Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Cyber Infrastructure & Technology > Module 01. Endpoint Security > Flashcards

Module 01. Endpoint Security Flashcards

1
Q

What is Endpoint Security Solution

A

Suite of Tools to protect workstations and end point devices.
AV, DLP, NAC, HIDS/HIPS, Encryption, Email protection, Monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does AV scan?

A

Anit Virus:

Scans Strings, Hash signatures, Heuristic Detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does False Positive do?

A

Stops legitimate access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does False Negative do?

A

Allows illegitimate entry

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is ZERO DAY?

A

new flaw exploited before vendor can patch it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Packing and Encryption

A

compressed to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Code Mutation

A

slightly changed code to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Stealth Techniques

A

alter behavior of OS to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Disabling AV Updates

A

allows new viruses to avoid detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Fileless Attack

A

does not install software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How does AV work?

A

Detect, remove, or quarantine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does Internal Firewall work?

A

Blocks incoming/outgoing connections

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How does HIDS/HIPS work

A

Detects, protects, alerts upon malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

How does Sandbox work

A

restricted environment used to run suspicious programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is BOYD

A

Bring Your Own Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is EDR?

A

Endpoint Detection and Response

17
Q

What does EDR have that AV does not?

A

Behavioral Analysis that is not signature based

18
Q

What is APT?

A

Advanced Persistent Threat

19
Q

YARA Rules

A

pattern matching

20
Q

PhishSigs

A

*.pdb, *.gdb, *.wdb

21
Q

pdb

A

Program Database

22
Q

gdb

A

Geo Database

23
Q

wdb

A

Works Database

24
Q

Signature Types

A

Body Based, Hash-Based

25
Q

Logical Signatures

A

Combines multiple signatures

26
Q

Open source AV

A

ClamAV

Cyber Infrastructure & Technology (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions