Explain the importance of automation and orchestration related to secure operations

Question 1

incident response process

Answer 1

Preparation: In the preparation phase, organizations establish and maintain incident response plans. These plans should be regularly updated to address evolving threats. This is the stage at which the Cybersecurity Incident Response Team (CSIRT) is
Analysis: At the analysis stage, SIEM takes the lead, using correlation techniques to analyze the type of incident flagged, prioritizing its impact and category. To do this analysis, we can use tools such as the MITRE ATT&CK framework, the Cyber Kill Chain, or the diamond model of intrusion analysis

Containment: In the containment stage, the primary goal is to limit the incident’s impact. This often involves isolating affected systems or quarantining them to prevent the attack from spreading. Simultaneously, volatile evidence (such as running processes and network connections) should be collected for analysis, and any compromised user accounts or access credentials should be disabled.
Eradication: Eradication focuses on destroying the root cause of the incident. For example, if malware is detected, efforts should be made to remove it completely. This may involve patching systems, deleting infected files, or disabling unnecessary services to protect the environment against future attacks.
Recovery: In the recovery phase, the organization aims to restore its operations to a normal state. This includes activities like data restoration, in which essential systems (such as domain controllers) are brought back online once they are clean and secure. The goal is to achieve the Recovery Point Objective (RPO) as closely as possible. The RPO is the amount of time a company can operate without its systems.
Lessons Learned: After the incident has been effectively contained and resolved, it’s essential to conduct a post-incident analysis. This Lessons Learned phase involves reviewing how the incident was handled to identify the strengths and weaknesses of the organization’s response. The insights gained here help organizations refine their incident response plans and take preventive measures to reduce the likelihood of similar incidents in the future.
For an example of this process in action, imagine a scenario in which a do

Question 2

Stages of the Cyber kill chain

Answer 2

Reconnaissance

Calling employees, sending emails, social engineering, dumpster diving

Weaponization

Create malware payload

Delivery

Delivery medium, such as USB, email, web page

Exploitation

Executing code via a vulnerability

Installation

Installing malware on the asset

Command and Control

Infected system sends back information to the attacker

Action on Objectives

Hands-on keyboard—attack complete

Question 3

Kerberos Authentication

Answer 3

Kerberos authentication uses a process called a TGT session, in which the domain controller provides the user with a service ticket that is used to access resources such as the mail serverIn a TGT session, a user sends their credentials (username and password, or smart card and PIN) to a domain controller that starts the authentication process and, when it has been confirmed, will send back a service ticket with a 10-hour lifespan. This service ticket is encrypted and cannot be altered..

Question 4

Lightweight Directory Access Protocol Secure (LDAPS) Secure port number

Answer 4

636

Question 5

Internet Message Access Protocol Secure (IMAPS)

Answer 5

993 TCP Secure version of IMAP that uses TLS for encryption.

Question 6

VM sprawl

Answer 6

Unmanaged VMs installed on your network

Question 7

VM escape

Answer 7

While virtualization is designed to isolate VMs, the hypervisor (that is, the essential software managing these VMs) introduces an unexpected challenge. It can unintentionally create a path for lateral movement, known as moving east to west, and enable potential attackers to move from a secluded VM to the host system or other interconnected VMs.

Question 8

port

Answer 8

acts as a virtual endpoint for communication between devices and applications over a network.

Question 9

Insecure FTP

Answer 9

21

Question 10

Post office protocol 3 insecure

Answer 10

110

Question 11

Network Time Protocol (NTP) insecure

Answer 11

123

Question 12

LDAP Insecure

Answer 12

389

Question 13

SNMP Insecure

Answer 13

161

Question 14

Secure Kerberos

Answer 14

88

Question 15

HTTP insecure

Answer 15

80

Question 16

HTTPS

Answer 16

443

Question 17

Remote Desktop Protocol (RDP) Secure

Answer 17

3389

Question 18

Session Initiated Protocol (SIP)

Answer 18

Connects internet-based cells
Port 5060/61

Question 19

SMTPS

Answer 19

587

Question 20

Server Message Block (SMB) Secure

Answer 20

445

Question 21

Secure Protocols

Answer 21

Protocol

UDP

Port

Use cases

Secure Shell (SSH)

22

Secure remote access

Secure Copy Protocol (SCP)

22

Secure copy to UNIX/LINUX

Secure File Transfer Protocol (SFTP)

22

Secure FTP download

DNSSEC

TCP/UDP

53

Secure DNS traffic

Kerberos

88

Secure authentication

Simple Network Management Protocol Version 3 (SNMP V3)

UDP

162

Secure status and reports of network devices

Lightweight Directory Access Protocol Secure (LDAPS)

636

Securely manages directory service information

Hypertext Transport Protocol Secure (HTTPS)

443

Secure web browser

TLS/SSL

443

Secure data in transit

Server Message Block (SMB)

445

File and Print Sharing

Internet Protocol Security (IPSec)

UDP

500

Secure session for VPN or between two hosts

SMTPS

587

Secure SMTP

Secure/Multipurpose Internet Mail Extensions (S/MIME)

993

Encrypt or digitally sign email

Secure IMAP 4

993

Secure IMAP4

Secure Post Office Protocol 3

995

Secure POP3

File Transfer Protocol Secure

989/990

Download large files securely

Remote Desktop Protocol (RDP)

3389

Microsoft remote access

Session Initiated Protocol (SIP)

5060/61

Connects internet-based cells

Secure Real-Time Protocol (SRTP)

5061

Secure voice traffic

Question 22

Insecure

Answer 22

Protocol

UDP

Port

Use case

File Transfer Protocol (FTP)

21

File transfer – passive FTP

Telnet

23

Run commands on remote hosts (however, note that passwords are not encrypted)

Simple Mail Transport Protocol (SMTP)

25

Transport mail between mail servers

Domain Name System (DNS)

UDP

53

Host name resolution

53

Zone transfer

UDP

53

Name queries

Dynamic Host Configuration Protocol (DHCP)

UDP

67/68

Automatic IP address allocation

Trivial File Transfer Protocol (TFTP)

UDP

69

File transfer using UDP

Hypertext Transport Protocol (HTTP)

80

Web browser

Post Office Protocol 3

110

Pulls mail from a mail server; no copy is left on the mail server

Network Time Protocol (NTP)

123

Time synchronization

NETBIOS

UDP

137–139

NETBIOS to IP address resolution

Internet Message Access Protocol (IMAP 4)

143

Pulls mail from a mail server

Simple Network Management Protocol (SNMP)

UDP

161

Notifies the status and creates reports on network devices

Lightweight Directory Access Protocol (LDAP)

389

Stores X500 objects; searches directory services for users, groups, and other information

Question 23

smurf attack

Answer 23

smurf attack occurs when the attacker floods the target network with infinite ICMP request packets

Question 24

Software Compostion analysis

Answer 24

Software composition analysis (SCA) is the correct tool for identifying vulnerabilities in third-party software components because it specifically scans and analyzes their codebases

Question 25

NAT translation

Answer 25

Network address translation (NAT) is optimal for allowing Internet access to a web server while securing the rest of the network. NAT masks internal IP addresses, funneling external requests specifically to public-facing services. Packet filtering is too basic, lacking the ability to translate addresses.

Question 26

Stateful Packet Inspection

Answer 26

Stateful packet inspection (SPI) is appropriate for protecting against IP spoofing and other complex network attacks. Unlike stateless packet filtering, which inspects each packet in isolation, SPI keeps track of ongoing connections, allowing it to distinguish between legitimate and malicious packets more effectively

Question 27

E-Discovery

Answer 27

involves legally compliant data collection, distinct from general data retrieval methods. It’s specifically tailored to legal requests, ensuring data relevance and compliance

Question 28

IT goverance Owner role

Answer 28

owner in IT governance is key in shaping the organization’s cybersecurity strategy, particularly concerning the classification of assets and the approval of risk mitigation strategies

Question 29

DKIM

Answer 29

a protocol that allows an organisation to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify

Question 30

DMARC

Answer 30

DMARC suggests what to do with mail that isn’t legitimate. Domain-based Message Authentication, Reporting and Conformance, a technical standard that helps protect email senders and recipients from advanced threats that can be the source of an email data breach

Question 31

File integrity monitoring

Answer 31

works by first creating a baseline, which acts as a reference point and is periodically analyzed to detect tampering or fraud

Question 32

Decentralization

Answer 32

Unlike traditional centralized databases (in which a single entity controls the ledger), the open public ledger is decentralized. Multiple copies of the ledger are distributed across nodes (i.e., computers) within a blockchain network.

Question 33

Unified Threat Management Firewall (UTM)

Answer 33

A multi-tasker – malware inspection, content, and URL filtering

Question 34

Purple Team

Answer 34

is a security methodology in which offensive security professionals (referred to as red teams) and Cyber Security Operations Centre (CSOC) professionals (referred to as blue teams) work closely together in order to enhance cyber capabilities through continuous feedback and knowledge transfer.

Question 35

Wardriving

Answer 35

cyber security is the act of looking for publicly accessible Wi-Fi networks, usually from a moving vehicle, using a laptop or smartphone.

Question 36

Warchalking

Answer 36

Warchalking is the drawing of chalk symbols in public places to indicate free Wi-Fi hotspots. Wi-Fi enthusiasts practice warchalking in rural and urban areas and usually draw warchalking symbols on objects near the Wi-Fi hotspot, like sidewalks, walls, or lamp posts.

Question 37

Active Reconnaissance

Answer 37

active reconnaissance involves more direct interaction with the target, albeit in a non-intrusive manner.21

Question 38

Hash Function

Answer 38

A hash function is a computational method that can map an indeterminate size of data into a fixed size of data. Or more plainly, it provides a number quantity that represents the input data.

Question 39

OSNIT

Answer 39

OSINT refers to the collection and analysis of free and publicly available threat intelligence information donated by multiple cybersecurity organizations and individuals.

Question 40

white team

Answer 40

A white team is a group of IT specialists tasked with overseeing red vs blue exercises

Question 41

Telemetry

Answer 41

. Telemetry is the process you use to gather information about your IT infrastructure

Question 42

asymmetric encryption

Answer 42

Asymmetric encryption is the process of using a public key from a public/private key pair to encrypt plaintext, and then using the corresponding private key to decrypt the ciphertext

Question 43

asymmetric algorthims

Answer 43

RSA, Diffie–Hellman, and Elliptic Curve Cryptography (ECC).

Question 44

symmetric algorthim

Answer 44

Data Encryption Standard (DES—56 bit), the Triple Data Encryption Standard (3DES—168 bit), and the more popular Advanced Encryption Standard (AES—256 bit)

Question 45

Key Longevity

Answer 45

: Key longevity refers to the duration over which cryptographic keys remain secure and effective in protecting sensitive data, making it imperative to periodically update keys to stay ahead of potential security threats. This is typically between one to two years.

Question 46

Key Length

Answer 46

The length of cryptographic keys is the measure of their resistance against attacks. A key’s length directly affects the complexity of deciphering encrypted data.

Question 47

Layer 1 Physical Layer

Answer 47

cabling

Question 48

Layer 2 Data Link

Answer 48

Switch /VLAN

Wireless Access Point (WAP)

MAC addresses

00-1A-2B-3C-4D-5E

ARP

Question 49

Layer 3 Network layer

Answer 49

Routers / Subnets

Layer 3 Switch

IP Addresses and routing of packets (e.g., 192.168.1.1

Question 50

Layer 4 Transport

Answer 50

Layer 4 Transport Layer

Load Balancer

TCP/UDP

Question 51

Layer 7 application

Answer 51

Layer 7 Application Layer

Web Application Firewall (WAF)

Network Intrusion Prevention System (NIPS)

Protocols: DNS, SMTP, HTT

Question 52

Switch

Answer 52

: A switch is an internal network device that links all machines in the local area network (LAN), see the following figure), maintaining a table known as Content Addressable Memory (CAM) with MAC addresses to identify connected hosts. Figure 10.2 is a visual representation of this device

Question 53

router

Answer 53

A router is a device used to connect two different networks when setting up a host machine, known as the default gateway. It is used by your company to give you access to other networks—for example, the internet. It

Question 54

VLAN

Answer 54

A VLAN is established through the software on a network switch. It allows you to group multiple network ports together, effectively creating a distinct and separate network within the larger network. This method of network division aids in controlling traffic flow and segregating communications for distinct functions or device groups

Question 55

SDN struture

Answer 55

Management Plane: The management plane orchestrates network intelligence effortlessly by monitoring the network traffic.
Control Plane: The control plane, often embodied by an SDN controller, serves as the network’s “brain.” It is a centralized entity that makes high-level decisions about traffic routing, network policies, and resource allocation, based on a set of rules set by administrators. This abstraction provides network administrators with a global, bird’s-eye view of the network and a single point from which to apply changes.
Data Plane: The data plane consists of network devices such as switches, routers, and access points. It is responsible for forwarding data packets based on the instructions received from the control plane. Unlike traditional networking, where control and data planes are tightly integrated, SDN separates them, allowing for programmable and dynamic control over the network’s behavior, including that of both resource allocation and security.

Question 56

Virtual desktop infrastructure,

Answer 56

is IT infrastructure that lets you access enterprise computer systems from almost any device

Question 57

Directory Traversal

Answer 57

Directory traversal is where the attacker aims to traverse the directory structure and access sensitive or confidential files that they should not have access to.

Question 58

Examples DIrectory Traversal

Answer 58

/etc/passwd

This file contains user account information, including usernames and hashed passwords. Accessing this file could potentially allow attackers to further compromise user accounts.

/etc/shadow

This file contains the encrypted password hashes for user accounts. Accessing this file would provide attackers with information that could help them crack passwords offline.

/etc

This is the system configuration directory. It contains various configuration files for system services and applications.

/var/www/html

These are web application directories where source code, configuration files, and potentially sensitive data could be stored.

Question 59

traversal examples

Answer 59

../../../../../

or %2f..%2f..%2f

or ..2f..2f..2f

This is a traversal attack. Seeing this in a log file or URL means that the attacker is moving up the directory. Each ../ means that they have moved up one level. %2f or ..2f could replace ../.

/root

This is the home directory of the root user, which may contain system-related files and configurations.

Question 60

Collison attack

Answer 60

Cryptography relies on the creation of unique signatures or hashes for data to ensure authenticity and integrity. A collision attack shatters this notion of uniqueness by manipulating the hash function. The attacker creates both a malicious and a benign document with the same hash.

Question 61

Concurrent session usage

Answer 61

Monitoring the number of concurrent user sessions can reveal suspicious activity. Sudden spikes or a significantly higher number of concurrent sessions than usual might indicate unauthorized access or a breach in progress.

Question 62

Cross Site injection

Answer 62

type of injection, in which malicious scripts are injected into otherwise benign and trusted websites.

Question 63

WEP

Answer 63

WEP (Wired Equivalent Privacy) is the oldest and most common Wi-Fi security protocol. It was the privacy component established in the IEEE 802.11, a set of technical standards that aimed to provide a wireless local area network (WLAN) with a comparable level of security to a wired local area network (LA

Question 64

WPA

Answer 64

WPA (Wi-Fi Protected Access) is a wireless security protocol released in 2003 to address the growing vulnerabilities of its predecessor, WEP.

Question 65

Offline Password attacks

Answer 65

This attack is where the attackers have managed to gain access to a system’s password storage and then attempt to crack them offline. For instance, they may download a copy of the /etc/shadow file from a Linux server or %SystemRoot%\System32\config\SAM from a Windows computer. The attacker can now take this home and track and crack the passwords in their own time without alerting the security team

Question 66

Log files

Answer 66

This attack is where the attackers have managed to gain access to a system’s password storage and then attempt to crack them offline. For instance, they may download a copy of the /etc/shadow file from a Linux server or %SystemRoot%\System32\config\SAM from a Windows computer. The attacker can now take this home and track and crack the passwords in their own time without alerting the security team

Question 67

Temporal Key Integrity Protocol (TKIP)

Answer 67

which dynamically generates a new key for each packet, or unit of data. TKIP is much more secure than the fixed-key system used by WEP.

Question 68

VLSM

Answer 68

VLSM allows network designers to give each subnet a different number of IP addresses, ultimately resulting in less network congestion and wasted IPs.

Question 69

EAP

Answer 69

EAP methods protect a specific portal so that only users with an authentication key or password can get network access. EAP uses the 802.1x standard as its authentication mechanism over a local area network or a wireless LAN (WLAN)

Question 70

sticky mac port

Answer 70

Sticky MAC addresses simplify the port security process by storing the MAC addresses of authorized devices.

Question 71

EAP-TLS

Answer 71

-TLS is a specific, secure version of wireless authentication that requires a certificate stored on the endpoint (client or device) to verify identity and authorization.

Question 72

PEAP

Answer 72

PEAP is a version of Extensible Authentication Protocol (EAP) that encapsulates and encrypts the EAP data using a certificate stored on the server, making it more secure for Wireless Local Area Networks (WLANs).

Question 73

EAP-TTLS

Answer 73

EAP-TTLS uses two phases. The first is to set up a secure session with the server by creating a tunnel using certificates that are stored on the server, and seen by the client. The second is to authenticate the client’s credentials.

Question 74

EAP-FAST

Answer 74

T: EAP-FAST, developed by Cisco, is used in wireless networks and point-to-point connections to perform session authentication. It is the only one of these authentication protocols that does not use a certificate.

Question 75

RAS Protocols

Answer 75

A remote access service (RAS) is any combination of hardware and software to enable the remote access tools or information that typically reside on a network of IT devices.

Question 76

IDS

Answer 76

The IDS is passive as it uses sensors and collectors to detect suspicious or unauthorized activities, sounding the alarm when potential threats are discovered. Both the IPS and IDS can be network-based, though, in these instances, they are known as NIDS and NIPS and can protect the network but not the host. The host versions of these systems are HIDS and HIPS. As expected, they can only protect the host and not the network.

Question 77

what does tacas encrypt

Answer 77

TACACS+ encrypts the entire packet content, ensuring a higher level of security.

Question 78

RADUIS ENCRYPTS?

Answer 78

RADIUS encrypts only the password in the access request packet.

Question 79

CER

Answer 79

: A critical metric for evaluating biometric systems before making a purchase, the CER represents the point where the FAR and FRR are equal. A lower CER indicates that the biometric system produces fewer errors, because both the FAR and FRR are low, and would be the best biometric system to purchase.

Question 80

hard authentication

Answer 80

A hard token is an electronic device that generates one-time passwords for logging into a computer system.

Question 81

Raduis how does it work

Answer 81

RaDIUS is a cornerstone in network security, particularly in remote access scenarios. RADIUS clients encompass a variety of devices, including wireless access points, routers, and switches. As these clients forward authentication requests to a RADIUS server, they necessitate a shared secret. This secret, known to both the RADIUS client and server, safeguards the exchange of sensitive data, bolstering the integrity of the authentication process.

Question 82

KBA

Answer 82

static KBA, which is based on a pre-agreed set of shared secrets, and dynamic KBA, which is based on questions generated from a wider base of personal information.

Question 83

Bluesnarfing

Answer 83

. Bluesnarfing, in contrast, is a malicious act that involves gaining unauthorized access to a Bluetooth-enabled device’s data (such as contacts, messages, or files) without the owner’s knowledge or consent.

Question 84

Telenet Port

Answer 84

Port 23 is the default Telnet port, and it is used for remote terminal emulation of both computers and devices

Question 85

Remediation Server

Answer 85

Remediation server: Positioned within the boundary or quarantine network, the remediation server plays a pivotal role. When a non-compliant device is redirected to this network, it gains access to the missing updates and patches from the remediation server. Once the device achieves a fully patched status, it is then permitted to access the LAN without compromising security.

Question 86

Evil Twin Attack

Answer 86

In an evil twin attack, the attacker uses either the same or a similar SSID to the victim. The telltale signs of this attack are a slower internet connection and the inability to access corporate data. This error occurs because you are actually on the wrong wireless network—one created by the attacker.

Question 87

Tethering

Answer 87

: Tethering is a connection method for mobile devices that bridges the gap between a GPS-enabled smartphone and other devices (a laptop, for instance) by providing them with internet access.

Question 88

Log File

Answer 88

Log files are text files that reside on every device, recording events as they happen. They contain a wealth of information about system events, errors, user interactions, and security incidents, acting as an audit trail by which an event can be tracked

Question 89

Server Message Block (SMB)

Answer 89

Windows proprietary protocol built on NetBIOS. Allows users to remotely access servers. Originally used port 139 over UDP.

Question 90

Hex Dump

Answer 90

In computing, a hex dump is a textual hexadecimal view of computer data, from memory or from a computer file or storage device. Looking at a hex dump of data is usually done in the context of either debugging, reverse engineering or digital forensics.
Users can inspect raw data, addresses, and corresponding characters

Question 91

NetFlow

Answer 91

NetFlow defines traffic flows based on shared characteristics, known as keys, and groups them into flow labels

Question 92

MOA(Memorandum of Agreement)

Answer 92

An MOA is legally binding. It meticulously outlines the terms and conditions and detailed roles and responsibilities of the parties involved. The

Question 93

MOU

Answer 93

: An MOU is a formal acknowledgment of a mutual agreement between two or more parties. It is more substantial than an informal agreement, reflecting a serious commitment from all involved parties, but generally lacks the binding enforceability of a legal contract. It serves primarily as a statement of intent.

Question 94

MSA

Answer 94

The MSA articulates the general terms and conditions governing a contractual relationship between the involved entities. It typically addresses aspects such as payment terms, dispute resolution mechanisms, intellectual property rights, confidentiality clauses, and liability provisions.

Question 95

BPA

Answer 95

A BPA is used between two companies who want to participate in a business venture to make a profit. It sets out how much each partner should contribute, their rights and responsibilities, the rules for the day-to-day running of the business, who makes the decisions, and how the profits are shared. It also establishes rules for termination of the partnership, either at a given point in time or if one of the partners dies or is otherwise unable or unwilling to continue their partnership.

Question 96

integer overflow

Answer 96

integer overflow occurs when an arithmetic operation on integers attempts to create a numeric value that is outside of the range that can be represented with a given number of digits

Question 97

Allowlist

Answer 97

The application allow list has a clear purpose, which is to specify a roster of approved applications that are permitted to execute while blocking unauthorized or potentially malicious software from gaining a foothold. This can be done by creating a whitelist, which is a list of approved applications that will deny access to any application not on the list.

Question 98

Reverse Proxy

Answer 98

The flow of traffic from a reverse proxy is incoming traffic from the internet coming into your company network. The reverse proxy is placed in a boundary network called the screened subnet. It performs the authentication and decryption of a secure session to enable it to filter the incoming traffic.

Question 99

active reconnaissance

Answer 99

active reconnaissance, an attacker actively probes and interacts with the target system to gather information

Question 100

DMZ

Answer 100

: The DMZ is an area that is neither fully trusted nor fully untrusted. It’s an intermediate zone that allows controlled access to certain services from the external network. Communication between the DMZ and the internal network might be subject to more stringent controls. This is also commonly known as a screened subnet, where resources that are accessed by untrusted and trusted networks reside.

Question 101

offensive security assessment

Answer 101

Offensive security is the practice of actively seeking out vulnerabilities in an organization’s cybersecurity.

Question 102

Sideloading

Answer 102

Sideloading is generally associated with Android devices utilizing Android Application Package (APK) files. While applications can also be sideloaded on Apple devices, the practice directly violates Apple’s terms and conditions and voids the device’s warranty.

Question 103

Rooting

Answer 103

Rooting allows users to bypass manufacturer or operating system restrictions on Android devices, providing more control over a device. This is commonly known as unlocking a device. This freedom, however, exposes the device to significant security risks.

Question 104

Logical security controls

Answer 104

restrict the access capabilities of users of the system and prevent unauthorized users from accessing the system

Question 105

Compensating controls

Answer 105

Compensating controls are alternative measures implemented when primary controls are not feasible or sufficient

Question 106

SLA

Answer 106

Defines service expectations and responsibilities

Question 107

DCHP port

Answer 107

Dynamic Host Configuration Protocol (DHCP) 67/68 UDP This network management protocol is used to assign multiple local private IP addresses from one public IPv4 address.

Question 108

Internet Message Access Protocol (IMAP) port

Answer 108

993 E-mail protocol used by e-mail clients to communicate with e-mail servers. Provides two way communication unlike POP.

Question 109

SMTPS

Answer 109

Simple Mail Transfer Protocol Secure (SMTPS) 587

Question 110

FTPS

Answer 110

File Transfer Protocol Secure (FTPS) 989/ 990 TCP FTPS uses TLS for encryption. It can run on ports 20/21 but is sometimes allocated to ports 989/990.

Question 111

Purple Team

Answer 111

purple team is a security team that combines offensive and defensive tactics to identify, assess, and mitigate security risks

Question 112

What is Nessus?

Answer 112

A remote scanning tool that can identify vulnerabilities that hackers can exploit

Question 113

Subjects Data Plane

Answer 113

Subjects in the data plane are the entities that initiate data communication,

Question 114

Systems in data plane

Answer 114

systems represent the collective infrastructure, resources, and devices that are responsible for processing and forwarding data packets as they traverse the network

Question 115

Heat Map

Answer 115

A heat map is a valuable tool in the hands of a network administrator when addressing reports of inadequate coverage. By visually pinpointing areas with subpar coverage on the map, administrators can efficiently identify potential issues, including malfunctioning WAPs
red and orange areas indicate good coverage,

Question 116

PSK

Answer 116

: PSK refers to a passphrase or a pre-shared secret key that is used to authenticate and secure access to a wireless network

Question 117

WPS

Answer 117

WPS: WPS allows you to connect to a wireless network by simply pushing a button, negating the need to insert a password each time.

Question 118

EAP-FAST

Answer 118

EAP-FAST, developed by Cisco, is used in wireless networks and point-to-point connections to perform session authentication. It is the only one of these authentication protocols that does not use a certificate.

Question 119

Secure Coding Practices

Answer 119

Secure coding practices are a set of guidelines and principles that software developers follow to write code in a way that prioritizes security and reduces the risk of vulnerabilities or weaknesses that could be exploited by attackers.

Question 120

IMAP port number

Answer 120

Internet Message Access Protocol (IMAP) 143, 993

Question 121

POP

Answer 121

110

Question 122

SMTP

Answer 122

Simple Mail Transfer Protocol (SMTP) 25/587Internet mail protocol used to send outgoing mail from email clients to mail servers.

Question 123

POP3/IMAP/SMTP

Answer 123

POP3 and IMAP are protocols for retrieving emails from a server, while SMTP is for transmitting emails

Question 124

POP3/IMAP

Answer 124

POP3 downloads all the emails simultaneously, while IMAP shows you the message header before downloading the email. POP3 downloads an email from the server and then deletes it. IMAP stores the email on the server and syncs it across several devices to access over multiple channels.

Question 125

POP3/IMAP

Answer 125

POP3 downloads emails from a server to a single computer, making those emails only accessible on that specific computer. IMAP stores emails on a server and then syncs them across multiple devices. IMAP is more advanced than POP3 and allows you to access your email from anywhere, and on any device.

Question 126

SMTP

Answer 126

Simple Mail Transfer Protocol (SMTP) used port 25. Today, SMTP should instead use port 587

Question 127

Bluejacking

Answer 127

Bluejacking is a type of attack in which individuals send unsolicited messages or business cards to nearby Bluetooth-enabled devices, such as smartphones or laptops

Question 128

PSK shared key

Answer 128

refers to a passphrase or a pre-shared secret key that is used to authenticate and secure access to a wireless network. Any time you visit a restaurant and ask the host for the wireless password, the password they provide is the PSK. Remember there is also an admin password on the WAP that you should never share.

Question 129

Password Spraying vs Brute Force

Answer 129

Traditional brute-force attacks target a single account with multiple possible passwords. A password spraying campaign targets multiple accounts with one password at a time.

Question 130

Stateful vs stateless

Answer 130

Stateful firewalls are capable of monitoring and detecting states of all traffic on a network to track and defend based on traffic patterns and flows. Stateless firewalls, however, only focus on individual packets, using preset rules to filter traffic