Messer Practice Exam 1 Flashcards
What is the process of gathering as much information as possible about a company from open sources such as social media, corporate websites, and business organizations?
Passive Footprinting
What active reconnaissance tests directly query systems to see if a backdoor has been installed?
Backdoor Testing
What process involves actively querying and receiving responses across a network?
OS fingerprinting
What type of penetration test provides detailed information about specific systems or applications?
Partially known environment
What protocols use TLS to provide secure communication?
HTTPS (Hypertext Transfer Protocol)
FTPS (File Transfer Protocol Secure)
What protocol is used to encrypt conversations over VoIP?
SRTP (Secure Real-time Transport Protocol)
What protocols aren’t encrypted?
Telnet
FTP
SMTP
IMAP
What secure protocol is used for Time Synchronization?
NTPsec (Secure Network Time Protocol)
What secure protocols are used for Email?
S/MIME (Secure/Multipurpose Internet Mail Extensions) with PKI
POP3S (Secure Post Office Protocol) with SSL.
IMAP (Internet Message Access Protocol) with SSL.
Browser-based email with SSL.
What does SNMPv2 stand for and do?
Simple Network Management Protocol version 2.
What two data sources help address file storage volatility?
Partition Data
Temporary File Systems
What would an all-in-one printer that can print, scan, and fax often be categorized as?
Multifunction Device
What is an IoT device?
Wearable technology and home automation devices.
What does RTOs stand for?
Real-time operating system.
What does SoC standfor?
System on a Chip.
Multiple components that run on a single chip are categorized as an SoC.
ISO 27701
extends 27001 and 27002 to include management of PII and data privacy.
ISO 31000
sets international standards for risk management
ISO 27002
focuses on information security controls
ISO 27001
The foundational standard for ISMS (Information Security Management Systems)
What is SOAR?
Security Orchestration, Automation, and Response.
Designed to make security teams more effective by automating processes and integrating third-party security tools.
What is EAP-TTLS?
Extensible Authentication Protocol - Tunneled Transport Layer Security
Allows the use of multiple authentication protocols transported inside of a TLS tunnel.
What is PEAP?
Protected Extensible Authentication Protocol
Encapsulates EAP within a TLS tunnel, but doesn’t provide multiple authentication methods.
What is EAP-MSCHAPv2?
EAP - Microsoft Challenge Handshake Authentication Protocol v2
A common implementation of PEAP
What are two features commonly offered by a CASB?
Cloud Access Security Broker
-A list of applications in use
-Verification of encrypted data transfers
Example of Race Condition
A file system problem is usually fixed before a reboot, but a reboot is occuring before the fix can be applied. This has created a race condition that results in constant reboots
What does SED stand for?
Self Encrypting Drive
What does curl do?
The curl (Client URL) command will retrive a web page and display it as HTML (source-code) at the command line.
What is “scanless”?
It is a tool that allows you to perform a port scan via proxy.
What is “Nmap”?
A popular port scanning and reconnaissance utility.
What does “netstat” do?
It provides a list of network statistics, and the default view shows the traffic sessions b etween the local device and other devices on the network.
What does “dig” do?
Domain Information Groper
Queries DNS servers for the fully-qualified domain name and IP address information of other devices.
What does “netcat” do?
The netcat command is used for reading or writing data to the network. It doesn’t provide any statistical information about the network connection.
What does a DNS Sinkhole do?
Used to redirect and identify devices that may attempt to commnuicate with an external command and control (C2) server. The DNS Sinkhole will resolve an internal IP address and can report on all devices that attempt to access the malicious domain.
Which part of the PC startup process verifies the digital signature of the OS Kernel?
Trusted Boot
What does “Measured Boot” do and when does it occur?
It occurs after Trusted Boot and verifies that nothing on the computer has been changed by malicious software or other processes.
What does “Secure Boot” do and when does it occur?
It occurs Before Trusted Boot and checks the digital signature of the bootloader, not the OS Kernal!
What is a “POST”?
Power-On Self-Test is a hardware check performed prior to booting an operating system.
Preventative Control
Physically limits access to a device or area.
Managerial Control
Sets a policy that is designed to control how people act
Compensating Control
It doesn’t prevent an attack, but it does restore from an attack using other means.
Ex: An UPS does not stop a power outage, but it does provide alternative power if an outage occurs.
Primary difference of Asymmetric Encryption
Assymmetric encryption uses different keys for encryption and decryption.
What functionality does Blockchain provide?
The ledge functionality of a blockchain can be used to track or verify components, digital media, votes, and other physical or digital objects.
Which is lost first, memory or temporary files?
Memory, it is temporary.
A Linux administrator is downloading an updated version of her Linux distribution. The download site shows a link to the ISO and a SHA256 hash value. Which of these would describe the use of this hash value?
Verifies that the file was not corrupted during the file transfer because it matches what is on the website.
What does “NGFW” stand for?
Next-Generation Firewall
What is the BEST way to confirm the secure baseline of a deployed application instance?
Perform an integrity measurement. This is DESIGNED to check for the secure baseline of firewall settings, patch, levels, OS versions, and any other security components.
Benefits of Kerberos
-Uses a ticket-based system to provide SSO (Single Sign-On)
-You ONLY NEED TO AUTHENTICATE ONCE with Kerberos to gain access to multiple resources.
What is “TACACS+”?
Terminal Access Controller Access-Control System
It is an authentication method.
Does not provide any single sign-on functionality.
What is “LDAPS”?
Lightweight Directory Access Protocol Secure
It is a standard for access a network directory. This can provide an authentication method
Does not provide any single sign-on functionality.
What is “802.1X”?
A standard for PNAC (Port-based Network Access Control)
Does not provide any single sign-on functionality.
Full-Tunnel VPN vs Split-Tunnel VPN
Full-Tunnel VPN: All traffic goes through the tunnel.
Split-Tunnel VPN: Only sends a portion of the traffic through the encrypted tunnel. It would allow work-related traffic to securely traverse the VPN, and all other traffic would use the non-VPN option.
What cryptographic method is used to add trust to a digital certificate?
A digital signature
What does X.509 do?
The X.509 standard defines the structure of a certificate. It makes it easy for everyone to view the contents of a certificate, but it doesn’t provide any additional trust.
What does “RAID” stand for?
Redundant Array of Independent Disks
What does “SIEM” stand for?
Security Information and Event Manager.
What is S/MIME? and whats gucci about it?
Secure/Multipurpose Internet Mail Extensions
Provides a way to integrate public key encryption and digital signatures into most modern email clients. This would encrypt all email information from client to client, retgardless of the communications used between email servers.
What is Secure IMAP? & what does it do?
Secure Internet Message Access Protocol
Encrypts communication downloaded from an email server, but DOES NOT provide security for outgoing email messages.
What secure protocol would you use to:
accept customer purchases from your primary website?
HTTPS
What secure protocol would you use to:
synchronize the time across all of your devices?
NTPSec
What secure protocol would you use to:
Access our switch using a CLI terminal Screen?
SSH
What secure protocol would you use to:
Talk with customers on scheduled conference calls?
SRTP
What secure protocol would you use to:
Gather metrics from routers at remote sites?
SNMPv3
TCP vs UDP
TCP (Transmission Control Protocol):
-Connection based and more reliable, but slow.
UDP (User Datagram Protocol):
-Connectionless and less reliable, but fast.
FTP
File Transport Protocol
20, 21
SSH
Secure Shell
22
Telnet
23
SMTP
Simple Mail Transfer Protocol
25
DNS
Domain Name System
53
DHCP
Dynamic Host Configuration Protocol
67, 68
TFTP
Trivial File Transport Protocol
69
HTTP
Hypertext Transfer Protocol
80
HTTPS
Hypertext Transfer Protocol Secure
443
SSL VPN
Secure Socket Layer Virtual Private Network
443
POP3
Post Office Protocol v3
110
NTP
Network Time Protocol
123
IMAP4
Internet Message Access Protocol v4
143
SNMP
Simple Network Management Protocol
161
IPsec
Internet Protocol Secure
500
RDP
Remote Desktop Protocol
3389