LP - Computing Resources security techniques

Question 1

What are the baseline processes?

Answer 1

Project mandate
Project definition (Baseline 1)
Business requirements documents
System requirements specificaations
Revised project plan (baseline 2)

Question 2

COPE stands for

Answer 2

Corporate-owned, personally-enabled

Question 3

CYOD stands for

Answer 3

choose your own device

Question 4

EMM stands for

Answer 4

enterprise mobility management

Question 5

The three core competencies for EMM are

Answer 5

1. visibility
2. Secure access
3. Data protection

Question 6

UBA stands for

Answer 6

User behaviour analytics

Question 7

WPA2 uses what for security

Answer 7

CCMP

Question 8

WPA2 can use pre-shared key (PSK) and

Answer 8

enterprise authentication

Question 9

MFP stands for

Answer 9

Management frame protection

Question 10

WPA3 require the use of PMF which is what?

Answer 10

Protected management frames

Question 11

WPA3 has the following cryptographic mechanisms

Answer 11

GCMP-256
384-bit HMAC
HMAC-SHA384
ECDH
ECDSA
BIP-MAC 256

Question 12

Functionality Testing flowchart

Answer 12

Design Qualification (DQ)
Installation Qualification (IQ)
Operaterational Qualification (OQ)
Performance Qualification (PQ)

Question 13

Methods for securing cookies

Answer 13

• SSL the cookies can only be sent over a secure SSL
• HttpOnly flag will tell the browser that this cookie can only be accessed by the server
• use_only_cookies parameter will tell your website to use only cookies to store session data

Question 14

SAST stands for

Answer 14

Static Application Security Testing - the code is not executed

Question 15

SAST can be used to find

Answer 15

SQL injections, cross-site scripting errors, buffer overflows, unhandled error conditions and probable back doors into the application

Question 16

DAST stands for

Answer 16

dynamic application security testing

Question 17

DAST is a

Answer 17

black-box test where the tool must find distinct execution paths in the appliction being analyzed

Question 18

DAST is used against application in their

Answer 18

running state

Question 19

DAST is effective when testing exposed

Answer 19

HTTP and HTML interfaces of web applications

Question 20

Assessment management will use accounting methods like

Answer 20

RADUIS, DIAMETER or LDAPS

Question 21

Assesst Management: Monitoring/Tracking May use the following

Answer 21

SIEM or SOAR

Question 22

What is PMF?

Answer 22

PMF is a security feature defined in the IEEE 802.11w standard that protects management frames in Wi-Fi networks from being intercepted or forged by attackers. It is particularly important in mitigating deauthentication and disassociation attacks (such as Wi-Fi deauthentication attacks used in network disruptions).