Mod A Flashcards

1
Q

Also known as encapsulation, a characteristic of object-oriented programming (OOP) and used to isolate objects and subjects from each other

A

data hiding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Processors typically support 2 states:

A

supervisor aka kernel mode
problem aka user mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In ____ state, the processor is operating at the highest privileges which means running process has access to all info on that system

A

supervisor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In ____ state, the processor can access info that is has been granted the privileges to access

A

problem

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The process of logically segregating functions of hardware and software so that changes in the processes do not affect the other layers.

A

layering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

In a brute force attack, the attacker has access to only the ______ text

A

cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In a known plaintext attack, the attacker has access to _____ text

A

both plain and cipher text

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A type of known plain text attack in which multiple sets of plaintext and corresponding ciphertext can be analyzed for patterns or trends which can help extract the key

A

Linear cryptanalysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A legal liability concept that requires an organization review its practices to ensure that protection requirements are met.

A

due diligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Practicing due diligence can help create a defense against _____

A

negligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A legal liability concept that defines the minimum level of info protection that a business must achieve

A

due care

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The process of measuring business practices against the judgement of any reasonable individual is also known as the ______ rule

A

prudent man

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

This law was created in 1974 to govern the way federal agencies use and distribute personal information of U.S. citizens. It states that agencies cannot disseminate personal info without the permission of the individual. U.S. census and labor statistics are exempt.

A

U.S. Privacy Act of 1974

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Created to provide a framework for how info traverses international borders. This guideline contains the following principles:

collection limitation
data quality
purpose specification
use limitation
security safeguards
openness principle
individual participation
accountability

A

OECD Guidelines

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A link-state routing protocol that learns the entire network topology for the area using cost

A

OSPF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A distance-vector routing protocol that is only aware of directly connected neighbor routers and uses hop count as a metric

A

RIP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

____ routing protocols send updates only when the network topology changes.

A

link-state

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

____ routing protocol sends entire content of the routing table to all neighbor routers every 30 seconds by default whether or not a topology change occurs

A

RIP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Data stored in a cloud is considered data at ___ and is not considered in transit until accessed over the internet

A

rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Data stored in a SAN is considered data at ____-

A

rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

DNS servers use a ______ to store information about how to resolve IP addresses to domain names

A

hierarchical database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A ___ file is a flat file database that stores domain name resolution info locally. When DNS is unavailable, the computer might be able to resolve IP addresses of domain names by looking up info stored on this file.

A

hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A ____ database can be accessed, read, and written to by using code written in OOP language

A

Object-oriented

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

This database created relationship between records in tables by using primary keys.

A

relational

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

An open standard defined in Request for Comments (RF) 6749 that provides third-party application delegated access to resources without providing the owners credentials to the application

A

OAuth 2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

An open standard developed by OASIS used to exchange authentication and authorization info. It is used to provide a standard way of encoding info so that info can be read and processed by multiple independent systems

A

SAML (extensible markup language (XML))

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

A XML based open standard developed by OASIS used for SSO. It is based on DSML (directory services markup lanaguage) that can be used to present LDAP info in XML format.

A

SPML (security provisioning markup language)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A XML based open standard developed by OASIS and is used to define access control policies. Most commonly used for attribute or role based policies and used in combination with SDN (software defined networking) systems

A

XACML

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Port numbers from ___ to ___ are registered ports and are assigned by IANA. Also called user ports.

A

1024 - 49151

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Port numbers from ___ to ___ are system ports and are assigned by IANA. Also called well known ports.

A

0 - 1023

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Using antivirus software is a _____ access control

corrective
directive
preventive
detective

A

corrective

(ex: antivirus can take corrective action to repair damage caused by a computer virus)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

A security standard based on British Standard 7799 (BS 7799) focused on security governance

A

ISO 27001

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

This standard use to be ISO 17799 and is based on British Standard 7799 (BS 7799). It defines security objectives and provide a list of security controls based on industry best practices

A

ISO 27002

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

An IT management framework created by the Information Systems Audit Control Association (ISACA) and IT Governance Institute (ITGI). It is used by security architects to provide an example of minimum security requirements of any organization.

A

COBIT (Control objects for information and related technology)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

RTO + WRT = ?

A

MTD (max tolerable downtime)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

The amount of time a business can survive without a particular service

A

RTO (recovery time objective)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A hardware rating that indicates how long a system should run before failing, on average.

A

MTBF (mean time between failures)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Indicates the amount of time it will take to recover a failed device or system

A

MTTR (mean time to repair)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

AH is typically used wtih ESP in ___ mode

A

transport

(because IP headers are encrypted in tunnel mode)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

ESP provides _____ for IPSec VPN tunnels

A

confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

AH provides ____ and ___ for IPSec VPN tunnels

A

authentication and integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

In ____ mode, ESP encrypts the entire packet including the IP headers and data. AH uses the IP headers to authenticate packets.

A

tunnel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

In ___ mode, ESP encrypts only the packet data, leaving the IP headers unencrypted

A

transport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

When AH and ESP are used together, ______ must establish separate SAs (4 total) for each protocol.

A

Internet Security Association and Key Management Protocol (ISAKMP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

A ___ creates a separate collision domain for each port on it.

A

switch

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Groupings of subject and objects that have the same security requirements are called

A

security domains

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Ring 0 of CPU ring model

A

Kernel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Ring 1 of CPU ring model

A

OS components that are not the kernel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Ring 2 of CPU ring model

A

Device drivers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Ring 3 of CPU ring model

A

Users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Process of hiding the operational complexity of a system from a system’s user

A

Abstraction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

What are the 5 rules of evidence?

A

Be authentic
Be accurate
Be complete
Be convincing
Be admissable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

An open standard method for decentralized authentication that is maintained by Open ID Foundation but uses RFC 6749 as a framework. It uses JSON Web Tokens (JWTs) and operates as a REST web service

A

OpenID Connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Standard defined by RFC 5849

A

OAuth 1.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

A ____ is designed to prevent theft of computer equipment and is typically bolted to the wall, floor, or large immobile surface

A

lockdown enclosure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

System ____ involves removing system service that are not required for the system to perform its intended function

A

hardening

56
Q

Is a firewall a multihomed device?

A

Yes

57
Q

___ firewalls maintain a state table and make forwarding decisions based on the state of each session

A

state

58
Q

____ filtering firewalls makes simple filtering decision based on each individual packet

A

packet

59
Q

Are stateful firewalls more secure than packet filtering firewalls?

A

Yes, because packet filtering requires you open both inbound and outbound traffic, meaning exposure of the internal network to undesirable inbound traffic on that port.

60
Q

____ firewalls terminate the connection with the source device and initiate a new connection with the destination to hide the true source of the traffic

A

Proxy

61
Q

What is the documentation for a system or product to be tested? It is used to test the security of IT products with the goal to identify and remove known vulnerabilities from a product rather than discover new vulnerabilities.

A

Common Criteria (CC) Security Target (ST

62
Q

In CC ST, the ____ is the system or product that is to be tested

A

target of evaluation

63
Q

In CC ST, the ___ is the documentation that describes the ToE and any security requirements

A

ST (security target)

64
Q

In CC ST, the ___ is a set of security requirements and objects for the type of product to be tested

A

Protection Profile (PP)

65
Q

In CC ST, the ___ is a rating level that is assigned to the product after the product has been tested

A

Evaluation Assurance Level (EAL)

66
Q

How many EALs are in CC ST? Name them.

A

7 ratings

  1. functionally tested
  2. structurally tested
  3. methodically tested and checked
  4. methodically designed, tested, and reviewed
  5. semi-formally designed and tested
  6. semi-formally verified, designed, and tested
  7. formally verified, designed, and tested
67
Q

The safest fire suppression system in an electrical environment is

A

FE-13 because it is safe for humans and computer equipment

68
Q

Is FE-13 safer than FM 200?

A

Yes, FE-13 can be breathed up to 24 percent while FM-200 is 9 percent

69
Q

___ should be used as a fire suppression agent only in areas that are unstaffed

A

CO2

70
Q

The ____ requires that each EU member nation create its own centralized data protection authority

A

GDPR

71
Q

GDPR requires companies to inform authorities of major data breached within how many hours?

A

72

72
Q

Although sometimes used interchangeably, security marking and security labeling are different:

______ marking refers to the use of human readable security attributes while ____ refers to the use of security attributes for internal data structures within the information systems

A

marking; labeling

73
Q

___ stacks enable hosts to communicate with both IPv4 and IPv6 hosts. They are configured with both addresses.

A

Dual

74
Q

The tunneling method, ____ is used to pass IPv4 traffic over an IPv6 only network

A

4to6 tunneling

vice versa = 6to4 tunneling

75
Q

A ____ can quarantine a host that does not comply with a security policy. It intercepts hosts that are not yet registered on the network then sends the host’s information to an authentication server to see if the host complies.

A

NAC (network admission control)

76
Q

RAID ___ provides striping for a set of mirrored disks

A

10

77
Q

RAID ___ aka a striped set, uses striping which is a method of writing data across multiple hard desks to increase performance.

A

0

78
Q

RAID ___ provides mirroring but not increased write performance. AKA a mirrored set

A

1

79
Q

RAID 3 and 4 provides striping for a set of mirrored disks that use parity to provide fault tolerance. RAID ___ stripes data at the byte level while RAID ___ stripes data at the block level.

A

3;4

80
Q

What are the BCP (business continuity plan) steps?

A
  1. Develop a BCP policy statement
  2. Conduct a BIA
  3. Identify preventive controls
  4. Develop recovery strategies
  5. Develop an IT contingency plan
  6. Perform DRP training and testing
  7. Perform BCP/DRP maintenance
81
Q

___ level managers are responsible for developing and agreeing to the BCP policy statement

A

C-level (ex: CEO, CFO, CIO)

82
Q

A ____ identifies business systems and processes that are critical for a company to continue to operate

A

BIA (business impact analysis)

83
Q

A _____ is also called a tabletop exercise and is a simulation where no actual recovery occurs. The teams talk through the process to identify any logical gaps

A

structured walk-through test

84
Q

A _____ also called a walk-through drill is a simulation in which team members actually carry out the recovery process and performed after regular business hours.

A

simulation test

85
Q

The BCP and DRP should be reviewed every ___ months and a formal audit should be performed ___

A

3; annually

86
Q

____ security guards are guards that are trained and employed by the company that requires them.

A

Proprietary

87
Q

ASTM standard Class 1 gate is

A

Residential (house)

88
Q

ASTM standard Class 2 gate is

A

Commercial/General Access (parking garage)

89
Q

ASTM standard Class 3 gate is

A

Industrial/Limited access (loading dock for 18 wheeler trucks)

90
Q

ASTM standard Class 4 gate is

A

Restricted Access (airports, prisons)

91
Q

Kerberos and Secure European System for Applications in a Multi-vendor Environment (SESAME) are examples of ___ model

A

SSO (single sign on)

92
Q

___ is the process of providing access to a company’s data resources to organizations or parties that are not owned by the company

A

FIM (federated identity management)

93
Q

____ model of FIM uses a single organization to manage the authentication and verification process for each company that is participating in the model. Also known as bridge model

A

trusted third-party

94
Q

___ model of FIM that enables participants to trust another participants PKI. It is difficult to manage as the organization increases

A

cross-certification

95
Q

You can find a X.509 certificates’s serial number or revocation date on a ___

A

CRL (certificate revocation list)

96
Q

The Online Certificate Status Protocol (OCSP) server will tell you a X.509 certificate’s ____

A

status

97
Q

A CA’s revocation data can be found on an _____

A

ARL (authority revocation list)

98
Q

Are symmetric encryptions stronger per bit than asymmetric encryption?

A

Yes

99
Q

Lifetime session keys makes Kerberos more vulnerable to ____ attacks

A

replay

100
Q

Describe the Kerberos authentication steps

A
  1. Client requests authentication from a KDC (key distribution center)
  2. When the KDC authenticates the client, it sends the client a ticket-granting-ticket (TGT) and a session key
  3. The client decrypts the session key and sends it to the Kerberos ticket granting server (TGS) along with the TGT (which is encrypted with a secret key for that TGS)
  4. The TGS uses the TGT and session key to verify the identify of the user
  5. Once verified, the TGS sends the user a service ticket (ST) that is encrypted with a key specific to the device that the client wants to access. The TGS also sends the client a second session key.
  6. The client sends the ST and second session key to the device the client wants to access.
  7. The device then uses the ST and second session key to verify the client has permission to access that device.
101
Q

Kerberos does not by itself require any sort of password complexity and therfore is vulnerable to _____ attacks

A

password guessing

102
Q

Deploying multiple KDC and TGS in the Kerberos realm mitigates ____

A

single point of failure

103
Q

Since the Kerberos KDC database stores user’s credentials in a clear text format, it is vulnerable to ______

A

theft of cached credentials

104
Q

A ___ is another name for a table in a relational database

A

relation

105
Q

A ___ is another name for a row of data in a relational database

A

tuple

106
Q

A ___ is another name for a column of data in a relational database

A

attribute

107
Q

A ____ contains the data within a relational database

A

cell

108
Q

True or False

Both SSH and FTP are used to transfer files over a network. SSH is secure while FTP sends data in clear text.

A

True

109
Q

TCP is ____ oriented while UDP is ____ oriented

A

connection; connectionless

110
Q

Database view contains the results of what?

A

a database query

111
Q

In system high mode, users must have?

A

security clearance and access approval that permits access to all info processed by the system

112
Q

In dedicated mode, users must have?

A

security clearance, access approval, and a valid need to know for all information processed by the system

113
Q

in compartmented mode, users must have?

A

security clearance

114
Q

In multilevel mode, users must have?

A

security clearance, access approval, need to know only information they will access on the system, not all info

115
Q

Prevention obfuscation attempts to make a code obscure to _____ by making it hard to decompile code

A

computers

116
Q

____ obfuscation deals with renaming classes, fields, and methods, replacing them with new identifiers that lack intuitive meaning

A

Lexical

117
Q

___ obfuscation deals with modifying data and data structures in order to hide what the data is used for or what the structures do

A

Data

118
Q

___ obfuscation deals with making an application harder to understand or to decompile. ex: grouping unrelated structures

A

Control flow

119
Q

PDU at network layer

A

packet

120
Q

PDU at transport layer

A

segment

121
Q

PDU at data link layer

A

frame

122
Q

PDU at physical layer

A

bits

123
Q

Formula for ALE?

A

ARO x SLE

124
Q

A printer that fails once every 4 years has an ARO of?

A

0.25 or 25%

1 failure/ 4 years = 0.25 failures per year

125
Q

The frequency at which equipment fails is called the what?

A

ARO (annual rate of occurency)

126
Q

The cost of one occurrence failure is called what?

A

SLE (single loss expectancy)

127
Q

The cost to maintain or replace equipment is called what?

A

ALE (annual loss expectancy)

128
Q

___ investigations attempt to resolve disputes between two parties such as private individuals or corporate entities.

A

Civil

129
Q

___ investigations are typically conducted by law enforcement personnel and attempt to determine whether a criminal law has been violated. They depend on ‘beyond a reasonable’ doubt standard of proof.

A

Criminal

130
Q

____ investigations attempt to determine whether an administrative law or industry standard has been violated

A

Regulatory

131
Q

___ investigations are internal investigations that attempt to determine whether organizational policies or operational procedures have been violated

A

Administrative

132
Q

A _____ is another name for a hypervisor

A

VMM (virtual machine monitor)

133
Q

Type __ hypervisors are installed on bare metal servers meaning it is it’s own OS. Because of their proximity to the physical hardware, they tend to perform well.

A

1

134
Q

Type __ hypervisors are applications installed on host OSs. like Windows, MAC, and Linux. They are easy to deploy and maintain.

A

2

135
Q

A ____ plane is centralize on the SDN network.

A

Control

136
Q

The SDN consists of what 3 planes?

A

application, control, and data

137
Q

A simulation test where employees are relocated to the DRP’s recovery location

A

parallel test