Misc Flashcards

1
Q

What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes? Purge or clear?

A

Clear - applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What solution would be used to identify rogue devices on a wired network?

A

Router and switch based MAC reporting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What type of access control provides the strongest level of protection?

A

MAC mandatory access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is ARP poisoning?

A

When attacker exploits the IP address to MAC resolution in a network to steal, modify or redirect frames within the LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain ARP protocol

A

Protocol that maps IP address to a physical MAC address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is AUP?

A

Acceptable Use Policy - A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the extension for a powershell script file?

A

.ps1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the extension for a Unix based script file?

A

sh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Shadow IT?

A

software and hardware used within an organization, but outside of the organization’s official IT infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What enables running macros in Microsoft Office applications?

A

VBA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are the two main vulnerability databases?

A

NVD (National Vulnerability Database), CVE (Common Vulnerabilities and Exposures)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is SOAR?

A

Security orchestration, automation and response - software that automatically responds to security incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Security orchestration, automation and response, or

A

CVSS - Common Vulnerability Scoring System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A type of formal document that describes the specifications for a particular technology is known as:

A

RFC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

dedicated local network consisting of devices providing data access is called:

A

SAN storage area network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is trusted foundry?

A

microprocessor manufacturing utility that is part of a trusted supply chain. Developed by US military

17
Q

What is ROT?

A

Root of Trust - used to scan boot metrics and OS files to verify their signatures.

Digital certificate embedded inside processor/firmware

Basically making sure your system trusts it’s components upon boot

18
Q

What is a TPM?

A

Trust platform module - specification for hardware based digital certificates, keys, hashed passwords and other platform identification info

Allows for secure boot

19
Q

What is HSM?

A

Hardware security module - appliance for generating encryption keys that is less susceptible to tampering and insider threats than software based solutions

20
Q

Difference between honeypots and honey nets

A

honeypots deal with a single computer whereas a honeynet deals with a group of computers, servers network etc

21
Q

What is TPM?

A

Trusted Platform Module - secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys

22
Q

What is a specification for SED’s?

A

Opal

23
Q

What is SED?

A

Self Encrypting Drive - data storage device equipped with hardware-level encryption functionality

24
Q

What is FDE?

A

Full Disk Encryption - software technology designed to provide confidentiality for an entire data storage device is known as

25
Q

Difference between VM sprawl and VM escape?

A

VM escape occurs when the attacker can access the host system whereas VM sprawl occurs when an organization has many VMs that aren’t managed properly.

26
Q

What is the primary difference between EAP FAST and PEAP?

A

EAP Fast uses a protected access credential PAC (shared secret) whereas PEAP uses a digital certificate (on the server side - client does not need certificate)

27
Q

What is a BPDU Guard?

A

Bridge Protocol Data Unit Guard - designed to protect against network loops

28
Q

Which regulatory framework are data retention policies most relevant to?

A

SOX

29
Q

What can Dynamic Resource Allocation help mitigate?

A

DDOS attacks

30
Q

A cisco proprietary network monitoring protocol?

A

Netflow

31
Q

What do captive portals use to authenticate?

A

802.1x / RADIUS

32
Q
A