Final Exam Flashcards

1
Q

What is CIA?

A

Confidentiality, Integrity, Availability. How do we keep something secret, how do we control modification, and how can we make sure that it can be accessed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is authentication? What are the four ways of validating?

A

What you know, what you are, where you are, something you have. It is the process of identifying someone’s identity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the three kinds of access models and what do they do?

A

Discretionary, mandatory, and role based. An individual sets the access control, the system sets access control and the individual can’t make edits, controls are based off of roles, not individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are examples of symmetric crypto?

A

AES, 3DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How many keys are used in Symmetric crypto?

A

1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How many keys are used in asymmetric crypto?

A

2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are examples of asymmetric crypto?

A

Sha, md5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Why can’t you unhash?

A

Because you run crypto with additional text so that everything gets mixed up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are some mitigation strategies that should be employed?

A

Whitelist applications. Find trusted applications that need to be used and block all others. Patch applications within two days of finding risks. Patch the operating system within two days of finding risks, and minimize the number of users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are the PII Principals? (7)

A
Notice
Purpose
Consent
Security
Disclosure
Access
Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the top Owasp threats

A

Injections, Broken authentication, cross-site scripting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can you protect your wifi

A

Use WPA2 instead of WEP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is the internet of things?

A

Connection of physical things to the internet. RFID, security cameras, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How can we create a risk assessment for heartbleed?

A

Use Dread and Fair

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

How did the NSA use testing to find heartbleed in 2013?

A

s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are some problems with wireless?

A

There are no physical protections, you dont know if you are being watched, you can blutooth snarf from up to a mile away, can air bridge gapped networks, mobile devices can be multi homed, lots of easy to use attacks

17
Q

How can you protect tokens?

A

Expiration times, limited types of uses, limited number of uses, sign/encrypt, use standard formats

18
Q

Is open source more secure?

A

Depends, there are more eyes looking at the code but the code is open. They are usually more security minded but there is less funding for security

19
Q

What is DREAD?

A
Damage potential
Reproducability
Exploitability
Affected users
Discoverability
20
Q

How does the FAIR model calculate risk?

A

(Threat event frequency * Threat capability * Control strength) * Estimated probable loss

21
Q

What is stride?

A

Spoofing, tampering, repudiation, information disclosure, denial of service, elevation of privilege

22
Q

What does stride use to compare to?

A

Data flows, data stores, processors, interactors

23
Q

What is GRC?

A

Governance, risk management, compliance

24
Q

Biometric characteristics

A

Uniqueness, permanence, collectability, performance, acceptibility, circumvention

25
Q

What is the minimal response plan?

A
Detect
analyze
contain or eradicate
provide workarounds
prevent re-infection
log events
preserve evidence 
conduct a post-mortem
apply lessons learned
26
Q

What is IPS/IDS

A

Intrusion detection and protection. They are mostly meant to detect problems rather than actually fix them

27
Q

Token protections

A
expiration time
limited usages
sign/ encrypt
rng
use saml
28
Q

Tokens

A

handle - reference or artifact
assertion - directly validated
bearer - used by any client (bonds)
proof - specific client