Misc

Question 1

What sanitization technique uses only logical techniques to remove data, such as overwriting a hard drive with a random series of ones and zeroes? Purge or clear?

Answer 1

Clear - applies logical techniques to sanitize data in all user-addressable storage locations for protection against simple non-invasive data recovery techniques.

Question 2

What solution would be used to identify rogue devices on a wired network?

Answer 2

Router and switch based MAC reporting

Question 3

What type of access control provides the strongest level of protection?

Answer 3

MAC mandatory access control

Question 4

What is ARP poisoning?

Answer 4

When attacker exploits the IP address to MAC resolution in a network to steal, modify or redirect frames within the LAN

Question 5

Explain ARP protocol

Answer 5

Protocol that maps IP address to a physical MAC address

Question 6

What is AUP?

Answer 6

Acceptable Use Policy - A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources

Question 7

What is the extension for a powershell script file?

Answer 7

.ps1

Question 8

What is the extension for a Unix based script file?

Answer 8

sh

Question 9

What is Shadow IT?

Answer 9

software and hardware used within an organization, but outside of the organization’s official IT infrastructure.

Question 10

What enables running macros in Microsoft Office applications?

Answer 10

VBA

Question 11

What are the two main vulnerability databases?

Answer 11

NVD (National Vulnerability Database), CVE (Common Vulnerabilities and Exposures)

Question 12

What is SOAR?

Answer 12

Security orchestration, automation and response - software that automatically responds to security incidents

Question 13

Security orchestration, automation and response, or

Answer 13

CVSS - Common Vulnerability Scoring System

Question 14

A type of formal document that describes the specifications for a particular technology is known as:

Answer 14

RFC

Question 15

dedicated local network consisting of devices providing data access is called:

Answer 15

SAN storage area network

Question 16

What is trusted foundry?

Answer 16

microprocessor manufacturing utility that is part of a trusted supply chain. Developed by US military

Question 17

What is ROT?

Answer 17

Root of Trust - used to scan boot metrics and OS files to verify their signatures.

Digital certificate embedded inside processor/firmware

Basically making sure your system trusts it’s components upon boot

Question 18

What is a TPM?

Answer 18

Trust platform module - specification for hardware based digital certificates, keys, hashed passwords and other platform identification info

Allows for secure boot

Question 19

What is HSM?

Answer 19

Hardware security module - appliance for generating encryption keys that is less susceptible to tampering and insider threats than software based solutions

Question 20

Difference between honeypots and honey nets

Answer 20

honeypots deal with a single computer whereas a honeynet deals with a group of computers, servers network etc

Question 21

What is TPM?

Answer 21

Trusted Platform Module - secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys

Question 22

What is a specification for SED’s?

Answer 22

Opal

Question 23

What is SED?

Answer 23

Self Encrypting Drive - data storage device equipped with hardware-level encryption functionality

Question 24

What is FDE?

Answer 24

Full Disk Encryption - software technology designed to provide confidentiality for an entire data storage device is known as

Question 25

Difference between VM sprawl and VM escape?

Answer 25

VM escape occurs when the attacker can access the host system whereas VM sprawl occurs when an organization has many VMs that aren’t managed properly.

Question 26

What is the primary difference between EAP FAST and PEAP?

Answer 26

EAP Fast uses a protected access credential PAC (shared secret) whereas PEAP uses a digital certificate (on the server side - client does not need certificate)

Question 27

What is a BPDU Guard?

Answer 27

Bridge Protocol Data Unit Guard - designed to protect against network loops

Question 28

Which regulatory framework are data retention policies most relevant to?

Answer 28

SOX

Question 29

What can Dynamic Resource Allocation help mitigate?

Answer 29

DDOS attacks

Question 30

A cisco proprietary network monitoring protocol?

Answer 30

Netflow

Question 31

What do captive portals use to authenticate?

Answer 31

802.1x / RADIUS