Idk Flashcards by Caps Arris

A legal contract between the holder of confidential information and another person to whom that information is disclosed, prohibiting that other person from disclosing the confidential information to any other party is known as:

NDA

How well did you know this?

Not at all

Perfectly

A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is referred to as:

AUP

How well did you know this?

Not at all

Perfectly

Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?

RTO

Recovery Time Objective

How well did you know this?

Not at all

Perfectly

In business continuity planning, the maximum tolerable point in time to which systems and data must be recovered after an outage is called:

RPO

Recovery Point Objective

How well did you know this?

Not at all

Perfectly

Which of the following terms is used to describe an average time required to repair a failed component or device?

MTTR

Mean Time To Recovery

How well did you know this?

Not at all

Perfectly

Which term describes the predicted loss of value to an asset based on a single security incident?

SLE

Single Loss Expectancy

How well did you know this?

Not at all

Perfectly

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?

ALE

Annual Loss Expectancy

How well did you know this?

Not at all

Perfectly

An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:

ARO

Annualized Rate of Occurrence

How well did you know this?

Not at all

Perfectly

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.

ARO

Annualized Rate of Occurrence

How well did you know this?

Not at all

Perfectly

In forensic analysis, taking hashes ensures that the collected digital evidence retains:

Integrity

How well did you know this?

Not at all

Perfectly

Disabling certain system functions or shutting down the system when risks are identified is an example of:

Risk Avoidance

How well did you know this?

Not at all

Perfectly

Contracting out a specialized technical component when the company’s employees lack the necessary skills is an example of:

Risk Transference

How well did you know this?

Not at all

Perfectly

Which of the following terms relates closely to the concept of residual risk?

Risk Acceptance

How well did you know this?

Not at all

Perfectly

Assessment of risk probability and its impact based on subjective judgment falls into the category of:

Qualitative Risk Assessment

How well did you know this?

Not at all

Perfectly

Quantitative Risk Assessment

A calculation of the Single Loss Expectancy (SLE) is an example of:

How well did you know this?

Not at all

Perfectly

Which of the following would be of help in preserving the integrity of a digital evidence? (Select 2 answers)

Disk Imaging

* Hashing

How well did you know this?

Not at all

Perfectly

Indicating whether a file has been modified since the last backup.

Archive Bit

How well did you know this?

Not at all

Perfectly

Which of the answers listed below refer to examples of deterrent security controls? (Select 3 answers)

Warning Signs
Lighting
Login Banner

How well did you know this?

Not at all

Perfectly

What are the examples of preventive security controls? (Select 3 answers)

OS Hardening
Separation of Duties
Security Guards

How well did you know this?

Not at all

Perfectly

Which of the following answers refer to examples of detective security controls (Select 3 answers)

System Logs
Security Audits
CCTV

How well did you know this?

Not at all

Perfectly

Which of the answers listed below refer to examples of corrective security controls? (Select 3 answers)

IPS
Alternate Site
Backup Data Recovery

How well did you know this?

Not at all

Perfectly

Which of the following answers refers to a compensating security control?

Backup Generator

How well did you know this?

Not at all

Perfectly

Which of the terms listed below DO NOT fall into the category of technical security controls? (Select 3 answers)

Barricades/Bollards
Cable Locks
Secure Cabinets/Enclosures

How well did you know this?

Not at all

Perfectly

What are the examples of administrative security controls? (Select 3 answers)

Risk Assessments
Escalation Procedures
Contingency Planning

How well did you know this?

Not at all

Perfectly

Which of the following terms DO NOT fall into the category of physical security controls? (Select 3 answers)

* User password * Encryption * AV Software

Which of the following methods provides the most effective way for permanent removal of data stored on a magnetic drive?

Degaussing

Which of the acronyms listed below refers to any type of information pertaining to an individual that can be used to uniquely identify that person?

PII

The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for: (Select best answer)

PHI

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers)

* Symmetric Encryption * Session-Key Encryption * Secret-Key Encryption

Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use?

ECB

Which of the block cipher modes listed below provides both data integrity and confidentiality?

GCM

In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key. (True or False)

True

Pseudo-random data added to a password before hashing is called:

Salt

Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks?

Salt

Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as:

Examples of means that provide randomization during the encryption process include: (Select 3 answers)

* Cryptographic nonce * Salting * IV

What are the characteristic features of Elliptic Curve Cryptography (ECC)? (Select 3 answers)

* Asymmetric encryption * Low processing power * Suitable for small wireless devices

What are the examples of weak/deprecated cryptographic solutions? (Select 3 answers)

* WEP * SSL * DES

Digital signatures provide: (Select 3 answers)

* Integrity * Authentication * Non-repudiation

Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version?

Diffusion

Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input?

Confusion

Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately. (True or False)

True

In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security. (True or False)

True

What are the characteristic features of a session key? (Select 2 answers)

* Used during a single session | * Symmetric key

The term "Ephemeral key" refers to an asymmetric encryption key designed to be used only for a single session or transaction. (True or False)

True

In cryptography, the term "Secret algorithm" refers to an algorithm designed in a way that prevents the examination of its inner workings. (True or False)

True

Which of the three states of digital data requires data to be processed in an unencrypted form?

Data-in-use

In cryptography, the term "Key stretching" refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks. (True or False)

True

Which of the answers listed below refers to a solution designed to strengthen the security of session keys?

Perfect forward secrecy (PFS)

Which of the following terms illustrate(s) the security through obscurity concept? (Select all that apply)

* Code obfuscation * Steganography * SSID broadcast suppression * Substitution cipher

Which of the answers listed below refer to the Advanced Encryption Standard (AES)? (Select 3 answers)

* Symmetric-key algorithm * 128-, 192-, and 256-bit keys * Block cipher algorithm

Which of the algorithms listed below does not belong to the category of symmetric ciphers?

RSA (Public-key encryption)

A cryptographic standard for digital signatures is known as:

Digital Signature Algorithm (DSA) (Public-key cryptography)

Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys?

Diffie-Hellman

Which of the following are hashing algorithms? (Select all that apply)

* MD5 * RIPEMD * HMAC * SHA

What are the examples of key stretching algorithms? (Select 2 answers)

* Bcrypt | * PBKDF2

Which of the answers listed below refer to obfuscation methods? (Select 3 answers)

* Steganography * XOR cipher * ROT13

A security protocol designed to strengthen WEP implementations is known as:

TKIP

What are the characteristic features of WPA/WPA2 Enterprise mode? (Select 2 answers)

* Suitable for large corporate networks | * Requires RADIUS authentication server

Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?

Public Key Infrastructure (PKI)

A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:

Certificate Authority (CA)

Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers)

* CRL | * OSCP

What is the fastest way for validating a digital certificate?

OSCP

Which of the answers listed below refers to a method for requesting a digital certificate?

Certificate Signing Request (CSR)

Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?

OCSP Stapling (Determines if an SSL certificate is valid)

A security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates is called:

HTTP Public Key Pinning (HPKP)

Which of the answers listed below refer to examples of PKI trust models?

* Single CA model * Hierarchical model (root CA + intermediate CAs) * Mesh model (cross-certifying CAs) * Web of trust model (all CAs act as root CAs) * Client-server mutual authentication model * *** All of the above

A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:

Key Escrow

Copies of lost private encryption keys can be retrieved from a key escrow by recovery agents. Recovery agent is an individual with access to key database and permission level allowing him/her to extract keys from escrow. (True or False)

True

The term "Certificate chaining" refers to a process of verifying the authenticity of a newly received digital certificate. Such process involves checking all of the certificates in the chain of certificates from a trusted root CA, through any intermediate CAs, down to the certificate issued to the end user. A new certificate can only be trusted if each certificate in that certificate's chain is properly issued and valid. (True or False)

True

Which digital certificate type allows multiple subdomains to be protected by a single certificate?

Wildcard certificate

A digital certificate which allows multiple domains to be protected by a single certificate is known as:

Subject Alternative Name (SAN) certificate

Which of the following certificate formats is used to store a binary representation of a digital certificate?

Distinguished Encoding Rules (DER)

Which of the answers listed below refers to the most common format in which Certificate Authorities (CA) issue certificates?

Privacy Enhanced Mail (PEM)

Which digital certificate formats are commonly used to store private keys? (Select 2 answers)

* PFX | * P12

Which of the answers listed below refers to a technology designed to simplify network infrastructure management?

Software-Defined Networking (SDN)

Which of the following answers refers to a data storage device equipped with a hardware-level encryption functionality?

Self-Encrypting Drive (SED)

A hardware device or a plugin-in card used for secure management, processing and storage of cryptographic keys is known as:

Hardware Security Module (HSM)

The term "Remote attestation" refers to a TPM's capability to check a computer system's integrity against a remote trusted third-party service. (True or False)

True

The concept of a secure supply chain is based on the assumption that all hardware/software should originate from reliable sources. (True or False)

True

EMI shielding protects the transferred data signals from: (Select all that apply)

* Outside interference | * Eavesdropping

The term "Trusted OS" refers to an operating system:

Equipped with enhanced security features

A system providing the capability for remote control, real-time monitoring, and gathering information related to industrial equipment is generally referred to as:

Industrial Control System (ICS)

Which of the following answers lists an example of an industrial control system solution?

SCADA

Which of the following would be the most effective in securing an ICS infrastructure?

Network isolation

A document stored in the memory of this device can pose a risk of an unauthorized data access.

MFD

Which of the answers listed below refer to technical security controls that can be applied to an UAV? (Select 2 answers)

* Wireless signal encryption | * Password protection

An SDLC model featuring a linear design process consisting of distinct sequential stages is known as:

Waterfall

One of the main premises behind the waterfall software development model is the adaptation to changes during the software development process rather than strict adherence to a well-documented sequence of steps. (True or False)

False

Which of the following terms refers to a DevOps software deployment approach in which applications and services are redeployed rather than modified whenever a need for introducing a change occurs?

Immutable systems

A DevOps practice that replaces manual configuration of hardware with automatic deployment through code is called:

Infrastructure as Code (IaC)

Which programming aspects listed below are critical in secure application development process? (Select 2 answers)

* Input validation | * Error and Exception handling

Which of the following answers refers to a countermeasure against code injection?

Input validation

The process of removing redundant entries from a database is known as:

Normalization

What are the countermeasures against SQL injection attacks? (Select 2 answers)

* Stored procedures | * Input validation

What is the purpose of code signing? (Select 2 answers)

* Confirms the application's source of origin | * Validates the application's integrity

Code obfuscation techniques rely on encryption to protect the source code against unauthorized access. (True or False)

False

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

Dead Code

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?

Software Development Kit (SDK)

A collection of commonly used programming functions designed to speed up a software development process is known as:

Library

What type of third-party code poses increased security risks during the application development process? (Select all that apply)

* SDK | * Library

A dynamic code analysis allows for detecting application flaws without the need for actual execution of the application code. (True or False)

False

The practice of finding vulnerabilities in an application by feeding it incorrect input is known as:

Fuzzing

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into an executable file is referred to as:

Compiled code

A type of code saved in the same format as it was entered and interpreted during program execution is called:

Runtime code

In virtualization technology, a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system is called:

Hypervisor

This occurs when the number of virtual machines on a network reaches a point where the administrator can no longer manage them effectively.

VM Sprawl

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

* Usage audit | * Asset documentation

An exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact indirectly with the hypervisor.

VM Escape

What are the countermeasures against VM escape? (Select 2 answers)

* Sand boxing | * Patch management

Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications?

Cloud Access Security Broker (CASB)

A type of text file containing security configuration settings used for security policy automation in Windows-based environments is known as:

Template

Method used by IPSec to create a secure tunnel by encrypting the connection between Authenticated peers.

Internet Key Exchange (IKE)

Establishment of secure connections and shared security information using certificates or cryptographic keys.

Security Association (SA)

Provides integrity, confidentiality, and authenticity of packets by encapsulating and encrypting them.

Encapsulating Security Payload (ESP)

What IPSec protocol provides authentication, integrity and confidentiality?

ESP (Encapsulating Security Payload)

Host to host transport mode only uses encryption of the payload of an IP packet but not it’s header.

Transport Mode within IPSec

Protocol used in IPSec that provides integrity and authentication.

Authentication Header (AH)

Is used for transmission between hosts on a private network.

Transport Mode

A network tunnel is created which encrypts the entire IP packet (payload and header).

Tunnel Mode

Commonly used for transmission between networks.

Tunnel Mode

Provides data striping across multiple disks to increase performance.

RAID 0

Provides redundancy by mirroring the data identically on two hard disks.

RAID 1

Provides redundancy by striping data and parity data across the disk drives.

RAID 5

Provides redundancy by striping and double parity data across the disk drives.

RAID 6

Creates a striped RAID of two mirrored RAIDs | combines RAID 1 & RAID 0

RAID 10

Two or more servers working together to perform a particular job function.

Cluster

A secondary server can take over the function when the primary one fails.

Failover Cluster

Servers are clustered in order to share resources such as CPU, RAM, and hard disks.

Load-Balancing Cluster

A modification introduced to a computer code that changes its external behavior (e.g. to maintain compatibility between a newer OS and an older version of application software) is called:

Shimming

The practice of optimizing existing computer code without changing its external behavior is known as:

Refactoring

Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply)

* Refactoring | * Shimming

Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?

Known-Plaintext Attack (KPA)

A man-in-the-middle attack that forces modern clients (browsers) and servers (websites) to downgrade the security protocol to SSLv3 from TLSv1.0 or higher.

Poodle (Padding Oracle On Downgraded Legacy Encryption)

Which of the following answers lists an example of a cryptographic downgrade attack?

Poodle

Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)

* IPSec * Kerberos * CHAP

Which of the statements listed below describe the purpose behind collecting OSINT? (Select 3 answers)

* Gaining advantage over competitors * Passive reconnaissance in penetration testing * Preparation before launching a cyberattack

Penetration testing: (Select all that apply)

* Bypasses security controls * Actively tests security controls * Exploits vulnerabilities

Vulnerability scanning: (Select all that apply)

* Identifies lack of security controls * Identifies common misconfigurations * Passively tests security controls

Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)

* Inadequate vendor support | * Default configurations

After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:

Improper error handling

An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attackers IP address instead of the IP address of the default gateway.

ARP Poisoning

An attacker intercepts user data and tries to use this information later to impersonate the user to obtain unauthorized access to resources on a network.

Replay Attack

A wireless disassociation attack is a type of:

DoS attack

Which of the statements listed below describe the purpose behind collecting OSINT?

* Gaining advantage over competitors * Passive reconnaissance in penetration testing * Preparation before launching a cyberattack

An e-commerce store app running on an unpatched web server is an example of:

Vulnerable business process

A situation in which an application fails to properly release memory allocated to it or continually request more memory than it needs is called:

Memory leak

A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:

Buffer overflow

Which of the following terms describes an attempt to read a variable that stores a null value?

Pointer de-reference

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:

DLL

Which of the terms listed below describes a type of attack that relies on executing a library of code?

DLL injection

What is described as one of the aspects of poor asset management process?

System sprawl

An effective asset management process provides countermeasures against?

* System sprawl * Undocumented assets * Architecture & Design weaknesses

What applies to a request that doesn’t match the criteria defined in an ACL?

Implicit deny rule

Jsjsjjsjs

Stateless Firewall

Hdjfjj

Statefull Firewall

VPNs can be either remote-access (used for connecting to a computer to a network) or site-to-site (used for connecting networks).

True

What part of the IPSec protocol suite provides authentication and integrity?

AH (Authentication Header)

Which of the terms listed below describes a type of VPN that alleviates bottlenecks and conserves bandwidth by allowing users simultaneously make use of both the VPN and public network links?

Split tunnel

The term “Always-on VPN” refers to a type of persistent VPN connection that starts automatically as soon as the computer detects a network link.

True

An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as:

* Heuristic * Anomaly-based * Behavioral

A type of IDS that relies on predetermined attack patterns to detect intrusions is referred to as a signature-based IDS.

True

A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS?

* Passive | * Out-of-band

Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?

IEEE 802.1X

Which of the following protocols provide protection against switching loops?

* STP (?) | * RSTP (?)

What is the name of a security mechanism that protects a network switch against populating it’s MAC table with invalid source addresses?

Flood Guard

Which of the following statements describe the function of a forward proxy?

* Acts on behalf of a client | * Hides the identity of a client

Which of the statements listed below describe the function of a reverse proxy?

* Acts on behalf of a server | * Hides the identity of a server

What are the characteristic features of a transparent proxy?

* Doesn’t require client-side configuration * Redirects clients requests and responses without modifying them * Clients might be unaware of the proxy service

A non-transparent proxy:

* Modifies clients request and responses | * Requires client-side configuration

Which of the terms listed below refers to a method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server?

Session Affinity

In a round-robin method, each consecutive request is handled by:

Next server in the cluster

In active-passive mode, load balancers distribute network traffic across:

Servers marked as active

In active-active mode, load balancers distribute network traffic across:

All servers

What type of IP address would be assigned to a software-based load balancer to handle an internet site hosted on several web servers, each with its own private IP address?

Virtual IP address

An infrastructure device designed for connecting wireless/wired client device to a network is commonly referred to as:

Access Point (AP)

Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage?

WAP power level controls

Which of the following answers refers to a common antenna type used as a standard equipment on most access points (AP) for indoor Wireless Local Area Network (WLAN) deployment?

Dipole antenna

Which of the antenna types listed below provide a 360-degree horizontal signal coverage?

* Dipole antenna | * Omnidirectional antenna

Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links?

* Dish antenna | * Unidirectional antenna

A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called:

Thin AP

The standard for web application security.

OWASP (Open Web Application Security Process)

When multiple threads in an application are using the same variable.

Race Conditions

A malfunction in preprogrammed sequential access to a shared resource is described as:

Race Condition

The international standard used for maintaining security systems.

ISO 27002

Used for cloud security.

ISO 27017

A physical device used for authentication and can store digital certificates.

Tokens

An attacker embeds malicious scripting commands on a trusted website.

XSS (Cross Site Scripting)

An attacker forces a user to execute actions on a web server for which they are already authenticated.

XSRF/CSRF (Cross Site Request Forgery)

An unauthorized user will be granted access.

FAR (False Acceptance Rate)

An authorized user will be rejected access.

FRR (False Rejection Rate)

Fastest to backup but slowest to restore.

Incremental

Slowest to backup but fastest to restore.

Differential

A client (generally either a user or a service) sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client.

Kerberos

Which of the following terms is used to describe a text message containing system information details displayed after connecting to a service on a server?

Banner

The practice of connecting to an open port on a remote host to gather more information about its configuration is known as:

Banner Grabbing

What is the name of a command-line utility that allows for displaying protocol statistics and current TCP/IP network connections?

Netstat

Netstat is a command-line utility which can be used for:

Displaying active TCP/IP connections

Which netstat parameter allows to display all connections and listening ports?

-a

Which netstat parameter displays addresses and port numbers in numerical form?

-n

A network command-line utility in MS Windows that tracks and displays the route taken by an IP packet on its way to another host is called:

Tracert

A Linux command-line utility for displaying intermediary points (routers) an IP packet is passed through on its way to another network node is known as:

Traceroute

Which of the following CLI tools is used to troubleshoot DNS-related problems?

Nslookup

ARP is used to perform what kind of resolution?

IP to MAC

Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?

Arp-a

Which of the answers listed below refers to a command-line packet capturing utility?

Tcpdump

Which of the following command-line tools is used for discovering hosts and services on a network?

Nmap

Which of the command-line utilities listed below can be used to perform a port scan? (Select 2 answers)

* Nmap | * Netcat

A command-line tool that can be used for banner grabbing is called:

Netcat

The term "Segmentation fault" refers to: (Select 2 answers)

* Access violation | * Memory management

Which of the tools listed below can be used for troubleshooting problems related to digital certificates? (Select 2 answers)

* OSCP | * CRL

A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:

DLP

An OS security feature designed to ensure safe memory usage by applications is known as:

DEP

Which of the acronyms listed below refers to a firewall controlling access to a web server?

WAF

A wireless connectivity technology primarily used in low-powered sports and fitness mobile devices is known as:

ANT

A framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure.

EAP | Extensible Authentication Protocol

Which of the following EAP methods offers the highest level of security?

EAP-TLS

Uses simple passwords for its challenge-authentication.

EAP-MD5

Which of the EAP methods listed below relies on client-side and server-side certificates to perform authentication?

EAP-TLS

Digital certificates for mutual authentication.

EAP-TLS

Uses a server-side digital certificate and a client-side password for mutual authentication.

EAP-TTLS

Provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication.

EAP-FAST

Supports mutual authentication by using server certificates and Microsoft’s Active Directory to authentication a clients password.

PEAP | (Protected EAP)

Is a proprietary to Cisco-based networks.

LEAP

In a persistent VDI: | Select 2 answers

* Each user runs their own copy of a virtual desktop. | * At the end of a session, user data and personal settings are saved.

Characteristics of a non-persistent VDI: | Select 2 answers

* At the end of a session, user desktop reverts to its original state. * Virtual desktop is shared among multiple users.

What are the characteristics of TACACS+? | Select 3 answers

* Encrypts the entire payload of the access-request packet. * Primarily used for device administration. * Separates authentication and authorization.

What are the characteristics of RADIUS? | Select 3 answers

* Primarily used for network access. * Combines authentication and authorization. * Encrypts only the password in the access-request packet.

Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data?

SAML

OpenID Connect is a protocol used for:

Authentication

Which of the following answers refers to an open-standard reference architecture for authentication?

OATH

OAuth is an open standard for:

Authorization

Which of the answers listed below refers to a SAML-based SSO system?

Shibboleth

Which of the following answers refers to a commonly used solution for tracking user access in a federated SSO system?

Secure token

A proprietary suite of security protocols providing authentication, integrity, and confidentiality to users in MS Windows network is called:

NTLM

Which of the answers listed below refers to a preferred authentication protocol recommended by MS Windows network?

Kerberos

Which access control model defines access control rules with the use of statements that closely resemble natural language?

ABAC

Group-based access control in MS Windows is an example of:

RBAC

Which of the following answers refers to the correct formula to calculating probable financial loss due to a risk over a one-year period?

ALE = ARO x SLE

If one service generates $10,000 per hour in revenue. The probability of this service failing during this year is estimated to be 10% and the failure would lead to 3 hours of downtime. What is the ALE?

SLE x ARO = ALE AV = $10,000 EF = 3 10,000 x 3 = 30,000 SLE = $30,000 ARO = 10% 30,000 x .10 = 3,000 ALE = $3,000

You have an asset valued at $16,000. The exposure factor of a risk affecting that asset is 35%. The annualized rate of occurrence is 75%. What is the SLE?

AV x EF = SLE AV = $16,000 EF = 35% 16,000 x .35 = 5,600 SLE = $5,600

Anything less than 10 has a (.0) in front of the core number. Anything in the 10’s has a (.) in front of the core number. Anything in the 100’s has a core number followed by (x.xx). * Move decimal point 2 times from RIGHT-to-LEFT

``` 1 = .01 2 = .02 : And so on! ``` ``` 10 = .1 57 = .57 : And so on! ``` ``` 100 = 1 101 = 1.01 267 = 2.67 : And so on! ```

The loss that will happen in the asset as a result of the threat. (Expresses as a percentage value)

EF (Exposure Factor)

The method of assessing the worth of the organization’s information system assets based on its CIA security.

AV (Asset Value)