticity by combining symmetric encryption with hashing. It is used by IPSec.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is an APT group?

A

An APT (Advanced Persistent Threat) group has the ability to coordinate very sophisticated attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What is TPM?
TPM (Trusted Platform Module) is a hardware encryption method that uses a storage root key. Typically used to encrypt hard drives on laptops.
26
What is redundancy?
A method used to prevent data loss on a server.
27
What is a white box tester?
A tester that has full authorized access to product documentation, including the code and data structures used by the application.
28
What is a black box tester?
A tester that does not have access to product documentation or any prior experience with an application.
29
What is a secure DNS zone transfer?
A mechanism that prevents attackers from downloading data that maps IP addresses to devices.
30
What is a cognitive password?
A password that an attacker is able to form/gain based on personal identifying information(PII) posted on social media websites.
31
What is PAT?
PAT (Port Address Translation) is the protocol that allows internal computers to share one public IP address.
32
What is virtualization?
A method that allows multiple servers to operate on a single physical server.
33
What is SNMP?
SNMP (Simple Network Management Protocol) is used to manage and monitor switches and routers.
34
What are methods to detect changes in files?
1. MD-5 (Message Digest 5) 2. SHA (Secure Hash Algorithm) 3. HMAC ( Hash-based Message Authentication Code)
35
What is CRL?
CRL (Certificate Revocation List) is a list that identifies revoked certificates and is unrelated to sharing encryption keys.
36
What is NDP?
NDP (Neighborhood Discovery Protocol) is used by IPv6 to resolve IPv6 addresses to media access control (MAC) addresses.
37
What is RADIUS?
RADIUS (Remote Authentication Dial-In User Service) is an authentication service for remote users and devices.
38
What is Diameter?
Diameter is an authentication service for remote users and devices. It is more secure than RADIUS.
39
What is ECDHE?
ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) allows negotiation of encryption keys securely over a public network.
40
What is a WPA cracking attack?
WPA (Wi-fi Protected Access) attack is the method of capturing traffic and performing an offline brute force attack to discover/steal the encryption key.
41
What is a WPS attack?
An attack that uses brute force attack but does not need to wait for an authorized client to connect.
42
What is a initialization vector attack?
An attack that often uses packet inject techniques to generate more traffic in WEP attacks.
43
What is full-device encryption?
Encryption that can be implemented to safeguard confidentiality of data if a mobile device is lost of stolen.
44
What is application whitelisting?
A method that identifies and lists authorized software and prevents users from installing or running any other software.
45
What is a yagi antenna?
A high-gain directional antenna with a very narrow radiation pattern. It is a desired choice for providing connectivity between two buildings without running any physical mediums (cables).
46
What is Blowfish?
A symmetric block cipher that provides strong encryption for processing payment card data. Works very fast.
47
How is ALE calculated?
ALE = SLE x ARO
48
What is the most important purpose of classifying information?
To identify security classifications for sensitive data and define the requirements to protect that sensitive data.
49
How is the classification of data determined?
Based on its value to an organization
50
What is purging?
Removing all data by writing over existing data multiple times to ensure data cannot be recovered.
51
Why is sanitization likely to be unreliable?
Because personnel can perform the purging, degaussing, or other processes improperly.
52
What is destruction?
The most secure method of eliminating data on optical media (DVD)
53
What is the problem with remanence?
It does not completely eliminate data.
54
What is SSH?
A secure alternative for connecting to a remote server for administration. It encrypts data transmitted over a network.
55
What are the duties of a data custodian?
To perform day-to-day tasks to protect the CIA of data as directed by senior management by doing backups, verifying data integrity, implementing security solutions and managing storage by classification label.
56
What is Bcrypt?
Encryption method based on Blowfish that encrypts passwords on Linux by adding 128 additional bits as a SALT to combat against rainbow table attacks.
57
What are the "Rules of Behavior"?
Rules that identify appropriate use and protection of data. This applies to subjects/users, not systems or security controls.
58
What is DNS?
DNS (Domain Name System/Server) is used to translate IP addresses into hostnames and hostnames into IP addresses. Used mostly on internet and networks.
59
What is DHCP?
DHCP (Dynamic Host Configuration Protocol) is used to dynamically assign the IP address to the network computers and devices. Automatically assigns static and dynamic IP addresses.
60
What are ACL rules?
ACL (Access Control Rules) provide rule-based management for the router and control inbound and outbound traffic.
61
What do ACLs do?
Provide basic packet filtering on routers. They filter packets based on IP addresses, ports, and protocols such as ICMP and/or IPSec.
62
What does a router do?
A router, which is a networking device connects multiple network segments together into a single network and routes traffic between the segments.
63
Does a router pass broadcasts?
No, it efficiently reduces traffic on a single segment.
64
What is the relationship between routers and ACLs?
Routers have ACLs that have rules to designate what traffic is allowed and what traffic is denied.
65
What does a VLAN do?
A VLAN (virtual local area network) uses a switch to group several different computers into a virtual network based on departments, job function, or administrative needs.
66
What is the purpose of port security?
To limit the number of computers that can connect to the ports on a switch and disable unused ports and also limit the amount of MAC addresses per port. Advanced port security: restrict each physical port to a specific MAC address.
67
What kind of physical security do switches provide?
1. Have a console port that administrators can use to monitor all traffic in or out of the switch. 2. Kept in a secure area such as a locked wiring closet, and therefore away from potential attackers.
68
What is a switch?
A networking device that has the ability to learn which computers are attached to each of its physical ports. The knowledge is then used to create internal switched connections when two computers communicate with each other. This increases network efficiency.
69
What is the general security benefit of a switch?
If an attacker installed a sniffer on a computer attached to another port, the sniffer is not able to capture unicast traffic transmitting thru the switch.
70
Any traffic sent across the wire in cleartext is subject to sniffing attacks with a protocol analyzer. How can this be combatted?
Encrypt the data or replace all hubs with switches to limit the amount of traffic that reaches any computer. This reduces the risk of a sniffing attack.
71
What is a hub?
A networking device that has multiple physical ports used to provide basic connectivity to multiple computers. Usually has between 4 and 32 physical ports and is not intuitive; whatever goes in one port goes out on all ports on the hub.
72
What is the risk with a hub?
If an attacker installs a protocol analyzer (sniffer) on a computer connected to a hub, the sniffer captures all traffic on the hub.
73
What ports does NETBIOS run on?
137, 138, and 139.
74
What port does IMAP4 run on?
143.
75
What port does LDAP run on?
389.
76
What port does HTTPS run on?
443
77
What port does SMTP SSL/TLS run on?
465
78
What port does IPSec run on?
500 (UDP)
79
What port does LDAP/SSL run on ?
636
80
What port does LDAP/TLS run on?
636
81
What port does IMAP SSL/TLS run on?
993
82
What port does POP SSL/TLS run on?
995
83
What port does L2TP run on?
1701 (UDP)
84
What port does PPTP run on?
1723
85
What port does Remote Desktop Protocol (RDP) run on?
3389 (TCP/UDP)
86
What port does MS SQL Server run on?
1433
87
What port does FTP Data (Active) run on?
20
88
What port does FTP Control run on?
21
89
What port does SSH run on?
22
90
What port does SFTP run on?
22 (uses SSH)
91
What port does SCP run on?
22 (uses SSH)
92
What port does Telnet run on?
23
93
What port does SMTP run on?
25
94
What port does TACACS+ run on?
49
95
What port does DNS (name queries) run on?
53 (UDP)
96
What port does DNS zone transfers run on?
53 (TCP)
97
What port does TFTP run on?
UDP 69
98
What port does HTTP run on?
80
99
What port does Kerberos run on?
88 (UDP)
100
What port does POP3 run on?
110
101
What port does SNMP run on?
161 (UDP)
102
What port does SNMP (trap) run on?
162 (UDP)
103
What does a vulnerability scanner do?
1. Identify vulnerabilities. 2. Identify misconfigurations 3. Passively test security controls 4. Identify lack of security controls
104
What is a virus?
A form of malicious code that infects systems and then spreads copies of itself based on a mechanism that connects it to another system (opening a file, etc). CANNOT spread itself, it relies on a user action.
105
What is a trojan horse?
A form of malicious code that disguises itself in apparently useful applications.
106
What is a logic bomb?
A form of malicious code that triggers on a particular condition (all files deleted scheduled to be deleted a particular time)
107
What is a worm?
A form of malicious code that is self-replicating.
108
What is Java and Active X Control?
A form of malicious code that automatically executes when sent via email.
109
What is spoofing?
The act of making data (email) appear as though it were sent from someone else.
110
What is a man-in-the-middle attack?
An attack that intercepts traffic between two systems and uses a third system to pretend to be one of the others.
111
What is a replay attack?
Data is intentionally captured to later impersonate one of the parties in the session.
112
Can a replay attack happen on wired or wireless networks?
It can happen on BOTH types of networks.
113
How can replay attacks be thwarted?
By using timestamps and sequence numbers. Kerberos helps with timestamped tickets
114
What is a brute force attack?
An attempt to guess all possible character combinations to form a password and gain unauthorized access.
115
How can a brute force attack be protected against?
With account lockout policies and complex passwords of sufficient length.
116
What is a dictionary attack?
An attack that uses a dictionary of words and basically attempts to use every word in the dictionary to see if it works. The dictionaries include many of the common passwords that uninformed users improperly configured for their own accounts.
117
How can a dictionary attack be combatted against?
With the use of complex passwords that are unlikely to be in a dictionary.
118
What are password hashes?
What most systems store instead of the actual password.
119
What is a hybrid attack?
An attack that uses a combination of two or more attacks to crack a password.
120
What is a rainbow table attack?
An attack that attempts to discover the password from the hash.
121
What is a birthday attack?
A theory that states that for any random group of 23 people, there is a 50% chance that two of them have the same birthday based on mathematical probability.
122
What is SALT and what does it do?
A method in which a set of random data with a few additional characters that is added to passwords prior to hashing to combat password attacks.
123
What are logical access controls?
Controls that are implemented through technologies such as group policy and account management tools. The intent is to control access to the logical network.
124
Give examples of logical access controls:
1. Least privilege (also a technical control) 2. Need to Know 3. Group policy - implemented on a domain controller within a domain 4. Password policies 5. Account Management
125
Give examples of management controls:
1. Risk assessments 2. Vulnerability assessments 3. Penetration Testing
126
Give examples of operational controls:
1. Awareness and training for users 2. Configuration and change management 3. Contingency planning 4. Media protection - (USB drives, external/internal drives, backup tapes) 5. Physical and environmental protection
127
What is the goal of preventive controls?
To attempt to prevent an incident from occurring.
128
What is the goal of detective controls?
To attempt to detect incidents after they have occurred.
129
What is the goal of corrective controls?
To attempt to reverse the impact of an incident?
130
What is the goal of deterrent controls?
To attempt to discourage individuals from causing an incident.
131
What is the goal of compensating controls?
To provide an alternative when a primary control cannot be used.
132
What is PAP?
PAP (Password Authentication Protocol) uses a password or PIN for authentication.
133
What is CHAP?
CHAP (Challenge Handshake Authentication Protocol) uses a handshake process when authenticating clients and is more secure than PAP.
134
What is the purpose of technical controls?
To use technology to reduce vulnerabilities.
135
What is HOTP?
HOTP is a HMAC-based one-time password algorithm that creates a one-time use password that does not expire.
136
What is TOTP?
TOTP is a time-based one-time password algorithm that creates a one-time password that expires after 30 seconds.
137
What is Cross-Site Scripting (XSS)?
An attack method where attackers embed malicious HTML or Javascript code into an email or website error message. When the user responds to the email or error message, the code is executed. Code can also be embedded where HTML tags can be entered.
138
What can be done to protect against cross-site scripting?
Input validation at the server level.
139
Who does security management start and end with?
Senior management is ultimately and always responsible for security management.
140
What are the requirements for security management?
1. Scope must be concisely defined. 2. Goals must be identified. 3. Evaluation of business objectives, security risks, user productivity, and functionality requirements must be performed and managed regularly. 4. Assets and their value must be identified. 5. Policies, procedures, standards, and guidelines/baselines MUST be implemented and enforced. 6. Overall: CIA must be provided and protected.
141
What is the purpose of vulnerability testing?
To evaluate systems/networks against a predefined list of vulnerabilities that may include system misconfiguration, outdated software, missing patches.
142
What are the goals of penetration testing?
Primary: to simulate an attack to evaluate the risk characteristics of an environment. Secondary: to test the organizational incident response.
143
What is the goal of security awareness training?
To inform and teach so people can be aware, resulting in modified behavior.
144
What is the purpose of exchanging beginning sequence numbers during the connection in the TCP client-server model?
To ensure that any data lost during data transfer can be retransmitted.

CISSP Exam Prep (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions