Mom's Study Guide Flashcards

1
Q

What do you call asymmetric encryption that has a Certificate Authority and the associated infrastructure to support issuing and managing certificates?

A

Public Key Infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the ultimate authority of PKI that holds the root key for signing all of the certificates that it gives the intermediary, who in turn issues the certificate to the requester?

A

Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What kind of Certificate Authority is always up and running so that people in the company can request a certificate at any time of the day or night?

A

Online Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What kind of Certificate Authority is for military or secure environments where clearance and vetting muste be completed before someone can be issued with a certificate?

A

Offline Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What do you call a certificate authority that is also known as a third-party CA and is commercially accepted as an authority for issuing public certificates?

A

Public Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Who validates and accepts the incoming requests for certificates from users on the network and notifies the CA to issue the certificates?

A

Registration Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What do you call an intermediary CA?

A

Subordinate Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What prevents the compromising of the CA, certificate fraud and SSL man-in-the-middle attacks?

A

Certificate Pinning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What do you call the root certificate in a PKI environment from which the whole chain of trust is derived. AKA the root CA?

A

Trust anchor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What proves the authenticity of a certificate?

A

Trust models

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What trust model uses a hierarchy from the root CA down the intermediary; the normal PKI model?

A

Hierarchical Trust Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What trust model is peer-to-peer, where two separate PKI environments trust each other?

A

Bridge Trust Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What shows the trust from the vendor, the vendor CA, and the computer where the certificate is installed?

A

Certificate Chaining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What hashing algorithm results in a 160 bit message digest?

A

SHA-1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What hashing algorithm results in a 256 bit message digest?

A

SHA-2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What hashing algorithm results in a 512 bit message digest?

A

SHA3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What hashing algorithm results in a 128-bit message digest?

A

MD5

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the difference between SHA1 and MD5 hashing algorithms?

A

SHA1 is more secure but MD5 is faster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the concept of protecting a company’s data with a series of protective layers so that if one layer fails, another layer will already be in place to thwart an attack?

A

Defense in Depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What controls are written by managers to create organizational policies and procedures to reduce risk within companies?

A

Managerial Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What controls are executed by company personnel during their day-to-day operations?

A

Operational controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What do you call an annual event where you are reminded about what you should be doing on a daily basis to keep the company safe?

A

Annual Security Awareness Training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What do you call the process that a company adopts so that changes made don’t cause any security risks to the company?

A

Change Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What do you call the contingency planning to keep the businesses up and running when a disaster occurs by identifying any single point of failure that would prevent the company from remaining operational?

A

Business Continuity Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What do you call controls implemented by the IT team to reduce the risk to the business?

A

Technical controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What type of control is Annual Risk Assessment?

A

Managerial Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What type of control is Penetration Testing?

A

Managerial Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What type of control is Change management?

A

Operational control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What type of control is a business continuity plan?

A

Operational control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What type of control is firewall rules?

A

Technical control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What type of control is antivirus/antimalware?

A

Technical Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What type of control is IPS and IDS?

A

Technical control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What type of control is CCTV?

A

Deterrent control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What type of control is motion sensors?

A

Deterrent control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What kind of controls are used to investigate an incident that has happened and needs to be investigated?

A

Detective controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What type of controls are the actions you take to recover from an incident?

A

Corrective controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What controls are used instead of a primary control that has failed or is not available?

A

Compensating/Alternative/Secondary Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What types of controls are put in place to deter any attack?

A

Preventative Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What kind of control involves New Technology File System (NTFS) file permissions, which are used in Microsoft operating systems?

A

Discretionary Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What kind of control is based on the classification level of the data?

A

Mandatory Access Control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is the classification of the person who writes the data, and they are the only person that can determine the classification?

A

Data Owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

What is the classification of the person responsible for labeling the data?

A

Data Steward

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

What is the classification of the person who stores and manages classified data?

A

Data Custodian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Who is the person who gives access to classified data once clearance has been approved?

A

Security Administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

In what kind of access control is a rule applied to all of the people within a department?

A

Rule-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

In what kind of access control is access restricted based on an attribute in the account?

A

Attribute-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

“Linux file permissions come in a numerical format; the first number represents the _______, the second represents the _______, and the third represents _________?”

A

Owner, group, all other users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

In Linux file permissions the numerical value 4 means?

A

Read

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

In Linux file permissions the numerical value 2 means?

A

Write

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

In Linux file permissions the numerical value 1 means?

A

Execute

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

What controls are put in place to stop unauthorized access to the company or accessing the data. (Controls that you can touch)

A

Physical Security Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

In what stage of Cloud Forensic Process 26 do we verify the purpose of cloud forensics?

A

Stage A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

In what stage of Cloud Forensic Process 26 do we verify the type of cloud service?

A

Stage B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

In what stage of Cloud Forensic Process 26 do we verify the type of technology behind the cloud?

A

Stage C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

In what stage of Cloud Forensic Process 26 do we verify the role of the user and negotiate with the CSP to collect the evidence required?

A

Stage D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

The first stage in checking whether a certificate is valid, no matter the scenario, is to what?

A

Check the Certificate Revocation List

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What comes into play when the CRL is going slow?

A

Online Certificate Status Protocol (OCSP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is used when a web server bypasses the CRL to use the OCSP for a faster confirmation, irrespective of whether or not a certificate is valid?

A

OCSP Stapling/Certificate Stapling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Certificate validity can only be done by who?

A

CRL or OCSP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

What do you call the process of requesting a new certificate?

A

Certificate Signing Request (CSR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What holds the private keys for third parties and stores them in a HSM?

A

Key Escrow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

What do you call a piece of hardware attached to the server or a portable device that is attached to store the keys?

A

Hardware Security Module (HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

If a user can not access their data because their private key is corrupted, who will recover the data for them by getting the private key from the key escrow?

A

Data Recovery Agent (DRA)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

A certificate is identified by it’s what?

A

Object Identifier (OID)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

What kind of certificates are issued by the same entity that is using it?

A

Self-Signed Certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

What kind of certificate is an X.509 certificate that proves ownership of a domain name?

A

Domain Validation Certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

What kind of certificate can be used on multiple domain names and also can have other information inserted into them such as an IP address?

A

Subject Alternative Name (SAN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

What kind of certificates are used to digitally sign software so that its authenticity is guaranteed?

A

Code Signing Certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What kind of certificate is used to identify a computer within a domain?

A

Computer/Machine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

What kind of certificate provides authenticity to a user for the applications that they use?

A

User Certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

What kind of certificates provide a higher level of trust in identifying the entitiy that is using the certificate?

A

Extended Validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

What kind of certificates can be installed on multiple public facing websites as a cheaper option?

A

Wildcard Certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Turning plaintext into ciphertext is known as?

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What creates a secure tunnel for symmetric data to pass through when it is in transit?

A

Diffie Hellman (DH)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

What encryption standard comes in 3 key strengths: 128, 192, and 256 bit. It is commonly used for L2TP/IPSec VPNs?

A

Advanced Encryption Standard (AES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

What encryption standard groups data in to 64 bit blocks but is seen as a 56-bit key?

A

Data Encryption Standard (DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

What encryption standard applies the DES key 3x and is said to be a 168 bit key?

A

Triple DES (3DES)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

What encryption standard is 40 bits and is used by WEP and is seen as a stream cipher?

A

Rivest Cipher 4 (RC4)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

What kind of encryption is commonly used with AES, several symmetric ciphers, and a one time pad?

A

Exclusive OR (XOR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

What kind of encryption is used to encrypt large amounts of data?

A

Symmetric Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

What mode of operation adds XOR to each plaintext block from the ciphertext block that was previously produced?

A

Cipher Block Chaining (CBC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

What mode of operation replaces each block of the clear text with the block of ciphertext.?

A

Electronic Code Book (ECB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

What mode of operation is a block cipher mode of operation that uses universal hashing over a binary Galois field to provide authenticated encryption? It can be implemented in hardware and software to achieve high speeds with low cost and low latency?

A

Galois/Counter Mode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

What mode of operation turns a block cipher into a stream cipher?

A

Counter Mode (CTR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

Quantum computing uses qubits, which can be switched on or off at the same time or somewhere in between. This is known as?

A

A superposition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

Hashing is a ___________ function, that can not be __________.

A

One-way
reversed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

What are used to verify the integrity of an email so that you know it has not been tampered with in transit?

A

Digital Signatures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

RIPEMD is used for?

A

Hashing data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

What do you call short-lived keys that are used for a one-time only session?

A

Ephemeral Keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

What are the two types of ephemeral keys?

A

Diffie Hellman Ephemeral (DHE) and Elliptic Curve Diffie Hellman Ephemeral (ECDHE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

Asymmetric Algorithms should not be using a key whose strength is what?

A

2046 or lower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

What is the only VPN that uses an SSL certificate and works with legacy clients?

A

SSL VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

What kind of algorithm takes the data from a document and generates a hexadecimal value from that input?

A

Hashing algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

What is a one-way function to ensure that the integrity of the data is intact?

A

Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

What do you call a combination of hardware and software that implements cryptofunctions such as digital signatures, encryption, random number generation, and decryption?

A

Crypto module

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

What do you call data that is not being used and is stored on either a hard drive or external storage?

A

Data-at-rest

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

How would you protect data on a laptop or desktop?

A

Full Disk Encryption (FDE) and DLP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

How would you keep the data on tablets/phones from being stolen?

A

Full Disk Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

How would you keep the data on USB’s or removable devices from being stolen?

A

Full Disk Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

What is the process where you take source code and make it look obscure, so that if it is stolen it would not be understood?

A

Obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

What process is used to mask data?

A

Obfuscation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

What prevents an attacker from using the servers private key to decrypt a key exchange session, even if the VPN server has been compromised?

A

Perfect forward secrecy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

What is it called when a document, image, audio file, or video file can be hidden inside another document, image, audio file, or video file?

A

Steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

What kind of encryption allows an accountant to run calculations against data while it is still encrypted and could be used with data stored in the cloud?

A

Homomorphic Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

What is the technique where you change one character of the input, which will change multiple bits of the output?

A

Diffusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

To prevent data form being accessed, we would do what?

A

Encrypt the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

When people access the company’s network from a remote location they should use a what?

A

L2TP/IPSec VPN Tunnel using AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

Encryption could be coupled with what to ensure that data is secure and kept confidential?

A

Mandatory Access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

What could we do to data stored on a file server to prove that it has not been tampered with?

A

Hash the data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

Small Internet of Things devices will need to use what for encryption?

A

ECC Elliptic Curve Cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

What type of certificate does a CA have?

A

A CA has a root certificate, which it uses to sign keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

If I am going to use a CA internally, what type of CA should I use?

A

a Private CA for internal use only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

If I want to carry out B2B activity with 3rd-party companies or sell products on the web, what type of CA should I use?

A

A public CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

Why would I make my CA offline when not in use?

A

To prevent it from being compromised.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

Who builds the CA or intermediary authorities?

A

An architect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

Who signs X509 certificates?

A

CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

What can I use to prevent my CA from being compromised and fraudulent certificates being used?

A

Certificate pinning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

If two entities want to set up a cross-certification, what must they set up first?

A

A bridge trust model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

What type of trust model does PGP use?

A

Web of Trust

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

How can I tell whether my certificate is valid?

A

by using a CRL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

If the CRL is going slow, what should I implement?

A

OCSP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

Explain certificate stapling/OCSP stapling?

A

Certificate stapling/OCSP stapling is where a web server uses an OCSP for faster certificate authentication, bypassing the CRL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

What is the process of obtaining a new certificate?

A

CSR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

What is the purpose of the key escrow?

A

The key escrow stores and manages private keys for third parties.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

What is the purpose of the HSM?

A

A HSM is used by the key escrow as it securely stores and manages certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

What is the purpose of the DRA and what does it need in order to complete its role effectively?

A

When a user’s private key becomes corrupt, the DRA recovers the data by obtaining a copy of the private key from the key escrow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

How can I identify each certificate?

A

by its OID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

What format is a private certificate and what file extension does it have?

A

A private certificate is in P12 format with a .pfx extension

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

What format is a public certificate and what file extension does it have?

A

A public certificate is in P7B format with a .cer extension

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

What format is a PEM certificate?

A

A PEM certificate is in Base64 format.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

What type of certificate can be used on multiple servers in the same domain?

A

A wildcard certificate can be used on multiple servers in the same domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
131
Q

What should I do with my software to verify that it is original and not a fake copy?

A

Code-signing software is similar to hashing the software and ensuring the integrity of the software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
132
Q

What is the purpose of extended validation of an X509?

A

it provides a higher level of trust for the X509; when it is used, the URL background turns green.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
133
Q

What type of cipher is the Caesar cipher and how does it work it it uses ROT4?

A

The Caesar cipher is a substitution cipher; each letter would be substituted by a letter four characters along in the alphabet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
134
Q

What is encryption and what are the inputs and outputs called?

A

Encryption is when plain text is taken and turned into ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
135
Q

What type of encryption will be used to encrypt large amounts of data?

A

Symmetric encryption is used to encrypt large amounts of data as it uses one key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
136
Q

What is the purpose of DH?

A

DH is an asymmetric technique that creates a secure tunnel; during a VPN connection, it is used during the IKE phase and uses UDP port 500 to create the VPN tunnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
137
Q

What is the first stage in any encryption, no matter whether it is asymmetric or symmetric?

A

Key exchange

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
138
Q

If Carol is encrypting data to send to Bob, what key will they each use?

A

Carol uses Bob’s public key to encrypt the data, and then Bob will use his private key to decrypt the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
139
Q

If George encrypted data 4 years ago with an old CAC card, can he unencrypt the data with his new CAC card?

A

George must obtain the old private key to decrypt the data as the encryption was done with a different key pair.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
140
Q

If Janet is digitally signing an email to send to John to prove that it has not been tampered with in transit, what key will they each use?

A

Janet will digitally sign the email with her private key and John will check its validity with Janet’s public key, which he would have received in advance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
141
Q

What 2 things does digitally signing an email provide?

A

Integrity and Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
142
Q

What asymmetric encryption algorithm should I use to encrypt data on a smartphone?

A

ECC as it is small and fast and uses the DH handshake

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
143
Q

What shall I use to encrypt a military mobile phone?

A

AES-256

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
144
Q

Name 2 key stretching algorithms

A

bcrypt and PBKDF2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
145
Q

What is the purpose of key stretching?

A

Key stretching salts the password being stores so that duplicate passwords are never stored, and it also increases the length of the keys to make things harder for a brute-force attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
146
Q

What is the difference between stream and block cipher modes, and which one will you use to encrypt large blocks of data?

A

Streams encrypt one bit at a time and block ciphers take blocks of data. A block cipher will be used for large amounts of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
147
Q

What happens with cipher block chaining if I don’t have all of the blocks?

A

CBC needs all of the blocks of data to decrypt the data; otherwise, it will not work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
148
Q

If I want to ensure the integrity of data, what shall I use? Name two algorithms.

A

Hashing ensures the integrity of data. MD5 and SHA-1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
149
Q

If I want to ensure the protection of data, what shall I use?

A

Encryption is used to protect data so that it cannot be reviewed or accessed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
150
Q

Is a hash a one-way or two-way function and is it reversible?

A

A hash is a one-way function and cannot be reversed?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
151
Q

What type of man-in-the-middle attack is SSL 3.0 (CBC) vulnerable to?

A

POODLE is a man-in-the-middle attack on a downgraded SSL 3.0 (CBC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
152
Q

Explain why we would use Diffie Hellman Ephemeral (DHE) and Elliptic Curve Diffie Hellman Ephemeral (ECDHE)?

A

DHE and ECDHE are both ephemeral keys that are short-lived, one -time keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
153
Q

What are the strongest and weakest methods of encryption with an L2TP/IPSec VPN tunnel?

A

The strongest encryption for an L2TP/IPSec VPN tunnel is AES and the weakest is DES.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
154
Q

What is the name of the key used to ensure the security of communication between a computer and a server or a computer to another computer?

A

A session key ensures the security of communications between a computer and a server or a computer and another computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
155
Q

What should I do to protect data at rest on a laptop?

A

Data at rest on a laptop is protected by FDE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
156
Q

What should I do to protect data at rest on a tablet or smartphone?

A

Data at rest on a tablet or smartphone is protected by FDE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
157
Q

What should I do to protect data at rest on a backend server?

A

Data at rest on a backend server is stored on a database, so it needs database encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
158
Q

What should I do to protect data at rest on a removable device, such as a USB flash drive or an external hard drive?

A

Data at rest on a USB flash drive or external hard drive is done via FDE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
159
Q

What two protocols could we use to protect data in transit?

A

Data in transit could be secured using TLS, HTTPS, or an L2TP/IPSec tunnel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
160
Q

How can you protect data in use?

A

Data in use could be protected by full memory encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
161
Q

What is the purpose of obfuscation?

A

Obfuscation is used to make the source code look obscure so that if it is stolen, it can not be understood. It masks the data and could use either XOR or ROT13 to obscure the data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
162
Q

What is the purpose of perfect forward secrecy?

A

Perfect forward secrecy ensures that there is no link between the server’s private key and the session key. If the VPN server’s key was compromised, it could not decrypt the session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
163
Q

What type of attack tries to find two hash values that match?

A

A collision attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
164
Q

What is the purpose of rainbow tables?

A

Rainbow tables are a list of precomputed words showing their hash value. You will get rainbow tables for MD5 and different rainbow tables for SHA-1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
165
Q

Explain the concept of steganography.

A

Steganography is used to conceal data; you can hide a file, image, video, or audio, inside another image, video, or audio file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
166
Q

What are the 2 purposes of DLP?

A

DLP prevents sensitive or PII information from being emailed out of a company of being stolen from a file server using a USB device.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
167
Q

What is the purpose of salting a password?

A

Salting a password ensures that duplicate passwords are never stored and makes things more difficult for brute-force attacks by increasing the key size. It appends the salt to the password making it longer than before hashing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
168
Q

What are the 4 key elements to Identify and Access Management?

A

Identity, Authentication, Authorization, and Accounting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
169
Q

What is an entity that can validate that the credentials that are presented are valid?

A

Identify Provider (IdP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
170
Q

What type of account has no real access?

A

A user account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
171
Q

What type of account is a legacy account that was designed to give limited access to a single computer without the need to create a user account?

A

Guest Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
172
Q

What type of account is used for external speakers who may need access to the internet while delivering their presentation?

A

Sponsored guest account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
173
Q

What type of accounts have much higher access to the system and tend to e used by members of the IT team?

A

Privilege Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
174
Q

What type of accounts can install software and manage the configuration of a server or a computer?

A

Administrative account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
175
Q

What type of accounts have the privileges to create, delete, and manage user accounts?

A

Administrative accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
176
Q

What type of account is used for installing software on a computer or server; it needs higher levels of privilege to run the software but also needs a lower-level administrative account?

A

Service Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
177
Q

What type of account is used when a group of people perform the same duties?

A

Shared Account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
178
Q

What types of accounts are default administrative accounts created by manufacturers for devices? They all have default usernames and passwords.

A

Generic Accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
179
Q

What kind of certificate-based authentication is used by governmental and military personnel as they provide both authentication and identification as it has a picture of the user on it?

A

Common Access Card (CAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
180
Q

What kind of certificate-based authentication is very similar to the CAC, but it is used by federal agencies rather than the military?

A

Personal Identity Verification (PIV)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
181
Q

What is the port-based authentication protocol that is used when a device is connected to a switch or when a user authenticates to a WAP?

A

IEEE 802.1x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
182
Q

Authentication with a password that has a short lifespan will be a?

A

TOTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
183
Q

What can be used to establish a region and can pinpoint whether or not you are in that region and if you are not, you will not be able to log in?

A

Geofencing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
184
Q

What helps prevent fraud when someone from a foreign country attempts to log in to your systems?

A

Geofencing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
185
Q

What concept can be used to block any attempt to login outside of the locations that have been determined as allowed regions?

A

Context-aware location

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
186
Q

What concept can be used to identify where your phone is located by using the GPS?

A

Smart phone location services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
187
Q

What concept is a security feature used by cloud providers such as Microsoft to prevent fraud? If a person is located in Toronto and then 30 minutes later is deemed to be in Las Vegas, their attempt to log in will be blocked.

A

Impossible Time Travel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
188
Q

What concept is a security feature used by cloud providers where they have a database of the devices used by each user? An email will be sent when the device is not recognized and only upon verification will the new device get access.

A

Risky Login

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
189
Q

What is an internet standard where the server signs a token with its private key and sends it to a user to prove who they are? Can also be used to digitally sign documents and email and is used by OAuth

A

Javascript Object Notation Web Token (JWT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
190
Q

What codes change after a period of time, and are commonly used by broadband engineers?

A

Static Codes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
191
Q

What type of authentication management looks like a USB device and works in conjunction with your password to provide multifactor authentication?

A

Password Keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
192
Q

What type of authentication management are stored locally on the device and store all of your passwords so that you don’t need to remember them? Uses AES-256 encryption.

A

Password Vault

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
193
Q

What type of authentication management are chips normally built into the motherboard of a computer and are used when you are using FDE (like Bitlocker)?

A

Trusted Platform Module (TPM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
194
Q

What type of authentication management can be a removable device that can be attached to a computer or server via a USB connection? Used to store encryption keys.

A

Hardware Security Module (HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
195
Q

What type of authentication management is normally used by banks, financial institutions, or email providers to identify someone when they want to password reset?

A

Knowledge-Based Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
196
Q

What is an authentication framework allowing point-to-point connections?

A

Extensible Authentication Protocol (EAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
197
Q

What version of EAP encapsulates the EAP data and makes it more secure for WLANS?

A

Protected Extensible Authentication Protocol (PEAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
198
Q

What version of EAP does not use certificates, but protected access credentials instead? Used in wireless networks.

A

EAP-FAST (Flexible Authenticate via Secure Tunneling)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
199
Q

What version of EAP needs X509 certificates installed on the endpoints for authentication?

A

EAP-TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
200
Q

What version of EAP needs the certificates to be installed on the server? It creates a tunnel for the users credentials to travel through.

A

EAP-TTLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
201
Q

What are the two main AAA servers?

A

Microsoft’s RADIUS and CISCO’s TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
202
Q

What server is UDP-based, and authenticates servers such as VPN servers, RAS servers, and the 802.1x authenticating switch?

A

RADIUS server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
203
Q

Every RADIUS client needs the ______ to join the RADIUS environment?

A

secret key/session key/share secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
204
Q

What is the more modern version of RADIUS that works on TCP? It is the AAA server that uses EAP.

A

Diameter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
205
Q

What is the CISCO AAA server that used TCP, and uses TCP port 49 for authentication?

A

TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
206
Q

What allows someone working remotely, either from a hotel room or home, to connect securely through the internet to the corporate network?

A

A VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
207
Q

What is a legacy protocol that pre-dated the VPN? It used modems and a dial-up network using telephone lines, and was very restricted in speed.

A

Remote Access Services (RAS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
208
Q

What authentication method should be avoided at all costs as the passwords are transmitted as clear text and can be easily captured?

A

Password Authentication Protocol (PAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
209
Q

What authentication method was used to connect to to an RAS server with a four-stage process?

A

Challenge Handshake Authentication Protocol (CHAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
210
Q

What is a solution that helps protect the privilege accounts within a domain, preventing attacks such as pass the hash, pass the ticket, and privilege escalation? It also gives visibility in terms of who is using privilege accounts and what tasks they are being used for.

A

Privilege Access Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
211
Q

What kind of access control is based on the classification level of the data?

A

Mandatory Access Control (MAC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
212
Q

What kind of access control applies a rule to all of the people within a department?

A

Rule-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
213
Q

What kind of access control restricts access based on an attribute in the account?

A

Attribute-based Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
214
Q

What protocol manages the users in groups?

A

LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
215
Q

What is the Microsoft authentication protocol that uses tickets, updated sequence numbers (USN), and it is time stamped?

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
216
Q

What kind of server can be placed on your LAN to keep the domain computers and servers in sync with each other?

A

Network Time Protocol server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
217
Q

What are used when two different companies want to authenticate between each other when they participate in a joint venture?

A

Federation Services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
218
Q

When the exam talks about authentication using the phrase ‘third-party’ or extended attributes, think of?

A

Federation services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
219
Q

What is an open source federation service product that uses SAML authentication? It would be used in a small federation service environment and can use cookies.

A

Shibboleth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
220
Q

When two companies need to exchange the extended attribute information and require a special protocol to do so, they use?

A

Security Assertion Mark-up Language (SAML)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
221
Q

What provides authorization to enable third-party applications to obtain limited access to a web service?

A

OAuth 2.0

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
222
Q

What uses OAuth to allow users to log in to a web application without needing to manage the users account? It allows users to authenticate by using their Google, Facebook, or Twitter account.

A

Open ID Connect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
223
Q

What kind of system is used for real time monitoring and can be used to aggregate, decipher, and normalize non-standard log formats? It can also filter out fake positives.

A

Security Information and Event Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
224
Q

What can be run against the system to discover accounts that have not been used for a certain period of time?

A

Discovery service query

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
225
Q

What prevents someone from just reusing the same password? Mainly used for Windows OS’s

A

Password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
226
Q

What is another term used for password history that refers to any other products than a Windows operating system?

A

Password Reuse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
227
Q

What is the maximum number of days that a password can be used for before you are required to change it?

A

Maximum Password Age

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
228
Q

What is the most common form of authentication that is most likely to be entered incorrectly?

A

A Password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
229
Q

When I purchase a new wireless access point what should I do first?

A

Change the default username and password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
230
Q

What is password history?

A

The number of passwords you can use before you can reuse your current password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
231
Q

How can I prevent someone from reusing the same password?

A

Set up password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
232
Q

Explain what format a complex password takes?

A

Uppercase and lowercase letters, numbers, and special characters not used in programming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
233
Q

How can I prevent a hacker from inserting a password multiple times?

A

Set up an account lockout with a low value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
234
Q

What type of factor authentication is a smart card?

A

Multi-factor or dual factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
235
Q

How many factors is it if I have a password, Pin and date of birth?

A

A password, Pin, and date of birth are all factors that you know; therefore it is single-factor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
236
Q

What is biometric authentication?

A

where you use a part of your body or voice for authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
237
Q

What authentication method can be used by two third parties that participate in a joint venture?

A

Federated services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
238
Q

What is an XML-based authentication protocol?

A

Security Assertion Markup Language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
239
Q

What is a Shibboleth?

A

A small open source Federation Services protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
240
Q

What protocol is used to store and search for Active Directory objects?

A

LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
241
Q

What is the format of a distinguished name for a user called Fred who works in the IT department for a company with a domain called Company A that is a dotcom?

A

CN=Fred
OU=IT
DC=Company
DC=Com

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
242
Q

What authentication factor uses tickets, timestamps, and updated sequence numbers and is used to prevent replay attacks?

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
243
Q

What is a TGT session?

A

A Ticket-Granting Ticket process is where a user logs in to an Active Directory domain using Kerberos authentication and receives a service ticket.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
244
Q

What is a single sign on? Give two examples.

A

where a user inserts their credentials only once and accesses different resources without needing to re-enter the credentials. Kerberos, Federation services, or a smart card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
245
Q

How can I prevent a pass-the-hash attack?

A

Pass-the-hash attacks exploit older systems such as Microsoft NT4.0, which uses NT LAN Manager. You can prevent this by enabling Kerberos or disabling NTLM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
246
Q

Give an example of when you would use Open ID Connect?

A

OpenID connect is where you access a device or portal using your Facebook, Twitter, Google, or Hotmail credentials. The portal itself does not manage the account

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
247
Q

Name two AAA servers and the ports associated with them.

A

Microsoft RADIUS, using port 1812 and Cisco TACACS+ and uses TCP port 49

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
248
Q

What is used for accounting in an AAA server?

A

Accounting is an AAA server where they log the details of when someone logs in and logs out; this can be used for billing purposes. Accounting is normally logged into a database such as SQL. RADIUS accounting used UDP port 1813.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
249
Q

What is the purpose of a VPN solution?

A

A VPN solution creates a secure connection from a remote location to your corporate network or vice versa. The most secure tunneling protocol is L2TP/IPSec.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
250
Q

Why should we never use PAP authentication?

A

PAP authentication uses a password in clear text; this could be captured easily by a packet sniffer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
251
Q

What type of device is an iris scanner?

A

An iris scanner is a physical device used for biometric authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
252
Q

What could be the 2 drawbacks of using facial recognition?

A

Facial recognition could be affected by light or turning your head slightly to one side; some older facial recognition systems accept photographs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
253
Q

What is Type II in biometric authentication and why is it a security risk?

A

Type II in biometric authentication is Failure Acceptance Rate, where people that are not permitted to access your network are given access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
254
Q

What is a time limited password?

A

TOTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
255
Q

How many times can you use an HOTP password? Is there a time restriction associated with it?

A

HOTP is a one time password that does not expire until it used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
256
Q

How does a CAC differ from a smart card and who uses CAC?

A

A CAC is used by the military and has a picture and the details of the user on the front, as well as their blood group and Geneva convention category on the reverse side.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
257
Q

What is a port-based authentication that authenticate both users and devices?

A

IEE802.1x is port-based authentication that authenticates both users and devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
258
Q

What type of account is a service account?

A

A service account is a type of administrative account that allows an application to have a higher level of privileges to run on a desktop or server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
259
Q

How many accounts should a system admin for a multinational corporation have and why?

A

2 accounts: a user account for day-to-day tasks, and an administrative account for administrative tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
260
Q

What do I need to do when I purchase a baby monitor and why?

A

You should rename the default admin account and change the default password to prevent someone from using it to hack into your home.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
261
Q

What is a privilege account?

A

An account with administrative rights

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
262
Q

What is the drawback for security if the company uses shared accounts?

A

When monitoring and auditing are carried out, the employees responsible cannot be traced from more than one person shared accounts.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
263
Q

What is a default account? Is it a security risk?

A

Default accounts and passwords for devices and software can be found on the internet and used to hack your network or home devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
264
Q

The system admin in a multinational corporation creates a user account using an employee’s first name and last name. Why are they doing this time after time?

A

They are using a standard naming convention.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
265
Q

What two actions do I need to complete when John Smith leaves the company?

A

You need to disable his account and reset the password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
266
Q

What is account recertification?

A

An audit of user accounts and permissions that is usually carried out by an auditor. This is also referred to as a user account review.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
267
Q

What is the purpose of a user account review?

A

A user account review ensures that old accounts have been deleted and that all current users have the appropriate access to resources and not a higher level of privilege.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
268
Q

What can I implement to find out immediately when a user is placed in a group that may give them a higher level of privilege?

A

A SIEM system can carry out active monitoring and notify the admin or any changes to user accounts or logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
269
Q

What will be the two possible outcomes if an auditor finds any working practices that do not conform to company policy?

A

Either change management or a new policy will be put in place to rectify any area not conforming to company policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
270
Q

If a contractor brings in five consultants for two months of mail server migration, show should I set up their accounts?

A

The contractor’s account should have an expiry date equal to the last day of the contract.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
271
Q

How can I ensure that 3rd party contractors can only access the company network from 9am - 5pm daily?

A

Rule-based access should be adopted so that the contractors can access the company network between 9am and 5pm daily.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
272
Q

If I have a company that has 5 consultants who work in different shift patterns, how can I set up their accounts so that each of them can only access the network during their individual shifts?

A

Time and day restrictions should be set up against each individual’s user account matching their shift pattern.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
273
Q

A brute-force attack cracks a password using all combinations of characters and will eventually crack a password. What can I do to prevent a brute-force attack?

A

Account lockout with a low value will prevent brute-force attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
274
Q

The IT team have a global group called IT Admin; each member of the IT team are members of this group and therefore have full control access to the departmental data. Two new apprentices are joining the company and they need to have read access to the IT data. How can you achieve this with the minimum amount of administrative effort?

A

Create a group called IT apprentices, and then add the apprentices accounts to the group Give the group read access to the IT data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
275
Q

I have different login details and passwords to access Airbnb, Twitter, Facebook, but I keep getting them mixed up and have locked myself out of these accounts from time to time. What can I implement on my Windows 10 laptop to help me?

A

The credential manager can be used to store generic and Windows 10 accounts. The user therefore does not have to remember the account details.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
276
Q

I have moved departments, but the employees in my old department still use my old account for access; what should the company have done to prevent this from happening? What should their next action be?

A

The company should have disabled the account and reset the password. A user account review needs to be carried out to find accounts in a similar situation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
277
Q

What is the purpose of the ssh-copy-id command?

A

To copy and install the public key on the SSH server and add to the list of authorized keys.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
278
Q

When I log in to my Dropbox account from my phone, I get an email asking me to confirm that this was a legal login. What have I been subjected to?

A

Risky login

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
279
Q

What is the purpose of a password vault and how secure is it?

A

A password vault is an application that stores passwords using an AES-256 encryption and it is only as secure as the master key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
280
Q

What type of knowledge-based authentication would a bank normally use?

A

A dynamic KBA that would ask you details about your account that are not previously stored questions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
281
Q

What is the difference between FAR and FRR?

A

FAR allows unauthorized user access, and FRR rejects authorized user access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
282
Q

What is a solution that helps protect privilege accounts?

A

Privileged Access Management is a solution that stores the privileged account in a bastion domain to help protect them from attack?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
283
Q

What is the danger to households with IoT devices?

A

Some people don’t realize that there are generic accounts controlling the devices that make them vulnerable to attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
284
Q

Why do cloud providers adopt a zero-trust model?

A

Some devices being used do not belong to a domain so every connection should be considered unsafe.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
285
Q

Which authentication model gives access to a computer system even though the wrong credentials are being used?

A

Biometric authentication allows unauthorized users access to the system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
286
Q

In a cloud environment, what is elasticity?

A

Elasticity allows you to increase and decrease cloud resources as you need them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
287
Q

In which cloud environment would I install the software and then have to update the patches?

A

IaaS requires you to install the OS and patch the machines. The CSP provides bare-metal computers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
288
Q

What cloud model would I not be allowed to migrate to?

A

SaaS is a custom application written by a vendor and you cannot migrate to it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
289
Q

What is the major benefit of using a public cloud?

A

No capital expenditure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
290
Q

What is a cloud single-tenant model?

A

Private cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
291
Q

What is a cloud multitenant model?

A

Public Cloud

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
292
Q

Describe how a community cloud operates.

A

A community cloud is where people from the same industry, such as a group of lawyers, design and share the cost of bespoke application and its hosting, making it cost-effective.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
293
Q

Who is responsible for the disaster recovery of hardware in a cloud environment?

A

The CSP is responsible for the hardware fails.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
294
Q

What is a Cloud Access Security Broker (CASB)?

A

The CASB ensures that the policies between on-premises and the cloud are enforced.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
295
Q

What model is it if you own the premises and all of the IT infrastructure resides
there?

A

On-premises is where you own the building and work solely from there.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
296
Q

What is a hybrid cloud model?

A

A hybrid cloud is where a company is using a mixture of on-premises and the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
297
Q

What is distributive allocation?

A

Distributive allocation is where the load is spread evenly across a number of resources, ensuring no one resource is over-utilized. An example of this is using a load balancer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
298
Q

What type of model deals with identity management?

A

SECaaS provides secure identity management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
299
Q

Where will a diskless virtual host access its storage?

A

A diskless virtual host will get its disk space from an SAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
300
Q

If you have a virtual switch that resides on a SAN, what connector will you use for
a VLAN?

A

A VLAN on an SAN will use an iSCSI connector.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
301
Q

What type of disks does a SAN use?

A

A SAN will use fast disks, such as SSDs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
302
Q

What is the machine that holds a number of VMs called?

A

A host holds a number of virtual machines - it needs fast disks, memory, and CPU cores.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
303
Q

What is a guest, and what can you use as a rollback option?

A

A guest is a virtual machine, for example, a Windows 10 virtual machine. A snapshot can be used to roll back to a previous configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
304
Q

In a virtual environment, what is sandboxing and how does it relate to chroot jail?

A

Sandboxing is where you isolate an application for patching or testing because it is dangerous. A chroot jail is for sandboxing in a Linux environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
305
Q

Which is faster for data recovery: a snapshot or a backup tape?

A

A snapshot is faster at recovering than any other backup solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
306
Q

What is a Type 1 hypervisor?

A

A Type 1 hypervisor is a bare-metal hypervisor (requires no OS). Some examples are Hyper-V, ESX, and Xen.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
307
Q

What is a Type 2 hypervisor?

A

A Type 2 hypervisor is a hypervisor that sits on top of an operating system, for example, VirtualBox, which could be installed on a Windows 10 desktop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
308
Q

Why does HVAC produce availability for a data center?

A

HVAC keeps the servers cool by importing cold air and exporting hot air. If a servers CPU overheats, it will cause the server to crash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
309
Q

What do you call the cloud model where people from the same industry share
resources and the cost of the cloud model?

A

A community cloud is where people from the same industry share resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
310
Q

What is an example of cloud storage for a personal user?

A

Cloud storage for personal users could be iCloud, Google Drive, Microsoft OneDrive, or Dropbox

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
311
Q

Explain the functionality of fog computing.

A

Fog computing is an intermediary between the device and the cloud. It allows the data to be processed closer to the device. It reduces latency and cost.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
312
Q

What is edge computing?

A

It allows data storage to be closer to the sensors rather than miles away in a data center.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
313
Q

What are containers?

A

A container allows the isolation of the applications and its files and libraries so that the application is independent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
314
Q

What is IaC?

A

Infrastructure as code allows you to automate your infrastructure, for example, using PowerShell DSC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
315
Q

Describe services integration.

A

The is the combination of business and IT functions into a single business solution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
316
Q

What are cloud resource policies?

A

These are the policies that state the actions and access levels someone has in relation to a particular resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
317
Q

What is system sprawl, and what is a way to prevent it?

A

This is where a virtual machine or host has run out of resources. The best way to avoid this is to use thin provisioning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
318
Q

What is the best way to protect against VM escape?

A

VM escape is where an attacker will use a vulnerable virtual machine to attack the host of another virtual machine. The best protection against this attack is to ensure that the hypervisor and all virtual machines are fully patched.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
319
Q

What is a cloud region, and how can it provide redundancy?

A

A cloud region consists of multiple physical locations called zones; data can be spread across multiple zones for redundancy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
320
Q

What is secret management, and what encryption levels protect the secret
management key?

A

Secrets management uses a vault to store keys, passwords, tokens, and SSH keys used for privilege accounts. It uses RSA 2048-bit keys to protect the secret management access key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
321
Q

Explain the main difference between LRS and ZRS. Which one is the cheapest?

A

LRS replicates 3 copies of your data to a single physical location. This is the cheapest option. ZRS is where three copies of the data are replicated to 3 separate zones within your region.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
322
Q

Why would a VPC use private and public subnets?

A

They would be used as a form of network segmentation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
323
Q

What type of resources would be held on a public subnet?

A

Resources that need access to the internet, for example, company web servers. A NAT gateway and an internet gateway would also be on these subnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
324
Q

What type of resources would be held on a private subnet?

A

Resources that should not have direct internet access, such as database servers, domain controllers, and email servers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
325
Q

How would someone connect to a VPC?

A

A VPN connection using L2TP/IPSec should be used to connect to a VPC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
326
Q

Where should a default route be pointing for a device within a private subnet,
and what is its purpose?

A

The default rout of 0.0.0.0 should be pointing to either the NAT gateway or the internet gateway. When network traffic does not know where to go, it will be sent to the default route as a last resort.

327
Q

Why might a third-party cloud solution be better than a cloud-native solutions?

A

The third-party tools will offer more flexibility.

328
Q

Which pen tester would be given source code?

A

The white box tester can access the source code.

329
Q

Why would a shared account pose a problem to monitoring?

A

It would prevent you from monitoring or auditing an individual.

330
Q

Which pen tester would be given no access prior to the test but, at the last minute,
is given a diagram of the desktops?

A

The gray box pen tester would be given at least one piece of information; normally they get limited data.

331
Q

What needs to be established prior to a pen test commencing?

A

Rules of engagement must be established.

332
Q

While carrying out an unannounced pen test, how does the tester know if the
internal security team are on to him?

A

He would have regular meetings with the client, who would tell him if he has been discovered.

333
Q

What is the scope of rules of engagement?

A

The scope determines whether the pen test is black, gray, or white.

334
Q

If the pen test has been announced to the IT team, what information should they
give regarding the test prior to the test starting?

A

The pen tester would give the internal IT team their IP address so that they can establish whether or not it is the pen tester or an attacker.

335
Q

What is the main difference between a credentialed and a non-credentialed
vulnerability scan?

A

The credentialed scan has more permissions than a non-credentialed one and has the ability to audit, scan documents, check account information, check certificates, and provide more accurate information.

336
Q

At what phase of a pen test does the tester return the systems back to the original
state or inform the IT team of vulnerabilities that need patching?

A

The cleanup phase is where the systems are returned back to the original state.

337
Q

What is OSINT? Is it legal?

A

Open source intelligence; this is legal intelligence that is obtained from the public domain.

338
Q

What is the purpose of the red team?

A

They fulfill the role of the attacker.

339
Q

What is the purpose of the blue team?

A

They fulfill the role of the defender.

340
Q

What is the purpose of the white team?

A

They organize and judge the cybersecurity events, ensure reports are accurate and the correct countermeasures are recommended.

341
Q

What is the purpose of the purple team?

A

They carry out the roles of both the red and blue teams; these are external consultants or auditors.

342
Q

When evaluating CVSS scores, which vulnerabilities should you deal with first?

A

You must deal with the most critical vulnerabilities first.

343
Q

Describe a false positive.

A

When a monitoring system and manual inspection differ. For example, a SIEM system says there is an attack, and a manual inspection confirms that there is no attack.

344
Q

What is a true positive?

A

When a monitoring system and manual inspection agree on events.

345
Q

What is the difference between intrusive and non-intrusive scans?

A

An intrusive scan will cause damage whereas a non-intrusive scan is passive and wont cause damage.

346
Q

What is regression testing and who will carry it out?

A

Regression testing is where a coding expert checks the code written for an application to ensure that there are no flaws.

347
Q

When would dynamic analysis be carried out?

A

Dynamic analysis is evaluating a program where it is running in real time.

348
Q

What is a syslog server and what purpose does it serve?

A

The syslog server collects data from various sources in an event logging database. It filters out legitimate events and forwards the rest of the data to the SIEM server for further analysis.

349
Q

Why does a SIEM server rely on synchronized time clocks between all of the servers
and devices that it collects data from?

A

A SIEM server puts events into chronological order. If the clocks are not synchronized, then events cannot be put into sequential order.

350
Q

What is the purpose of threat hunting?

A

The IT team carries out threat hunting in their own systems to try and discover whether they have been subjected to a cyber attack.

351
Q

What refers to the rules required by different applications for the exchange of data?

A

Protocols

352
Q

What are the 2 types of ports?

A

TCP and UDP

353
Q

What is the main difference between Transmission Control Protocol and User Datagram Protocol?

A

The main difference between the two is that TCP is connection-oriented
as it uses a three-way handshake, and UDP is faster but less reliable as it is connectionless.

354
Q

If I wish to upload files to a web server, I would use what port?

A

FTP on port 20

355
Q

If I was downloading files from a web server, I would use what port?

A

FTP on port 21, Passive FTP

356
Q

What is the downside of using FTP and what should replace it?

A

The transfer is done in clear test, so a packet sniffer could view the information. It could be replaced by SFTP or FTPS.

357
Q

What insecure protocol was used to run remote commands on devices such as routers?

A

Telnet

358
Q

What is the problem with Telnet?

A

the session is in clear text and not secure. SSH has replaced it.

359
Q

What insecure protocol allocates IP addresses dynamically to computers?

A

DHCP

360
Q

What insecure protocol is used to access websites?

A

HTTP

361
Q

What insecure protocol ensures that the clock times of all computers and servers are synchronized?

A

NTP

362
Q

What insecure protocol creates, stores, and manages objects in a directory service?

A

LDAP

363
Q

What insecure protocol is used to transfer files between different mail servers and is used for outbound emails?

A

SMTP

364
Q

What insecure protocol is an email client that pulls email from the mail server, but when the email is downloaded, it does not retain a copy on the mail server itself?

A

POP3

365
Q

What is a hierarchical naming system that takes a hostname and resolves it to an IP address?

A

DNS

366
Q

What stores recently resolved host names?

A

DNS Cache

367
Q

What is a flat file where entries are manually inserted and read from top to bottom?

A

The host file

368
Q

What server normally maintains only the hostnames for your domain?

A

DNS Server

369
Q

What server refers requests to the .com server, which in turn refers requests to the authoritative DNS server for the domain, which then replies with the IP address of the website?

A

Root server

370
Q

What is the Microsoft legacy naming convention that has a flat namespace that can have a max of 15 characters with a service identifier?

A

NETBIOS

371
Q

What insecure protocol transfers the video conferencing traffic once Session Initiation Protocol has established a session?

A

RTP

372
Q

What protocol allows different methods of video and voice to communicate with each other? For example, if you use an XMPP gateway, you can connect Jabber clients to a Skype session.

A

Media Gateway

373
Q

What protocol was invented to replace Telnet so that commands could be run securely? It is commonly used when you want remote access to network devices.

A

SSH

374
Q

What protocol is used to transfer files securely between hosts in a Linux environment?

A

SCP (Secure Copy Protocol)

375
Q

What protocol allows us to encrypt authentication and download files securely so that they cannot be tampered with? It is secure as it is packaged with SSH.

A

SFTP

376
Q

What protocol was introduced to prevent someone from gaining access to DNS records?

A

DNSSEC

377
Q

What is the authentication system used to log in to directory services and uses tickets for authentication?

A

Kerberos

378
Q

What is the secure version of SNMP, as it authenticates and encrypts data packets?

A

SNMP v3

379
Q

When objects are created in directory services, they are securely managed by what protocol?

A

LDAPS

380
Q

What protocol can be used to secure a web page but is more commonly used when making a purchase on a website?

A

HTTPS

381
Q

What protocol is used to protect data in transit and is an upgraded version of SSL that is used to encrypt communications on the internet, such as email or internet faxing, and transfer data securely?

A

TLS

382
Q

What protocol can be used with L2TP/IPSec to provide a VPN session?

A

IPSec

383
Q

What part of the IPSec packet is hashed by using SHA1 or MD5 to confirm the integrity of the packet?

A

AH

384
Q

What part of the IPSec packet is the data that is encrypted by DES, 3DES, or AES?

A

ESP

385
Q

What mode of IPSec is used with L2TP/IPSec VPN’s, where both the AH and the ESP are encrypted? It is normally used externally.

A

Tunnel Mode

386
Q

What mode of IPSec is used between two servers or hosts on an internal network, where only the ESP is encrypted?

A

Transport mode

387
Q

What protocol is secure SMTP and uses TLS for encryption? It uses the STARTTLS command, which secures email.

A

SMTPS

388
Q

What protocol is an email client that has the ability to manage tasks and diaries?

A

IMAP 4

389
Q

What protocol is a legacy email client that does not leave copies of messages on the mail server?

A

SPOP3

390
Q

What protocol uses Public Key Infrastructure (PKI) to either encrypt emails or digitally sign emails to prove the integrity of the message?

A

S/MIME

391
Q

What protocol is used to transfer large files securely, as it uses TLS to set up a secure tunnel before downloading the files, and this makes it faster?

A

FTPS

392
Q

What protocol is a Microsoft product that allows you to run a secure remote access session on a Windows desktop or server?

A

RDP

393
Q

What protocol is used to secure video-conferencing traffic? it normally uses TCP port 5061.

A

SRTP

394
Q

What protocol uses port 21?

A

FTP

395
Q

What protocol uses port 23?

A

Telnet

396
Q

What protocol uses port 25?

A

SMTP

397
Q

What protocol uses port 53?

A

DNS

398
Q

What protocol uses UDP port 67/68?

A

DHCP

399
Q

What protocol uses UDP port 69?

A

Trivial FTP

400
Q

What protocol uses port 80?

A

HTTP

401
Q

What protocol uses port 110?

A

POP3

402
Q

What protocol uses port 123?

A

NTP

403
Q

What protocol uses UDP ports 137-139?

A

NETBIOS

404
Q

What protocol uses port 143?

A

IMAP

405
Q

What protocol uses UDP port 161?

A

SNMP

406
Q

What protocol uses port 389?

A

LDAP

407
Q

What protocols use port 22?

A

SSH, SCP, SFTP

408
Q

What protocol uses TCP/UDP port 53?

A

DNSSEC

409
Q

What protocol uses port 88?

A

Kerberos

410
Q

What protocol uses UDP port 162?

A

SNMP v3

411
Q

What protocol uses port 389?

A

LDAPS

412
Q

What protocols use port 443?

A

HTTPS, TLS, SSL

413
Q

What protocol uses UDP port 500?

A

IPSec

414
Q

What protocol uses port 587?

A

SMTPS

415
Q

What protocols use port 993?

A

IMAP4 and S/MIME

416
Q

What protocol uses port 995?

A

SPOP3

417
Q

What protocol uses ports 989/990?

A

FTPS

418
Q

What protocol uses port 3389?

A

RDP

419
Q

What protocol uses ports 5060/5061?

A

SIP

420
Q

What protocol uses port 5061?

A

SRTP

421
Q

What is used to remotely access the router and run commands securely?

A

SSH

422
Q

A managed switch is called?

A

802.1x

423
Q

What is it called when a port in a switch is switched off to prevent someone from plugging their laptop into a wall jack?

A

Port security

424
Q

What is used in a switch to prevent MAC flooding, where the switch is flooded with a high volume of fake MAC addresses? This prevents DDoS attacks?

A

Flood Guard

425
Q

What can be set up on a switch to segment network traffic?

A

VLAN

426
Q

What protocol has an algorithm that sets up some ports to forward, listen, or block traffic to prevent looping?

A

Spanning Tree Protocol

427
Q

What is the authentication protocol that uses tickets and prevents replay attacks?

A

When using Kerberos authentication, a TGT session is established, where the user obtains an encrypted service ticket. Kerberos uses USN and timestamps to prevent replay attacks.

428
Q

Describe how IPSec tunnel mode works.

A

IPSec in tunnel mode is used with an L2TP/IPSec VPN session where both the AH and ESP are encrypted.

429
Q

Describe how IPSec transport mode works.

A

IPSec in transport mode is server to server on a LAN where only the ESP is encrypted.

430
Q

If an IT administrator uses Telnet to run remote commands on a router,
which secure protocol can it be replaced with?

A

SSH is a secure protocol that replaces Telnet.

431
Q

What is the purpose of a router?

A

A router connects external networks and routes IP packets.

432
Q

What is the purpose of a switch?

A

A switch is an internal device connecting computers being used in the same location.

433
Q

What type of service is Spotify?

A

A subscription service where the user pays a monthly fee.

434
Q

Explain how port security works.

A

Port security is where a port on a switch is disabled to prevent someone from using a particular wall jack.

435
Q

Describe how a managed switch with 802.1x works.

A

802.1x authenticates users and devices connecting to a switch. Normally the user or a device has a certificate to authenticate them without the need to disable ports on the switch. An unauthorized user is prevented from using the port as they have no certificate.

436
Q

What are the three portions of a distinguished name and the order that
they come in?

A

The three portions of a distinguished name from left to right are CN, OU, and then DC.

437
Q

Which protocol can I use to prevent DNS poisoning?

A

DNSSEC, which produces RRSIG records that prevent DNS poisoning.

438
Q

What are the two reasons why a computer might not receive an IP address from
a DHCP server?

A

A computer might not receive an IP address from a DHCP server due to resource exhaustion or network connectivity.

439
Q

What type of server would both an SIEM server and a Microsoft domain controller
benefit from having installed on their network?

A

An NTP server to keep the clock times on the hosts up to date.

440
Q

If two companies rented offices on the same floor of a building, what could the
building administrator implement to isolate them from each other?

A

VLAN’s

441
Q

What is the purpose of STP?

A

Spanning Tree Protocol prevents switches form looping, which slows the switch down.

442
Q

If a network administrator wanted to collect the statuses and reports of network
devices, what secure protocol could they use?

A

SMTP v3 to securely collect the status and reports from network devices.

443
Q

If a network administrator wants to set up a VPN, what is the most secure protocol
that they can use?

A

AES is the strongest protocol for an L2TP/IPSec VPN as it can use 256 bits

444
Q

Which secure protocol can be used to prevent a pass-the-hash attack?

A

A pass-the-hash attack is a hash collision attack against NLTM authentication. Kerberos prevents this attack.

445
Q

Which protocol protects data in transit?

A

TLS protects data in transit.

446
Q

Which protocol can be used to digitally sign an email between two people?

A

S/MIME

447
Q

Which protocol can be used to secure video conferencing?

A

SRTP

448
Q

Which protocol allows a user to put a Skype session on hold, speak to another
person, and then come back to the first caller?

A

SIP

449
Q

A system administrator is managing a directory service using a protocol that uses
TCP port 389. What protocol are they using and which protocol can be used to
carry out the same task securely?

A

LDAP uses TCP port 389 and is used to manage directory services. It can be replaced by LDAPS TCP port 636, which is more secure.

450
Q

Say I use the nbtstat -an command and the output shows me the following:
IAN <00>
IAN <20>
What naming convention is used and what format is being shown?

A

The format is NETBIOS, the host is called Ian;<00> indicates the workstation service and <20> indicates the server service.

451
Q

What protocol can be used to transfer large files remotely?

A

FTPS is used to transfer large files as it uses two ports: 989/990

452
Q

What are the frames that contain information about the STP?

A

BPDU’s

453
Q

What is set up on a port of a switch so that when the data arrives at that port, a splitter sends a copy to another device for later investigation?

A

Tap/Port Mirror

454
Q

What can be used to examine the attack methods that hackers use?

A

a honeypot

455
Q

What kind of server controls requests from clients seeking resources on the internet or an external network?

A

Proxy server

456
Q

What do you call a hardened host that could be used as an intermediary device or as a gateway for administrators who would then connect to other servers for remote authentication?

A

Jump server/jump host/jump box

457
Q

What do you call a device that is used when there is a high volume of traffic coming into the company’s network or web server?

A

Network load balancer

458
Q

What do you call a legacy server where dial-up networking is used? Located on the company network and the speed of the modem was up to 56Kbps - very slow and pages look like a map.

A

Remote Access Server

459
Q

What is the most secure tunneling protocol that can use certification, Kerberos authentication, or a pre-shared key? Provides both a secure tunnel and authentication,

A

L2TP/IPSec

460
Q

What tunneling protocol works on legacy systems and uses SSL certificates for authentication? A newer version is TLS VPN.

A

Secure Socket Layer (SSL) VPN

461
Q

What mode of IPSec is used across the internet?

A

Tunnel mode

462
Q

What mode of IPSec is created with an internal network using client/server-to-server communication?

A

Transport Mode

463
Q

The purpose of the ___________ is to set up the secure tunnel during the IKE phase.

A

VPN concentrator

464
Q

What kind of VPN’s use an SSL certificate, and only need a web browser to make a connection?

A

SSL VPN

465
Q

What kind of attack is where a secure VPN session is connected and then the user opens an unsecured session that would allow the hacker to come in through the unsecured session and gain access?

A

Split tunneling

466
Q

What is the go to version of secure remote access?

A

SSH

467
Q

What do you call a network where packets are routed through a controller rather than traditional routes, which improves performance?

A

Software-Defined Networking

468
Q

What do you call a secure network with very fast links and a web server, called the intranet, that holds internal-only information, such as classified data, manufacturing price lists, or the internal forms library?

A

LAN

469
Q

What do you call the boundary layer between the LAN and the WAN that holds information that companies may want people from the internet to access?

A

Screened Subnet

470
Q

What checks that the device being used is fully patched?

A

NAC

471
Q

What component of the NAC checks the health of the incoming device to ensure that it is fully patched?

A

Host Health checks (HAuth)

472
Q

What kind of attack sees attackers attempt to poison the DNS cache by putting in wrong entries to divert you to a server where they can attack you?

A

DNS poisoning

473
Q

What is a flat file where entries are manually inserted and read from the top to the bottom?

A

Hosts file

474
Q

What is the process of capturing your network traffic, and mapping all of the network devices, protocols, and IP address ranges so that they have information that will help an attacker get an idea of how your network is laid out?

A

Fingerprinting

475
Q

What is the process of looking at the network topology and gathering as much information as you can, such as email addresses? They will identify vulnerabilities within a company that can be used as an attack vector.

A

Footprinting

476
Q

What brings back the replies when you use command-line tools?

A

Internet Control Message Protocol (ICMP)

477
Q

What command is used to test connectivity to another host?

A

Ping

478
Q

What command uses the ping -t command and is used for diagnostic testing?

A

Continuous Ping

479
Q

What command tool can be used as a TCP/IP packet assembler and analyzer? It allows you to test the security of your network devices, such as firewall rules and open ports, and analyzes network traffic, including packet formats and traceroute.

A

Hping

480
Q

What command shows the route taken from a computer to a website? It can show any latency traveling through a particular router.

A

Tracert/Traceroute

481
Q

What command has the functionality of both ping packets and tracert? It also calculates statistics after the trace, showing the packet loss ate each router it passes through.

A

Pathping

482
Q

What command is used to see the established connections and the listening ports? It can also let you know what services are running on a computer.

A

Netstat

483
Q

What command is a diagnostic tool for verifying the IP address of a hostname in the DNS server database?

A

Nslookupd

484
Q

What does the “set type=MX” command do?

A

brings back the DNS details on all mail servers in the domain

485
Q

What command is the equivalent of nslookup in a Linux/Unix environment?

A

Dig

486
Q

What command is used to translate the IP address to a MAC address?

A

ARP

487
Q

What commands show the IP configuration?

A

ipconfig (windows)/ip/ifconfig (Linux)

488
Q

What command is used to clear out all entries in the DNS cache?

A

ipconfig/flushdns

489
Q

What command is used by Linux/Unix as a packet sniffer command?

A

tcpdump

490
Q

What command is a free and open source network mapper that can be used to create an inventory of all the devices on you network and can be used for banner grabbing?

A

Nmap

491
Q

What command is a utility for showing network connections in a Linux/Unix environment?

A

Netcat/nc

492
Q

What can scan all IP addresses in a given range?

A

IP scanners

493
Q

What is the command-tool used to transfer data? It can also be used in banner grabbing; this is fetching remote banner information from web servers.

A

Curl

494
Q

What is a passive tool that comes with Kali Linux and we can use it to harvest the email addresses of an organization?

A

The Harvester

495
Q

What is a pen test reconnaissance tool that can be used for automated tests? It can look for vulnerabilities in your network, open ports, it can diagnose DNS, issues it has Nmap capabilities, and it can find application weaknesses.

A

Sn1per

496
Q

What is a port scanner that has the ability to be anonymous so that the scan cannot be traced back to your IP address?

A

Scanless

497
Q

What tool can identify DNS records, such as MX, mail exchange servers, NS and host A records for a domain?

A

Dnsenum

498
Q

What is a remote scanning tool that can highlight vulnerabilities that can be exploited by hackers?

A

Nessus

499
Q

What tool creates a sandbox that can be used for analyzing files for malware inspection?

A

Cuckoo

500
Q

What tools will scan the computer on a regular basis and then produce reports?

A

Anti-virus/Advanced Malware Tools

501
Q

What tool can replace corrupted files by replacing them with a copy held in a compressed folder with system32? You run it with the sfc /scannow command.

A

File Integrity Checker

502
Q

What do you call the Microsoft utility that can check the hash value of system files to ensure that there has been no tampering?

A

File Checksum Integrity Verifier (FCIV)

503
Q

What command in Linux can be used to create files, view files, and also concatenate a number of files into another file?

A

Concatenate (Cat)

504
Q

The most important file in Linux is the /var/log/messages file, which shows system events such as a shutdown and reboot. What command can we use to check the top 10 messages from that log?

A

Head

505
Q

What command can we used to view the last 10 messages in the /var/log/messages log file?

A

Tail

506
Q

What command is used to search text and log files for specific values?

A

Grep

507
Q

What command is used to change the permission level?

A

chmod

508
Q

What command can you use to add a message to the local system log file or to a remote syslog server?

A

logger

509
Q

What can capture the traffic flowing through the network, including passwords in clear text and any commands being sent to network-based applications?

A

Protocol Analyzer/Packet sniffer

510
Q

What is an open source tool that can be used to analyze .pcap files generated by either Wireshark or tcpdump and then replay the traffic and send it to the NIPS to see whether it detects it?

A

tcpreplay

511
Q

What kind of tools can develop and execute exploit code against a remote target computer? This can be used to harden your IT systems before they are attacked.

A

Exploitation Framework tools

512
Q

When the forensics team are going to investigate an image on a desktop or laptop, what command can be used to clone a disk or copy a folder in a Linux/Unix environment?

A

dd

513
Q

What is the command line
dd if =/dev/sda of = /dev/sdb
doing?

A

Copying the entire disk /dev/sda to /dev/sdb

514
Q

What is the command
dd if=/dev/sda of=~/sdadisk.img

A

Taking the disk /dev/sda and making it into a disk image.

515
Q

What command is an enhanced version of the dd command and can be used to obtain forensic information such as the hash of the drive?

A

dcfldd

516
Q

What tool analyzed dump files?

A

Blue screen review or memdump (linux)

517
Q

What tool can be used on any version of Windows OS’s to help forensics team find evidence? Its a hexadecimal editor that can be used to find deleted or lost data and recover data from a corrupt drive?

A

WinHex

518
Q

What can be used to collect copies of data without making changes to the original evidenct?

A

FTK imager

519
Q

What can be used to analyze hard drives, smartphones, and media cards? It has a built-in translator to translate foreign languages into English.

A

Autopsy

520
Q

When you see names in clear text followed by hashes, the hash is a hash of what?

A

the password

521
Q

What tools can be used to crack the passwords and create password hashes? Such as the Cain portion of Cain and Able or LOphtcrack.

A

Password Crackers

522
Q

What range of IP addresses have the first number on the left starting with 1-126?

A

Class A

523
Q

What range of IP addresses is 172.16.x.x to 172.31.x.x? It is only a partial address range.

A

Class B

524
Q

What range of IP addresses begin at 192.168.x.x and is the complete address range?

A

Class C

525
Q

What is used to divide IP addresses into blocks so that different subnets have their own IP address range? It can also tell whether the packet delivery is local or remote?

A

Subnet masks

526
Q

If you cannot get an IP address from a DHCP server, you will get what instead?

A

an APIPA address starting with 169.254.x.x.

527
Q

What hexadecimal address range can be used externally? They start on the right-hand side with values of 2001, 2002, or 2003.

A

Public addresses

528
Q

What hexadecimal address range are restricted to one subnet and start with fe80?

A

Link Local

529
Q

What hexadecimal address range are restricted to a site and start with either fc00 and fd00? Also known as site-local addresses.

A

Unique Local

530
Q

An IP version 6 address can be simplified by what?

A

Removing leading zeros and replacing a number of blocks of 0000 with a double colon.

531
Q

Cloud providers allocate IP addresses for VPC by using different what?

A

CIDR blocks for each network

532
Q

What is the purpose of a web application firewall and where is it normally placed?

A

The web application firewall is normally installed on a web server as its job is to protect web applications from attack.

533
Q

What is Implicit Deny and which two devices does it affect?

A

Implicit Deny is used by both the firewall and the router. If there is no allow rule they get the last rule which is deny all. This is known as Implicit Deny.

534
Q

What is the firewall that does content filtering, URL filtering, and malware
inspection?

A

UTM is a firewall that provides value for money as it can provide URL filtering, content filtering, and malware inspection as well as firewall functionality.

535
Q

Which network device connects two networks together?

A

A router connects different networks together and works at Layer 3 of the OSI reference model (Network Layer)

536
Q

Which type of internal device connects users on the same network?

A

A switch connects users on an internal network, normally in a star topology.

537
Q

Which type of device hides the internal network from hackers on the internet?

A

A NAT hides the internal network from those on the external network.

538
Q

What is an inline NIPS?

A

An inline NIPS is where the incoming traffic passes through and is screened by the NIPS.

539
Q

Which type of IPS protects virtual machines from attack?

A

A Host-Based IPS is installed inside the guest virtual machine to protect it from attacks.

540
Q

Which type of IPS is placed behind the firewall as an additional layer of security?

A

A Network-based IPS is placed behind the firewall as an additional layer of security. The firewall prevents unauthorized access to the network.

541
Q

If I don’t have a NIDS on my network, which device can passively monitor
network traffic?

A

A NIPS can passively monitor the network as it can fulfill the functionality of a NIDS if there is no NIDS on your network.

542
Q

What is the difference between a signature and anomaly-based NIDS?

A

A signature-based NIDS works off a known database of variants, whereas an anomaly-based one starts with the database and can learn about new patterns or threats.

543
Q

What is the passive device that sits on your internal network?

A

A passive device that sits inside your network is a NIPS

544
Q

If I receive an alert that server 1 has a virus and I inspect the server and there are no
viruses, what is this known as?

A

If one of the monitoring systems reports a virus and you manually check and find no virus, this is known as a false positive.

545
Q

How can I prevent someone from accessing a medical center’s network by plugging
their laptop into a port in the waiting room?

A

You should enable port security. This would prevent further use of the wall jack.

546
Q

How can I prevent someone form plugging a rogue access point into my network?

A

You would enable 802.1x on the switch itself to ensure that the device is authenticated before using the port.

547
Q

How do 802.1x and port security differ? Which one gives me more functionality?

A

A managed switch uses 802.1x, which authenticates the device but does not disable the port when port security merely disables the port. 802.1x is therefore more functional.

548
Q

Which is the purpose of web caching on a proxy server?

A

Web caching on a web server keeps copies of the web pages locally, ensuring faster access to the web pages and preventing the need to open a session to the internet.

549
Q

What is the purpose of a VPN?

A

The purpose of a VPN is to create a tunnel across unsafe networks from home or a hotel to the workplace.

550
Q

What happens in the IKE phase of a VPN session?

A

In the IKE phase of an IPSec session, Diffie Hellman using port 500 sets up a secure session before the data is transferred.

551
Q

What is the purpose of a VPN concentrator?

A

To set up a secure session for a VPN

552
Q

What is the most secure VPN tunneling protocol?

A

The most secure VPN tunnel is L2TP/IPSec, which uses AES encryption for the ESP.

553
Q

What modes would you use in a L2TP/IPSec tunnel over the internet and
then internally?

A

IPSec in tunnel mode is used across the internet or external networks, and IPSec in transport mode is used between hosts internally.

554
Q

Which VPN session type would you use on a site-to-site VPN?

A

When setting the site-to-site VPN, it should be used in always-on mode as opposed to dial-on-demand.

555
Q

What network device should you use to manage a high volume of web traffic?

A

A load balancer should be used to manage a high volume of web traffic as it sends the requests to the least-utilized node that is healthy.

556
Q

What type of network is used by a virtual network so that the route requests
are forwarded to a controller?

A

SDN is used in a virtual environment when the routing requests are forwarded to a controller.

557
Q

What is the purpose of a screened subnet and what type of web server is located
there?

A

The screened subnet is a boundary layer that hosts an extranet server; it is sometimes known as the extranet zone. It used to be called the DMZ.

558
Q

If I want to find out what attack methods a potential hacker is using, what do I need
to set up?

A

If you set up a honeypot, which is a website with lower security, you will be able to monitor the attack methods being used and then be able to harden your actual web server against potential attacks.

559
Q

What is the purpose of network access control? Name the two agents that it uses.

A

Network access control ensures that devices connecting to your network are fully patched. There are two agents: one that is permanent and another that is dissolvable that is for single use.

560
Q

What type of device can be used to automate the collection of log files across many
different devices?

A

A SIEM server can correlate log files from many devices and notify you of potential attacks.

561
Q

If I wanted to back up data to a backup device but, at the same time, prevent
someone from deleting the data, what device do I need to use?

A

If data is backed up to a Write-Once Read-Many (WORM) drive, the data cannot be deleted or altered.

562
Q

Explain the port mirror process and name another device that could be used for the
same process?

A

A port mirror can make a copy of the data going to a port and divert it to another device for analysis. A tap is another device that can be used for the same purpose. However, a tap is more expensive.

563
Q

What type of records are created by DNSSEC?

A

DNSSEC creates RRSIG records for each DNS host and a DNSKEY record used to sign the KSK or ZSK.

564
Q

What are the two portions of an IPSec packet?

A

An IPSec packet that has the authenticated header that uses either SHA-1 or MD5 and an Encapsulated Payload that uses DES, 3DES, or AES.

565
Q

How can I tell whether my laptop fails to get an IP address from a DHCP server?

A

If you cannot get an IP address from a DHCP server, you would receive a 169.254.x.x IP address. This is known as APIPA. This could be caused by network connectivity or resource exhaustion.

566
Q

What type of IP address is

2001:123A:0000:0000:ABC0:00AB:0DCS:0023

and how can we simplify it?

A

It is an IP version 6 address and you can simplify it by changing the leading zeros to

2001:123A: :ABC0:AB:DCS:23.

567
Q

What is the benefit of an HTML 5 VPN?

A

An HTML5 VPN has no infrastructure to be set up as it uses certificates for encryption.

568
Q

What mode is an L2TP/IPSec VPN if it encrypts both the header and the payload?

A

Tunnel mode used externally

569
Q

What is the purpose of a jump server?

A

To allow a remote SSH session to a device or a virtual machine in a screened subnet or the cloud.

570
Q

What is load balancing persistence or affinity?

A

This is where the host is sent to the same server for the session.

571
Q

What is the downside to using two load balancers in an active/active mode?

A

Both of the load balancers are working close to capacity and if one of these load balancers fail, then the users would find that the traffic is slower.

572
Q

Three different groups of workers are in an open plan office and they are all
connected to the same physical switch. What can be done to isolate them from
each other?

A

A VLAN can be used for departmental isolation on the same switch.

573
Q

How does East-West traffic operate?

A

East-West traffic moves laterally between servers within a data center.

574
Q

What is a zero-trust network and where is it likely to be used?

A

A zero-trust network is where nothing is trusted, and every user or device must prove their identity before accessing the network. This would be used in the cloud.

575
Q

Why would someone use Angry IP?

A

Angry IP is an IP scanner that would scan an IP range to determine hosts that are active or inactive.

576
Q

When can I use curl or nmap?

A

curl or nmap could be used for banner grabbing.

577
Q

When would someone use the Harvester tool?

A

The harvester tool is used to collect the email addresses of a particular domain from search engine such as Google.

578
Q

How can an attacker find the DNS records from your domain?

A

They can use the dnsenum tool

579
Q

Why would I use the scanless tool?

A

It allows anonymous port scanning so that it cannot be traced back to you.

580
Q

What tools can I use as a sandbox to analyze files for malware?

A

You could use the tool called cuckoo to carry out this activity.

581
Q

What is the purpose of DHCP snooping

A

This is to prevent rogue DHCP servers from operating openly on your network.

582
Q

What are the two main reason why I would receive an APIPA address of
169.254.1.1?

A

It could be resource exhaustion, where the DHCP server has run out of IP addresses or it could be network connectivity between the client and the DHCP server.

583
Q

What kind of wireless controller is a standalone WAP, similar to that used at home? It has its own pool of DHCP addresses, and all configurations for the wireless network are installed on the WAP.

A

Fat controller

584
Q

What kind of wireless controller allows multiple WAP’s to be controlled remotely by a single controller; this is ideal in a corporate environment where there are quite a few WAP’s?

A

Thin Controllers

585
Q

To control access to a WAP, we do what?

A

We insert the MAC address into MAC filtering, then only those devices with a MAC address will be allowed access.

586
Q

On what channel should you place your first wireless device?

A

Channel 1

587
Q

On what channel should you place your second wireless device?

A

Channel 11

588
Q

On what channel should you place your 3rd wireless device?

A

Channel 6

589
Q

We place the device’s channels as far apart as possible to prevent?

A

The overlap of adjacent channels and interference.

590
Q

If we want to set up a wireless network for the general public to access without any encryption or any passwords, we could use?

A

Open System Authentication

591
Q

What type of wireless encryption is the weakest form of wireless security, with a 40-bit key that is very easy to crack?

A

Wired Equivalent Privacy (WEP)

592
Q

What type of wireless encryption replaced WEP as it used the Temporal Key Integrity Protocol?

A

Wi-Fi Protected Access

593
Q

What concept uses the GPS or RFID to define geographical boundaries? Once the device is taken past the defined boundaries, the security team will be alerted.

A

Geofencing

594
Q

What concept uses GPS to give the actual location of a mobile device?

A

Geolocation

595
Q

What control ensures that mobile devices that connect to your network are fully patched and compliant before obtaining access to the internal network?

A

NAC

596
Q

What concept is having an application package in .apk format and then installing it on a mobile device? This is useful for developers who want to trial 3rd party apps, but also allow unauthorized software to be run on a mobile device.

A

Sideloading

597
Q

What two groups of people might use a guest wireless network?

A

Visitors and employees on their lunchtime break

598
Q

What is the difference between fat and thin wireless controllers?

A

The FAT wireless controller is standalone; it has its own setting and DHCP addresses configured locally A thin wireless controller pushes out the setting to multiple WAP’s.

599
Q

What is the WAP master password, and how would you protect it?

A

The WAP master password is the admin password, and it should be encrypted to protect it.

600
Q

What two things can a Wi-Fi Analyzer perform?

A

Wi-Fi analyzers can troubleshoot wireless connectivity and discover the SSID inside a packet going to the WAP.

601
Q

What is the purpose of MAC filtering?

A

MAC filtering controls who can access a WAP. If your MAC address is not added to the WAP, then you are denied access.

602
Q

Why should you place your first WAP on channel 1, your second WAP on channel
11, and your third WAP on channel 6?

A

To prevent interference by overlapping the wireless channels.

603
Q

Why would an engineer carry out a site survey prior to installing a wireless
network?

A

He would ensure that the WAP’s are placed where there is no interference.

604
Q

Would you go to your online banking if you are in a hotel that uses Open
Authentication

A

No, because it is not secure.

605
Q

What is the weakest version of wireless encryption?

A

WEP is the weakest as it only has 40-bit encryption.

606
Q

If a friend comes to visit me in my house and asks for the wireless password, what
am I giving them?

A

You are giving them the Pre-shared Key.

607
Q

What is the most secure version of WPA2?

A

It is WPA2-CCMP as it uses AES encryption that is 128 bits.

608
Q

When using WPA3-Personal, what replaces the pre-shared key?

A

Simultaneous Authentication of Equals (SAE) replaces the PSK; it is more secure as the password is never transmitted, and it is immune to offline attacks.

609
Q

When using a WPA3 wireless, what replaces WPA2-Open Authentication?

A

Wi-Fi Enhanced Open is the WPA3 equivalent of Open System Authentication; it does not use a password and prevents eavesdropping.

610
Q

What is the most secure version of wireless?

A

This is WAP3 as it has AES encryption up to 256 bit, whereas WPA2 only uses 128 bit encryption.

611
Q

How do I access a wireless network if I use WPS and what type of attack is it
vulnerable against?

A

With WPS, you push the button to connect to the wireless network. It is susceptible to a brute-force attack as it has a password stored on the device.

612
Q

What is the purpose of a captive portal for a wireless network?

A

A captive portal can ask you to agree to an AUP and provide additional validation, such as your email address or Facebook or Google account details.

613
Q

What benefit does WPA3 bring to IoT devices?

A

Wi-Fi Easy Connect makes it very easy to connect to IoT devices such as a smartphone by simply using a QR code.

614
Q

What needs to be installed on the endpoint if you are going to use EAP-TLS for
wireless authentication?

A

A certificate on the endpoint as TLS needs an x509 certificate.

615
Q

If a user installs pirate software on their corporate laptop, which policy have they
violated?

A

They have violated the Acceptable Use Policy (AUP)

616
Q

What would be the benefit to first-line support if the company were to adopt CYOD
instead of BYOD?

A

If they adopt BYOD, they might have to support hundreds of different devices, whereas if they adopt CYOD, there would be a limited number of devices to make support easier.

617
Q

If I am staying in a hotel and their Wi-Fi is not working, how can I get access to the
internet?

A

You could use your cellular phone as a hotspot.

618
Q

If my cell phone has been lost or stolen, what should be done using MDM?

A

You should remote wipe it.

619
Q

What three things should I do to protect the data stored on my smartphone?

A

You should use screen locks and strong passwords, and use FDE to protect the data at rest.

620
Q

If a company has suffered several thefts of company laptops, what could you use to
prevent further thefts?

A

You could tag the laptops and set up geofencing to prevent thefts. RFID is another option.

621
Q

How can we keep company data separate from personal data on a cell phone that is
being used as a BYOD device so that offboarding is easy to achieve?

A

You could segment the data using storage segmentation or containerization.

622
Q

What is the purpose of using SE Android?

A

To segment business data and prevent applications outside of the Knox container from accessing resources inside the container.

623
Q

What is a wireless short-range payment type?

A

NFC

624
Q

What kind of attacks commonly use port 1900?

A

Virus

625
Q

What kind of password attack uses the most common passwords one at a time against the list of employees in the hope that one matches?

A

Spraying attack

626
Q

Card cloning is also referred to?

A

Skimming

627
Q

What kind of attack is where a malicious plugin
or script has been downloaded and the browser has been compromised.

A

MITB attack

628
Q

What kind of attack is an MITM attack that intercepts data but replays
it at a later date.

A

Replay attack

629
Q

What can prevent a replay attack?

A

Kerberos

630
Q

What kind of attack is where an attacker gains access to the network via a vulnerable host.
It then attacks a critical server, such as a domain controller or a database server.
In a virtual world, this would be called VM Escape.

A

Pivoting

631
Q

What kind of attack is an attack that must be done locally and can redirect you to
another website similar to DNS poisoning.

A

ARP poisoning

632
Q

What attack is the theft of the MAC address of another
networked device, which is then used to gain access to the network; for example,
a wireless access point that uses MAC filtering.

A

MAC spoofing attack

633
Q

What attack is where an attacker floods a switch with Ethernet packets so
that it consumes the limited memory that a switch has? This can be prevented by
using an 802.1x managed switch with an AAA server.

A

MAC flooding

634
Q

If I install a freeware program that analyzes my computer and then finds 40,000
exploits and asks me to purchase the full version, what type of attack is this?

A

Because you have parted with the money, this is a subtle form of ransomware.

635
Q

Describe how a fileless virus operates.

A

A fileless virus piggybacks itself onto a legitimate application, and they both launch together. Using Malwarebytes would alert you of both launching at the same time.

636
Q

How does an attacker carry out credential harvesting?

A

by a phishing attack where you are warned that an account has been hacked, and it gives you a link to a website to resolve it. That way, when you try to log in, they collect your details.

637
Q

How is pretexting used in an attack?

A

Pretexting is where an attacker manufactures a scenario such as saying that there is suspicious activity on your account, and they ask you to confirm your account details. This way, they can steal them.

638
Q

How does an invoice scam work?

A

An attacker obtains the details of a legitimate invoice and sends the company reminders that it needs to be paid, but they substitute the bank details with their own.

639
Q

How does an attacker carry out password spraying?

A

An attacker works out what standard naming convention a company is using, and they then obtain the names of employees from the internet. They then try common passwords against those accounts.

640
Q

How does an attacker use a malicious USB drive?

A

An attacker leaves a malicious USB drive inside a company where it can be found. There is only one shortcut, so when the finder puts it in their computer to try and find the owner, they click on the only visible file and get infected.

641
Q

How does artificial intelligence tainting help attackers?

A

AI uses machine learning to teach the machine to think like a human and detect attacks. So if it is tainted, it will ignore attacks by the attackers.

642
Q

When I go to a restaurant, how can I protect myself against card cloning?

A

When you go to a restaurant, please ensure that the server does not disappear with your card; make sure it is always visible to you.

643
Q

What is an on-path attack?

A

An on-path attack is an interception attack, for example, a replay or man-in-the-middle attack.

644
Q

Why is operational technology vulnerable to attack?

A

Operational technology is where we have removed CCTV standalone systems that were air-gapped and we now use a fully integrated solution that is fully connected, leaving them vulnerable to attacks.

645
Q

What is crypto-malware?

A

An example of crypto-malware is ransomware where the victim’s hard drive is encrypted and held for ransom. It could also have popups

646
Q

What type of virus replicates itself and uses either ports 4444 or 5000?

A

A worm

647
Q

What type of virus inserts .dll into either the SysWOW64 or System32 folder?

A

A Trojan

648
Q

What is an RAT?

A

Remote Access Trojan; a Trojan that sends the user’s username and password to an external source so that a remote session can be created.

649
Q

What type of virus attacks the Windows/System32 folder on Windows, or the
Bash shell on Linux?

A

A rootkit

650
Q

How does a logic bomb virus work?

A

A logic bomb virus is triggered by an event.

651
Q

What is the purpose of a keylogger?

A

to record all the keystrokes being used.

652
Q

What is a botnet?

A

A group of computers that have been infected so that they can be used to carry out malicious acts without the real attacker being identified.

653
Q

Explain a phishing attack.

A

A phishing attack is when a user receives an email asking them to fill in a form requesting their bank details

654
Q

How does spear phishing differ from a phishing attack?

A

Spear phishing is a phishing attack that has been sent to a group of users.

655
Q

What is a whaling attack?

A

A whaling attack targets a CEO or high-level executive in a company.

656
Q

What type of attack can include leaving voicemail?

A

Vishing attack

657
Q

What is tailgating?

A

where someone has used a smart card or entered a pin to access a door, and then someone behind them passes through the door before it closes, entering no credentials

658
Q

What is social engineering?

A

Social engineering exploits an individual’s character in a situation that they are not used to. This is hacking the human, putting them under pressure to make a snap decision.

659
Q

What type of attack could involve dressing as a police officer?

A

Impersonation attack

660
Q

What type of attack is it if a fireperson arrives and you let them into the server room
to put out a fire?

A

A social engineering urgency attack.

661
Q

What type of attack is it if I am in an ATM queue and someone has their phone to
one side so that they can film the transaction?

A

Shoulder surfing attack

662
Q

What type of attack is distributing fake software?

A

Fake software that will not install is a hoax. An email alert telling you to delete a system file as it is a virus is also a hoax.

663
Q

What is a watering hole attack?

A

A watering hole attack infects a trusted website that a certain group of people visits regularly.

664
Q

What type of attack is it if I receive an email from my company’s CEO, telling me
to complete the form attached by clicking on a link in the email?

A

Authority attack

665
Q

One of my bosses asks me to give them information that one of my peers gave them
last week. I am not too sure, but I give them the information. What type of attack
is this?

A

Consensus attack

666
Q

What type of attack is a multiple SYN flood attack on a well-known website that
takes it down?

A

DDoS attack

667
Q

Explain a man-in-the-middle attack.

A

A MITM attack is an on-path attack where a connection between hosts is intercepted and the conversation is changed and then replayed, but the people involved still believe that they are talking directly to each other.

668
Q

How does a replay attack differ from a man-in-the-middle attack?

A

A replay attack is similar to a MITM attack but the intercepted packet is replayed at a later date.

669
Q

What type of attack is a man-in-the-middle attack using an SSL3.0 browser that uses
a CBC?

A

A POODLE attack is a MITM attack using an SSL3.0 browser that uses CBC.

670
Q

What type of attack is a man-in-the-browser attack?

A

a MITB attack is a Trojan that intercepts your session between your browser and the internet; it aims to obtain financial transactions.

671
Q

How can I prevent a replay attack in a Microsoft environment?

A

Kerberos Authentication uses USN and timestamps and can prevent a replay attack, as the USN packets and the timestamps need to be sequential.

672
Q

How can I prevent a pass-the-hash attack?

A

Enabling Kerberos or disabling NTLM would prevent a pass-the-hash attack.

673
Q

What type of attack uses HTML tags with JavaScript?

A

XSS uses HTML tags with Javascript.

674
Q

What type of exploit has no patches and cannot be detected by NIDS or NIPS?

A

A zero-day virus

675
Q

What is domain hijacking?

A

Domain Hijacking is where someone tries to register your domain, access your hosted control panel, and set up a website that is similar to yours.

676
Q

What is bluejacking?

A

Bluejacking is hijacking someone’s Bluetooth phone so that you can take control of it and send text messages.

677
Q

What is Bluesnarfing?

A

Bluesnarfing is when you steal someone’s contacts from their Bluetooth phone.

678
Q

What type of attack is a local attack and how can I prevent that attack?

A

An ARP attack is a local attack that can be prevented by using IPSec.

679
Q

For what type of attack would I use the strcpy tool?

A

strcpy can be used for a buffer overflow attack.

680
Q

What is an integer overflow attack?

A

An integer overflow inserts a number larger than what is allowed.

681
Q

What type of attack uses the phrase 1=1?

A

An attack that uses the phrase 1=1 is a SQL injection attack.

682
Q

Name two methods for preventing a SQL injection attack.

A

Input validation and stored procedures can prevent a SQL injection attack. Stored procedures are the best.

683
Q

What type of attack is session hijacking?

A

Session hijacking is where your cookies are stolen so that someone can pretend to be you.

684
Q

If I misspell a website but still get there, what type of attack is this?

A

Typosquatting is where an attacker launches a website with a similar name to a legitimate website in the hope that victims misspell the URL.

685
Q

What type of attack would I use shimming or refactoring for?

A

Shimming and refactoring are used for driver manipulation attacks.

686
Q

What type of system is susceptible to a birthday attack?

A

Digital signatures are susceptible to a birthday attack.

687
Q

What are rainbow tables?

A

Rainbow tables are pre-computed lists of passwords with the relevant hash in either MD5 or SHA-1

688
Q

How can I store passwords to prevent a dictionary attack?

A

Salting passwords inserts a random value and prevents dictionary attacks, as a dictionary does not contain random characters.

689
Q

Name two tools that can be used for key stretching.

A

bcrypt and PBKDF2

690
Q

What is the fastest password attack that can crack any password?

A

A brute-force attack is the fastest password attack that will crack any password, as it uses all combinations of characters, letters, and symbols.

691
Q

What is the only way to prevent a brute-force attack?

A

An account locked with a low value is the only way to prevent a brute-force attack.

692
Q

What can we do to slow down a brute-force attack?

A

If account lockout is not available, the best way to slow down a brute-force attack is to make the password length longer or to salt passwords.

693
Q

What type of authentication is the most prone to errors?

A

Using passwords for authentication is more prone to errors as certificates and smart cards don’t tend to have many errors.

694
Q

What is an evil twin?

A

An evil twin is a WAP that is made to look like a legitimate WAP.

695
Q

How can I prevent an attack by a rogue WAP?

A

Using an 802.1x authentication switch can prevent an attack by a rogue WAP, as the device needs to authenticate itself to attach to the switch.

696
Q

I am trying to use the internet, but my wireless session keeps crashing, what type of
attack is this?

A

A wireless disassociation attack is where the attack prevents the victim from connecting to the WAP.

697
Q

How close does an attacker need to be for an NFC attack?

A

An attacker needs to be within 4cm of a card to launch an NFC attack.

698
Q

What is a pivot?

A

A pivot is where you gain access to a network so that you can launch an attack on a secondary system.

699
Q

What is a vulnerability in relation to risk management?

A

A vulnerability is a weakness that an attacker could exploit.

700
Q

What is the purpose of BPA?

A

A BPA is used by companies in a joint venture and it lays out each party’s contribution, their rights and responsibilities, how decisions are made, and who makes them.

701
Q

What is multiparty risk?

A

A multi-party risk is where someone wins a contract and sub-contracts to a third party who could sabotage your systems.

702
Q

What is IP theft?

A

The is where your intellectual property has been stolen, for example, trade secrets, copyright, and patents.

703
Q

What is the difference between an MOU and an MOA?

A

A MOU is a formal agreement between two parties, but it is not legally binding, whereas a memorandum of agreement is similar but legally binding.

704
Q

What is tokenization and why is it stronger than encryption?

A

Tokenization is where data is replaced by a stateless token and the actual data is held in a vault by a payment provider.

705
Q

One of the junior members of the IT team installs more copies of a piece of software
than are allowed by the licenses that the company has purchased. What have
they just carried out?

A

He has carried out a software licensing compliance violation.

706
Q

What is the purpose of an ISA?

A

An Interconnection Security Agreement (ISA) states how connections should be made between two business partners. They decide on the type of connection and how to secure it; for example, they may use a VPN to communicate.

707
Q

How does the shadow IT threat actor operate and what type of attack could benefit
from their actions?

A

Shadow IT would connect their own computers to your network without your consent and could lead to pivoting.

708
Q

What is an inherent risk?

A

An inherent risk is a raw risk before it has been mitigated.

709
Q

What are the four stages of the information life cycle?

A

Creation, use, retention, and disposal.

710
Q

Why would you use STIX\TAXII?

A

They work together so that Cyber Threat Intelligence (CTI) can be distributed over HTTP.

711
Q

What is the benefit of introducing a separation of duties in the finance department?

A

We would ensure that nobody in the department carried out both parts of a transaction. For example, we would have one person collecting revenue and another person authorizing payments.

712
Q

What is the purpose of a risk register?

A

A risk register lays out all of the risks that a company faces; each risk will have a risk owner who specializes in that area and decides on the risk treatment.

713
Q

What is an impact assessment?

A

Impact assessment is where you evaluate the risk of collecting big data and what tools can be used to mitigate the risk of holding so much data.

714
Q

A company has a leak in the roof, and before it can be repaired, there’s heavy rain,
resulting in 6 laptops being water-damaged. What type of disaster is this?

A

Environmental Threat

715
Q

What is the purpose of job rotation?

A

Job rotation ensures that employees work in all departments so that if someone leaves at short notice or is ill, cover can be provided. It also ensures that any fraud or theft can be detected.

716
Q

What is the purpose of a privacy notice?

A

A privacy notice gives consent for data only to be collected and used for one specific purpose.

717
Q

What is data masking?

A

This is where data is stored, showing only portions of the data; for example you might see only the last four digits of a credit card, as follows: ** ** ** 1232

718
Q

If a company suffered a data breach, what would be the impact if one of their
customers suffered identity fraud?

A

The are most likely going to be sued by the customer.

719
Q

What is a SOC type 2 report and what is its distribution?

A

It deals with the effectiveness of controls and has limited access as it provides a detailed report about a company.

720
Q

What is the purpose of mandatory vacations?

A

Mandatory vacations ensure that an employee takes at least 5 days of holiday and someone provides cover for them; this also ensures that fraud or theft can be detected.

721
Q

Why would an auditor look for single items that could cause the failure of whole
computer systems?

A

He is measuring BIA as the most important factor to avoid is a single point of failure.

722
Q

What is the first stage in risk assessment?

A

The first stage in risk assessment is identifying and classifying an asset. How the asset is treated accessed, or sored is based on the classification.

723
Q

What type of threat intelligence does the Malware Information Sharing Project
provide?

A

The Malware Information Sharing Platform provides Open Source Intelligence (OSINT)

724
Q

Your company has carried out a tabletop exercise followed by a walk-through.
What type of plan has just been carried out?

A

This is an example of a functional recovery plan.

725
Q

Why would a company introduce a clean-desk policy?

A

A clean desk policy is to ensure that no documents containing company data are left unattended overnight.

726
Q

Why would someone use the website www.virustotal.com?

A

This is a code repository that holds information about malware signatures and code.

727
Q

If someone brought their own laptop to be used at work, apart from an on-boarding
policy, what other policy should be introduced?

A

Someone bringing their own laptop is called BYOD and this is governed by the onboarding policy and the AUP.

728
Q

What is the purpose of an exit interview?

A

An exit interview is to find out the reason why the employee has decided to leave. The information from an exit interview may help the employer improve their working conditions and therefore have a higher retention rate.

729
Q

What is the MITRE ATT&CK framework used for?

A

MITRE ATT&CK is a spreadsheet that shows group adversaries, which can be drilled down to see the attack methods and tools used by them.

730
Q

What is the purpose of GDPR?

A

GDPR was developed by the EU to protect an individual’s right to privacy.

731
Q

What type of hacker might participate in a bug bounty program?

A

Gray hat hacker as he is provided limited information.

732
Q

What do hackers that use tools from the dark web use to remain anonymous?

A

Tor software, The Onion Router, which has thousands of relays to prevent detection.

733
Q

What is the purpose of Capture the Flag exercises?

A

This is training for both red and blue teams where they capture a flag when they achieve each level of training. When they have completed all levels, they are fit to become full-blown red or blue team members.

734
Q

What is the purpose of risk avoidance?

A

When a risk is deemed too dangerous or high risk and could end in loss of life or financial loss, we would trat the risk with risk avoidance and avoid the activity.

735
Q

What is the purpose of risk transference?

A

Risk Transference is where the risk is medium to high and you wish to offload the risk to a third party, for example, insuring your car.

736
Q

Who uses AIS and what is its distribution?

A

Automated Indicator Sharing was invented by the US federal government to exchange data about cyber attacks from the state down to the local level.

737
Q

What is the purpose of the ISO standard 27701?

A

27701 was developed as a standard as an extension of 27001/27002 to be used for privacy information management.

738
Q

What are rules of behavior?

A

Rules of behavior are how people should conduct themselves at work to prevent discrimination or bullying.

739
Q

What is the purpose of IOCs?

A

IOC informs members of their IT security community of IP addresses, hashes, or URLs where they have discovered newly released malware.

740
Q

What is the motivation of a script kiddie?

A

A script kiddie wants to be on national news and TV as they seek fame.

741
Q

Why would a company run an annual security awareness training program?

A

Annual security awareness training advises employees of the risk of using email, the internet, and posting information on social media websites. It also informs employees of any new risks posed since the last training.

742
Q

What would happen if I tried to sell my car and sent an email about it to everyone
who worked in my company using my Gmail account?

A

Sending an email to everyone who works in your company using your Gmail account is a violation of the AUP and could lead to disciplinary action.

743
Q

Why would I make a risk assessment for one of my main suppliers?

A

A manufacturing company would carry out a supply chain risk assessment because they need a reputable supplier of raw materials so that they can manufacture goods.

744
Q

What is the driving force of a BIA?

A

Business impact analysis is just the money; it looks at the financial impact following an event.

745
Q

What is the relationship between the RPO and the RTO?

A

The Recovery Point Object (RPO) is the acceptable downtime that a company can suffer without causing damage to the company, whereas the Recovery Time Object (RTO) is the time it takes for the company to return to an operational state - this should be within the RPO

746
Q

What information can be established from an MTTR?

A

Mean Time to Repair (MTTR) is the average time it takes to repair a system, but in the exam, it could be seen as the time to repair a system and not the average time.

747
Q

What type of threat actor could damage a company’s production system?

A

A competitor would seek to damage your production systems and steal your trade secrets.

748
Q

What type of threat actor would demand payment from you or threaten to publish
customer information that you hold on social media?

A

Criminal syndicates would threaten you and demand payment as they are financially driven.

749
Q

What is the purpose of MTBF?

A

Mean Time Between Failure (MTBF) is the measurement of the reliability of a system.

750
Q

What is the purpose of SSAE?

A

SSAE assists CPA in carrying out the auditing of SOC reports.

751
Q

What is the purpose of SLE and how is it calculated?

A

Single Loss Expectancy (SLE) is the cost of the loss of one item; if I lose a tablet worth $1,000, then the SLE is $1,000.

752
Q

How can we calculate the ALE?

A

The Annual Loss Expectancy (ALE) is calculated by multiplying the SLE by the ARO (the number of losses per year). If I lose six laptops a year worth $1,000 each, the ALE would be $6,000.

753
Q

What is an embedded electronic system? Give two examples.

A

Embedded electronic systems have software embedded into the hardware; some use SoC. Examples are microwave ovens, gaming consoles, security cameras, wearable technology, Smart TV’s, medical devices, such as defibrillators, or self-driving cars.

754
Q

What is the purpose of a SCADA system?

A

SCADA systems are industrial control systems used in the refining of uranium, oil, or gas, or the purification of water.

755
Q

What category of device are Smart TV’s and wearable technology.

A

IoT devices

756
Q

What is home automation?

A

Home automation is where you can control the temperature, lighting, entertainment systems, alarm systems, and many appliances

757
Q

What is the purpose of SoC?

A

SoC is a low power integrated chip that integrates all of the components of a computer or electronic system. An example would be the controller for a defibrillator. Think of it as an OS stored on a small chip.

758
Q

If a process does not suffer buffer overflow but fails within a specific period of time and this causes the process to fail, what method am I using?

A

The Real-Time Operating System (RTOS) processes data as it comes in without any buffer delays. The process will fail if it is not carried out within a certain period of time.

759
Q

What is the most likely way an attacker would gain control of an MFP?

A

Through its network interface.

760
Q

What is the purpose of the security team controlling the HVAC in a data center?

A

`They can ensure that the temperature is regulated and the servers remail available. They also know which rooms are occupied based on the use of air conditioning and electricity.

761
Q

Someone at work has suffered a cardiac arrest, and the first aid delegate takes out a defibrillator that gives instructions on steps to take. What had been built into the device to give these instructions?

A

An SoC gives instructions on the steps to take when using a defibrillator; however, if it detects a pulse, it will not send a charge.

762
Q

Give an example of embedded systems that can be used with vehicles.

A

Self parking or self driving vehicles.

763
Q

What is a UAV? Give two examples.

A

Unmanned aerial vehicles are drones or small, model aircraft that can be sent t o areas where manned aircraft can not go. They can be fitted with a camera to record events or take aerial photographs; an example of these would be to determine the spread of a forest fire.

764
Q

What is the main problem with a race condition when using an application?

A

A race condition is when two threads of an application access the same data.

765
Q

What is the perfect way to set up error handling in an IT system?

A

The perfect way to set up error handling is for the user to get generic information but for the log files to include a full description of the error.

766
Q

Explain input validation and name three types of attacks that this could prevent.

A

Input Validation is where data that is in the correct format is validated prior to being inserted into the system. SQL injection, buffer overflow, and integer overflow are prevented by using input validation.

767
Q

How can I prevent a SQL injection attack other than with input validation?

A

Using stored procedures.

768
Q

What is the purpose of code signing?

A

Code singing confirms that the code has not been tampered with.

769
Q

What is the purpose of obfuscation?

A

Obfuscation is taking code and masking the data, making it obscure so that if it is stolen, it will not be understood. XOE and ROT13 could be used for obfuscation.

770
Q

What is dead code and how should it be treated?

A

Dead code is code that is never used but could introduce errors into the program life cycle; it should be removed.

771
Q

If I am an Android developer, what can I obtain from the internet to help me get an
application to market quickly?

A

Using a third-party library will help a developer obtain code from the internet to help make an application and get it to market quickly. There are many for Android and JavaScript.

772
Q

What is the purpose of a measured boot?

A

The measured boot logs information about the firmware and application and stores this log in the TPM chips. This can be used to check the health status of the host and anti-malware can check during the boot process that the software is trustworthy.

773
Q

What is needed for a secure boot – UEFI or BIOS?

A

UEFI is a modern version of the BIOS and is needed for a secure boot.

774
Q

If BitLocker is checking upon boot up that the software has not been tampered with,
what is this known as?

A

Checking the integrity of the software as it is being loaded is known as attestation.

775
Q

What is the purpose of an endpoint protection and response solution?

A

It is a centralized console that continuously monitors the computer and makes automatic alerts when a threat has been detected. It uses machine learning.

776
Q

Why do we use fingerprinting?

A

Fingerprinting is the deep analysis of a host.

777
Q

What type of firewall can act as an intrusion prevention device, a stateful firewall,
and can inspect encrypted SSL and HTTPS packets?

A

A NGFW has the ability to act as a stateful firewall by carrying out deep packet filtering.

778
Q

Why is tokenization deemed more secure than encryption?

A

Tokenization takes sensitive data, such as a credit card number, and replaces it with random data, so it cannot be reversed. Encryption can be reversed.

779
Q

What is the purpose of secure cookies?

A

We can set the secure flag on the website to ensure that cookies are only downloaded when there is a secure HTTPS session.

780
Q

What is the purpose of using HSTS?

A

HSTS ensures that the web browser only accepts secure connections and prevents XSS.

781
Q

When a developer wants to analyze code when it is running, what type of code
analyzer will they use?

A

They will use dynamic code analysis so that they can use fuzzing to test the code.

782
Q

What is the benefit of using the Docker tool to protect your registry?

A

The Docker tool allows you to isolate applications into a separate space called containers. The registry can now be isolated in a separate container, making it more secure.

783
Q

Why would a cybersecurity team change the SSD hard drives in the company’s
laptop to an Opal drive?

A

Opal is a self-encrypting drive where the encryption keys are stored on the hard drive controller and are therefore immune to a cold boot attack and are compatible with all operating systems. They do not have the vulnerabilities of software-based encryption. As a hardware solution, they outperform software solutions.

784
Q

As part of application development, when would you apply quality assurance?

A

Quality assurance is completed during the staging environment where users test the new application with real data.

785
Q

What RAID model has a minimum of three disks? How many disks can it afford
to lose?

A

RAID 5 has a minimum of 3 disks and you can afford to lose one disk without losing data.

786
Q

What RAID models has a minimum of four disks?

A

RAID 6 has a minimum of four disks.

787
Q

What is the difference between RAID 5 and RAID 6?

A

RAID 5 has single parity and can lose one disk, whereas RAID 6 has double parity and can lose two disks.

788
Q

Where will a diskless virtual host access its storage?

A

A diskless virtual host will get its disk space from a SAN.

789
Q

What types of disks does a SAN use?

A

A SAN will use fast disks, such as SSD’s.

790
Q

What is an example of cloud storage available to a personal user?

A

Cloud storage for personal users could be iCloud, Google Drive, Microsoft OneDrive, or Dropbox.

791
Q

At what stage of incident response procedures would you reduce the services
running on a computer on a domain controller that is infected with malware?

A

Eradication is where we remove viruses and reduce the services being used. It should be isolated, and this is the containment phase. The virus would be removed in the eradication phase, and then be placed back online. This is the recovery phase.

792
Q

During a disaster recovery exercise, the IRP team is given a scenario to respond to.
What type of exercise are they likely to carry out?

A

A simulation is where the IRP team is given a specific scenario to deal with.

793
Q

Why would a cybersecurity team use the MITRE ATT&CK Framework?

A

This is an aid to help prepare your business against different adversaries. You can drill down from an adversary into the tactics and techniques that they use. You can then take mitigation steps to avoid being attacked.

794
Q

What are the four key elements of the Diamond Model of Intrusion Analysis
framework?

A

Adversary, capabilities, infrastructure, and victims.

795
Q

Why are the roles and responsibilities of the IRP team important?

A

If they understand their roles and responsibilities, it can make them more effective when disaster happens.

796
Q

What type of file is created when your computer suffers a blue screen of death?

A

The contents of memory are saved in a dump file and this can be used to investigate the event.

797
Q

What is the purpose of SFlow?

A

It gives you clear visibility of network traffic patterns and can identify malicious traffic.

798
Q

What type of HTTP status code lets you know you have made a successful
connection to a web server?

A

An HTTP status code of “200 ok” lets you know that a successful connection has been made.

799
Q

What is the purpose of a SOAR system playbook?

A

Playbooks contain a set of rules to enable the SOAR to take preventative action as an event occurs.

800
Q

What is the benefit of network card teaming?

A

It can help load balance the network traffic and provide redundancy if one card fails.

801
Q

What is the purpose of a UPS?

A

The UPS is basically a battery that is a standby device so that when the computer power fails, it kicks in. It is designed to keep the system going for a few minutes to allow the server team to close the servers down gracefully. It can also be used to clean up the power coming from the National Grid, such as spikes, surges, and voltage fluctuations.

802
Q

What can be installed on a node of a SAN to provide redundancy?

A

Two Host Bus Adapters (HBA’s) on each node will give two separate paths to them.

803
Q

Why would a company use two different vendors for their broadband?

A

This would be vendor diversity, so that if one vendor had a disaster, the other would keep providing the broadband.

804
Q

What is the purpose of an incident response plan?

A

An incident response plan is written for a particular incident and lays out how it should be tackled and the key personnel required.

805
Q

Name three different categories of incident.

A

-Unauthorized access
-Loss of computers or data
-Loss of availability
-malware attack
-DDoS attack
-Power failure
-Natural Disasters
-Cybersecurity incidents

806
Q

Name three different roles required to deal with an incident.

A

Incident Response Manager
Security Analyst
IT auditor
Risk analyst
HR
Legal
Public Relations

807
Q

What should the help desk do when an incident has just been reported?

A

The help desk identifies the incident response plan required and the key personnel that need to be notified.

808
Q

What is the purpose of an incident response exercise?

A

An incident response exercise is for carrying out the incident response plan and planning for any shortfalls.

809
Q

What is the first phase of the incident response process and what happens there?

A

The first phase of the incident response is the preparation phase, where the plan is already written in advance of any attack.

810
Q

What is the last phase of the incident response process?

A

The last phase of the incident response process is lessons learned, where we review why the incident was successful.

811
Q

What would happen if the last process of the incident response process was not
carried out?

A

If we do not carry out lessons learned, the incident may re-occur. Lessons learned is a detective control where we try to identify and address any weaknesses.

812
Q

What happens during the containment phase of the disaster recovery process?

A

This is where we isolate or quarantine an infected machine.

813
Q

What happens during the eradication phase of the disaster recovery process?

A

This is where we remove malware and turn off services that we do not need.

814
Q

What happens during the recovery phase of the disaster recovery process?

A

This is where we put infected machines back online, restore data or reimage desktops,