Módulo 10 - Protocol, App and Cloud Security

Question 1

List:
Components of virtualization

Answer 1

1. Physical machine (host OS)
2. Virtual machine (guest OS)
3. Virtual hard disk (VHD)
4. Hypervisor
5. Containerization

Question 2

List:
Advantages of virtualization

Answer 2

1. Flexibility
2. Security
3. Testing
4. Server consolidation
5. Isolation (sandboxing)
6. Application virtualization

Question 3

List:
Disadvantages of virtualization

Answer 3

1. Security issues
2. Bottleneck
3. Complexity
4. Server sprawl

Question 4

List:
Load balancing methods in virtualization

Answer 4

1. Resource pooling
2. Workload balancing

Question 5

Define:
Virtualization

Answer 5

The process of installing and running multiple operating systems concurrently on a single physical machine.

Question 6

Define:
Virtual machine (VM)

Answer 6

A software implementation of a computer that executes programs like a physical machine, also known as a guest operating system.

Question 7

Define:
Hypervisor

Answer 7

A thin layer of software allowing virtual machines to interact with hardware without using the host OS. Types include Type I (bare-metal) and Type II (hosted).

Question 8

Define:
Containerization

Answer 8

A virtualization method enforcing resource separation at the OS level by creating isolated containers for applications or OS distributions.

Question 9

Define:
VM escape

Answer 9

A vulnerability where an attacker breaks out of a VM’s isolated environment and gains access to the host system or other VMs on the same host.

Question 10

Define:
Resource pooling (in virtualization)

Answer 10

Creating shared logical pools of CPU and memory resources from multiple physical machines within the hypervisor to allocate resources to VMs.

Question 11

Define:
Sandboxing

Answer 11

Isolating a virtual machine from the network to test applications, updates, or malware without risking production environments.

Question 12

Define:
Load balancing

Answer 12

A technique that distributes workloads across multiple resources to improve performance, ensure high availability, and provide fault tolerance.

Question 13

Define:
Server sprawl

Answer 13

A condition where managing a large number of virtual machines delays patching and security updates, increasing administrative complexity.

Question 14

Acronym:
VHD

Answer 14

Virtual Hard Disk

Question 15

List:
Important facts about virtual networks

Answer 15

1. Virtual machines support unlimited virtual networks.
2. Multiple virtual networks can share a single physical network adapter.
3. Network configuration depends on host OS and physical hardware.
4. Resources are partitioned into virtual devices with defined capacities.
5. Bandwidth is split into independently secured channels.
6. Virtual DHCP server assigns IPs to virtual machines.
7. OS on virtual machines must be network-configured.
8. Internal network virtualization uses software to emulate a network.
9. External network virtualization combines or segments LANs.

Question 16

List:
Network virtualization service providers

Answer 16

1. VMware
2. Microsoft
3. Citrix

Question 17

List:
Virtual networking terms

Answer 17

1. Virtual local area network (VLAN)
2. Virtual area network (VAN)
3. Virtual private network (VPN)
4. Virtual machine (VM)

Question 18

List:
Virtual networking devices

Answer 18

1. Virtual switch (vSwitch)
2. Virtual router (vRouter)
3. Virtual firewall appliance (VFA)
4. Virtual machine monitor/hypervisor (VMM/hypervisor)

Question 19

Define:
Virtual network

Answer 19

A network comprising virtual and physical devices, enabling efficient deployment and management of network services and resources.

Question 20

Define:
Virtual switch (vSwitch)

Answer 20

Software that facilitates communication between virtual machines by checking data packets before forwarding them to a destination.

Question 21

Define:
Virtual router (vRouter)

Answer 21

A software-based function replicating a physical router, providing flexibility to move routing functions within a network.

Question 22

Define:
Virtual firewall appliance (VFA)

Answer 22

Software acting as a network firewall, providing packet filtering and monitoring for virtual environments.

Question 23

Define:
Virtual local area network (VLAN)

Answer 23

A logical partitioning of a physical LAN, enabling several physical LANs to function as a single network or vice versa.

Question 24

Define:
Virtual area network (VAN)

Answer 24

A virtual LAN running on a physical LAN, enabling communication between guest virtual machines on separate physical hosts.

Question 25

Define:
Virtual private network (VPN)

Answer 25

A secure tunnel over another network, connecting multiple remote endpoints, with multipoint VPNs connecting more than two endpoints.

Question 26

Define:
Hypervisor

Answer 26

Software, firmware, or hardware creating and running virtual machines by managing the virtual platform and guest OS execution.

Question 27

Define:
Internal network virtualization

Answer 27

The use of software containers or pseudo-interfaces to emulate a physical network, improving efficiency by isolating applications.

Question 28

Define:
External network virtualization

Answer 28

The combination or segmentation of LANs to create virtual networks, improving efficiency and flexibility across large networks.

Question 29

Acronym:
VLAN

Answer 29

Virtual Local Area Network

Question 30

Acronym:
VAN

Answer 30

Virtual Area Network

Question 31

Acronym:
VPN

Answer 31

Virtual Private Network

Question 32

Acronym:
VMM

Answer 32

Virtual Machine Monitor

Question 33

List:
Characteristics of cloud computing

Answer 33

1. Delivery of common business applications via web services
2. Connection over the internet or a LAN
3. No end-user knowledge of physical infrastructure needed

Question 34

List:
Types of clouds

Answer 34

1. Public cloud
2. Private cloud
3. Community cloud
4. Hybrid cloud

Question 35

List:
Cloud computing service models

Answer 35

1. Infrastructure as a Service (IaaS)
2. Platform as a Service (PaaS)
3. Software as a Service (SaaS)
4. Security as a Service (SECaaS)

Question 36

List:
Cloud security risk reduction actions

Answer 36

1. Zero Trust
2. Cloud Access Security Broker (CASB)
3. Segregate centrally stored data
4. Patches Mamagemnt
5. Service management
6. Security monitoring
7. Encryption
8. Penetration testing
9. Comply with regulatory measures

Question 37

List:
Advantages of Virtual Desktop Infrastructure (VDI)

Answer 37

1. Workstation hardware costs
2. Centralized data protection and backup
3. Remote access
4. Fast snapshots deploy
5. No lost devices

Question 38

Define:
Cloud computing

Answer 38

The provision of software, data access, computation, and storage services via the internet without requiring end-user knowledge of physical infrastructure.

Question 39

Define:
Public cloud

Answer 39

A cloud accessible by anyone, with resources made available by a service provider, often for free or with a fee.

Question 40

Define:
Private cloud

Answer 40

A cloud restricted to a single organization, hosted internally or by a third party, with secure, exclusive access to resources.

Question 41

Define:
Hybrid cloud

Answer 41

A combination of public, private, and community cloud resources, integrating their functionalities.

Question 42

Define:
Security as a Service (SECaaS)

Answer 42

A cloud model providing security services such as authentication, anti-virus, intrusion detection, and penetration testing, integrated into a corporate infrastructure.

Question 43

Define:
Cloud Access Security Broker (CASB)

Answer 43

A tool or service ensuring communication and access to cloud services comply with organizational security policies and procedures.

Question 44

Define:
Attack surface

Answer 44

All points at which a malicious threat actor could attempt to exploit vulnerabilities in a system.

Question 45

Define:
Supply chain attack

Answer 45

An attack where a threat actor infiltrates a target indirectly through vulnerabilities in its supply chain, such as cloud service providers or hardware vendors.

Question 46

Define:
Virtual Desktop Infrastructure (VDI)

Answer 46

A virtualization method hosting user desktops on data center hardware, allowing access via thin clients with enhanced security and flexibility.

Question 47

Acronym:
IaaS

Answer 47

Infrastructure as a Service

Question 48

Acronym:
PaaS

Answer 48

Platform as a Service

Question 49

Acronym:
SaaS

Answer 49

Software as a Service

Question 50

Acronym:
SECaaS

Answer 50

Security as a Service

Question 51

Acronym:
CASB

Answer 51

Cloud Access Security Broker

Question 52

List:
Measures for securing cloud storage

Answer 52

1. Implement security controls like in physical datacenters
2. Use data classification policies
3. Assign information to storage, handling, and access categories
4. Assign security classifications based on sensitivity and criticality
5. Use tools to securely dispose of data when no longer needed

Question 53

List:
Advantages of cloud storage

Answer 53

1. Pay only for storage used
2. Cuts energy consumption by up to 70%
3. Offers off-premises, on-premises, or hybrid storage options
4. Provides intrinsic storage availability and data protection
5. Shifts storage maintenance tasks to the provider
6. Allows VM image transfer between cloud and on-premises locations
7. Serves as a natural disaster backup with globally distributed servers

Question 54

Define:
Cloud storage

Answer 54

A data storage model provided by a third party as a service, utilizing distributed resources to offer redundancy, durability, and scalability.

Question 55

Define:
Cloud Access Security Broker (CASB)

Answer 55

A gatekeeper that enforces security policies on cloud storage, focusing on visibility, compliance, access control, encryption, and loss prevention.

Question 56

Define:
Federated storage cloud architecture

Answer 56

A cloud storage design where distributed resources act as one unified system for redundancy and fault tolerance.

Question 57

Define:
Object storage architecture

Answer 57

A cloud storage system with intrinsic availability and data protection, ideal for reducing costs and effort in managing availability and recovery.

Question 58

List:
Mobile device connection types

Answer 58

1. Cellular
2. WiFi
3. Bluetooth
4. NFC
5. ANT
6. Infrared
7. USB
8. SATCOM (satellite)

Question 59

List:
Mobile device security considerations

Answer 59

1. Device content management
2. Remote wipe
3. Geofencing
4. Geolocation management
5. Screen lock with passwords
6. Push notification management
7. Password storage and management
8. Biometrics
9. Full device encryption

Question 60

List:
Application management considerations

Answer 60

1. Rooting/jailbreaking/sideloading
2. Flashing custom firmware
3. Carrier unlocking
4. OTA firmware and app updates
5. Camera usage and geolocation in pictures
6. SMS/MMS protocols
7. Connection to external media
8. USB OTG
9. Microphone usage for recording
10. Tethering

Question 61

List:
Security mechanisms for iOS apps

Answer 61

1. Sandboxed apps
2. Digital signatures from Apple or certified third parties
3. Encryption APIs for app data (AES, RC4, 3DES)

Question 62

List:
Security mechanisms for Windows RT apps

Answer 62

1. Modules must be digitally signed by Microsoft
2. Anti-buffer-overflow memory restrictions
3. Data Execution Prevention (DEP)
4. Address Space Layout Randomization (ASLR)
5. SafeSEH and sacrificial canary values

Question 63

List:
Best practices for mobile app security

Answer 63

1. Use apps only from reputable sources
2. Avoid jailbreaking or sideloading apps
3. Use app whitelisting via MDM solutions

Question 64

Define:
Geofencing

Answer 64

Restricting a mobile device to a particular geographical area.

Question 65

Define:
Credential managemen

Answer 65

The ability to store usernames and passwords for various resources, enabling automatic login to network resources or websites.

Question 66

Define:
App whitelisting

Answer 66

The process of defining specific apps that are allowed on a device, often enforced using mobile device management (MDM) solutions.

Question 67

Define:
Geo-tagging

Answer 67

The embedding of GPS coordinates within files, such as images or videos, which can pose privacy and security risks.

Question 68

Define:
Sideloading

Answer 68

The process of installing apps from third-party app stores or websites instead of official app stores.

Question 69

Acronym:
NFC

Answer 69

Near Field Communication

Question 70

Acronym:
ANT

Answer 70

Adaptive Network Topology

Question 71

Acronym:
MDM

Answer 71

Mobile Device Management

Question 72

Acronym:
OTA

Answer 72

Over-the-Air

Question 73

List:
Mobile device security settings options

Answer 73

1. Manually configure security settings on each device
2. Distribute security settings via configuration profiles for iOS
3. Use an MDM solution to push security policies over a network

Question 74

List:
Operating systems supported by Windows Intune

Answer 74

1. Apple iOS 8.0 and later
2. Mac OS X 10.9 and later
3. Windows > 8.1
4. Google Android 4.0

Question 75

List:
Windows Intune configurations

Answer 75

1. Intune Standalone (cloud-only)
2. Hybrid MDM with Configuration Manager

Question 76

List:
Windows Intune management portals

Answer 76

1. Account Portal
2. Admin Portal
3. Company Portal

Question 77

List:
Tasks for configuring Windows Intune

Answer 77

1. Add Intune users
2. Define Intune policies
3. Manage users and groups
4. Enroll computers
5. Enroll mobile devices

Question 78

Define:
Windows Intune

Answer 78

A cloud-based MDM solution from Microsoft that enables remote management and security for mobile devices and Windows systems.

Question 79

Define:
Intune Standalone

Answer 79

A cloud-only deployment of Windows Intune managed via a web console accessible over the internet.

Question 80

Define:
Hybrid MDM with Configuration Manager

Answer 80

A deployment combining Windows Intune’s MDM capabilities with Configuration Manager for content and device administration.

Question 81

Define:
Apple Push Notification Service (APNs)

Answer 81

A service required for managing iOS devices through MDM solutions, enabling notifications and enrollment actions.

Question 82

Acronym:
MDM

Answer 82

Mobile Device Management

Question 83

Acronym:
APNs

Answer 83

Apple Push Notification Service

Question 84

Acronym:
EMS

Answer 84

Enterprise Management + Security

Question 85

List:
Functions of Mobile Device Management (MDM)

Answer 85

1. Track the device
2. Push apps and updates
3. Manage security settings (e.g., lock screens, passwords)
4. Remotely wipe the device

Question 86

List:
Functions of Mobile Application Management (MAM)

Answer 86

1. Install and uninstall apps remotely
2. Update apps as needed
3. Limit app functionality as needed

Question 87

List:
Device types managed by Unified Endpoint Management (UEM)

Answer 87

1. Workstations
2. Printers
3. Mobile devices
4. IoT devices
5. Wearable devices

Question 88

List:
Phases in the Intune Application Life Cycle

Answer 88

1. Add
2. Deploy
3. Configure
4. Protect
5. Retire

Question 89

List:
App deployment and update methods

Answer 89

1. App catalog
2. Self-service portal
3. Remote management

Question 90

Define:
Mobile Device Management (MDM)

Answer 90

A solution that allows IT administrators to remotely manage and enforce policies on mobile devices, focusing on the device itself.

Question 91

Define:
Mobile Application Management (MAM)

Answer 91

A solution that manages applications on mobile devices, enabling control over app installation, updates, and functionality.

Question 92

Define:
Enterprise Mobility Management (EMM)

Answer 92

A solution combining MDM and MAM to manage both device hardware and applications, addressing challenges of diverse device ecosystems.

Question 93

Define:
Unified Endpoint Management (UEM)

Answer 93

A comprehensive solution that combines traditional device management and enterprise mobility management to manage all endpoint types in a single system.

Question 94

Define:
App catalog

Answer 94

A method that defines the apps users can and cannot use, assigning apps to users or devices via groups for streamlined management.

Question 95

Define:
MAM-WE

Answer 95

A Mobile Application Management configuration allowing app and data protection on devices enrolled with third-party EMM providers.

Question 96

Define:
Conditional access (in Intune)

Answer 96

Access control based on app protection policies, restricting user actions like copying data or installing apps on rooted devices.

Question 97

Acronym:
MAM

Answer 97

Mobile Application Management

Question 98

Acronym:
EMM

Answer 98

Enterprise Mobility Management

Question 99

Acronym:
UEM

Answer 99

Unified Endpoint Management

Question 100

Acronym:
MAM-WE

Answer 100

Mobile Application Management Without Enrollment

Question 101

List:
BYOD security issues

Answer 101

1. Malware propagation
2. Loss of sensitive data control
3. Malicious insider attacks
4. Device management
5. Support responsibilities

Question 102

List:
Deployment model alternatives to BYOD

Answer 102

1. Corporate-owned device
2. Corporate-owned, personally enabled (COPE)
3. Choose your own device (CYOD)
4. Virtual desktop infrastructure (VDI)

Question 103

Define:
Malware propagation (BYOD issue)

Answer 103

The risk of infected user devices spreading malware when connected to the organization’s network.

Question 104

Define:
Loss of sensitive data control (BYOD issue)

Answer 104

The risk of sensitive organizational data being copied to personal devices and exposed due to weak security, theft, or malware.

Question 105

Define:
Malicious insider attacks (BYOD issue)

Answer 105

Threats posed by users intentionally misusing personal devices to steal or capture sensitive information.

Question 106

Define:
Device management (BYOD issue)

Answer 106

The challenge of defining responsibility for updates, anti-malware, and overall maintenance of personal devices used on-site.

Question 107

Define:
Support (BYOD issue)

Answer 107

The need to address who provides support for personal devices and apps used for organizational purposes.

Question 108

Define:
Corporate-owned device model

Answer 108

A strategy where the company provides devices, enabling greater control and monitoring of security while restricting usage to workplace purposes.

Question 109

Define:
Corporate-owned, personally enabled (COPE) model

Answer 109

A deployment model allowing employees to use company-owned devices for both corporate and personal purposes while maintaining strong security controls.

Question 110

Define:
Choose your own device (CYOD) model

Answer 110

A strategy offering employees a limited selection of corporate-owned devices, balancing user choice with enhanced security measures.

Question 111

Define:
Virtual desktop infrastructure (VDI)

Answer 111

A technology enabling mobile devices to connect to a virtualized desktop, enhancing security and data protection by processing data on central servers.

Question 112

Acronym:
BYOD

Answer 112

Bring Your Own Device

Question 113

Acronym:
COPE

Answer 113

Corporate-Owned, Personally Enabled

Question 114

Acronym:
CYOD

Answer 114

Choose Your Own Device

Question 115

Acronym:
VDI

Answer 115

Virtual Desktop Infrastructure

Question 116

List:
Common smart home appliances

Answer 116

1. Refrigerators
2. Dishwashers
3. Microwaves

Question 117

List:
Security steps for embedded devices

Answer 117

1. Regularly update firmware manually (if supported)
2. Segment the network using VLANs
3. Encrypt all network communications

Question 118

Define:
SCADA

Answer 118

Supervisory Control and Data Acquisition systems are specialized computers that gather, analyze, and manage industrial automation equipment.

Question 119

Define:
Real-time operating system (RTOS)”

Answer 119

An OS designed to serve real-time applications with strict time constraints, often critical to entire system operations.

Question 120

Define:
System on a Chip (SoC)

Answer 120

An integrated circuit that includes all typical computer system components, commonly used in hobbyist projects like Raspberry Pi.

Question 121

Define:
Multi-function display (MFD)

Answer 121

A configurable screen with buttons used to display and interact with data, commonly found on airplanes, helicopters, and ships.

Question 122

Define:
Voice over IP (VoIP)

Answer 122

A protocol optimized for transmitting voice data over packet-switched IP networks, allowing phone calls through the internet.

Question 123

Define:
Field Programmable Gate Array (FPGA)

Answer 123

An integrated circuit configured post-manufacture by the customer using a hardware description language (HDL).

Question 124

Define:
Unmanned Aerial Vehicle (UAV)

Answer 124

Aircraft that operate without a human pilot onboard, used for military, search and rescue, weather monitoring, and recreation.

Question 125

Define:
Arduino

Answer 125

An open-source hardware and software platform for building digital devices and interactive objects, featuring single-board microcontrollers.

Question 126

Acronym:
SCADA

Answer 126

Supervisory Control and Data Acquisition

Question 127

Acronym:
RTOS

Answer 127

Real-Time Operating System

Question 128

Acronym:
SoC

Answer 128

System on a Chip

Question 129

Acronym:
MFD

Answer 129

Multi-Function Display

Question 130

Acronym:
FPGA

Answer 130

Field Programmable Gate Array

Question 131

Acronym:
VoIP

Answer 131

Voice over IP”

Question 132

List:
Common email threats

Answer 132

1. Virus
2. Spam
3. Open SMTP relay abuse
4. Phishing

Question 133

List:
Best practices for controlling spam

Answer 133

1. Enable spam filters on clients and email servers
2. Enable antivirus scanning for attachments
3. Disable preview screens in email clients
4. Avoid clicking unsubscribe links in unsolicited emails
5. Install server-level anti-spam software
6. Avoid posting full email addresses on the web

Question 134

List:
Protocols for mitigating phishing and spam

Answer 134

1. Sender Policy Framework (SPF)
2. DomainKeys Identified Mail (DKIM)
3. Domain-based Message Authentication, Reporting & Conformance (DMARC)

Question 135

List:
Functions provided by S/MIME and PGP

Answer 135

1. Authentication
2. Message integrity
3. Non-repudiation through digital signatures
4. Privacy through encryption

Question 136

Define:
SPF (Sender Policy Framework)

Answer 136

An email authentication method that verifies the sender’s IP address against a list of authorized IPs published in the DNS TXT records of the sender’s domain.

Question 137

Define:
DKIM (DomainKeys Identified Mail)

Answer 137

A protocol that uses digital signatures to verify the integrity and authenticity of email messages by checking the signature against a DKIM record in the sender’s DNS.

Question 138

Define:
DMARC (Domain-based Message Authentication, Reporting & Conformance)

Answer 138

A protocol that uses SPF and DKIM checks to define rules for handling emails and provides reporting on unauthorized email activity.

Question 139

Define:
S/MIME

Answer 139

Secure/Multipurpose Internet Mail Extensions, a protocol that uses X.509 certificates for email encryption and digital signatures to ensure authentication, integrity, and privacy.

Question 140

Define:
PGP

Answer 140

Pretty Good Privacy, a system for email encryption and digital signatures that uses either a web of trust or trust signatures for certificate validation.

Question 141

Acronym:
SPF

Answer 141

Sender Policy Framework

Question 142

Acronym:
DKIM

Answer 142

DomainKeys Identified Mail

Question 143

Acronym:
DMARC

Answer 143

Domain-based Message Authentication, Reporting & Conformance

Question 144

Acronym:
S/MIME

Answer 144

Secure/Multipurpose Internet Mail Extensions

Question 145

Acronym:
PGP

Answer 145

Pretty Good Privacy