More Exam questions Flashcards
The CIA Triad is considered to be one of the core principles of information security; what does “A” stand for in this acronym? (Select 1 correct answer)
A. Authorization
B. Automation
C. Availability
D. Authentication
C
What is the name of an extremely large table of hash values generated by an attacker to crack system passwords? (Select 1 correct answer)
A. Dictionary table
B. Rainbow table
C. Privilege elevation table
D. None of the above
B
Which of the following properties does SSL/TLS protect? (Select 1 correct answer)
A. Privacy
B. Availability
C. Confidentiality, integrity, and authentication
D. Auditing
C
What is a shoulder surfing attack? (Select 1 correct answer)
A. Replay attack
B. Eavesdropping attack
C. Trojan horse attack
D. Denial of service attack
B
Password files can be protected by what means? (Select 2 correct answers)
A. Honeypots
B. Cryptographic protection
C. Virus scanners
D. Access control
B, D
In access control, what is responsible for regulating the access of subjects to objects on the basis of security parameters? (Select 1 correct answer)
A. Availability checker
B. Reference monitor
C. Logic bomb
D. Virus analyzer
B
Which of the following can be considered to be an elevation of privilege? (Select 1 correct answer)
A. Someone extracts secrets from error messages
B. Someone floods the network with requests
C. Someone modifies data to do things other than what is permitted for that user
D. Someone ignores the security policy
C
Which of the following are examples of symmetric encryption algorithms? (Select 2)
A. 3DES
B. MD5 hash
C. RSA
D. AES
A, D
Access control can support which of the following security goals? (Select 2 correct answers)
A. Availability
B. Integrity
C. Confidentiality
D. None of the above
B, C
How many keys does an asymmetric cipher rely on for secure communication? (Select 1 correct answer)
A. 3
B. 2
C. 1
D. No key is required
B
What is the process of granting a privilege or permission to a system entity to access a system resource called? (Select 1 correct answer)
A. Authentication
B. Monitoring
C. Authorization
D. Control
C
Enforcing a system-generated password on a user can be considered as an example of what? (Select 1 correct answer)
A. Reactive password checking
B. Idle password checking
C. Proactive password checking
D. All of the above
C
What is a web security attack that allows an attacker to interfere with transaction queries to a database? (Select 1 correct answer)
A. Social engineering attack
B. SQL injection attack
C. Brute-force attack
D. Database dictionary attack
B
Hacking a system by exploiting the people that use it is referred to as what? (Select 1 correct answer)
A. Command injection attack
B. SQL injection attack
C. Social engineering attack
D. Brute-force attack
C
One of the criteria that a one-way function should satisfy is what? (Select 1 correct answer)
A. Easy to reverse
B. Hard to reverse
C. Helps prevent virus
D. Easy to decode
B
What is identification?
Identification is the process of claiming an identity. It’s the step where a user presents their identity, typically through a unique identifier.
What is authentication?
Authentication is the process of verifying the identity presented during the identification step. It’s how the system checks whether the user is indeed who they claim to be.
What is Kerberos?
Kerberos is a network authentication protocol that uses tickets to allow nodes to communicate over a non-secure network.
What is OAuth?
OAuth is a protocol that allows third-party applications to access user data without exposing their credentials.
What is SAML (Security Assertion Markup Language)?
It is a protocol that exchanges authentication and authorization data between an identity provider and a service provider.
What is an offline dictionary attack?
Attackers obtain hashed passwords and use a precomputed dictionary of hash values to crack them offline.
What is a hash function?
A hash function is a mathematical function that transforms input (like your
password) into a fixed-length string of characters, called a hash.
What is a trusted path mechanism?
Trusted path is a mechanism that guarantees that the user communicates with the operating system and not with a spoofing program.
What is EEPROM (Electrically Erasable Programmable ROM)?
EEPROM is a type of memory that can be written to and erased using electrical signals. Unlike regular ROM, which is permanent, EEPROM allows data to be changed or updated. EEPROM is slower than regular RAM but more flexible.
What is a threat?
A potential event or action that can compromise the security of an asset, exploiting a vulnerability.
Name the 6 types of threat agents
Hackers
Thieves
Hacktivists
Competitors and organized crime
Terrorists
Nation States
What are tangible assets?
Tangible assets are physical components that can be touched, measured, and quantified.
Example:
Servers, Networking equipment, Storage devices, Workstations and laptops.
What are intangible assets?
Intangible assets are non-physical elements that hold value for an organization, they are often crucial for operations and reputation.
Example:
Brand reputation, data, software and applications, encryption keys and certificates, etc.
What is a vulnerability?
A vulnerability is a weakness in a system that can be exploited, either accidentally or intentionally, to cause harm. This harm can affect assets such as hardware, software, data, reputation, and more.
What is an attack surface?
An attack surface consists of the reachable and exploitable vulnerabilities in a system.
Example:
Open ports on outward-facing web and other servers, services available inside a firewall, code that processes incoming data.
What is an attack tree?
An attack tree is a branching, hierarchical data structure that represents a set of potential techniques for exploiting security vulnerabilities.
What does the root node of an attack tree represent?
The primary goal of the attack
What is malware?
A program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or otherwise annoying or disrupting the victim.
What is a worm?
A worm is a type of malware that attempts to penetrate networks and computer systems. A worm is self-replicating and can spread independently across networks.
What is a virus?
It is a piece of malicious code that replicates by attaching itself to another executable file. When the infected file is executed, the virus is also triggered, allowing it to infect other files or perform malicious actions.
What is a trojan horse?
A Trojan horse (or simply Trojan) is a type of software that appears to perform a useful function but secretly executes harmful actions. Unlike a virus, which spreads by attaching to other programs, a Trojan is a standalone program that must be installed by the user.
What is a logic bomb?
A logic bomb is a piece of malicious code that remains inactive until specific conditions are met.
What is a botnet (attack agents)?
A botnet is a network of compromised computers (bots or zombies) controlled by an attacker.
What is a rootkit?
A rootkit is a set of tools that enable covert system access while hiding evidence of its presence.
What is buffer overflow?
A buffer is a specific memory location used to store data during program execution. Buffer overflow occurs when data exceeds the allocated buffer size, leading to unintended memory overwrites. This can be exploited by attackers to crash a system or execute malicious code.
What is a digital certificate?
A digital certificate is a message signed by a Certificate Authority (CA) that binds a subject’s name to their public key.
What is TLS (Transport Layer Security)?
TLS is a cryptographic protocol that protects data transmission between users and servers. It’s key features are authentication, data integrity, and message confidentiality.
What is HTTPS (Hypertext Transfer Protocol Secure)?
HTTPS is an extension of HTTP that ensures secure communication over a network by encrypting data using SSL/TLS protocols. This encryption helps protect sensitive information exchanged between a web browser and a web server, preventing unauthorized access or data interception.
What is IPSec (Internet Protocol Security)?
IPSec is a protocol suite designed to secure network communications at the IP layer rather than at the transport layer. It provides a robust mechanism for ensuring data confidentiality, integrity, and authenticity across network transmissions.
What is the purpose of a VPN (Virtual Private Network)?
A VPN establishes a secure and encrypted digital connection between a user’s device and a remote server operated by a VPN provider. By encrypting personal data and masking the user’s IP address, VPNs provide privacy, security, and access to geo-restricted content.
What is SSH (Secure Shell)?
SSH is a cryptographic network protocol designed for securely
performing network services over an insecure network. It ensures secure remote login, command execution, and file transfers by encrypting communication, protecting confidentiality, and maintaining data integrity.
What is SFTP (Secure File Transfer Protocol)?
SFTP is an enhanced version of File Transfer Protocol (FTP) that provides secure file transfer capabilities over an encrypted SSH connection. This prevents vulnerabilities such as Man-in-the-Middle (MITM) attacks and password sniffing.
What is OAuth 2.0?
OAuth 2.0 is an authorization framework that allows third-party applications to securely access a user’s resources without exposing login credentials. It is widely used for enabling secure authentication across web services, such as logging into third-party apps using Google, Facebook, or Microsoft accounts.
What is access control and what is it used for?
Access control is the process by which a computer system regulates the interaction between users, programs, or other entities and system resources based on a security policy. It ensures that only authorized users can access certain resources.
What are the two types of NIDS sensors?
Inline and passive sensors
What are honeypots?
Decoy systems designed to lure attackers away from critical systems.
What is a firewall?
A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
What is an asset?
Any valuable resource that requires protection. These can be tangible, like servers or data centers, or intangible, such as intellectual property.
What is asset valuation?
The value of an asset, often measured in monetary terms (like replacement costs) or by its importance to the organization. This helps prioritize protection efforts based on the asset’s significance.
What is a risk?
The potential for loss that arises from the combination of a threat exploiting a vulnerability and the harm it causes.
