Messer exam 1 Flashcards

1
Q

fencing

A

the process of** isolating a node of a computer cluster or protecting shared resources** when a node appears to be malfunctioning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Authentication token

A

piece of information that verifies the identity of a user to a website, server, or anyone requesting verification of the user’s identity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Biometrics

A

the process of using electronic devices to identify people by recording and analyzing their unique physical or behavioral characteristics. used to access door

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Lighting

A

for outside building

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Security guard

A

protect lobby

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Access badge

A

used for door entrance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Access control vestibule

A

also known as a mantrap, is a physical access control system that creates a space between two sets of interlocking doors. used in lobby

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

operational

A

are often implemented by people instead of systems.
Security guards and awareness programs are examples of an operational control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

managerial

A

are **administrative controls associated with security design **
and implementation. ```
A set of policies and procedures would be an example of a
managerial control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Physical

A

are used to** limit physical access**.

Badge readers, fences, and 
guard shacks 
are categorized as physical controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Technical

A

are implemented using systems. Operating system controls,
firewalls, and automated processes are considered technical controls.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Something you have

A

During the login process, ```
your phone receives a
text message with a one-time passcode

~~~

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

something you know

A

PIN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

something you are

A

bio metrics–fingerprint

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

somewhere you are

A

Your login will not work unless you are
connected to the VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Passive reconnaissance

A

**gathering as much information from
open sources such as social media
, corporate websites, and business **
organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Vulnerability scanning

A

Some active reconnaissance tests will query systems directly to see if a
vulnerability currently exists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Supply chain analysis

A

will examine the security associated with a
supplier, and the analysis will not provide any information regarding a
company’s own servers and data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Regulatory audit

A

A regulatory audit is a detailed security analysis based on existing laws or
private guidelines. A regulatory audit commonly requires access to internal
systems and data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

**DMARC **
**(Domain-based Message Authentication Reporting and Conformance)**

A

specifies the disposition of spam emails. The legitimate
owner of the originating email domain can choose to have these messages
accepted, sent to a spam folder, or rejected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

SPF (Sender Policy Framework)

A

is

a list of all authorized mail servers for 
a specific domain
. All legitimate emails would be sent from one of the
servers listed in the SPF configuration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

NAC (Network Access Control)

A

is a way to limit network access to only
authorized users
. NAC is not commonly used to manage the transfer of
email messages.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

DKIM (Domain Keys Identified Mail)

A

provides a way to validate all
digitally signed messages from a specific email server.
DKIM does not
determine how the receiving server categorizes these digitally signed
messages

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Root cause analysis

A

The goal of a root cause analysis is to explain the ultimate cause of an
incident
. Once the cause is known, it becomes easier to protect against
similar attacks in the future

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

E-discovery

A

relates to the collection, preparation, review, interpretation,
and production of electronic documents
.

E-discovery itself is not involved
with the research and determination of an attack’s root cause

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Risk appetite

A

describes the amount of risk an organization is willing to
take before taking any action to reduce that risk
.

Risk appetite is not part
of a root cause analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Data subject

A

describes any information relating to an identified or
identifiable natural person
,

especially when describing or managing private
information about the subject

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Automation

A

Automation ensures that compliance checks can be performed on a
regular basis
without the need for human intervention

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Maintenance window

A

describes the scheduling associated with the
change control process
. Systems and services generally have limited
availability during a maintenance window

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Attestation and acknowledgment

A

With compliance, the process of attestation and acknowledgment
is the
final verification of the formal compliance documentation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

External audit

A

can be a valuable tool

for verifying the compliance 
process,
but an automated alert from a monitoring system would not be
part of an external audit
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Obfuscated

A

describes the modification of data to make something
understandable into something very difficult to understand.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Data in use

A

describes information actively processing in the memory of a
system, such as system RAM, CPU registers, or CPU cache.

34
Q

Regulated

A

Reports and information created for governmental use are regulated by
laws regarding the disclosure of certain types of data.

35
Q

Federation

A

allow members of one organization to authenticate
using the credentials of another organization

36
Q

EAP (Extensible Authentication Protocol)

A

**is an authentication framework **

commonly associated with network access control.

37
Q

MTBF (Mean Time Between Failures)

A

is a prediction of how often a
repairable system will fail

38
Q

RTO (Recovery Time Objectives

A

define a timeframe needed to restore a
particular service level

39
Q

MTTR (Mean Time to Restore)

A

is the amount of time it takes to repair a
component

40
Q

RPO (Recovery Point Objective)

A

describes the minimum data or
operational state required to categorize a system as recovered.

41
Q

MOA (Memorandum of Agreement)

partner

A

is a formal document where
both sides agree to a broad set of goals and objectives associated with the
partnership.

42
Q

SLA (Service Level Agreement)

A

is commonly provided as a formal
contract between two parties that documents the minimum terms for
services provided.

43
Q

SOW (Statement of Work)

A

is a detailed list of items to be completed
as part of overall project deliverables

44
Q

NDA (Non-Disclosure Agreement)

A

is a confidentiality agreement
between parties. This question did not mention any requirement for
privacy or confidentiality.
More information

45
Q

Integrity

A

refers to the trustworthiness of data.

46
Q

Confidentiality

A

describes the privacy of data

47
Q

Availability

A

y describes the ability of an authorized user to access data

48
Q

Race condition

A

occurs when two processes occur at similar times, and
usually with unexpected results.

49
Q

Memory injection

A

is commonly used by malicious software to add code
to the memory of an existing process.

50
Q

Malicious update

A

occurs when a software patch installs unwanted or
unauthorized code

51
Q

Deterrent

A

A deterrent control does not directly stop an attack, but it may discourage
an action.

52
Q

Preventive control

A

A preventive control physically limits access to a device or area

53
Q

Corrective control

A

A corrective control can actively work to mitigate any damage

54
Q

Detective control

A

may not prevent access, but it can identify and record
any intrusion attempts

55
Q

Compensating

A

doesn’t prevent an attack, but it does
restore from an attack using other means

56
Q

Directive

A

is relatively weak control which relies on security
compliance from the end users.

57
Q

Continuity of operations

A

Continuity of operations planning ensures that the
business will continue to operate when these issues occur.

58
Q

Platform diversity

A

Using different operating systems and platforms can help mitigate issues
associated with a single OS

59
Q

Cold site

A

has space and power, and likely connectivity, but will require that systems and data be put in place to be used

60
Q

Warm sites

A

have systems, connectivity, and power but do not have the live or current data to immediately take over operations

61
Q

hot site

A

can immediately take over operations

62
Q

Tabletop exercise

A

A tabletop exercise usually consists of a meeting where members of a
recovery team or disaster recovery talk through a disaster scenario.

63
Q

Bollards

A

barricades are often used on the exterior of a facility to
prevent access to motorized vehicles and channel people through a specific
access location.

64
Q

Pressure sensors

A

are commonly used on doors or windows to detect
movement in those devices.

65
Q

Record-level encryption

A

is commonly used with databases to encrypt
individual columns within the database. This would store some
information in the database as plaintext and other information as
encrypted data

66
Q

Full-disk encryption

A

ensures that all data on a storage drive is protected

67
Q

Asymmetric encryption

A

uses a public and private key pair to encrypt data.

68
Q

Key escrow

A

describes the storage and management of decryption keys by
a third-party

69
Q

Journaling

A

writes data to a temporary journal before writing the
information to the database. If power is lost, the system can recover the
last transaction from the journal when power is restored

70
Q

Off-site backups

A

can be used to recover a corrupted database, but this does
not minimize or prevent database corruption from occurring

71
Q

Replication

A

is used to create a duplicate copy of data.

72
Q

MDM (Mobile Device Manager)

A

provides a centralized management
system for all mobile devices. From this central console, security
administrators can set policies for many different types of mobile devices.

73
Q

Segmentation

A

describes the separation of user data from company data,
but the implementation all policies is managed by the MDM

74
Q

COPE (Corporately Owned and Personally Enabled)

A

commonly purchased by the corporation and allows the use of the mobile
device for both business and personal use.

75
Q

False negative

A

A false negative is a result that fails to detect an issue when one
actually exists

76
Q

Exploit

A

is an attack against a vulnerability.

77
Q

Compensating controls

A

are used to mitigate a vulnerability when an
optimal security response may not be available.

For example, if a company
can’t deploy a patch for a vulnerability, they can revoke or limit application
access until a patch is provided

78
Q

Escalation

A

Automation can recognize security events and escalate a security-related
ticket to the incident response team without any additional human
interaction.

79
Q

Guard rails

A

are used by application developers to provide a set of
automated validations to user input and behavior.

Guard rails are not used
by the help desk team

80
Q

Continuous integration

A

provides an automated method
of constantly developing, testing, and deploying code.

81
Q

Resource provisioning

A

can be automated during the on-boarding and
off-boarding process to quickly create or remove rights and permissions.

Resource provisioning is not commonly part of the automation associated
with security event notification.

82
Q

A33

A