General Security Concepts

Question 1

What are the four main control categories?

Answer 1

Technical, Managerial, Operational, and Physical.

Chapter 1

Question 2

What are Technical Controls?

Answer 2

Technology-based measures such as firewalls and encryption.
Their primary focus is on upholding system integrity, mitigating the risk of unauthorized access, and protecting sensitive data from potential threats.

REMINDER: Technical controls mitigate risk and are implemented by the security team.

Chapter 1

Question 3

What are Managerial Controls?

Answer 3

Policies, procedures, and guidelines for security management.
Through effective planning, organizing, and performance monitoring, managerial controls ensure that employees are aligned with the organization’s goals, thereby minimizing the potential for risks and enhancing overall operational safety.
Performance reviews
Risk assessments
Code of conduct

Chapter 1

Question 4

What are Operational Controls?

Answer 4

Day-to-day security practices such as monitoring and access management.

They involve managing operational procedures, ensuring adherence to quality standards, enhancing productivity, and optimizing efficiency. Carried out by people within the organization who play a crucial role in achieving smooth operations and maximizing output.
Incident response procedures
Security awareness training
User access management

Chapter 1

Question 5

What are Physical Controls?

Answer 5

Measures to safeguard physical assets and premises

Physical Controls focus on the protection of an organization’s tangible assets, facilities, and resources.
Access control vestibule
Biometric locks
Guards/security personnel
Security fences
CCTV surveillance systems
Mantraps
Vehicle barriers
Tamper-evident seals

REMINDER: Physical controls are called physical as you can touch them.

Chapter 1

Question 6

What are the six control types?

Answer 6

Preventive, Deterrent, Detective, Corrective, Compensating, and Directive.

Chapter 1

Question 7

What are Preventive controls?

Answer 7

Aimed at preventing security incidents.

These controls are designed to prevent problems or risks from occurring in the first place. They focus on eliminating or minimizing potential threats before they can cause harm. Examples of preventative controls include firewall installations to prevent unauthorized access to computer networks by using access control lists,employee training programs to educate staff about safety procedures and prevent workplace accidents, and quality control checks in the manufacturing process to prevent defects.

REMINDER: Ensure that you study preventive, detective, deterrent, and compensating controls thoroughly.

Chapter 1

Question 8

What are Deterrent controls?

Answer 8

Intended to discourage potential attackers.

Deterrent controls aim to discourage individuals from engaging in undesirable behaviors or activities. They create a perception of risk or negative consequences to deter potential offenders. Examples of deterrent controls include surveillance cameras in public areas to deter criminal activity, warning signs indicating the presence of a security system to discourage burglars, and strong passwords and multi-factor authentication to discourage unauthorized access to online accounts.

REMINDER: Ensure that you study preventive, detective, deterrent, and compensating controls thoroughly.

Chapter 1

Question 9

What are Detective controls? Give some examples.

Answer 9

Focused on identifying and detecting security incidents.

Detective controls are implemented to identify and detect problems or risks that have already occurred. They help uncover issues and anomalies promptly to initiate corrective actions. Examples of detective controls include fraud and Security Information and Event Management (SIEM) systems that aggregate and correlate log data from multiple sources, providing a comprehensive view of network activities and enabling the detection of suspicious patterns or behaviors.

REMINDER: Ensure that you study preventive, detective, deterrent, and compensating controls thoroughly.

Chapter 1

Question 10

What are Corrective controls? Give some examples.

Answer 10

Implemented after an incident to mitigate the impact.

Corrective controls are put in place to address problems or risks after they have been identified. They aim to rectify the situation, mitigate the impact, and restore normalcy. Examples of corrective controls include implementing a backup and recovery system to restore data after a system failure and implementing fixes or patches to address software vulnerabilities.

Chapter 1

Question 11

What are Compensating controls? Give some examples.

Answer 11

Compensating controls are alternative measures implemented when primary controls are not feasible or sufficient. They help offset the limitations or deficiencies of other controls. Examples of compensating controls include requiring additional layers of approval for financial transactions in the absence of automated control systems, utilizing a secondary authentication method when the primary method fails or is unavailable, and increasing physical security measures when technical controls are compromised.

Chapter 1

Question 12

What are Directive controls? Give some examples.

Answer 12

Alternative measures to compensate for inadequate primary controls.

Directive controls involve providing specific instructions or guidelines to ensure compliance with policies, procedures, or regulations. They establish a clear framework for employees to follow. Examples of directive controls include a code of conduct or ethical guidelines that outline acceptable behavior within an organization, standard operating procedures (SOPs) that detail step by-step instructions for completing tasks, and regulatory requirements that mandate specific reporting procedures for financial institutions.

Chapter 1

Question 13

Describe the CIA Triad?

Answer 13

Confidentiality: Confidentiality ensures that sensitive information remains shielded from prying eyes and that access is granted solely to those with the appropriate authorization. Confidentiality safeguards trade secrets, personal data, and any confidential information that requires a digital lock and key.

Integrity: Integrity ensures that your data remains unaltered and trustworthy. It prevents unauthorized changes or manipulations to your information, maintaining its accuracy and reliability. Hashing algorithms such as SHA1 or MD5 provide data integrity.

Availability: This principle guarantees that your digital assets and services are accessible when needed. Availability ensures that your systems are up and running, that your data can be accessed promptly, and that your online services remain accessible.

Chapter 2

Question 14

What is non-repudiation?

Answer 14

Non-repudiation prevents denial of actions, ensuring accountability and reliability in electronic transactions and communications.

Digital signatures
Audit trails
Access controls
* Identification
* Authentication
* Authorization

REMINDER:Non-repudiation prevents denial of carrying out an action. A digital signature on an email proves that you sent the email; you cannot deny that you sent the email.

Chapter 2

Question 15

What is an AAA server?

Answer 15

AAA server is responsible for three important tasks: authentication, authorization, and accounting.
Authenticating people: This pivotal process revolves around the meticulous verification of the identities of individuals endeavoring to gain entry into a network or system. Through this authentication procedure, the assurance that solely authorized users are endowed with access privileges is solidified, effectively neutralizing the prospect of potential security breaches. An AAA server collaborates with various authentication methods, including contacting a domain controller in the context of Windows-based networks. When a user initiates an authentication request, the AAA server interfaces with the domain controller, a specialized server responsible for managing user accounts and authentication within a Windows domain environment.
Authenticating systems: At the forefront of modern authentication strategies stand the AAA framework and the 802.1X protocol. This partnership empowers network security by seamlessly integrating a robust authentication process. 802.1X takes the lead in authenticating devices seeking access to a network, and each device must have a valid
certificate on its endpoint.
Authorization models: Controls access permissions. Once a user or system is authenticated, the next layer involves determining what actions they are allowed to perform within the network. Authorization models define the scope of permissible activities.
Accounting: This process involves capturing essential details such as usernames, timestamps, IP addresses, accessed resources, and actions performed. This data is then stored securely, ensuring its integrity and confidentiality. The accounting information can be used for real-time monitoring, historical analysis, and generating reports for compliance or troubleshooting purposes.

Chapter 2

Question 16

Define Gap Analysis.

Answer 16

Helps you achieve the desired state security.

Gap analysis is a strategic process that evaluates an organization’s security practices against established security standards, regulations, and industry best practices. This assessment identifies discrepancies or “gaps” between the current security posture and the desired state of security.

Chapter 2

Question 17

What is Zero Trust?

Answer 17

Principle of “never trust, always verify”
The underlying principle is to minimize assumptions and maximize validation. The separation of data and control planes recognizes that efficient and secure networking demands distinct roles. The data plane ensures the efficient movement of information, while the control plane manages the intelligence behind data routing, network health, and device coordination.

Chapter 2

Question 18

Describe the function of the Control Plane.

Answer 18

Manages and configures network devices and resources
* Adaptive identity:Flexible approach to identity management
* Threat scope reduction:Reducing the attack surface
* Policy engine:Enforces rules and policies
* Policy administrator:Executes the policy engine’s decisions
* Policy-driven access control: Automating the enforcement of directives

REMINDER: The policy engine looks at company policies coupled with threat intelligence data to control access to the network on a per-user basis.

Chapter 2

Question 19

Describe the function of the Data Plane.

Answer 19

The data plane in cybersecurity is the operational core responsible for the actual movement and forwarding of data packets within a network. It focuses on executing tasks such as securely routing, switching, and packet forwarding based on predefined rules and policies.

• Implicit trust zones:Trusted areas holding resources
• Subject/system:Identifies people/devices
• Policy enforcement point: Monitors and enforces policies within the data plane

Chapter 2

Question 20

What are some types of physical security controls?

There are 12

Answer 20

Protects people, assets, and infrastructure from threats:
* Bollards: A barrier against vehicular threats
* Access control vestibule: A controlled space for individuals to pass through
* Fencing:Secures the perimeter against intrusions
* Video surveillance:Visual monitoring using cameras for security and surveillance purposes
* Security guard:Acts as a deterrent and responds to security threats
* Access badge:Grants authorized individuals entry to specific areas, enhancing security and restricting unauthorized access
* Lighting: Illuminates areas to deter intruders, and enhances surveillance
* Sensors: Detects intrusions and disturbances to fortify physical security
* Infrared:Detects heat signature changes, identifying human presence
* Pressure: Senses changes in force and translating them into electronic signals
* Microwave: Emits microwave pulses and detects frequency alterations caused by moving objects
* Ultrasonic: Sends out pulses of sound waves and measuring the time it takes for them to return

Chapter 2

Question 21

What are the four types of deception and disruption technology?

Answer 21

Honeypot: Lures attackers so that we can monitor the latest attack methods
Honeynet: A network of honeypots
Honeyfile: Bait file designed to detect and track unauthorized access attempts discreetly
Honeytoken: Fictitious data or credentials placed as a trap to detect unauthorized access

Chapter 2

Question 22

What is a Change Advisory Board’s (CAB) responsibility?

Answer 22

Business processes impacting security operation

Responsible for evaluating, prioritizing, and sanctioning changes. The CAB helps prioritize changes and evaluates their financial impact on a company. They decide whether to approve or reject proposed changes that can affect business processes and security operations. It starts with the approval process and the clear clarification of ownership to engaging stakeholders, conducting impact analyses, assessing test results, devising backout plans, orchestrating maintenance windows, and adhering to standard
operating procedures.

Chapter 3

Question 23

What is the purpose of the approval process in regards to a CAB?

Answer 23

Having the project and budget authorized

The approval process looks at the proposed change and the reasons behind it (for example, due to new technology or more stringent regulations). This change is sent to any affected stakeholders for input. This way, the approval process ensures that the project’s direction aligns with the organization’s goals. Following approval, those changes are thoroughly documented so that they can be tracked once completed.

REMINDER: Before a network administrator can make changes to any network device, they must seek approval from the CAB to ensure the changes are aligned with the organization’s goals.

Chapter 3

Question 24

In change management, what is Ownership?

Answer 24

Someone who is responsible for a security task

Ownership in change management refers to a person within a department who has asked for a change and will be responsible for ensuring that it is carried out effectively.

Chapter 3

Question 25

In change management, what are stakeholders?

Answer 25

Stakeholders are individuals, groups, or entities that have a vested interest (or stake) in a company’s operations, activities, or outcomes. They can significantly influence or be influenced by the company’s decisions, actions, and performance.

Chapter 3

Question 26

In Change Management procees, what is an impact analysis, test results, backout plan, maintenance window, and standard operating procedure?

Answer 26

Impact analysis: Consider the implications of any change
Test results: Testing new security measures
Backout plan: Having a rollback option
Maintenance window: Where scheduled changes are implemented
Standard operating procedure: Rulebook on how to carry out tasks

Chapter 3

Question 27

Technical implications of changes

There are 7

Answer 27

Allow lists/deny lists:Allow or deny a user/device
Restricted activities: Activities that can cause harm
Downtime: Impacts a pause in activities
Service restart:Can cause disruption to a system
Application restart: Weakness that can emerge on restart
Legacy applications:Vulnerabilities on older applications no longer supported
Dependencies: Services, system drivers, and interconnections that are intertwined

Chapter 3

Question 28

Why documentation is important to update when making changes and why?

Answer 28

Identify changes made and by whom:
* Updating diagrams: Outlines your current environment
* Updating policies/procedures: Reflect changes that are pivotal to maintain a secure environment

Chapter 3

Question 29

What is Version Control?

Answer 29

Tracks changes to documents and projects.

Chapter 3

Question 30

Describe the Public Key Infrarchitecture (PKI).

Answer 30

Public key: Used for encryption and validation of digital signatures
Private key: Used for decryption and digital signatures
Key escrow: Stores cryptographic keys

The public key is designed for widespread dissemination and can be freely shared without compromising security. The role of the public key is to encrypt data and validate digital signatures.
The primary function of the private key is decryption. The private key must be kept confidential and secure to prevent unauthorized access. It is retained and never distributed.The private key is also employed to generate digital signatures. A digital signature serves as a cryptographic “seal of authenticity” for digital content. By signing data with their private key, the sender creates a unique digital signature that’s inseparably tied to the content. Recipients can verify the sender’s identity and the content’s integrity by using the sender’s public key to validate the signature.
Key escrow is a trusted third party responsible for securely storing copies of cryptographic keys. This serves as a safety net in scenarios where the original key holder loses access to their private key due to various reasons.

Chapter 4

Question 31

What is encryption?

Answer 31

Changing plaintext into ciphertext
Encryption involves the transformation of plain, readable data (plaintext) into an encoded, unreadable format (ciphertext) through a designated algorithm and cryptographic key. The higher number of bits is more secure, as the key increases the complexity and number of possible combinations, but it takes more compute time.

Chapter 4

Question 32

What is meant by “level” in regards to encryption?

Answer 32

The scope or layer at which encryption is applied

Chapter 4

Question 33

What are the four types of storage device encryptions?

Answer 33

Full disk: Encrypts a full disk
Partition: Encrypts a single partition
File: Encrypts individual files
Volume: Encrypts a single volume

Chapter 4

Question 34

What are the two types of Database encryption?

Answer 34

Database: Encrypts a database
Record: Encrypts a single database record

Chapter 4

Question 35

What type of encryption is used for transport/communication?

Answer 35

Transport Layer Security, (TLS), often referred to as its predecessor, Secure Sockets Layer (SSL), serves as a securecommunication protocol that establishes a safe and encrypted connection between two communicating systems. It works with the standard TCP/IP protocol, acting as a protective shield for the data being transmitted.

Chapter 4

Question 36

Describe the four steps in the TLS process.

Answer 36

1. Handshake: The sender and receiver initiate a handshake, during which they agree on encryption parameters, exchange cryptographic keys, and authenticate each other’s identity.
2. Encryption: Once the handshake is complete, the actual data transmission begins. The data is encrypted using symmetric encryption keys, ensuring that only the authorized recipient possesses the means to decipher it.
3. Transmission: The encrypted data traverses the internet’s various networks and routers, shielding it from prying eyes and potential eavesdroppers.
4. Decryption: Upon reaching the intended recipient, the data is decrypted using the same symmetric key. This process ensures that only the recipient can access the original, meaningful information.

Chapter 4

Question 37

What is asymmetric encryption?

Answer 37

Uses two keys, a private key and a public key

There are two keys, the private and the public keys, each of which has a unique role. The private key remains confidential and closely guarded by the entity it belongs to. The role of the private key is to decrypt data and generate digital signatures to help provide non-repudiation. In contrast, the public key is intended to be shared openly with anyone who wishes to communicate securely with the key holder. The role of the public key is to encrypt data and validate digital signatures. While asymmetric encryption excels in secure key exchange and digital signatures, its inefficiency becomes apparent when attempting to encrypt large volumes of data.

Examples of asymmetric algorithms include RSA, Diffie–Hellman, and Elliptic Curve Cryptography (ECC).

Chapter 4

Question 38

What is symmetric encryption?

Answer 38

Uses one key and encrypts a large amount of data using block cipher

Symmetric encryption employs a single key and block cipher to safeguard vast volumes of data, ensuring both security and expedience. It is used to encrypt data using a block cipher where the packet, or block of data, is a fixed length. If the data cannot fill the whole packet, then padding is added.

Examples of symmetric algorithms are the Data Encryption Standard (DES—56 bit), the Triple Data Encryption Standard (3DES—168 bit), and the more popular Advanced Encryption Standard (AES—256 bit).

Chapter 4

Question 39

Key exchange

Answer 39

Delivers cryptographic keys from a sender to a receiver

Key exchange is the art of securely delivering cryptographic keys from sender to receiver. We cannot encrypt data without performing a public key exchange first. Techniques such as Diffie–Hellman key exchange allow parties to agree upon a shared secret key, even when communicating over insecure channels. This creates a secure tunnel for the data to move across.

Chapter 4

Question 40

What are Algorithms in relation to encryption?

Answer 40

Employs intricate mathematical operations to ensure the irreversibility of encryption

At the heart of encryption lie the algorithms that transform plaintext into a jumble of characters (ciphertext). From RSA to AES, these algorithms are the secret sauce, employing intricate mathematical operations to ensure the irreversibility of encryption. Their complexity stands as an insurmountable wall against brute-force attacks.

Chapter 4

Question 41

What is the importance of Key length in cryptology?

Answer 41

The length of cryptographic keys impacts resistance against attacks

The length of cryptographic keys is the measure of their resistance against attacks. A key’s length directly affects the complexity of deciphering encrypted data. Longer keys equate to more formidable defenses due to complexity. In a world of rapidly advancing computational power, key length becomes a crucial factor in thwarting malicious attempts.

Chapter 4

Question 42

What is the purpose of a Trusted Platform Module (TPM)?

Answer 42

A TPM ensures the integrity of the system boot process

TPM is a hardware-based security component integrated into computers and devices. It generates, stores, and manages cryptographic keys in a secure environment. A TPM ensures the integrity of system boot processes, offers hardware-based authentication, and supports encryption tasks. It’s used to enhance system security by safeguarding
cryptographic keys and enabling secure device bootups.

Chapter 4

Question 43

What is the purpose of a Hardware Security Module (HSM)?

Answer 43

A highly secure environment for the storage of cryptographic keys

An HSM is a physical device designed to manage cryptographic keys and perform encryption and decryption operations. HSMs provide a highly secure environment for key storage and cryptographic operations, protecting sensitive data from both external and internal threats. They are commonly used in industries such as finance, healthcare, and e-commerce to ensure the security of critical cryptographic operations.

Chapter 4

Question 44

What is a key management system?

Answer 44

*Software solution used to create, manage, and store cryptographic keys *

A key management system is a software solution used to create, manage, and store cryptographic keys. It offers centralized control over key life cycle management, including key generation, distribution, rotation, and revocation. Key management systems play a crucial role in maintaining the security and accessibility of cryptographic keys, which are essential for encryption, authentication, and digital signatures.

Chapter 4

Question 45

What is a server enclave used for?

Answer 45

*Used to protect user data, biometric information, and cryptographic keys from potential softwarebased attacks *

A secure enclave is a hardware-based security feature found in modern processors, such as Apple’s T2 chip. It provides a separate and isolated environment for secure operations, such as storing sensitive data and executing cryptographic operations. Secure enclaves are used to protect user data, biometric information, and cryptographic keys from potential software-based attacks.

Chapter 4

Question 46

What is obfuscation? What are the three types of obfuscation?.

Answer 46

Deliberately obscuring code that makes it difficult for the attacker to understand it

Obfuscation involves deliberately making code, data, or information more complex and difficult to understand. By obscuring the true nature of code, obfuscation adds an extra layer of defense, making it harder for malicious actors to decipher and exploit vulnerabilities.

Steganography: Hiding data inside data, image, or audio files. Allowing sensitive information to be hidden within seemingly innocuous data, such as images or audio files. By subtly altering the digital content, steganography ensures that unauthorized eyes are oblivious to the presence of hidden messages. This technique finds applications in covert communication and digital watermarking.

Tokenization: Transforming sensitive data into unique tokens that hold no inherent value. Tokenization acts as a digital locksmith, transforming sensitive data into unique tokens that hold no inherent value. When a transaction occurs, the token is used instead of the original data, reducing the risk associated with handling sensitive information. Tokenization enhances security by minimizing the exposure of actual data.

Data masking: Disguising sensitive data by replacing original values with fictitious ones Data masking involves disguising sensitive data by replacing original values with fictitious ones.

Chapter 4

Question 47

What is a hash value and how is it created?

Answer 47

Used for data integrity and password security.

A hash value is a condensed representation of input data generated by a hash function. It appears as a seemingly random string of characters, regardless of the original data’s size.hash values adhere to a specific format that comprises key attributes determined by the hashing algorithm. It is a one-way function, so you cannot undo a hash to find the information it was created from. Regardless of the input’s length, a hash function produces a hash value of a fixed size.

Chapter 4

Question 48

What are the two most common hashing algorithms?

Answer 48

SHA1 (160-bit) and MD5 (128-bit).

Chapter 4

Question 49

What is salting?

Answer 49

*Adding random values to a credential. *

“Salting” refers to the technique of adding random data (or a “salt”) to passwords before they are hashed and stored.By introducing an element of unpredictability, salting significantly increases the amount of effort for hackers attempting to crack hashed passwords,

Chapter 4

Question 50

What do Digital Signatures ensure?

Answer 50

*Ensures the authenticity, integrity, and nonrepudiation of a document. *

A digital signature is an electronic equivalent of a handwritten signature in that it is uniquely tied to the signer and the content being signed. It goes beyond a mere image, involving
cryptographic techniques that ensure the authenticity, integrity, and non-repudiation of a document. In simpler terms, a digital signature assures that the document hasn’t been tampered with and that the signer cannot deny their involvement.

A signer uses their private key to generate a unique code (or “signature”) that is specific to the document. This code is then attached to the document, verifying its authenticity and
preventing alterations. The recipient can use the signer’s public key to validate the signature, ensuring the document’s integrity and origin.

Chapter 4

Question 51

What is key stretching?

Answer 51

A cryptographic technique designed to transform a password into a longer, more complex key.

Key stretching is a cryptographic technique designed to transform a password into a longer, more complex key. The objective is to slow down the process of deriving the original password, making it computationally infeasible for attackers to break into a system by brute force or dictionary attacks.

Chapter 4

Question 52

What is a blockchain?

Answer 52

*A decentralized digital ledger for secure transaction. *

This digital ledger thrives on data batches called blocks that are distributed across countless computers, a strategy that ensures security through decentralization. To tamper with it is futile, as altering data necessitates changing copies on every computer—a security strategy that works on safety in numbers.

Chapter 4

Question 53

What is the blockchain open public ledger?

Answer 53

A shared transparent record accessible to all for verifying transactions.

* Decentralization: Unlike traditional centralized databases (in which a single entity controls the ledger), the open public ledger is decentralized. Multiple copies of the ledger are distributed across nodes (i.e., computers) within a blockchain network.
* Security: Tampering with the ledger is immensely challenging, due to the decentralized and cryptographic nature of the system.
* Transaction recording: When a transaction occurs, it’s broadcast to a network, where it is recorded. Network participants verify the transaction’s validity, ensuring it adheres to the predefined rules of the blockchain.
* Consensus mechanisms: To maintain the accuracy and integrity of the ledger, consensus mechanisms such as proof of work or proof of stake are employed. These mechanisms ensure that the network participants agree on the legitimacy of transactions before they are added to the ledger.
* * Immutable and chronological: Once a transaction is validated and added to the ledger, it becomes a permanent part of the chain. Each block in the chain contains a reference to the previous block, creating a chronological sequence that’s virtually tamper-proof.
* Transparency: The open nature of the ledger means that anyone can verify transactions independently. This transparency fosters trust and accountability within a network.

Chapter 4

Question 54

What is a Certificat Authority (CA)?

Answer 54

Trusted entities issuing and verifying digital certificates for secure online communication.

They validate digital identities using cryptographic keys, ensuring the websites we visit and the data we share are genuine. At the core of this process lies the root key, which is used to sign certificates. This process not only validates certificates but also links to the root key, creating an unbreakable trust chain

Chapter 4

Question 55

What are Certificate Revocation Lists (CRLs)?

Answer 55

Catalogs of invalidated digital certificates, ensuring security.

Chapter 4

Question 56

What is Online Certificate Status Protocol (OCSP)?

Answer 56

*Real-time checks of digital certificate validity. *

The OCSP addresses some of the shortcomings of CRLs, one of which is its speed. OCSP is comparatively much faster. While CRLs could spend time downloading a potentially large list, OCSP enables real-time certificate validation by allowing systems to query the CA’s server directly. When a digital certificate’s validity needs to be checked, a request is sent to the CA’s OCSP responder, and a response is received indicating whether the certificate is still valid, revoked, or has expired.

Chapter 4

Question 57

What is a self-signed certificate?

Answer 57

A self-generated digital certificate lacking thirdparty validation, for internal use only.

A self-signed certificate is a digital certificate that is generated and signed by the same entity it is issued to. Unlike certificates issued by trusted third-party CAs, self-signed certificates are not verified by an external authority. This means that the entity creating the certificate is attesting to its own identity without any external validation.

Chapter 4

Question 58

What are third-party certificates?

Answer 58

Public-facing certificates issued by external entities to verify the authenticity of data.

They’re issued by CAs, who verify that a website or service is genuine. Unlike homemade IDs, these certificates are recognized globally, like self-signed certificates, making them trustworthy. If you trade on the internet, then you need trusted third-party certificates on your website. Some examples of third parties that sell certificates are DigiCert, GlobalSign, GeoTrust, and Thawte.

Chapter 4

Question 59

Concerning certificates, what is a Certificate Signing Request (CSR) generation?

Answer 59

A new certificate request.

When an individual or organization seeks to obtain a digital certificate from a trusted CA, they generate a CSR. This file encapsulates essential details such as the entity’s name, domain, and a public key. Just as an architect designs a blueprint before constructing a building, a CSR outlines the key elements needed to verify the requester’s identity and construct a trustworthy digital certificate.

Chapter 4

Question 60

What is Root of Trust?

Answer 60

Verify its authenticity by checking the certificate’s chain of trust

Chapter 4

Question 61

What is a Wildcard certificate?

Answer 61

A single certificate securing multiple servers using the same domain name.

For a wildcard certificate for a domain called securityplus.training, the wildcard certification would be .securityplus.training on multiple public-facing web servers. A single wildcard certificate can be installed on multiple servers within the same domain, thereby reducing the cost of purchasing multiple certificates.

Chapter 4