Key Concepts Flashcards

1
Q

If unencrypted files were intercepted, which arm of the CIA triad would be breached or violated?

A

Confidentiality, because the files weren’t
Encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

If the CIA triad is too restrictive to describe an entire situation, what model should you use?

A

Pakerian hexad

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is symmetric cryptography?

(AKA: Symmetric key cryptography)

A

Uses a single key to both encrypt the plaintext and decrypt the ciphertext.

They key must be shared between the sender and receiver and anyone with the key can decipher the text.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name a chief weakness of symmetrical cryptography.

A

The key must be shared between sender and recipient. If an attacker gets the key, they can potentially compromise confidentiality and integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a block cypher?

A

Takes a predetermined number of bits (or binary digits which are either a 1 or a 0), known as a block, and encrypts that block. Blocks typically have 64 bits but can be higher or lower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a stream cipher?

A

Encrypts each bit in the plaintext message one bit at a time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What two types of ciphers does symmetric cryptography make use of?

A

Block and stream ciphers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What type of cipher is most frequently used in symmetrical cryptography?

A

Block ciphers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What kind of encryption is DES?

A

Symmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What kind of encryption is 3DES?

A

Symmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What kind of encryption is AES?

A

Symmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is DES

A

Block cipher using a 56 bit key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is AES

A

Symmetrical cipher using 3 different ciphers: one with a 128 bit key, one with a 192 bit key, and one with a 256 bit key. All of which encrypt blocks of 128 bits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What kind of encryption is Twofish?

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What kind of encryption is Serpent?

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What kind of encryption is Blowfish?

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What kind of encryption is Cast5?

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What kind of encryption is RC6?

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What kind of encryption is IDEA

A

Symmetric block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What kind of encryption is RC4

A

Symmetric stream cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What kind of encryption is ORYX?

A

Symmetric stream cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What kind of encryption is SEAL?

A

Symmetric stream cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is asymmetric key cryptography?

A

Uses two keys: a public key and a private key.

You use the public key to encrypt the data and the private key to decrypt the data. Anyone can access the public key, only the host can access the private key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the main advantage asymmetric cryptography has over symmetric cryptography?

A

You don’t need to distribute the key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What kind of encryption is RSA?

A

Asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What kind of encryption is used in Secure Sockets Layer (SSL) protocol?

A

RSA asymmetric key algorhithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

SSL

A

Secure sockets layer protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

ECC

A

Elliptic curve cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is elliptic curve cryptography ECC?

A

A class of cryptographic algorithms. Can use short keys while maintaining a higher cryptographic strength than many other types of algorithms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What kind of encryption does SHA-2 use

A

Elliptic curve cryptography (ECC) (Asymmetric)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

SHA-2

A

Secure hash algorhithm 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

ECDSA

A

Elliptic curve digital signature algorhithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What kind of encryption is ElGamal?

A

Asymmetric algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What kind of encryption is Diffie-Hellman?

A

Asymmetric algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What kind of encryption is Digital signature standard (DSS)

A

Asymmetric algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

DSS

A

Digital signature standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What kind of encryption does Pretty good privacy (PGP) use?

A

Asymmetric cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What kind of encryption does Transport Layer Security TLS use?

A

Asymmetric cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

TLS

A

Transport Layer Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

ITAR

A

International traffic in arms regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What are the 3 types of modern cryptography?

A

Symmetrical
Asymmetrical
Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

MD5

A

Message-direct 5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

What kind of encryption is MD5

A

Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What kind of encryption is Sha-3

A

Hash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What is a digital signature?

A

Allows you to sign a message so that others can detect any changes to the message after you’ve sent it, ensure that the message was legitimately sent by the expected party, and prevent the sender from denying that they sent the message.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

How would you digitally sign a message?

A

Sender generates a hash of the message then uses their private key to encrypt the hash. The sender then sends this digital signature along with the message, usually by appending it to the message itself.

When the message arrives at the receiving end, the receiver uses the public key corresponding to the senders private key to decrypt the digital signature thus restoring the original hash of the message. Receiver can then verify the message’s integrity by hashing the message again and comparing the two hashes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

What is a digital certificate?

A

Created by taking the public key and identifying information such as name and address and having them signed by a trusted entity that handles digital certificates called a certificate authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Name a well known certificate authority.

A

VeriSign

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

PKI

A

Public key infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Name 3 free or open source encryption products

A

VeraCrypt
BitLocker
dm-crypt (Linux only)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

What are the two types of compliance?

A

Regulatory and industry compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What is regulatory compliance?

A

Adherence to the laws specific to the industry in which you’re operating.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What is industry compliance?

A

Adherence to the regulations that aren’t mandated by law but that can nonetheless have severe impacts on your ability to conduct business.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

PCI DSS

A

Payment card industry data security standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

What are physical controls?

A

Mitigate risks to physical security.

56
Q

What 3 kinds of controls will you use to achieve compliance with standards and regulatory requirements?

A

Physical
Administrative
Technical

57
Q

What are administrative controls?

A

Mitigate risks by implementing certain processes and procedures.

58
Q

What are technical controls?

A

Manage risk by using tehnical measures such as firewalls, access control lists ACL’s, Intrusion detection systems IDS, etc.

59
Q

What are Key controls?

A

The primary controls used to manage risk in your environment

60
Q

What are the 3 characteristics of key controls?

A
  1. They provide a reasonable degree of assurance that the risk will be mitigated
  2. If the control fails, it is unlikely that another control could take over for it.
  3. The failure of this control will affect an entire process.
61
Q

What are compensating controls?

A

Controls that replace impractical or unfeasible key controls.

62
Q

What are the 4 steps to maintaining compliance? (In reference to regulations and controls)

A
  1. Monitor
  2. Review
  3. Document
  4. Report
63
Q

FISMA

A

Federal information security management act

64
Q

FedRAMP

A

Federal risk and authorization management program

65
Q

What is the federal information security management act (FISMA)?

A

Applies to all US federal government agencies, all state agencies that administer federal programs, and all private companies that support, sell to, or receive grant money from the federal government.

Requires that an organization implement information security controls that use a risk-based approach—one that handles security by enumerating and compensating for specific risks.

66
Q

ATO

A

Authority to operate

67
Q

What is FedRAMP federal risk and authorization management program?

A

Defines rules for government agencies contracting with cloud providers.

FedRAMP certification consists of a single Authority to Operate ATO that allows an organization to do business with any number of federal agencies.

68
Q

What is the Sarbanes—Oxley Act SOX?

A

Regulates financial data, operations, and assets fro publicly held companies.

Places specific requirements on an organizations electronic record keeping, including integrity of records, retention periods for certain kinds of information, and methods of storing electronic communications.

69
Q

What is the Gramm-Leach-Blilley Act? GLBA

A

Protects information such as personally identifiable information PII, and financial data belonging to the customers of financial institutions.

You must secure every pertinent record against unauthorized access, track people’s access to these records, and notify customers when you share their information.

70
Q

What is the children’s internet protection act CIPA?

A

Requires schools and libraries to prevent children from accessing obscene or harmful content over the internet.

Requires these institutions to have policies and technical protection measures in pace to block or filter such context.

71
Q

CIPA

A

Children’s internet protection act

72
Q

COPPA

A

Children’s online privacy protection act

73
Q

what is children’s online privacy protection act COPPA?

A

Protects the privacy of minors younger than 13 by restricting organizations from collecting their personally identifiable information PII, requiring the organizations to post a privacy policy online, make reasonable efforts to obtain parental consent, and notify parents that information is being collected.

74
Q

FERPA

A

Federal educational rights and privacy act

75
Q

What is FERPA federal education rights and privacy act?

A

Protects students records, applies to students at all levels. Defines how institutions must handle student records to protect them and how people can view or share them.

76
Q

GDPR

A

General data protection regulation

77
Q

What is the general data protection regulation GDPR?

A

Covers data protection and privacy for all individuals in the European Union.

Requires that organizations get consent before collecting people’s data, report data breaches, give individuals the right to access and remove collected data, and set specific guidelines for privacy and privacy programs.

78
Q

ISO

A

International organization for standardization

79
Q

What port does IMAP use?

A

143

80
Q

What port does File transfer protocol use?

A

20 and 21

81
Q

what port does secure shell SSH use?

A

22

82
Q

What port does HTTP use?

A

Port 80

83
Q

What ports are known as well known ports?

A

0-1023

84
Q

What is the Bell-LaPadula Model?

A

Combines Discretionary access control DAC and mandatory access control MAC.

No read up, no write down

85
Q

No read up, no write down

A

Bell-LaPadula Model

86
Q

Which aspect of the CIA triad is the Bell LaPadula model most concerned with?

A

Confidentiality.

87
Q

In the Bell-LaPadula Model, does MAC or DAC take priority?

A

MAC takes priority, DAC works within MAC controls.

Mandatory access control and discretionary access control

88
Q

What is the Biba Model?

A

No write up, no read down

89
Q

What aspect of the CIA triad is the Biba model most concerned with?

A

Integrity, even at the expense of confidentiality.

90
Q

No write up, no read down

A

Biba model

91
Q

What is the brewer and Nash model?

A

Chinese Wall.

Prevents conflicts of interest.

Level of access changes dynamically based on materials previously accessed.

92
Q

What is OPSEC?

A

Operations Security.

Process used to protect your information. Not only security measures in place but also identifying what you need to protect and what you need to protect it against.

93
Q

What is application security?

A

Securing your applications

94
Q

What is a sandbox?

A

An isolated environment containing a set of resources for a given purpose.

95
Q

ACL

A

Access control list

96
Q

What is access control?

A

A method of implementing authorization tools to allow/deny access.

97
Q

ABAC

A

Attribute-based access control

98
Q

What is attribute-based access control?

A

Based on specific attributes of a person, resource, or environment. Subject-attributes belong to individuals.

99
Q

What is mandatory access control?

A

Owner of a resource doesn’t determine who gets access. A separate group/individual has authority to set access to resources.

100
Q

What is discretionary access control?

A

Owner of the resource determines who gets access to it and exactly what level of access they have.

101
Q

What is mutual authentication?

A

Authentication mechanism in which both parties in a transaction authenticate each other.

102
Q

What is network segmentation?

A

Dividing network into smaller networks called subnets. Controls the flow of traffic between subnets.

103
Q

What is a hardware token?

A

Small device, usually the size and shape of a credit card or keychain fob or usb. Contains a certificate or unique identifier.

104
Q

What is a fuzzer?

A

A tool used to help find completely unexpected problems. Works by bombarding apps with all kinds of data and inputs from a variety of sources hoping to get the app to fail or do something unexpected.

105
Q

Name two kinds of port scanners.

A

OpenVAS
NMAP

106
Q

What kind of tool is wireshark?

A

A sniffer

107
Q

What is a sniffer?

A

Also known as a packet sniffer.

Network/protocol analyzer

Intercepts (sniffs) traffic on a network.

108
Q

What is a firewall?

A

Mechanism for maintaining control over traffic that flows in/out of networks. Placed where level of trust changes.

109
Q

RAID

A

Redundant arrays of inexpensive disks.

110
Q

What is deep packet inspection?

A

A type of firewall that can reassemble contents of traffic. Opens everything.

Privacy concerns.

111
Q

What is a stateful firewall?

A

Functions on the same level/general principle as packet filtering firewalls.

They keep track of traffic at a granular level. Allows only traffic that is part of a new or existing connection and prevents some intentionally disruptive traffic (attacks)

112
Q

What is a packet filter?

A

One of the simplest firewalls. Looks at content of each packet individually and allows or denies based on source IP and destination IP, port, and protocol being used.

113
Q

What is a packet sniffer?

A

A network / protocol analyzer.

114
Q

What kind of an attack is SQL injection?

A

Server side attack

115
Q

What kind of attack is cross-site scripting?

A

Client-side attack

116
Q

What kind of attack is cross-site request forgery?

A

Client side attack

117
Q

What kind of an attack is clickjacking?

A

Client-side attack

118
Q

What is SQL injection?

A

Privilege escalation. Input containing SQL commands is submitted to the app. Ex: “or 1=1” input for username. May cause system to automatically record you entered a valid username

119
Q

What is cross-site scripting?

A

Attack carried out by placing code written in scripting language into a web page or other media like adobe flash displayed by client browser. When others view this media, it automatically executes the hidden code completing the attack.

120
Q

What is cross-site request forgery?

A

Confused deputy. Misuses the browsers authority.

If attacker knows of or can guess a website that’s already authenticated a user, such as amazon, can embed a link in web page or HRML based email generally an image hosted by a site the attacker controls, when browser attempts to retrieve link, executes additional commands

121
Q

3 types of magnetic media

A

Hard drives
Tapes
Floppy disks

122
Q

What physical conditions can harm magnetic media?

A

Strong magnetic fields.

Jolting magnetic media while it’s in motion can render the media unusable.

123
Q

Name two types of optical media

A

CDs DVDs

124
Q

What physical conditions threaten optical media?

A

Scratches, temperature sensitive.

Very sensitive and easy to destroy in general.

125
Q

What is a signature based IDS?

A

Works like most antivirus systems. Maintain a database of signatures that might signal an attack and compare incoming traffic to these signatures.

126
Q

What is an anomaly based IDS?

A

Works by determining the normal kinds of traffic and activity taking place on the network. They then measure present traffic against this baseline in order to detect patterns that aren’t present in the traffic normally.

Can detect new attacks or attacks that have been deliberately designed to avoid IDS detection.

127
Q

What is Kali?

A

A penetration testing tool for LINUX specifically.

128
Q

What is Kismet?

A

One of the best-known tools for detecting rogue access points and devices.

Commonly used by penetration testers to detect wireless access points and can find them even when they’re well hidden.

129
Q

Name two tools that can help break through different kinds of encryption in use on wireless networks.

Two more common ones for cracking WEP, WPA, and WPA2 include

A

CoWPAtty and Aircrack-NG.

130
Q

What is Tcpdump?

A

A classic sniffer.
Command line tool.

Runs only on UNIX-like OS.

131
Q

What is WinDump?

A

A windows equivalent of Tcpdump.

A packet sniffer.

132
Q

What is OptiView Portable Network Analyzer from Fluke Networks?

A

A hardware packet sniffer.

133
Q

What is Scapy?

A

Can map the topology of firewalls and help locate vulnerabilities in them.

Can construct specially crafted Internet control message protocol ICMP packets that evade some of the normal measures put in place to prevent you from seeing the devices that are behind a firewall and may allow you to enumerate some of them.

Can manipulate network traffic and test how firewalls and IDS respond.

134
Q

What port does hypertext transfer protocol secure HTTPS use?

A

443

135
Q

What is Rapid7’s Metasploit

A

An exploit framework / tool.

136
Q

What is Immunity CANVAS?

A

An exploit framework / tool

137
Q

What is Core Impact?

A

An exploit framework / tool.