My Memory Palace-1

Question 1

Code Review and Testing

POP Is Reworking the Floor Up stair.

Answer 1

Planning, Overview, Preparation, Inspect, Rework, and Follow Up.

Question 2

Penetration Test Process

Mnemonic: PI-VERsion

Answer 2

1. Planning (Scope of the test, Management approval)
2. Information Gathering (Network discovery scan, enumeration)
3. Vulnerability Scanning (Network/Web vuln scan)
4. Exploitation
5. Reporting

Question 3

Asymmetric Algorithms

SA brothers

EE Sisters

Guy name Diffie and his knapsack

Answer 3

RSA and DSA

ECC and El Gamal

Diffie Hellman and knapsack

Question 4

Symmetric Stream algorithm

Answer 4

RC4

Question 5

Symmetric Algorithms Mnemonic

a FISH named DES had an IDEA on how to make RC4 and AES SAFER

Answer 5

TwoFish, DES, IDEA, RC4, AES, SAFER

Question 6

HASHES a bunch of MD’s hanging out with SHA’s HAVAL the RIPE MD TIGERs

Answer 6

SHA, HAVAL, RIPE, MD, TIGER

Question 7

Clark Wilson-Model IVP CDI Transformation

Answer 7

Integrity Verfication Procedures Constrained Data Items Maintained well-formed Transaction

Question 8

Six types of controls

Answer 8

Directive, Deterrent, Preventive, Corrective, Recovery, and Compensating controls

Question 9

ISO/IEC 15288:2015

Answer 9

is a systems engineering standard covering processes and life cycle stages. It defines a set of processes divided into four categories:

1. Agreement
2. Organization Project-Enabling
3. Technical Management
4. Technical

Question 10

ISO 15408

Answer 10

Common Criteria. provides a structured methodology for documenting security requirements, documenting and validating security capabilities

Question 11

ISO/IEC 21827:2008

Answer 11

Systems Security Engineering – Capability Maturity Model (SSE-CMM). Metric standards covers: a. The entire life cycle b. whole organization, management and engineering c. cocurrent interaction w/other discipline d. Interaction w/other organization, acquistion, certification, accredidation, and evaluation

Question 12

Capabilities List

Answer 12

maintains a row of security attributes for each controlled object (asset) managed through the model

Question 13

Security Label

Answer 13

a permanent part of the object it references

Question 14

Data Hiding

Answer 14

important concept in multilevel security systems, ensuring that data existing at one security level is not visible to a process running at a different security level

Question 15

To be secure, the kernel must meet three basic conditions:

Answer 15

a. Completeness (complete mediation): All accesses to information must go through the kernel b. Isolation: The kernel itself must be protected from any type of unauthorized access c. Verifiability: The kernel must be proven to meet design specifications

Question 16

Processor - Perform four key tasks:

Answer 16

1. fetching 2. decoding 3. executing 4. storing

Question 17

most common ways to achieve memory protections

Answer 17

1. Segmentation - dividing a computer’s memory into segments. A reference to a memory location includes a value that identifies a segment and an offset within that segment. 2. Paging - divides the memory address space into equal-sized blocks called pages. A page table maps virtual memory to physical memory. Unallocated pages and pages allocated to any other application do not have any addresses from the application point of view. 3. Protection keying - divides physical memory up into blocks of a particular size, each of which has an associated numerical value called a protection key. Each process also has a protection key value associated with it. When memory is accessed, the hardware checks that the current process’s protection key matches the value associated with the memory block being accessed; if not, then an exception occurs.

Question 18

memory manager provides for the following

Answer 18

a. provide an abstraction level for programers b. Maximize performance with the limited amount of memory available to the system (Physical RAM) c. Protect the operating system and applications once they are loaded into memory

Question 19

Memory Manager has the following 5 responsibilities

Answer 19

1. Relocation 2.Protection 3.Sharing 4.Logical organization 5.Physical organization

Question 20

Class of fire A B C D K

Answer 20

A ash

B boil

C current

D dent

K kitchen

Question 21

Two types of registers use by CPU to identify memory addresses

Answer 21

1. a base register is used to identify the beginning address asssigned to the process 2. a limit register is used to identify the ending address assigned to the process

Question 22

Take-Grant Model

Answer 22

Uses a set of rules to enfore how rights can be passed from one subject to another or from subject to an object.

Question 23

Multilevel Lattice Models

Answer 23

describes strict layers of subjects and objects and defines clear rules that allow or disallow interactions between them based on the layers they are in. Subjects are assigned security clearances that define what layer they are assigned to and objects are classified into similar layers. Related security labels are attached to all subjects and objects. According to this type of model, the clearance of the subject is compared with the classification of the data to determine access. They will also look at what the subject is trying to do to determine whether access should be allowed.

Question 24

Noninterference Models

Answer 24

a type of multilevel model with a high degree of strictness. These models not only address obvious and intentional interactions between subjects and objects, but they also deal with the effects of covert channels that may leak information inappropriately. The goal of a noninterference model is to help ensure that high-level actions (inputs) do not determine what low-level users can see (outputs).

Question 25

Bell-LaPadula

Answer 25

CONFIDENTIALITY OF DATA

1. Simple Property - NO READ UP
2. Star Property - NO WRITE-DOWN
3. Discretionary Security Property - the system uses an access matrix to enforce discretionary access control

Question 26

BIBA

Answer 26

INTEGRITY

1. NO READ DOWN
2. NO WRITE-UP

Question 27

Clark-Wilson

Answer 27

INTEGRITY

Takes a different approach than Biba, ditching the formal state machine
in favor of defining each data item and allowing modification ONLY through a small set of programs.
Uses a three-part relationship (subject | program | object) called a triple or an access control triple.
NO DIRECT ACCESS BY SUBJECTS TO OBJECTS!!! (access only allowed through authorized programs). Principles:

1. well-formed transactions
2. separation of duties

Question 28

Brewer-Nash (Chinese Wall)

Answer 28

focuses on the conflict of interest

Question 29

Goguen-Meseguer

Answer 29

INTEGRITY !!! (just not as well known as Biba). Credited with defining the concepts of noninterference. Based on predetermined a list of objects that a subject can access.

Question 30

Sutherland

Answer 30

INTEGRITY

focuses on preventing interference to support integrity. Based on state machine and information flow. Only allows for the use of a set of predetermined secure states to maintain the integrity and prevent interference. Is often used to prevent covert channels from influencing outcomes.

Question 31

Graham-Denning

Answer 31

secure creation & deletion of subjects & objects specified via a collection of rules & detailed in an Access Control Matrix. 8 primary rules:

a. securely create an object
b. securely create a subject
c. securely delete an object
d. securely delete a subject
e. securely provide the read access right
f. securely provide the grant access right
g. securely provide the delete access right
h. securely provide the transfer access right

Question 32

Harrison-Ruzzo-Ullman

Answer 32

very similar to Graham-Denning. Composed of a set of generic rights and a finite set of commands. It is also concerned with situations in which a subject should be restricted from gaining particular privileges.

Question 33

Six types of controls types
PDC, RDC

Answer 33

Preventive, Detective, Corrective,
Recovery, Deterrent, compensating

Question 34

Six access control types fall into three categories

PAT

Answer 34

Physical, Administrative, Technical

1. Physical - are implemented with physical devices, such as locks, fences, gates, and security guards.
2. Administrative - aka, directive. are implemented by creating and following organization policies, procedures, or regulations. User training and awareness also fall into this category.
3. Technical is implemented using software, hardware, or firmware that restrict logical access on an IT system. Examples include firewalls, routers, encryption, etc…

Question 35

RADIUS

Answer 35

UDP: Authentication port: 1812
UDP: Accounting port: 1813

Question 36

Kerberos

Answer 36

biggest weakness: storage of plain text symmetric keys

Question 37

TACACS

Answer 37

Use UDP port 49 for authentication, may also use TCP

Question 38

TACACS+, port and auth option

Answer 38

Use TCP 49, plus allows for MFA

Question 39

SOD - Separation of Duty

Dual Control, two-person

Split Knowledge

Answer 39

SOD - they are doing different activities
Dual Control - they are doing the same activity

Split knowledge - classic example - you create a encryption key - sting of characters - tear the paper in half and - each individual keeps their half

Question 40

Pen Test Methodology

PR, SV, ER

Answer 40

Planning

Reconnaissance

Scanning (aka Enumeration)

Vulnerability Assessment

Exploit

Report

Question 41

Security Assessments

Answer 41

A holistic (Broader Scope) approach to assessing the effectiveness of access control; may cross multiple domains:

• Policies, procedures, and other administrative controls
• Assessing real world-effectiveness of administrative controls
• Change Management
• Architecture review
• Penetration tests
• Vulnerability assessments
• Security Audits

Question 42

Traceability Matrix, Sometimes, call a requirements traceability matrix (RTM)

Answer 42

Use to map customers’ requirements to the software testing plan

Question 43

Synthetic Transactions,

Synthetic Monitoring

Answer 43

Establish expected norms for the performance of these (Synthetic) transactions. Useful for testing application updates prior to deployment to ensure that functionality will not be negatively impacted.

Question 44

Regression testing

Answer 44

Testing software after updates, modifications, or patches.

Question 45

Acceptance Testing

Answer 45

• Testing to ensure that the software meets the customer’s operational requirements.
• When the test is done by customer, it is called user acceptance testing

Question 46

Combinatorial Software Testing

Answer 46

is a black-box testing method that seeks to identify and test all unique combinations of software inputs. Example - pairwise testing, aka all-pairs testing.

Question 47

Risk

Answer 47

Threat x Vulnerability

Question 48

(ISC)² Ethics
PAPA

Answer 48

Protect, Act, Provide, Advance

• Protect society, the common good, necessary public trust and confidence, and the infrastructure.
• Act honorably, honestly, justly, responsibly, and legally.
• Provide diligent and competent service to principals.
• Advance and protect the profession.

Question 49

Compartmentaliization

Answer 49

a method of enforcing “need to know”, goes beyond the mere reliance upon clearance level and necessitates simply that someone requires access to information.

Question 50

Mandatory Leave/forced vacation

Answer 50

the main reason: reduce or detect personnel SPOF (single point of failure), and detecting and deterring fraud.

Question 51

slack space

Answer 51

data is stored in specific-sized chunks known as clusters, which are sometimes referred to as sectors or blocks. A cluster is a minimum size that can be allocated by a file system. If a particular file, or final portion of a file, does not require the use of the entire cluster, then some extra space will exist within the cluster. This leftover space is known as slack space. This may be used intentionally by an attacker to hold data.

Question 52

“Bad” blocks/clusters/sectors for bad guys to use

Answer 52

An attacker can mark it as bad and hide data here.

Question 53

IOCE and SWGDE

Guideline and Principle of Forensic

Answer 53

1. All forensic principles must be applied to digital evidence
2. Evidence should not be altered as a result of collection
3. All activity relating to the seizure, access, storage, and transfer of digital evidence must be fully documented and available for review
4. An individual is responsible for actions affecting digital evidence while that evidence is in their possession
5. Any entity responsible for seizing, accessing, storing, or transferring digital evidence is responsible for compliance with these principles

Question 54

Forensics Investigation Process

Answer 54

1. Identification
2. Preservation
3. Collection
4. Examination
5. Analysis
6. Presentation
7. Decision

Question 55

Which of the following is BEST represented by encrypting a message with a private key and having the message decrypted with the matching public key?

A. Knapsack problem

B. Zero-knowledge proof

C. Key escrow

D. Elliptic curves

Answer 55

In cryptography, zero-knowledge proof can be represented by encrypting something with your private key. To decrypt something that was encrypted using a private key, you will need to use the corresponding public key. In this case, you know that the item was encrypted using the private key, but you never actually view or are given the public key. Only the owner of the private key can prove they have the key.

Question 56

Registration Authority

RA

Answer 56

A registration authority (RA) acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA).acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA).

Question 57

DRM technique

Answer 57

With recent advancements in technology, it is becoming more and more difficult for copyright holders to control the illegal duplication of their software or digital content. One solution to this problem is the use of DRM. DRM protection can be provided using software or hardware-based solutions. Two types of software-based solutions include watermarking and fingerprinting. Watermarking involves embedding copyright information or a hidden message in the content. Watermarks can be visible or invisible and are copied as the file is passed from device to device or user to user. This can be useful in identifying content that might have been obtained through unauthorized means. Fingerprinting is a type of watermarking technique. It involves embedding a unique identification or serial number into the content so that it can be easily identified.

Question 58

HMAC Use Case

Answer 58

In HMAC, a secret key is added to the message. The message then runs through an algorithm, which generates a MAC value. Only the message and the MAC value are sent to the receiver, and not the secret key. The receiver accepts the message and adds their secret key to the message before an algorithm generates a MAC value for the message. If the receiver’s MAC value matches the sender’s, the message was not modified and was sent from a known computer. HMAC provides data origin authentication, but fails to provide data confidentiality.

Question 59

Incident Response eight steps

PDR, MR, RRL

Answer 59

1. Preparation (Policy, procedures, tools, etc)
2. Detection (Identification)
3. Response (Containment)
4. Mitigation (Eradication)
5. Reporting (All phases, begins with Detection)
6. Recovery
7. Remediation
8. Lesson Learned (post-incident activity, postmortem, or reporting)

Question 60

RAID 3

Answer 60

Byte-level striping with dedicated parity

Question 61

RAID 4

Answer 61

block-level striping with dedicated parity

Question 62

RAID 5

Answer 62

block-level striping with distributed parity

Question 63

RAID 6

Answer 63

Striped set w/dual distributed parity

allow for failure of two drives and still function

writes parity to two different disks

Question 64

RAID 0

Answer 64

Block-level striped set

Question 65

RAID 1

Answer 65

Mirrored set

Question 66

BCP

Answer 66

The focus of BCP is on the business as a whole, ensuring that those critical services or functions the business provides or performs can still be carried out both in the wake of disruption and after the disruption has been weathered.

Question 67

DRP

Answer 67

DRP is considered tactical rather than strategic and provides a means for immediate response to disasters.

DRP focuses on efficiently attempting to mitigate the impact of a disaster by preparing the immediate response and recovery of critical IT systems.

A short time plan for dealing with IT-oriented disruption.

Example: Mitigating a malware infection that shows the risk of spreading to other systems.

Question 68

DR Process

RAC AR

Answer 68

1. Respond - The initial response to assess damaged. Is the event constitutes a disaster?
2. Activate Team - If declared, then the recovery team needs to be activated. Use “call tree” to help facilitate the process.
3. Communicate - often occurs out-of-band, leveraging an office phone will quite often not be a viable option. Internal status and must prepare to provide external communication (public)
4. Assess - Proceed to assess the extent of damage to determine the proper steps necessary to ensure the organization’s ability to meet its mission.
5. Reconstitution - recover critical business operations at either a primary or secondary site. Also, a salvage team is employed to begin the recovery process at the primary facility that experienced the disaster.

Question 69

NIST DR/DRP, Contingency Planning Guide

Answer 69

NIST 800-34

Question 70

Custodian

Answer 70

provides hands-on protection of assets

perform data backups and restoration, patch systems, configure av, etc..

DO NOT make critical decisions on how data is protected.

Question 71

System Owner

Answer 71

is a manager who is responsible for the actual computers that house the data. They ensure H/W is secure, OS is patched and up to date, the system is hardened, etc. Technical hands-on responsibilities are delegated to custodians.

Question 72

Data Controllers

Answer 72

Create and manage sensitive data w/in the organization. HR is often data controllers, as they create and manage sensitive data.

Question 73

Data Processers

Answer 73

Manage data on behalf of data controllers.

An outsourced payroll company is an example of a data processor who processes data on behalf of data controllers.

Question 74

Commercial organizations typically use the following four sensitivity levels:
PS PC

Answer 74

Public, Sensitive, Private, and Confidential.

Question 75

BRP
Business Recovery(or Resumption) Plan

ref: NIST 800-34

Answer 75

Purpose: Provide procedures for recovering business operations immediately following a disaster.

Scope: Address business Processes; not IT-focused; IT addressed based only its support for business process.

Question 76

Continuity of Operations Plan

( COOP )

Answer 76

Purpose: Provide procedures and capabilities to sustain an organization’s essential, strategic functions at an alternate site for up to 30 days.

Scope: Addresses the subset of an organization’s missions that are deemed most critical; usually written at the headquarters level; not IT-focused.

Question 77

Continuity of Support Plan/IT Contingency Plan

Answer 77

Purpose: Provides procedures and capabilities for recovering a major application or general support system.

Scope: Same as IT contingency plan; addresses IT system disruptions; not business process-focused.

Question 78

Crisis Communications Plan

Answer 78

Purpose: Provides procedures for disseminating status reports to personnel and the public

Scope: Addresses communications with personnel and the public; not IT-focused.

Question 79

Cyber-incident Response Plan

Ref: NIST 800-34

Answer 79

Purpose: Provide strategies to detect, respond to, and limit the consequences of a malicious incident.

Scope: Focus on information security responses to incidents affecting systems and/or networks

Question 80

RAID 0 offer zero protection

Answer 80

Striping

Question 81

Occupant Emergency Plan

(OEP)

Answer 81

Purpose: Provide coordinated procedures for minimizing loss of life or injury and protecting property damage in response to a physical threat

scope: Focuses on personnel and property particular to specifics facility; not business process or IT system functionality based

Question 82

Differential Backup

Answer 82

Archive data since the last full backup

Question 83

Gates basically have four distinct classifications:

Ref: Shawn Harris, page 1369

Answer 83

Class I - Residential usage

Class II - Commercial usage, where general public access is expected.

examples: a public parking lot entrance, a gated community, or a self-storage facility.

Class III - Industry usage, where limited access is expected.

example: A warehouse property entrance not intended to serve the general public

Class IV - Restricted access; this includes a prison entrance that is monitored either in person or via closed circuitry.

Question 84

Negative Testing

Answer 84

Negative testing is also called misuse testing. It is typically performed by entering invalid information to identify how it is handled by the application. Negative testing can also involve attempting to perform other actions that should not be allowed by the application. Determining whether an application will allow a web page to be accessed by a user without requiring them to log in first would be an example of a negative software test.

Question 85

BCP/DRP Frameworks

Answer 85

NIST 800-34 - Contingency Planning Guide

ISO 27031 - focuses on BCP (DRP is handled by another framework)

ISO 2476:2008 - Disaster Recovery Plan.

BCI - Business Continuity Institute. Good Practice Guideline (GPG)

Question 86

Common BCP/DRP mistakes

Answer 86

1. Lack of Management support
2. Lack of business unit involvement
3. Lack of prioritization among critical staff
4. Improper (often overly narrow) scope
5. Inadequate telecommunications management
6. Incomplete or Inadequate CMP
7. Lack of testing
8. Lack of training and awareness
9. Failure to keep the BCP/DRP plan up to date

Question 87

Which technique is used to extend the capability of a role-based access control mechanism?

A. Polyinstantiation

B. Asset valuation

C. Temporal isolation

D. Scrubbing

Answer 87

Answer: A - Lattice?

Question 88

TearDrop

Answer 88

Teardrop attacks occur when an attacker sends packets that are too small and result in a system locking up or rebooting. This type of attack takes advantage of the fact that systems do not check to see if a received packet is too small. The attacker creates these small packets in such a way that when the receiving system attempts to recombine the fragments, they cannot be reassembled properly. There are three common methods used to protect a system from this type of attack.

Firstly, keep the operating system patched and up-to-date.

Secondly, use a router to disallow any malformed packets from entering into the network environment.

Finally, use a router to attempt to combine all fragments into the associated packet before sending them on to the destination system.

Question 89

MPLS

Answer 89

Multiprotocol Label Switching (MPLS) does not natively include encryption services. MPLS traffic can be encrypted before encapsulation by using protocols such as IP Security (IPsec) and Secure Sockets Layer (SSL). MPLS security can be facilitated through the specification of traffic flow routes and by hiding the IP destination addresses from intermediate devices.

Question 90

PKI

Answer 90

PKI is a set of policies, processes, server platforms, software, and workstations to administer certificates and public-private key pairs. PKI has the ability to issue, maintain, and revoke public key certificates. PKI provides security services for confidentiality, integrity, authentication, nonrepudiation, and access control, based on using private and public key cryptography. A registration authority (RA) acts as a verifier for the certificate authority before a digital certificate is issued to a requestor. The RA is responsible for verifying the identity of the requesting individual for the certificate authority (CA). However, if an RA is not specifically being implemented within the PKI, the certificate authority (CA) can provide its verification services.

Question 91

Provide CIA and Non-repudation

Answer 91

To provide confidentiality, authentication, nonrepudiation, and integrity, messages will have to be encrypted and digitally signed. Encryption provides confidentiality. RSA, ECC, and El Gamal are algorithms that provide encryption. Digital signatures provide authentication, nonrepudiation, and integrity. RSA, DSA, ECC, and El Gamal are algorithms that can be used to digitally sign a message.

Question 92

PGP

Answer 92

Pretty Good Privacy (PGP) is a cryptosystem that was created to protect e-mail messages, which allows only the communicating parties to be able to read their e-mail messages. PGP works using RSA public key encryption, in which each communicating party creates an RSA public and private key pair. The private key remains private and the public key is distributed on the Internet. PGP uses the International Data Encryption Algorithm (IDEA) for encrypting bulk data, which provides data confidentiality. PGP relies on a web of trust in its approach to key management, so it does not require a PKI infrastructure. Each user has a file referred to as a key ring. This file contains a collection of the public keys received from other users.

Question 93

Key Management

Answer 93

All cryptographic algorithms and protocols eventually age and become compromised. IS professionals must test the cryptographic systems of their organization and replace the systems that are outdated. The governance of cryptographic algorithms and systems should address the following at a minimum:

Transition plans for replacing outdated algorithms and keys

Procedures for the use of cryptographic systems

Approved cryptographic algorithms and key sizes

Key generation, escrow, and destruction guidelines

Incident reporting guidelines

Question 94

TCSEC

Answer 94

TCSEC provides a graded classification of systems that is divided into assurance levels. There are four divisions of assurance levels:

A: verified protection

B: mandatory protection

C: discretionary protection

D: minimal security

Some of these divisions can also be further divided into one or more numbered classes. Division B evaluates the MACs and the reference monitor mechanisms used in a system. For the organization’s systems to meet the B1 assurance level, security labels must be used by the subjects and objects of the systems. These security levels must be enforced by a MAC mechanism

Question 95

A double-encapsulated 802.1Q frame attack

Answer 95

A double-encapsulated 802.1Q frame attack involves an attacker exploiting a weakness in how the 802.1Q encapsulation process works. This weakness allows an attacker to encapsulate the frame with two VLAN tags.
The first encapsulation will contain the VLAN number of the targeted VLAN (VLAN 7 for example). The second, outer encapsulation will contain the VLAN number of the native VLAN (VLAN 1 by default). The switch will remove the outer encapsulation, but it will not remove the inner encapsulation containing the second VLAN number of the targeted VLAN. Since the outer encapsulation that was removed contained the native VLAN number, the switch will then forward the frame along the trunk without encapsulating it. When the frame is received by the second switch, it will see the inner encapsulation containing the VLAN number of the targeted VLAN (VLAN 7 in this example). It will then remove the encapsulation and forward the frame on VLAN 7. This will allow an attacker to transmit packets on the wrong VLAN. The double-encapsulated 802.1Q frames attack can be prevented by removing (filtering) the native VLAN from all trunk links.
Other measures that can help prevent this attack include issuing the switchport mode access and switchport nonegotiate commands on all user-facing switch ports.

Question 96

Meltdown

Answer 96

A meltdown is a memory vulnerability that allows the contents of private kernel memory to be read by an unauthorized process. It happens when a modern CPU makes an inaccurate prediction about future instructions in an attempt to optimize performance. If the incorrect procedure isn’t reversed entirely it can leave some data remnants exposed.

Question 97

Information Flow Model

Answer 97

The information flow security model compartmentalizes data based on classification and the need to know. To access an object, a subject’s clearance should dominate the object’s classification and specify the need to know. This security model was the basis for models such as Bell-LaPadula and Biba. The goal of this model is to prevent the existence of covert channels in a system and to secure the flow of information. The model also ensures that information always flows from a low security level to a high security level and from a high integrity level to a low integrity level.

Question 98

IED - Intelligent Electronic Devices

Answer 98

The Intelligent Electronic Devices (IED) component of a SCADA system is a sensor that is able to obtain data from devices and perform actions based on it. The IED provides a way of performing automatic control of devices at the local level.

Question 99

TCP sequence number attack

Answer 99

A Transmission Control Protocol (TCP) sequence number attack exploits the communication session that is created between two hosts. It hijacks the session so that the attacker can communicate with the host that it wishes to attack. Once this attack is successful, the attacker will have the same privileges and access rights that the original host would have been granted. In a TCP sequence number attack, the attacker will sniff the network traffic and locate packets that are going between the two hosts. It will make note of the sequence numbers that are being used and attempt to trick the receiving host into thinking that it is the original client. It will do this by sending its own message using a sequence number that is valid, based on the previous numbers that it sniffed out of the traffic stream. Once successful, the original client will no longer be responded to, so it will have to set up a new session while the attacker is using the original session that was created.

Question 100

NDA

Answer 100

Nondisclosure agreements (NDAs), not NCAs are typically used to protect a company’s propietary or confidential information from being disclose by an employee.

Question 101

NCA - Non-Compete Agreement

Answer 101

Are typically used to prevent the threat of loss of an employee to a similar company as a means of wage negotiation and to prevent the potential loss of company skills to a competitor. Therefore, NDAs are more likely to contain a non-disclosure demand than NCAs. Like NCAs, NDAs are typically signed at the time of hiring and can be used to enforce strict penalties on employees who violate them.

NCAs are likely to contain an expiration date because courts consider it unreasonable to bar an employee from working for competitor over a lifespan.

NCAs can be difficult to enforce in court because legal systems recognize the employee’s need to earn a reasonable income by using the knowledge or skills they already have. One way to prevent an employee from violating the NCAs is to ensure that the agreement is enforceable in a court of law. Therefore, most NCAs provide an expiration date to make the agreement enforceable.

NCAs are likely to contain a job description and a geographic restriction for the same reason they contain an expiration date. Without these limitations, a court might consider the NCA to be unreasonable and therefore unenforceable.