Exam8 Flashcards
Which of the following terms describes the process of identifying differences between an organization’s current security posture and its desired security posture?
A. Tabletop exercise
B. Gap analysis
C. Security awareness training
D. Risk assessment
The term “Zero Trust security” refers to a cybersecurity model that eliminates implicit trust from networks and requires all users and devices to be continuously verified before being granted access to resources. The implementation of the Zero Trust security involves two distinct components: a Data Plane, responsible for defining and managing security policies, and a Control Plane, responsible for enforcing the security policies established by the Data Plane.
True
False
Which of the answers listed below refers to a Zero Trust Control Plane security approach that takes into account user identity, device security, network conditions, and other contextual information to enable dynamic access decisions?
A. Implicit trust
B. Monitoring and logging
C. Adaptive identity
D. Microsegmentation
Adaptive identity in security can improve security and user experience by reducing friction for legitimate users. For example, if a user is shopping online and logs in to their preferred shopping app, adaptive authentication may only ask for their password because it knows they’re on their usual device and network. However, if they add a pricey item to their cart, it may prompt for a fingerprint scan or phone code.
What are the key components of the Zero Trust Control Plane’s Policy Decision Point (PDP)? (Select 2 answers)
A. Policy Engine (PE)
B. Monitoring and logging
C. Policy Enforcement Point (PEP)
D. Microsegmentation
E. Policy Administrator (PA)
In the Zero Trust security architecture, the Policy Enforcement Point (PEP) is a Data Plane component that enforces the security policies defined at the Control Plane by the Policy Decision Point (PDP).
True
False
An access control vestibule (a.k.a. mantrap) is a physical security access control system used to prevent unauthorized users from gaining access to restricted areas. An example mantrap could be a two-door entrance point connected to a guard station wherein a person entering from the outside remains locked inside until he/she provides authentication token required to unlock the inner door.
True
False
Which of the following statements about honeypots are true? (Select 2 answers)
A. Honeypots are always part of a honeynet
B. Honeypots mimic real systems to attract cyber attackers
C. Honeypots are a type of anti-malware solution
D. Honeypots contain apparent vulnerabilities that are closely monitored by a security team
E.Honeypots are used to launch attacks on cyber attackers
What is a honeynet in the context of cybersecurity?
A. A network of IDSs
B. A network of honeypots
C. A network of infected hosts
D. A network of IPSs
Which of the answers listed below refers to a honeynet example?
A. A network of fake websites
B. A network of fake servers
C. A network of fake databases
D. A network of fake file shares
E. All of the above
A honeyfile can be any type of file (e.g., a document, email message, image, or video file) containing real user data intentionally placed within a network or system to attract potential attackers or unauthorized users.
True
False
A honeyfile can be used for:
A. Attracting cyber attackers
B. Triggering alerts when accessed
C. Monitoring network activity
D. All of the above
What is a honeytoken?
A. A decoy file that is designed to attract attackers
B. A unique identifier assigned to a honeyfile
C. A decoy system that is designed to lure potential attackers
D. A unique identifier that is designed to track attackers
Which of the following should not be used as honeytokens? (Select all that apply)
A. Active user account credentials
B. Database entries mimicking real data
C. Actual URLs to live websites or resources
D. Dummy server logs with enticing information
E. Fake identifiers, including usernames, passwords, email addresses, and IP addresses
A process used by organizations to assess and evaluate the potential impact of disruptive incidents or disasters on their critical business functions and operations is referred to as:
A. BPA
B. BIA
C. SLE
D.BCP
Business Impact Analysis (BIA) has emerged as a crucial tool in understanding the potential impacts of disruptions and guiding business continuity efforts
A hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates is known as:
A. PKI
B. RA
C. PKCS
D. CA
Public Key Infrastructure (PKI) is a system of technologies, policies, and practices that protects data by encrypting it and authenticating digital communications
Which of the answers listed below best describes the characteristics of a public-private key pair?
A. Both keys are examples of a symmetrical key
B. Two keys that are identical
C. A pair of keys where one is used for encryption and the other for decryption
D. Both keys are examples of a shared key
What is the typical use of a public key?
A. Data encryption
B. Data decryption
C. User/device authentication
D. All of the above
Key escrow is a cryptographic technique that enables storing copies of encryption keys with a trusted third party. A Recovery Agent (RA) is a trusted third party (an individual, entity, or system) who is authorized to assist in the retrieval of encryption keys and data on behalf of the data owner. Key escrow and RA are both used to ensure that encrypted data can be decrypted even if the data owner loses access to their encryption key. Since key escrow and RAs are both components of a single security solution, the only way to implement key escrow systems is with the use of RAs.
True
False
Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality?
A. HSM
B. TPM
C. EFS
D. SED
Self-Encrypting Drives (SED) are a type of hard drive with built-in encryption and decryption capabilities.
Which of the answers listed below refers to software technology designed to provide confidentiality for an entire data storage device?
A. TPM
B. FDE
C. EFS
D.HSM
An MS Windows component that enables encryption of individual files is called:
A. SED
B. EFS
C. BitLocker
D. FDE
Which of the following software application tools are specifically designed for implementing encryption algorithms to secure data communication and storage? (Select 2 answers)
A. VPN
B. GPG
C. SSH
D IPsec
E. PGP
The GPG Project provides the tools and libraries to allows users to interface with a GUI or command line to integrate encryption with emails and operating systems like Linux. GPG can open and decrypt files encrypted by PGP or Open PGP, meaning it works well with other products.
PGP (Pretty Good Privacy) is a security program that uses cryptography to encrypt and decrypt messages and files, and to digitally sign and verify documents. PGP is a standard method for organizations to secure email communication
What is the name of a network protocol that secures web traffic via SSL/TLS encryption?
A. SFTP
B. HTTPS
C. FTPS
D. SNMP
Which of the answers listed below refers to a deprecated TLS-based method for secure transmission of email messages?
A. S/MIME
B. STARTTLS
C. DKIM
D. SMTPS
Which of the following answers refers to an obsolete protocol used for secure data transfer over the web?
A. SMTPS
B. SRTP
C. SHTTP
D. S/MIME
S-HTTP is a protocol for transmitting private documents over the internet. It ensures data security by encrypting the messages at the message level.
The MIME specification extends the email message format beyond plain text, enabling the transfer of graphics, audio, and video files over the Internet mail system. S/MIME is an enhanced version of the MIME protocol that enables email security features by providing encryption, authentication, message integrity, and other related services.
True
False
What is the name of a network protocol that enables secure file transfer over SSH?
A. TFTP
B. SFTP
C. Telnet
D. FTPS
SFTP is an extension of the FTP protocol that adds support for SSL/TLS encryption.
True
False
Secure File Transfer Protocol (SFTP) is a secure method for transferring data over a network using encryption and authentication to protect data from unauthorized access
A type of cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers is known as:
A. RDP
B. SSH
C. Telnet
D. SCP
The Secure Copy Protocol, or SCP, is a file transfer network protocol used to move files onto servers, and it fully supports encryption and authentication. SCP uses Secure Shell (SSH) mechanisms for data transfer and authentication to ensure the confidentiality of the data in transit.
Which of the answers listed below refers to a suite of protocols and technologies providing encryption, authentication, and data integrity for network traffic?
A. TLS
B. SSH
C. IPsec
D. VPN
Which part of IPsec provides authentication, integrity, and confidentiality?
A. SPD
B. PFS
C. AH
D. ESP
A system that uses public network (such as the Internet) as a means for creating private encrypted connections between remote locations is referred to as:
A. WWAN
B. VPN
C. PAN
D. VLAN
A virtual private network (VPN) creates a private network overlay across an existing public network. VPNs use tunneling protocols that create encrypted connections between the network and client devices.
VLANs allow devices to be logically separated based on their purpose, department, or security needs. Network administrators can enhance network performance and security by grouping devices with similar tasks or security requirements into VLANs.
Which protocol enables secure, real-time delivery of audio and video over an IP network?
A. S/MIME
B. RTP
C. SIP
D. SRTP
Secure Real-time Transport Protocol(STRP). An extension of Real-time Transport Protocol (RTP) that features enhanced security measures. The protocol provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic.
An encryption protocol primarily used in Wi-Fi networks implementing the WPA2 security standard is called:
A. TKIP
B. CCMP
C. SSL
D.IPsec
Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.S. federal government’s Advanced Encryption Standard (AES) algorithm and uses the Counter Mode with CBC-MAC (CCM) mode of operation.
A security protocol designed to improve the security of existing WEP implementations is known as:
A. WPA2
B. RC4
C. CCMP
D. TKIP
TKIP is a security protocol used in the IEEE 802.11 wireless networking standard. It was designed to provide more secure encryption than the earlier Wired Equivalent Privacy (WEP), without needing to replace existing hardware.
Which of the following answers refer(s) to deprecated/insecure encryption protocols and cryptographic hash functions? (Select all that apply)
A. DES
B. AES-256
C. MD5
D. ECC
E. SHA-1
F. SSL
G. RC4
Which cryptographic protocol is designed to provide secure communications over a computer network and is the successor to SSL?
A. IPsec
B. TLS
C. AES
D. CCMP
Examples of techniques used for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption, or session-key encryption).
True
False
In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key (and vice versa).
True
False
Which of the algorithms listed below are not symmetric ciphers? (Select 3 answers)
A. AES
B. DES
C. DHE
D. ECC
E. IDEA
F. RC4
G. RSA
Which of the following algorithms do(es) not fall into the category of asymmetric encryption? (Select all that apply)
A. AES
B. DES
C. DHE
D. ECC
E. IDEA
F. RC4
G. RSA
The term “KEK” refers to a type of cryptographic key often used in key management systems to add an additional layer of security when encrypting and decrypting other cryptographic keys.
True
False
Which of the answers listed below refers to a shared secret authentication method used in WPA, WPA2, and EAP?
A. PSK
B. 802.1X
C. SAE
D. TKIP
Which of the following answers refers to a protocol used to set up secure connections and exchange of cryptographic keys in IPsec VPNs?
A. SSL
B. IKE
C. ESP
D. DHE
Which of the answers listed below refers to a key exchange protocol that generates temporary keys for each session, providing forward secrecy to protect past and future communications?
A. PFS
B. SHA
C. PGP
D. DHE
Which of the following answers refers to a cryptographic key exchange protocol that leverages ECC for enhanced security and efficiency?
A. IKE
B. ECDHE
C. DHE
D. ECDSA
Which of the answers listed below refers to a solution designed to strengthen the security of session keys?
A. ECB
B. PFS
C. EFS
D. PFX
Which of the following answers refers to a public-key cryptosystem used for digital signatures, secure key exchange, and encryption?
A. ECC
B. RSA
C. PKI
D. DSA
Which cryptographic solution would be best suited for low-power devices, such as IoT devices, embedded systems, and mobile devices?
A. ECC
B. DES
C. RSA
D. AES
Which of the cryptographic algorithms listed below is the least vulnerable to attacks?
A. AES
B. DES
C. RC4
C. 3DES
