host and application security solutions

Question 1

A _____is also software located on the host system. It can log and notify admins or users about intrusion attempts without an active response, like denying or blocking.

Answer 1

Host-based Intrusion Detection System (HIDS)

Question 2

_____ means that all or part of the data in a field is replaced with a randomly generated token or number.

Answer 2

Tokenization

Question 3

_____ verifies application code has not been modified by the use of digital signatures

Answer 3

Code signing

Question 4

_____ occur when multiple applications attempt to access the same resource at the same time causing a conflict.

Answer 4

Race conditions

Question 5

_____ is a dynamic analysis technique that checks code as it is running. When using _____, the system is attacked with random data to check for code vulnerabilities.

Answer 5

Fuzzing - also known as Dynamic analysis

Question 6

A _____ examines code quality and effectiveness without executing the code

Answer 6

static code analyzer

An analyzer can be used in conjunction with development for continued code quality checks, or once the code is in its finalization stages.

Question 7

_____ allows the merging of code changes into a central repository. The code is built and tested each time it is checked into the environment, providing a more efficient method to code production.

Answer 7

Continuous integration

Question 8

_____ attempts to simulate a production environment and focuses on the objective and threshold that an application can handle while maintaining performance.

Answer 8

Stress testing

Question 9

A trusted, or _____ process uses the trusted platform module (TPM) at each stage in the boot process to check hashes of key system state data, which then uses an attestation process to verify if the system has not been tampered with.

Answer 9

measured boot

Question 10

An _____ product provides real-time and historical visibility into the compromise, contains the malware, and facilitates remediation of the host to its original state.

Answer 10

endpoint detection and response (EDR)

Question 11

_____ provide threat detection and prevent those threats based on signature values, heuristic behaviors, and security policies.

Answer 11

Host intrusion prevention systems (HIPS)

Question 12

_____ is a specification for a software program that connects a computer’s firmware to its operating system

Answer 12

Unified Extensible Firmware Interface (UEFI)

UEFI is the replacement for Basic Input/Output System (BIOS) and has many advancements to include provisions for secure booting.

Question 13

The _____ is firmware used to manipulate settings on a system. It provides basic instructions on how a system should start up.

Answer 13

Basic Input/Output System (BIOS)

Question 14

_____ is the process of checking and validating system files during a boot process.

Answer 14

Attestation

Question 15

A _____ includes both the hardware and software to encrypt data on a drive. Keys are securely stored within for decryption. ___ requires credentials to be entered for decryption.

Answer 15

self-encrypting drive (SED)

Question 16

_____ provides encryption for a whole disk and protects the confidentiality of the data.

Answer 16

Full disk encryption (FDE)

Question 17

_____ are radio frequencies emitted by external sources, such as power lines that disturb signals.

Answer 17

Electromagnetic interference (EMI)

EMI can be avoided by the use of shielding.

Question 18

The _____ environment mimics that of production and allows for an environment to practice deployment

Answer 18

staging

Question 19

The _____ environment is the final stage of the deployment effort. Testing in this environment would be too late, given it is the operational environment.

Answer 19

production

Question 20

The _____ environment is a place for creation. Requirements are turned into reality in this environment. It is not a complete copy of production, but just the beginning of an application.

Answer 20

development