Mom's Study Guide Flashcards
What do you call asymmetric encryption that has a Certificate Authority and the associated infrastructure to support issuing and managing certificates?
Public Key Infrastructure
What is the ultimate authority of PKI that holds the root key for signing all of the certificates that it gives the intermediary, who in turn issues the certificate to the requester?
Certificate Authority
What kind of Certificate Authority is always up and running so that people in the company can request a certificate at any time of the day or night?
Online Certificate Authority
What kind of Certificate Authority is for military or secure environments where clearance and vetting muste be completed before someone can be issued with a certificate?
Offline Certificate Authority
What do you call a certificate authority that is also known as a third-party CA and is commercially accepted as an authority for issuing public certificates?
Public Certificate Authority
Who validates and accepts the incoming requests for certificates from users on the network and notifies the CA to issue the certificates?
Registration Authority
What do you call an intermediary CA?
Subordinate Certificate Authority
What prevents the compromising of the CA, certificate fraud and SSL man-in-the-middle attacks?
Certificate Pinning
What do you call the root certificate in a PKI environment from which the whole chain of trust is derived. AKA the root CA?
Trust anchor
What proves the authenticity of a certificate?
Trust models
What trust model uses a hierarchy from the root CA down the intermediary; the normal PKI model?
Hierarchical Trust Model
What trust model is peer-to-peer, where two separate PKI environments trust each other?
Bridge Trust Model
What shows the trust from the vendor, the vendor CA, and the computer where the certificate is installed?
Certificate Chaining
What hashing algorithm results in a 160 bit message digest?
SHA-1
What hashing algorithm results in a 256 bit message digest?
SHA-2
What hashing algorithm results in a 512 bit message digest?
SHA3
What hashing algorithm results in a 128-bit message digest?
MD5
What is the difference between SHA1 and MD5 hashing algorithms?
SHA1 is more secure but MD5 is faster
What is the concept of protecting a company’s data with a series of protective layers so that if one layer fails, another layer will already be in place to thwart an attack?
Defense in Depth
What controls are written by managers to create organizational policies and procedures to reduce risk within companies?
Managerial Controls
What controls are executed by company personnel during their day-to-day operations?
Operational controls
What do you call an annual event where you are reminded about what you should be doing on a daily basis to keep the company safe?
Annual Security Awareness Training
What do you call the process that a company adopts so that changes made don’t cause any security risks to the company?
Change Management
What do you call the contingency planning to keep the businesses up and running when a disaster occurs by identifying any single point of failure that would prevent the company from remaining operational?
Business Continuity Plan
What do you call controls implemented by the IT team to reduce the risk to the business?
Technical controls
What type of control is Annual Risk Assessment?
Managerial Control
What type of control is Penetration Testing?
Managerial Control
What type of control is Change management?
Operational control
What type of control is a business continuity plan?
Operational control
What type of control is firewall rules?
Technical control
What type of control is antivirus/antimalware?
Technical Control
What type of control is IPS and IDS?
Technical control
What type of control is CCTV?
Deterrent control
What type of control is motion sensors?
Deterrent control
What kind of controls are used to investigate an incident that has happened and needs to be investigated?
Detective controls
What type of controls are the actions you take to recover from an incident?
Corrective controls
What controls are used instead of a primary control that has failed or is not available?
Compensating/Alternative/Secondary Controls
What types of controls are put in place to deter any attack?
Preventative Controls
What kind of control involves New Technology File System (NTFS) file permissions, which are used in Microsoft operating systems?
Discretionary Access Control
What kind of control is based on the classification level of the data?
Mandatory Access Control (MAC)
What is the classification of the person who writes the data, and they are the only person that can determine the classification?
Data Owner
What is the classification of the person responsible for labeling the data?
Data Steward
What is the classification of the person who stores and manages classified data?
Data Custodian
Who is the person who gives access to classified data once clearance has been approved?
Security Administrator
In what kind of access control is a rule applied to all of the people within a department?
Rule-based Access Control
In what kind of access control is access restricted based on an attribute in the account?
Attribute-based Access Control
“Linux file permissions come in a numerical format; the first number represents the _______, the second represents the _______, and the third represents _________?”
Owner, group, all other users
In Linux file permissions the numerical value 4 means?
Read
In Linux file permissions the numerical value 2 means?
Write
In Linux file permissions the numerical value 1 means?
Execute
What controls are put in place to stop unauthorized access to the company or accessing the data. (Controls that you can touch)
Physical Security Controls
In what stage of Cloud Forensic Process 26 do we verify the purpose of cloud forensics?
Stage A
In what stage of Cloud Forensic Process 26 do we verify the type of cloud service?
Stage B
In what stage of Cloud Forensic Process 26 do we verify the type of technology behind the cloud?
Stage C
In what stage of Cloud Forensic Process 26 do we verify the role of the user and negotiate with the CSP to collect the evidence required?
Stage D
The first stage in checking whether a certificate is valid, no matter the scenario, is to what?
Check the Certificate Revocation List
What comes into play when the CRL is going slow?
Online Certificate Status Protocol (OCSP)
What is used when a web server bypasses the CRL to use the OCSP for a faster confirmation, irrespective of whether or not a certificate is valid?
OCSP Stapling/Certificate Stapling
Certificate validity can only be done by who?
CRL or OCSP
What do you call the process of requesting a new certificate?
Certificate Signing Request (CSR)
What holds the private keys for third parties and stores them in a HSM?
Key Escrow
What do you call a piece of hardware attached to the server or a portable device that is attached to store the keys?
Hardware Security Module (HSM)
If a user can not access their data because their private key is corrupted, who will recover the data for them by getting the private key from the key escrow?
Data Recovery Agent (DRA)
A certificate is identified by it’s what?
Object Identifier (OID)
What kind of certificates are issued by the same entity that is using it?
Self-Signed Certificates
What kind of certificate is an X.509 certificate that proves ownership of a domain name?
Domain Validation Certificate
What kind of certificate can be used on multiple domain names and also can have other information inserted into them such as an IP address?
Subject Alternative Name (SAN)
What kind of certificates are used to digitally sign software so that its authenticity is guaranteed?
Code Signing Certificates
What kind of certificate is used to identify a computer within a domain?
Computer/Machine
What kind of certificate provides authenticity to a user for the applications that they use?
User Certificate
What kind of certificates provide a higher level of trust in identifying the entitiy that is using the certificate?
Extended Validation
What kind of certificates can be installed on multiple public facing websites as a cheaper option?
Wildcard Certificates
Turning plaintext into ciphertext is known as?
Encryption
What creates a secure tunnel for symmetric data to pass through when it is in transit?
Diffie Hellman (DH)
What encryption standard comes in 3 key strengths: 128, 192, and 256 bit. It is commonly used for L2TP/IPSec VPNs?
Advanced Encryption Standard (AES)
What encryption standard groups data in to 64 bit blocks but is seen as a 56-bit key?
Data Encryption Standard (DES)
What encryption standard applies the DES key 3x and is said to be a 168 bit key?
Triple DES (3DES)
What encryption standard is 40 bits and is used by WEP and is seen as a stream cipher?
Rivest Cipher 4 (RC4)
What kind of encryption is commonly used with AES, several symmetric ciphers, and a one time pad?
Exclusive OR (XOR)
What kind of encryption is used to encrypt large amounts of data?
Symmetric Encryption
What mode of operation adds XOR to each plaintext block from the ciphertext block that was previously produced?
Cipher Block Chaining (CBC)
What mode of operation replaces each block of the clear text with the block of ciphertext.?
Electronic Code Book (ECB)
What mode of operation is a block cipher mode of operation that uses universal hashing over a binary Galois field to provide authenticated encryption? It can be implemented in hardware and software to achieve high speeds with low cost and low latency?
Galois/Counter Mode
What mode of operation turns a block cipher into a stream cipher?
Counter Mode (CTR)
Quantum computing uses qubits, which can be switched on or off at the same time or somewhere in between. This is known as?
A superposition
Hashing is a ___________ function, that can not be __________.
One-way
reversed.
What are used to verify the integrity of an email so that you know it has not been tampered with in transit?
Digital Signatures
RIPEMD is used for?
Hashing data
What do you call short-lived keys that are used for a one-time only session?
Ephemeral Keys
What are the two types of ephemeral keys?
Diffie Hellman Ephemeral (DHE) and Elliptic Curve Diffie Hellman Ephemeral (ECDHE)
Asymmetric Algorithms should not be using a key whose strength is what?
2046 or lower
What is the only VPN that uses an SSL certificate and works with legacy clients?
SSL VPN
What kind of algorithm takes the data from a document and generates a hexadecimal value from that input?
Hashing algorithm
What is a one-way function to ensure that the integrity of the data is intact?
Hashing
What do you call a combination of hardware and software that implements cryptofunctions such as digital signatures, encryption, random number generation, and decryption?
Crypto module
What do you call data that is not being used and is stored on either a hard drive or external storage?
Data-at-rest
How would you protect data on a laptop or desktop?
Full Disk Encryption (FDE) and DLP
How would you keep the data on tablets/phones from being stolen?
Full Disk Encryption
How would you keep the data on USB’s or removable devices from being stolen?
Full Disk Encryption
What is the process where you take source code and make it look obscure, so that if it is stolen it would not be understood?
Obfuscation
What process is used to mask data?
Obfuscation
What prevents an attacker from using the servers private key to decrypt a key exchange session, even if the VPN server has been compromised?
Perfect forward secrecy
What is it called when a document, image, audio file, or video file can be hidden inside another document, image, audio file, or video file?
Steganography
What kind of encryption allows an accountant to run calculations against data while it is still encrypted and could be used with data stored in the cloud?
Homomorphic Encryption
What is the technique where you change one character of the input, which will change multiple bits of the output?
Diffusion
To prevent data form being accessed, we would do what?
Encrypt the data
When people access the company’s network from a remote location they should use a what?
L2TP/IPSec VPN Tunnel using AES
Encryption could be coupled with what to ensure that data is secure and kept confidential?
Mandatory Access control
What could we do to data stored on a file server to prove that it has not been tampered with?
Hash the data
Small Internet of Things devices will need to use what for encryption?
ECC Elliptic Curve Cryptography
What type of certificate does a CA have?
A CA has a root certificate, which it uses to sign keys
If I am going to use a CA internally, what type of CA should I use?
a Private CA for internal use only
If I want to carry out B2B activity with 3rd-party companies or sell products on the web, what type of CA should I use?
A public CA
Why would I make my CA offline when not in use?
To prevent it from being compromised.
Who builds the CA or intermediary authorities?
An architect
Who signs X509 certificates?
CA
What can I use to prevent my CA from being compromised and fraudulent certificates being used?
Certificate pinning
If two entities want to set up a cross-certification, what must they set up first?
A bridge trust model
What type of trust model does PGP use?
Web of Trust
How can I tell whether my certificate is valid?
by using a CRL
If the CRL is going slow, what should I implement?
OCSP
Explain certificate stapling/OCSP stapling?
Certificate stapling/OCSP stapling is where a web server uses an OCSP for faster certificate authentication, bypassing the CRL
What is the process of obtaining a new certificate?
CSR
What is the purpose of the key escrow?
The key escrow stores and manages private keys for third parties.
What is the purpose of the HSM?
A HSM is used by the key escrow as it securely stores and manages certificates.
What is the purpose of the DRA and what does it need in order to complete its role effectively?
When a user’s private key becomes corrupt, the DRA recovers the data by obtaining a copy of the private key from the key escrow.
How can I identify each certificate?
by its OID
What format is a private certificate and what file extension does it have?
A private certificate is in P12 format with a .pfx extension
What format is a public certificate and what file extension does it have?
A public certificate is in P7B format with a .cer extension
What format is a PEM certificate?
A PEM certificate is in Base64 format.
What type of certificate can be used on multiple servers in the same domain?
A wildcard certificate can be used on multiple servers in the same domain.
What should I do with my software to verify that it is original and not a fake copy?
Code-signing software is similar to hashing the software and ensuring the integrity of the software.
What is the purpose of extended validation of an X509?
it provides a higher level of trust for the X509; when it is used, the URL background turns green.
What type of cipher is the Caesar cipher and how does it work it it uses ROT4?
The Caesar cipher is a substitution cipher; each letter would be substituted by a letter four characters along in the alphabet.
What is encryption and what are the inputs and outputs called?
Encryption is when plain text is taken and turned into ciphertext.
What type of encryption will be used to encrypt large amounts of data?
Symmetric encryption is used to encrypt large amounts of data as it uses one key.
What is the purpose of DH?
DH is an asymmetric technique that creates a secure tunnel; during a VPN connection, it is used during the IKE phase and uses UDP port 500 to create the VPN tunnel.
What is the first stage in any encryption, no matter whether it is asymmetric or symmetric?
Key exchange
If Carol is encrypting data to send to Bob, what key will they each use?
Carol uses Bob’s public key to encrypt the data, and then Bob will use his private key to decrypt the data.
If George encrypted data 4 years ago with an old CAC card, can he unencrypt the data with his new CAC card?
George must obtain the old private key to decrypt the data as the encryption was done with a different key pair.
If Janet is digitally signing an email to send to John to prove that it has not been tampered with in transit, what key will they each use?
Janet will digitally sign the email with her private key and John will check its validity with Janet’s public key, which he would have received in advance.
What 2 things does digitally signing an email provide?
Integrity and Non-repudiation
What asymmetric encryption algorithm should I use to encrypt data on a smartphone?
ECC as it is small and fast and uses the DH handshake
What shall I use to encrypt a military mobile phone?
AES-256
Name 2 key stretching algorithms
bcrypt and PBKDF2
What is the purpose of key stretching?
Key stretching salts the password being stores so that duplicate passwords are never stored, and it also increases the length of the keys to make things harder for a brute-force attack.
What is the difference between stream and block cipher modes, and which one will you use to encrypt large blocks of data?
Streams encrypt one bit at a time and block ciphers take blocks of data. A block cipher will be used for large amounts of data.
What happens with cipher block chaining if I don’t have all of the blocks?
CBC needs all of the blocks of data to decrypt the data; otherwise, it will not work.
If I want to ensure the integrity of data, what shall I use? Name two algorithms.
Hashing ensures the integrity of data. MD5 and SHA-1
If I want to ensure the protection of data, what shall I use?
Encryption is used to protect data so that it cannot be reviewed or accessed.
Is a hash a one-way or two-way function and is it reversible?
A hash is a one-way function and cannot be reversed?
What type of man-in-the-middle attack is SSL 3.0 (CBC) vulnerable to?
POODLE is a man-in-the-middle attack on a downgraded SSL 3.0 (CBC)
Explain why we would use Diffie Hellman Ephemeral (DHE) and Elliptic Curve Diffie Hellman Ephemeral (ECDHE)?
DHE and ECDHE are both ephemeral keys that are short-lived, one -time keys.
What are the strongest and weakest methods of encryption with an L2TP/IPSec VPN tunnel?
The strongest encryption for an L2TP/IPSec VPN tunnel is AES and the weakest is DES.
What is the name of the key used to ensure the security of communication between a computer and a server or a computer to another computer?
A session key ensures the security of communications between a computer and a server or a computer and another computer.
What should I do to protect data at rest on a laptop?
Data at rest on a laptop is protected by FDE.
What should I do to protect data at rest on a tablet or smartphone?
Data at rest on a tablet or smartphone is protected by FDE
What should I do to protect data at rest on a backend server?
Data at rest on a backend server is stored on a database, so it needs database encryption.
What should I do to protect data at rest on a removable device, such as a USB flash drive or an external hard drive?
Data at rest on a USB flash drive or external hard drive is done via FDE
What two protocols could we use to protect data in transit?
Data in transit could be secured using TLS, HTTPS, or an L2TP/IPSec tunnel.
How can you protect data in use?
Data in use could be protected by full memory encryption
What is the purpose of obfuscation?
Obfuscation is used to make the source code look obscure so that if it is stolen, it can not be understood. It masks the data and could use either XOR or ROT13 to obscure the data.
What is the purpose of perfect forward secrecy?
Perfect forward secrecy ensures that there is no link between the server’s private key and the session key. If the VPN server’s key was compromised, it could not decrypt the session.
What type of attack tries to find two hash values that match?
A collision attack
What is the purpose of rainbow tables?
Rainbow tables are a list of precomputed words showing their hash value. You will get rainbow tables for MD5 and different rainbow tables for SHA-1.
Explain the concept of steganography.
Steganography is used to conceal data; you can hide a file, image, video, or audio, inside another image, video, or audio file.
What are the 2 purposes of DLP?
DLP prevents sensitive or PII information from being emailed out of a company of being stolen from a file server using a USB device.
What is the purpose of salting a password?
Salting a password ensures that duplicate passwords are never stored and makes things more difficult for brute-force attacks by increasing the key size. It appends the salt to the password making it longer than before hashing.
What are the 4 key elements to Identify and Access Management?
Identity, Authentication, Authorization, and Accounting.
What is an entity that can validate that the credentials that are presented are valid?
Identify Provider (IdP)
What type of account has no real access?
A user account
What type of account is a legacy account that was designed to give limited access to a single computer without the need to create a user account?
Guest Account
What type of account is used for external speakers who may need access to the internet while delivering their presentation?
Sponsored guest account
What type of accounts have much higher access to the system and tend to e used by members of the IT team?
Privilege Account
What type of accounts can install software and manage the configuration of a server or a computer?
Administrative account
What type of accounts have the privileges to create, delete, and manage user accounts?
Administrative accounts
What type of account is used for installing software on a computer or server; it needs higher levels of privilege to run the software but also needs a lower-level administrative account?
Service Account
What type of account is used when a group of people perform the same duties?
Shared Account
What types of accounts are default administrative accounts created by manufacturers for devices? They all have default usernames and passwords.
Generic Accounts
What kind of certificate-based authentication is used by governmental and military personnel as they provide both authentication and identification as it has a picture of the user on it?
Common Access Card (CAC)
What kind of certificate-based authentication is very similar to the CAC, but it is used by federal agencies rather than the military?
Personal Identity Verification (PIV)
What is the port-based authentication protocol that is used when a device is connected to a switch or when a user authenticates to a WAP?
IEEE 802.1x
Authentication with a password that has a short lifespan will be a?
TOTP
What can be used to establish a region and can pinpoint whether or not you are in that region and if you are not, you will not be able to log in?
Geofencing
What helps prevent fraud when someone from a foreign country attempts to log in to your systems?
Geofencing
What concept can be used to block any attempt to login outside of the locations that have been determined as allowed regions?
Context-aware location
What concept can be used to identify where your phone is located by using the GPS?
Smart phone location services
What concept is a security feature used by cloud providers such as Microsoft to prevent fraud? If a person is located in Toronto and then 30 minutes later is deemed to be in Las Vegas, their attempt to log in will be blocked.
Impossible Time Travel
What concept is a security feature used by cloud providers where they have a database of the devices used by each user? An email will be sent when the device is not recognized and only upon verification will the new device get access.
Risky Login
What is an internet standard where the server signs a token with its private key and sends it to a user to prove who they are? Can also be used to digitally sign documents and email and is used by OAuth
Javascript Object Notation Web Token (JWT)
What codes change after a period of time, and are commonly used by broadband engineers?
Static Codes
What type of authentication management looks like a USB device and works in conjunction with your password to provide multifactor authentication?
Password Keys
What type of authentication management are stored locally on the device and store all of your passwords so that you don’t need to remember them? Uses AES-256 encryption.
Password Vault
What type of authentication management are chips normally built into the motherboard of a computer and are used when you are using FDE (like Bitlocker)?
Trusted Platform Module (TPM)
What type of authentication management can be a removable device that can be attached to a computer or server via a USB connection? Used to store encryption keys.
Hardware Security Module (HSM)
What type of authentication management is normally used by banks, financial institutions, or email providers to identify someone when they want to password reset?
Knowledge-Based Authentication
What is an authentication framework allowing point-to-point connections?
Extensible Authentication Protocol (EAP)
What version of EAP encapsulates the EAP data and makes it more secure for WLANS?
Protected Extensible Authentication Protocol (PEAP)
What version of EAP does not use certificates, but protected access credentials instead? Used in wireless networks.
EAP-FAST (Flexible Authenticate via Secure Tunneling)
What version of EAP needs X509 certificates installed on the endpoints for authentication?
EAP-TLS
What version of EAP needs the certificates to be installed on the server? It creates a tunnel for the users credentials to travel through.
EAP-TTLS
What are the two main AAA servers?
Microsoft’s RADIUS and CISCO’s TACACS+
What server is UDP-based, and authenticates servers such as VPN servers, RAS servers, and the 802.1x authenticating switch?
RADIUS server
Every RADIUS client needs the ______ to join the RADIUS environment?
secret key/session key/share secret
What is the more modern version of RADIUS that works on TCP? It is the AAA server that uses EAP.
Diameter
What is the CISCO AAA server that used TCP, and uses TCP port 49 for authentication?
TACACS+
What allows someone working remotely, either from a hotel room or home, to connect securely through the internet to the corporate network?
A VPN
What is a legacy protocol that pre-dated the VPN? It used modems and a dial-up network using telephone lines, and was very restricted in speed.
Remote Access Services (RAS)
What authentication method should be avoided at all costs as the passwords are transmitted as clear text and can be easily captured?
Password Authentication Protocol (PAP)
What authentication method was used to connect to to an RAS server with a four-stage process?
Challenge Handshake Authentication Protocol (CHAP)
What is a solution that helps protect the privilege accounts within a domain, preventing attacks such as pass the hash, pass the ticket, and privilege escalation? It also gives visibility in terms of who is using privilege accounts and what tasks they are being used for.
Privilege Access Management
What kind of access control is based on the classification level of the data?
Mandatory Access Control (MAC)
What kind of access control applies a rule to all of the people within a department?
Rule-based Access Control
What kind of access control restricts access based on an attribute in the account?
Attribute-based Access Control
What protocol manages the users in groups?
LDAP
What is the Microsoft authentication protocol that uses tickets, updated sequence numbers (USN), and it is time stamped?
Kerberos
What kind of server can be placed on your LAN to keep the domain computers and servers in sync with each other?
Network Time Protocol server
What are used when two different companies want to authenticate between each other when they participate in a joint venture?
Federation Services
When the exam talks about authentication using the phrase ‘third-party’ or extended attributes, think of?
Federation services
What is an open source federation service product that uses SAML authentication? It would be used in a small federation service environment and can use cookies.
Shibboleth
When two companies need to exchange the extended attribute information and require a special protocol to do so, they use?
Security Assertion Mark-up Language (SAML)
What provides authorization to enable third-party applications to obtain limited access to a web service?
OAuth 2.0
What uses OAuth to allow users to log in to a web application without needing to manage the users account? It allows users to authenticate by using their Google, Facebook, or Twitter account.
Open ID Connect
What kind of system is used for real time monitoring and can be used to aggregate, decipher, and normalize non-standard log formats? It can also filter out fake positives.
Security Information and Event Management
What can be run against the system to discover accounts that have not been used for a certain period of time?
Discovery service query
What prevents someone from just reusing the same password? Mainly used for Windows OS’s
Password history
What is another term used for password history that refers to any other products than a Windows operating system?
Password Reuse
What is the maximum number of days that a password can be used for before you are required to change it?
Maximum Password Age
What is the most common form of authentication that is most likely to be entered incorrectly?
A Password
When I purchase a new wireless access point what should I do first?
Change the default username and password
What is password history?
The number of passwords you can use before you can reuse your current password
How can I prevent someone from reusing the same password?
Set up password history
Explain what format a complex password takes?
Uppercase and lowercase letters, numbers, and special characters not used in programming
How can I prevent a hacker from inserting a password multiple times?
Set up an account lockout with a low value
What type of factor authentication is a smart card?
Multi-factor or dual factor
How many factors is it if I have a password, Pin and date of birth?
A password, Pin, and date of birth are all factors that you know; therefore it is single-factor.
What is biometric authentication?
where you use a part of your body or voice for authentication
What authentication method can be used by two third parties that participate in a joint venture?
Federated services
What is an XML-based authentication protocol?
Security Assertion Markup Language
What is a Shibboleth?
A small open source Federation Services protocol.
What protocol is used to store and search for Active Directory objects?
LDAP
What is the format of a distinguished name for a user called Fred who works in the IT department for a company with a domain called Company A that is a dotcom?
CN=Fred
OU=IT
DC=Company
DC=Com
What authentication factor uses tickets, timestamps, and updated sequence numbers and is used to prevent replay attacks?
Kerberos
What is a TGT session?
A Ticket-Granting Ticket process is where a user logs in to an Active Directory domain using Kerberos authentication and receives a service ticket.
What is a single sign on? Give two examples.
where a user inserts their credentials only once and accesses different resources without needing to re-enter the credentials. Kerberos, Federation services, or a smart card.
How can I prevent a pass-the-hash attack?
Pass-the-hash attacks exploit older systems such as Microsoft NT4.0, which uses NT LAN Manager. You can prevent this by enabling Kerberos or disabling NTLM.
Give an example of when you would use Open ID Connect?
OpenID connect is where you access a device or portal using your Facebook, Twitter, Google, or Hotmail credentials. The portal itself does not manage the account
Name two AAA servers and the ports associated with them.
Microsoft RADIUS, using port 1812 and Cisco TACACS+ and uses TCP port 49
What is used for accounting in an AAA server?
Accounting is an AAA server where they log the details of when someone logs in and logs out; this can be used for billing purposes. Accounting is normally logged into a database such as SQL. RADIUS accounting used UDP port 1813.
What is the purpose of a VPN solution?
A VPN solution creates a secure connection from a remote location to your corporate network or vice versa. The most secure tunneling protocol is L2TP/IPSec.
Why should we never use PAP authentication?
PAP authentication uses a password in clear text; this could be captured easily by a packet sniffer.
What type of device is an iris scanner?
An iris scanner is a physical device used for biometric authentication.
What could be the 2 drawbacks of using facial recognition?
Facial recognition could be affected by light or turning your head slightly to one side; some older facial recognition systems accept photographs.
What is Type II in biometric authentication and why is it a security risk?
Type II in biometric authentication is Failure Acceptance Rate, where people that are not permitted to access your network are given access.
What is a time limited password?
TOTP
How many times can you use an HOTP password? Is there a time restriction associated with it?
HOTP is a one time password that does not expire until it used.
How does a CAC differ from a smart card and who uses CAC?
A CAC is used by the military and has a picture and the details of the user on the front, as well as their blood group and Geneva convention category on the reverse side.
What is a port-based authentication that authenticate both users and devices?
IEE802.1x is port-based authentication that authenticates both users and devices.
What type of account is a service account?
A service account is a type of administrative account that allows an application to have a higher level of privileges to run on a desktop or server.
How many accounts should a system admin for a multinational corporation have and why?
2 accounts: a user account for day-to-day tasks, and an administrative account for administrative tasks.
What do I need to do when I purchase a baby monitor and why?
You should rename the default admin account and change the default password to prevent someone from using it to hack into your home.
What is a privilege account?
An account with administrative rights
What is the drawback for security if the company uses shared accounts?
When monitoring and auditing are carried out, the employees responsible cannot be traced from more than one person shared accounts.
What is a default account? Is it a security risk?
Default accounts and passwords for devices and software can be found on the internet and used to hack your network or home devices.
The system admin in a multinational corporation creates a user account using an employee’s first name and last name. Why are they doing this time after time?
They are using a standard naming convention.
What two actions do I need to complete when John Smith leaves the company?
You need to disable his account and reset the password
What is account recertification?
An audit of user accounts and permissions that is usually carried out by an auditor. This is also referred to as a user account review.
What is the purpose of a user account review?
A user account review ensures that old accounts have been deleted and that all current users have the appropriate access to resources and not a higher level of privilege.
What can I implement to find out immediately when a user is placed in a group that may give them a higher level of privilege?
A SIEM system can carry out active monitoring and notify the admin or any changes to user accounts or logs
What will be the two possible outcomes if an auditor finds any working practices that do not conform to company policy?
Either change management or a new policy will be put in place to rectify any area not conforming to company policy.
If a contractor brings in five consultants for two months of mail server migration, show should I set up their accounts?
The contractor’s account should have an expiry date equal to the last day of the contract.
How can I ensure that 3rd party contractors can only access the company network from 9am - 5pm daily?
Rule-based access should be adopted so that the contractors can access the company network between 9am and 5pm daily.
If I have a company that has 5 consultants who work in different shift patterns, how can I set up their accounts so that each of them can only access the network during their individual shifts?
Time and day restrictions should be set up against each individual’s user account matching their shift pattern.
A brute-force attack cracks a password using all combinations of characters and will eventually crack a password. What can I do to prevent a brute-force attack?
Account lockout with a low value will prevent brute-force attacks.
The IT team have a global group called IT Admin; each member of the IT team are members of this group and therefore have full control access to the departmental data. Two new apprentices are joining the company and they need to have read access to the IT data. How can you achieve this with the minimum amount of administrative effort?
Create a group called IT apprentices, and then add the apprentices accounts to the group Give the group read access to the IT data.
I have different login details and passwords to access Airbnb, Twitter, Facebook, but I keep getting them mixed up and have locked myself out of these accounts from time to time. What can I implement on my Windows 10 laptop to help me?
The credential manager can be used to store generic and Windows 10 accounts. The user therefore does not have to remember the account details.
I have moved departments, but the employees in my old department still use my old account for access; what should the company have done to prevent this from happening? What should their next action be?
The company should have disabled the account and reset the password. A user account review needs to be carried out to find accounts in a similar situation.
What is the purpose of the ssh-copy-id command?
To copy and install the public key on the SSH server and add to the list of authorized keys.
When I log in to my Dropbox account from my phone, I get an email asking me to confirm that this was a legal login. What have I been subjected to?
Risky login
What is the purpose of a password vault and how secure is it?
A password vault is an application that stores passwords using an AES-256 encryption and it is only as secure as the master key.
What type of knowledge-based authentication would a bank normally use?
A dynamic KBA that would ask you details about your account that are not previously stored questions.
What is the difference between FAR and FRR?
FAR allows unauthorized user access, and FRR rejects authorized user access.
What is a solution that helps protect privilege accounts?
Privileged Access Management is a solution that stores the privileged account in a bastion domain to help protect them from attack?
What is the danger to households with IoT devices?
Some people don’t realize that there are generic accounts controlling the devices that make them vulnerable to attack.
Why do cloud providers adopt a zero-trust model?
Some devices being used do not belong to a domain so every connection should be considered unsafe.
Which authentication model gives access to a computer system even though the wrong credentials are being used?
Biometric authentication allows unauthorized users access to the system.
In a cloud environment, what is elasticity?
Elasticity allows you to increase and decrease cloud resources as you need them.
In which cloud environment would I install the software and then have to update the patches?
IaaS requires you to install the OS and patch the machines. The CSP provides bare-metal computers.
What cloud model would I not be allowed to migrate to?
SaaS is a custom application written by a vendor and you cannot migrate to it.
What is the major benefit of using a public cloud?
No capital expenditure.
What is a cloud single-tenant model?
Private cloud
What is a cloud multitenant model?
Public Cloud
Describe how a community cloud operates.
A community cloud is where people from the same industry, such as a group of lawyers, design and share the cost of bespoke application and its hosting, making it cost-effective.
Who is responsible for the disaster recovery of hardware in a cloud environment?
The CSP is responsible for the hardware fails.
What is a Cloud Access Security Broker (CASB)?
The CASB ensures that the policies between on-premises and the cloud are enforced.
What model is it if you own the premises and all of the IT infrastructure resides
there?
On-premises is where you own the building and work solely from there.
What is a hybrid cloud model?
A hybrid cloud is where a company is using a mixture of on-premises and the cloud.
What is distributive allocation?
Distributive allocation is where the load is spread evenly across a number of resources, ensuring no one resource is over-utilized. An example of this is using a load balancer.
What type of model deals with identity management?
SECaaS provides secure identity management.
Where will a diskless virtual host access its storage?
A diskless virtual host will get its disk space from an SAN
If you have a virtual switch that resides on a SAN, what connector will you use for
a VLAN?
A VLAN on an SAN will use an iSCSI connector.
What type of disks does a SAN use?
A SAN will use fast disks, such as SSDs
What is the machine that holds a number of VMs called?
A host holds a number of virtual machines - it needs fast disks, memory, and CPU cores.
What is a guest, and what can you use as a rollback option?
A guest is a virtual machine, for example, a Windows 10 virtual machine. A snapshot can be used to roll back to a previous configuration.
In a virtual environment, what is sandboxing and how does it relate to chroot jail?
Sandboxing is where you isolate an application for patching or testing because it is dangerous. A chroot jail is for sandboxing in a Linux environment.
Which is faster for data recovery: a snapshot or a backup tape?
A snapshot is faster at recovering than any other backup solution.
What is a Type 1 hypervisor?
A Type 1 hypervisor is a bare-metal hypervisor (requires no OS). Some examples are Hyper-V, ESX, and Xen.
What is a Type 2 hypervisor?
A Type 2 hypervisor is a hypervisor that sits on top of an operating system, for example, VirtualBox, which could be installed on a Windows 10 desktop.
Why does HVAC produce availability for a data center?
HVAC keeps the servers cool by importing cold air and exporting hot air. If a servers CPU overheats, it will cause the server to crash.
What do you call the cloud model where people from the same industry share
resources and the cost of the cloud model?
A community cloud is where people from the same industry share resources.
What is an example of cloud storage for a personal user?
Cloud storage for personal users could be iCloud, Google Drive, Microsoft OneDrive, or Dropbox
Explain the functionality of fog computing.
Fog computing is an intermediary between the device and the cloud. It allows the data to be processed closer to the device. It reduces latency and cost.
What is edge computing?
It allows data storage to be closer to the sensors rather than miles away in a data center.
What are containers?
A container allows the isolation of the applications and its files and libraries so that the application is independent.
What is IaC?
Infrastructure as code allows you to automate your infrastructure, for example, using PowerShell DSC.
Describe services integration.
The is the combination of business and IT functions into a single business solution.
What are cloud resource policies?
These are the policies that state the actions and access levels someone has in relation to a particular resource.
What is system sprawl, and what is a way to prevent it?
This is where a virtual machine or host has run out of resources. The best way to avoid this is to use thin provisioning.
What is the best way to protect against VM escape?
VM escape is where an attacker will use a vulnerable virtual machine to attack the host of another virtual machine. The best protection against this attack is to ensure that the hypervisor and all virtual machines are fully patched.
What is a cloud region, and how can it provide redundancy?
A cloud region consists of multiple physical locations called zones; data can be spread across multiple zones for redundancy.
What is secret management, and what encryption levels protect the secret
management key?
Secrets management uses a vault to store keys, passwords, tokens, and SSH keys used for privilege accounts. It uses RSA 2048-bit keys to protect the secret management access key.
Explain the main difference between LRS and ZRS. Which one is the cheapest?
LRS replicates 3 copies of your data to a single physical location. This is the cheapest option. ZRS is where three copies of the data are replicated to 3 separate zones within your region.
Why would a VPC use private and public subnets?
They would be used as a form of network segmentation.
What type of resources would be held on a public subnet?
Resources that need access to the internet, for example, company web servers. A NAT gateway and an internet gateway would also be on these subnets.
What type of resources would be held on a private subnet?
Resources that should not have direct internet access, such as database servers, domain controllers, and email servers.
How would someone connect to a VPC?
A VPN connection using L2TP/IPSec should be used to connect to a VPC.