Missed Test Questions Dion Training Flashcards
What is DSA?
Digital Signature Algorithm
Asymmetric and is a Federal Information Processing Standard for digital signatures.
What is degaussing?
What are its effects on a hard drive?
It wipes the hard drive via demagnetizing.
The drive will be permanently un-usable.
How is purging a hard drive accomplished?
- Using the device’s internal electronics
- Degaussing
- Using a cryptographic erase function (encrypt the data and throw away the key)
What is data wiping?
How many times does it overwrite?
What is it also known as?
Why would you data wipe?
Software tool to overwrite the data. Least secure of 3 methods because forensics can recover the wiped data.
1x, 7x, 35x (Higher = more secure)
Data clearing
Allows the hard drive to be re-used.
What are the private IP address ranges?
- x.x.x (10.0.0.0 - 10.255.255.255)
- 16.0.0 - 172.31.255.255
- 168.x.x (192.168.0.0 - 192.168.255.255)
Note: All other IP addresses are public
Note: Exceptions are localhost and APIPA
What is the purpose of key stretching?
To make a possibly weak key more secure against brute force attacks by increasing the time and resources to test each possible key.
This applies to hashes as well as
What are the two key stretching libraries?
bcrypt
PBKDF2 - Password Based Key Derivation Function 2
What does an retina scan measure?
The retina blood vessels
How does face recognition work?
Compares facial features of an image from a database to the verifying person in a digital image.
How does a iris scan work?
Uses infrared light to take a high-contrast photo of the iris.
What is signature kinetics?
Measures the users actions when signing their name and compares to a known good baseline.
What is a PAM and what is it used for?
Pluggable Authentication Module
Its generally a device like a USB thumb drive that plugs in and is used as a software key in cryptography.
Can a TPM perform cryptographic processing?
Yes, a TPM is itself a crypto-processor that stores private keys.
What regulation protects the privacy of student educational records?
FERPA - Family Educational Rights and Privacy Act
What is the GLBA?
Gramm-Leach-Biley Act
Requirements that help protect the privacy of an individual’s financial information held by financial institutions and others, such as tax preparation companies.
What is the SOX?
Sarbanes-Oxley Act
Requirements for businesses for storing and retaining documents about their financial and business operations.
Includes the type of documents to be stored and their retention periods.
Relevant for any publicly-traded company with a market value of at least $75 million.
What is HIPPA?
Health Insurance Portability and Accountability Act
Rules and regulations regarding healthcare in the United States. Applies to electronic medical records.
What is malware heuristic analysis?
Behavior-based detection and prevention. Used by many anti-virus programs. Designed to detect previously unknown computer viruses and new variants of viruses already in the wild.
Is active or passive vulnerability scanning more likely to return false positives?
Passive has a high number of false positives
What is Aircrack-ng?
Aircrack-ng is a complete suite of wireless security assessment and exploitation tools that includes monitoring, attacking, testing, and cracking of wireless networks. This includes packet capture and export of the data collected as a text file or pcap (packet capture) file.
What is Nessus?
A vulnerability scanning tool.
Review cyber security tools
What is netcat?
A computer networking utility for reading from and writing to network connections using TCP or UDP.
