Needs Improvement

Question 1

DES

Answer 1

Symmetric
Key Length: 64 bit

Question 2

3 DES or
TDES
(Triple DES)

Answer 2

Symmetric
Key Length 56 bit*3

Question 3

AES

Answer 3

Symmetric
Key Length: 128,192,256 bit

Question 4

IDEA

Answer 4

Symmetric
128 bit

Question 5

Skipjack

Answer 5

Symmetric
80 bit

Question 6

Blowfish

Answer 6

Symmetric
32-448 bit

Question 7

TwoFish

Answer 7

Symmetric
2048

Question 8

RC4

Answer 8

Symmetric
40-2048

Question 9

RC5

Answer 9

Symmetric
2048

Question 10

CAST

Answer 10

Symmetric
40-128 bit & 128-256 bit

Question 11

Diffie Hellman

Answer 11

Asymmetric
No confidentiality, authentication, or
non-repudiation
* Secure key transfer

Question 12

RSA

Answer 12

Asymmetric
4096 bit
Uses 1024 keys
* Public key and one-way function for
encryption and digital signature
verification
* Private key and one-way function for
decryption and digital signature
generation
* Used for encr

Question 13

Elgamal

Answer 13

Asymmetric
Any Size

Question 14

Elliptic Curve Cryptosystem (ECC)

Answer 14

Asymmetric
Any Size

Question 15

Symmetric Algorithms

Answer 15

Use a private key which is a secret key between two parties.
Each party needs a unique and separate private key.
Number of keys = x(x-1)/2 where x is the number of users. Eg.
DES, AES, IDEA, Skipjack, Blowfish, Twofish, RC4/5/6, and
CAST.

Question 16

Stream Based Symmetric Cipher

Answer 16

Encryption done bitwise and use keystream generators Eg.
RC4.

Question 17

Block Symmetric Cipher

Answer 17

Encryption done by dividing the message into fixed-length
blocks Eg. IDEA, Blowfish and, RC5/6

Question 18

Asymmetric Algorithms

Answer 18

Use public and private key where both parties know the public
and the private key known by the owner .Public key encrypts
the message, and private key decrypts the message. 2x is total
number of keys where x is number of users. Eg. Diffie-Hellman,
RSA, El Gamal, ECC, Knapsack, DSA, and Zero Knowledge
Proof.

Question 19

Physical (1)

Answer 19

Electrical signal : Bits to voltage

Question 20

Data Link Layer (2)

Answer 20

PPP - PPTP - L2TP - - ARP -
RARP - SNAP - CHAP - LCP -
MLP - Frame Relay - HDLC -
ISL - MAC - Ethernet - Token
Ring - FDDI

Question 21

Network
layer (3)

Answer 21

CMP - BGP - OSPF - RIP - IP -
BOOTP - DHCP - ICMP

Question 22

Transport (4)

Answer 22

TCP - UDP datagrams. Reliable end to end data
transfer -Segmentation - sequencing - and error checking

Question 23

Session (5)

Answer 23

TCP - UDP - NSF - SQL - RADIUS - and RPC - PPTP - PPP

Question 24

Presentation (6)

Answer 24

TCP - UDP messages

Question 25

Application (7)

Answer 25

TCP - UDP - FTP - TELNET -
TFTP - SMTP - HTTP CDP -
SMB - SNMP - NNTP - SSL -
HTTP/HTTPS.

Question 26

Challenge-Handshake Authentication Protocol (CHAP)

Answer 26

Encrypt username/password and
re-authenticate periodically. Use in PPP.

Question 27

Point-to-Point Tunneling Protocol
(PPTP)

Answer 27

• PPP for authentication
• No support for EAP
• Dial in
• Connection setup uses plaintext
• Data link layer
• Single connection per session

Question 28

Layer 2 Tunneling Protocol (L2TP)

Answer 28

• Same as PPTP except more secure
• Commonly uses IPsec to secure L2TP packets

Question 29

Internet Protocol Security (IPsec)

Answer 29

• Network layer
• Multiple connection per session
• Encryption and authentication
• Confidentiality and integrity

Question 30

EAP (Extensible
Authentication Protocol)

Answer 30

Utilizes PPP and wireless authentication. Compatible with
other encryption technologies

Question 31

Discretionary Access Control
(DAC)

Answer 31

Uses access control lists (ACLs -
Access-control lists).

Question 32

Mandatory Access Control
(MAC)

Answer 32

Subject authorize according to security labels.
Used by owners to grant or deny access to
other users. ACL defines the level of access
granted or denied to subjects.

Question 33

Role-BAC (RBAC)

Answer 33

Task-based access controls - subjects require
access an object based on its role or
assigned tasks.

Question 34

Rule-BAC

Answer 34

Uses a set of rules or filters to define what
can or cannot be done on a system.

Question 35

Lattice based / Label

Answer 35

Objects are classified based on control level
using a label.

Question 36

Non-discretionary access /
Mandatory-Access control

Answer 36

Based on policies defined by a central
authority. Role based or task based.

Question 37

Kerberos

Answer 37

Client /server model authentication protocol.
* Symmetric Key Cryptography
* Key Distribution Center (KDC)
* Confidentiality and integrity and authentication,
symmetric key cryptography

Question 38

The Kerberos
logon process

Answer 38

• User input username/password in client PC/Device.
• Client system encrypts credentials using AES to submit
  for KDC.
• KDC match input credentials against database.
• KDC create a symmetric key and time-stamped TGT to be
  used by the client and the Kerberos server.
• Key and TGT are encrypted using client password hash.
• Client installs the TGT and decrypts the symmetric key
  using a hash.

Question 39

Risk Management

Answer 39

the process of identifying,
examining, measuring, mitigating, or transferring
risk

Question 40

Preventative Risk Management

Answer 40

Security Policies
Security Cameras
Callback
Security Awareness Training
Job Rotation
Encryption
Data Classification
Smart Cards

Question 41

Deterrent Risk Management

Answer 41

Security Personnel
Guards
Security Cameras
Separation of Duties
Intrusion Alarms
Awareness Training
Firewalls
Encryption

Question 42

Detective Risk Management

Answer 42

Logs
Security Cameras
IDS
Honey Pots
Audit Trails
Mandatory Vacations

Question 43

Corrective Risk Management

Answer 43

Alarms
Antivirus Solutions
IDS
BCP

Question 44

Recovery Risk Management

Answer 44

Backups
Server Clustering
Fault Tolerant Drive Systems
Database Shadowing
Antivirus Software

Question 45

NIST SP 800 Series

Answer 45

Computer Security in a variety of areas

Question 46

800-14 NIST SP

Answer 46

Securing Information Technology
systems

Question 47

800-18 NIST

Answer 47

Develop security plans

Question 48

800-27 NIST SP

Answer 48

Baseline for achieving security

Question 49

800-88 NIST

Answer 49

Guidelines for sanitation and disposition,
prevents data remanence

Question 50

800-137

Answer 50

Continuous monitoring program: define, establish, implement, analyze and report

Question 51

800-145

Answer 51

Cloud Computing standards

Question 52

FIPS

Answer 52

Federal Information Processing Standards

Question 53

Sniffing

Answer 53

Unauthorized monitoring of transmitted data

Question 54

Session Hijacking

Answer 54

Monitor and capture of authentication sessions with the purpose of finding and hijacking credentials

Question 55

Incident Response steps

Answer 55

1. Detect
2. Respond
3. Report
4. Recover
5. Remediate
6. Review

Question 56

Port 20, 21

Answer 56

FTP File Transfer Protocol

Question 57

Port 22

Answer 57

SSH Secure Shell

Question 58

Port 23

Answer 58

Telnet

Question 59

Port 25

Answer 59

SMTP Simple Mail Transfer Protocol

Question 60

53

Answer 60

DNS

Question 61

110

Answer 61

POP3 Post Office Protocol

Question 62

80

Answer 62

HTTP Hypertext Transfer Protocol

Question 63

143

Answer 63

IMAP Internet Message Access Protocol

Question 64

389

Answer 64

LDAP Lightweight Directory Access Protocol

Question 65

443

Answer 65

HTTPS Hypertext Transfer Protocol Secure

Question 66

636

Answer 66

Secure LDAP Lightweight Directory Access Protocol

Question 67

445

Answer 67

ACTIVE Directory

Question 68

1433

Answer 68

Microsoft SQL

Question 69

3389

Answer 69

RDP Remote Desktop Protocol

Question 70

137-139

Answer 70

NETBIOS

Question 71

Due Dilligence

Answer 71

establishing a plan, policy, and process to protect the interests of an organization

Question 72

Due Care

Answer 72

Practicing the individual activities that maintain the due diligence effort

Question 73

Asset

Answer 73

Anything of Value to the company

Question 74

Vulnerability

Answer 74

A weakness: the absence of a safeguard

Question 75

Threat

Answer 75

Things that could pose a risk to all or part of an asset

Question 76

Threat Agent

Answer 76

The entity which carries out the attack

Question 77

Exploit

Answer 77

an instance of compromise

Question 78

Risk

Answer 78

The probability of a threat materializing

Question 79

SDN Software Defined Networking

Answer 79

Decoupling the network control and the
forwarding functions.
Features -Agility, Central management,
Programmatic configuration, Vendor neutrality.

Question 80

Fibre Channel over Ethernet
(FCoE)

Answer 80

Running fiber over Ethernet network.

Question 81

Multiprotocol Label Switching (MPLS)

Answer 81

Transfer data based on the short path labels
instead of the network IP addresses. No need of
route table lookups.

Question 82

Internet Small Computer Interface (iSCI)

Answer 82

Standard for connecting data storage sites such
as storage area networks or storage arrays.
Location independent.

Question 83

Synchronous
Data Link
Control (SDLC)

Answer 83

IBM proprietary protocol use with permanent
dedicated leased lines.

Question 84

High-level Data Link Control (HDLC)

Answer 84

Use DTE/DCE communications. Extended
protocol for SDLC

Question 85

MD2

Answer 85

128-bit hash, 18 rounds of computations

Question 86

MD4

Answer 86

128-bit hash. 3 rounds of computations, 512 bits block sizes

Question 87

MD5

Answer 87

128-bit hash. 4 rounds of computations, 512 bits block sizes,
Merkle–Damgård construction

Question 88

MD6

Answer 88

Variable, 0<d≤512 bits, Merkle tree structure

Question 89

SHA-1

Answer 89

160-bit MD, 80 rounds of computations, 512 bits block sizes,
Merkle–Damgård construction (not considered safe against
well funded attackers)

Question 90

SHA-2

Answer 90

224, 256, 384, or 512 bits, 64 or 80 rounds of computations,
512 or 1024 bits block sizes, Merkle–Damgård construction
with Davies–Meyer compression function

Question 91

Type I Error

Answer 91

False Rejection Rate

Question 92

Type II Error

Answer 92

False Acceptance Rate

Question 93

CER Crossover Error Rate

Answer 93

The point at which FRR equals FAR. This is expressed as
a percentage - lower CER is better.

Question 94

Enticement

Answer 94

• Is the legal action of luring an intruder, like in a
  honeypot

Question 95

Entrapment

Answer 95

• Is the illegal act of inducing a crime, the individual had
  no intent of committing the crime at first

Question 96

Business Continuity Plan BCP

Answer 96

Concerns the preservation and recovery of business in the
event of outages to normal business operations

Question 97

Business Impact
Analysis (BIA)

Answer 97

The process of assessing the impact of an IT disruption.
BIA is part of BCP

Question 98

Disaster Recovery Plan (DRP)

Answer 98

A framework of steps and actions that need to be taken
to achieve business continuity and disaster recovery
goals.
End Goal – Revert back to normal operations - planning
and development must be done before the disaster - BIA
should be complete

Question 99

Business Continuity
Steps

Answer 99

1. Scope and plan initiation
2. BIA - assess impact of disruptive processes
3. Business Continuity Plan development - Use BIA to
   develop BCP -
   Testing
4. Plan approval and implementation - management
   approval

Question 100

DBMS Types

Answer 100

Hierarchical * Network * Mesh * Object-orientated
* Relational

Question 101

DDL Data definition language

Answer 101

defines structure and schema DML

Question 102

Degree of Db

Answer 102

number of attributes (columns) in table

Question 103

Tuple

Answer 103

rows

Question 104

Foreign Key

Answer 104

reference to another table which include primary
key. Foreign and primary keys link is known as
referential integrity.

Question 105

Token-passing

Answer 105

Sender can send only when token received indicating free to
send.