General Flashcards
What does a digital signature consist of?
Hash & Private Key
A type of OS characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems, is known as:
RTOS - A Real Time Operating System, commonly known as an RTOS, is a software component that rapidly switches between tasks, giving the impression that multiple programs are being executed at the same time on a single processing core.
IoT technology designed to provide communication between appliances in a home automation network?
Zigbee
Zigbee Definition - Zigbee is a wireless protocol that allows smart devices to communicate with each other over a Personal Area Network (PAN). Zigbee is used to link smart devices like lights, plugs, and smart locks to a home network.
A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called:
Screened subnet
An asymmetric encryption key designed to be used only for a single session or transaction is known as:
Ephemeral key
What are the characteristic features of a session key?
1) Used during a single session
2) Symmetric key
A mathematical operation that is easy and quick to complete, but extremely difficult to reverse.
Trap Door
A pseudorandom or random sequence of characters used to encrypt the first block of characters in the plaintext block.
used in block ciphers
initialization vector (IV)
A suite of security extensions for an Internet service that translates domain names into IP addresses is known as:
DNSSEC
A network protocol for secure file transfer over Secure Shell (SSH) is called:
SFTP
Secure File Transfer Protocol (SFTP) uses SSH and provides a secure way to transfer files between computers.
Which part of the IPsec protocol suite provides authentication and integrity?
AH
IPSec uses two distinct protocols, Authentication Header (AH) and Encapsulating Security Payload (ESP), which are defined by the IETF. The AH protocol provides a mechanism for authentication only. AH provides data integrity, data origin authentication, and an optional replay protection service.
POP3 is used for:
Email retrieval
Which protocol enables secure, real-time delivery of audio and video over an IP network?
SRTP
The practice of finding vulnerabilities in an application by feeding it incorrect input is called:
Fuzzing
Fuzzing is an application security testing technique that feeds invalid inputs to a software program to expose vulnerabilities.
What is “code signing?”
Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed
What is static code analysis?
a software verification activity that analyzes source code for quality, reliability, and security without executing the code
What is dynamic code analysis?
Dynamic code analysis is a form of black-box vulnerability scanning that allows software teams to scan running applications and identify vulnerabilities.
In computer security, a mechanism for safe execution of untested code or untrusted applications is referred to as:
Sandboxing
In active-active mode, load balancers distribute network traffic across:
All servers
802.1X is an IEEE standard for implementing:
Port-based NAC
In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide countermeasure against:
Replay attacks
Which protocol ensures the reliability of the Kerberos authentication process?
NTP
Network time Protocol, Port # 123
What is the function of a C2 server?
C2 = Command-and-Control
Botnet control
Remapping a domain name to a rogue IP address is an example of what kind of exploit?
DNS poisoning
In the context of MDM, the isolation of corporate applications and data from other parts of the mobile device is referred to as:
Containerization
The term “Rooting” refers to the capability of gaining administrative access to the operating system and system applications on:
Android devices
Mobile device updates delivered over a wireless connection are known as:
OTA
Over The Air
Which of the following answers refers to a trusted third-party service for validating user identity in a federated identity system?
IdP
IdP is an acronym for Identity Provider. It’s a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users
Installing mobile apps from websites and app stores other than the official marketplaces is referred to as:
Sideloading
Which technology enables establishing direct communication links between two USB devices?
OTG
It stands for USB on-the-go. It allows you to connect multiple mobile devices directly together without using any type of computer.
What is COPE?
COPE (corporate-owned personally enabled) is a business model in which an organization provides its employees with mobile computing devicesand allows the employees to use them as if they were personally owned notebook computers, tablets or smartphones.
Which of the answers listed below refers to an obsolete authentication protocol that sends passwords in cleartext?
PAP
CHAP
EAP
MS-CHAP
PAP
What is the PAP authentication method?
PAP, or password authentication protocol, is a point-to-point protocol (PPP) authentication method that uses passwords to validate users. It is an internet standard (RFC 1334), password-based authentication protocol. Using PAP, data is not encrypted. It is sent to the authentication server as plain text.
Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data?
SAML
OpenID Connect
Shibboleth
OAuth
SAML
OAuth is an open standard for:
Authorization
OpenID Connect is a protocol used for:
Authentication