Module 1: Essential Knowledge Flashcards
1
Q
Level 1 - OSI
A
Physical
2
Q
Level 2 - OSI
A
Data Link
3
Q
Level 3 - OSI
A
Network
4
Q
Level 4 - OSI
A
Transport
5
Q
Level 5 - OSI
A
Session
6
Q
Level 6 - OSI
A
Presentation
7
Q
Level 7 - OSI
A
Application
8
Q
Level 1 - PDU
A
Bits
9
Q
Level 2 - PDU
A
Frame
10
Q
Level 3 - PDU
A
Packet
11
Q
Level 4 - PDU
A
Segment
12
Q
Level 5 PDU -
A
Data
13
Q
Level 6 - PDU
A
Data
14
Q
Level 7 - PDU
A
Data
15
Q
Level 1 - TCP/IP
A
Application
16
Q
Level 2 - TCP/IP
A
Transport
17
Q
Level 3 - TCP/IP
A
Internet/Network
18
Q
Level 4 - TCP/IP
A
Network Access/ Interface
19
Q
TCP/IP Handshake
A
Ack
Syn Ack
Ack
20
Q
1st Stage - Hacking
A
Reconnaissance
21
Q
2nd Stage - Hacking
A
Scanning + Enumeration
22
Q
3rd Stage - Hacking
A
Gaining Access
23
Q
4th Stage - Hacking
A
Maintaining Access
24
Q
5th Stage - Hacking
A
Covering Tracks
25
2 Types of Access Control
MAC & DAC
26
Security Triangle?
Security, Functionality & Usability
27
1st Stage of Risk Management
Risk Identification
28
2nd Stage of Risk Management
Risk Assessment
29
3rd Stage of Risk Management
Risk Treatment
30
4th Stage of Risk Management
Risk Tracking
31
5th Stage of Risk Management
Risk Review
32
3 types of security controls
1. Physical
2. Technical
3. Administrative
33
3 other types of security controls
1. Preventative
2. Detective
3. Corrective
34
What is BIA
Business Impact Analysis
35
What is MTD
Maximum Tolerable Downtime
36
What is BCP
Business Continuity Plan
37
What is DRP
Disaster Recovery Plan
38
3 Pillars of IT security
Confidentiality, Integrity, Availablility
39
Stage 1 of Pen Testing
Preparation Phase
40
Stage 2 of Pen Testing
Assessment Phase
41
Stage 3 of Pen Testing
Conclusion Phase
42
What is Black Box Testing
The pen tester has NO knowledge of the ToE. Simulates an outside attacker
43
What is White Box Testing
Opposite of Black Box Testing
44
What is Grey Box Testing
similar to white box testing, but the Ethical Hacker mimics that of an insider. The goal is to get privilege escalation.