Other

Question 1

Data owner

Answer 1

Person who is responsible for specific data. Usually a senior officer.

Question 2

Data controller

Answer 2

Manages the purposes and means by which data is processed.

(E.g payroll controller defines payroll amounts and time frames, but the processor will process the payroll and store employee information.)

Question 3

Data processor

Answer 3

Processes data on behalf of the data controller. Often a third-party.

(E.g payroll controller defines payroll amounts and time frames, but the processor will process the payroll and store employee information.)

Question 4

Data custodian/steward

Answer 4

Responsible for accuracy, privacy, and security of data. Associates sensitivity labels to the data. Ensures compliance of data with applicable laws and standards. Manages access rights to the data. Implements security controls.

Question 5

DPO

Answer 5

Data Protection Officer

Responsible for the organization’s data privacy. Sets policies, implements processes and procedures.

Question 6

Data minimization

Answer 6

Only collect and retain necessary data.

Question 7

Data masking

Answer 7

*****2512

Question 8

Anonymization

Answer 8

Make impossible to identify individual data from a dataset

Question 9

Pseudo-anonymization

Answer 9

Replace personal information with pseudonyms. Used to maintain statistical relationships.

Question 10

PHI

Answer 10

Protected Health Information

Question 11

PIA

Answer 11

Privacy Impact Assessment

Identifying how the privacy of our customer’s data will be affected by our new product, feature, or platform.

Question 12

RTO

Answer 12

Recovery Time Objective

Describes how long it would take back to get to a particular service level.

Question 13

RPO

Answer 13

Recovery Point Objective

A minimum level of service we need to achieve after disaster.

Question 14

MTTR

Answer 14

Mean Time To Repair

Average time required to fix the issue.

Question 15

MTBF

Answer 15

Mean Time Between Failures

Average time between failures.

Question 16

DRP

Answer 16

Disaster Recovery Plan

Question 17

BIA

Answer 17

Business Impact Analysis

Part of the overall BCP. Identifies critical systems and components that are essential to the organization’s success. Does not provide solutions. Just information about which systems are important, maximum downtime, and scenarios that are likely to affect these systems.

Question 18

BCP

Answer 18

Business Continuity Plan

Outline disaster recovery and provides steps used to return critical functions to operation after an outage.

Question 19

Risk Register

Answer 19

Document that identifies risks and possible solutions.

Question 20

Risk matrix

Answer 20

Visualize the results of a risk assessment. Red is bad, green is less bad.

Question 21

Inherent Risk

Answer 21

Risk that exists in the absence of controls.

Question 22

Residual Risk

Answer 22

Risk that exists after implementing controls.

Question 23

GDPR

Answer 23

General Data Protection Regulation

Data protection and privacy for individuals in the EU. Prevents privacy data from being exported outside of the EU and gives the user the power to have it removed. Requires the organization to explain their privacy policy.

Question 24

HIPAA

Question 25

Types of Risk Assessment

Answer 25

1. Qualitative - e.g Colors in a chart, red bad, green less bad
2. Quantitative - Numbers

Question 26

ARO

Answer 26

Annualized Rate of Occurrence

How many times the event occurs in a year.

Question 27

SLE

Answer 27

Single Loss Expectancy

Amount we lose for one occurrence of the event.

Question 28

ALE

Answer 28

Annualized Loss Expectancy

ARO x SLE, How much we expect to lose in a year from the event occurring.

Question 29

MDM

Answer 29

Mobile Device Manager

Enable or disable phone and tablet functionality regardless of location.

Question 30

SLA

Answer 30

Service Level Agreement

Minimum terms for services provided. Uptime, response time agreement etc. Used between customers and service providers.

Question 31

MOU

Answer 31

Memorandum Of Understanding

Both sides agree to the contents of the memorandum. Statements of confidentiality. Informal letter of intent, not a full blown contract.

Question 32

MSA

Answer 32

Measurement System Analysis

Assesses the measurement process. Calculates measurement uncertainty.

Question 33

BPA

Answer 33

Business Partnership Agreement

Provides details about owner stake, financial contract, decision-making agreements, prepare for contingencies.

Question 34

NDA

Answer 34

Non-disclosure agreement

Creates confidentiality between parties.

Question 35

EOL

Answer 35

End of life

Manufacturer stops selling OR supporting a product.

Question 36

EOSL

Answer 36

End of Service life

Manufacturer stops selling AND doesn’t support the product (BOTH).

Question 37

CBT

Answer 37

Computer-based training

Question 38

CIS CSC

Answer 38

Center for Internet Security Critical Security Controls for Effective Cyber Defense

FRAMEWORK that identifies twenty key security controls that can be implemented for different organization sizes.

Question 39

NIST RMF

Answer 39

National Institute of Standards and Technology Risk Management Framework

A 6 step FRAMEWORK required by government agencies.
1. Categorize - Define the environment
2. Select - Pick appropriate controls
3. Implement - Define proper implementation
4. Assess - Determine if the controls are working
5. Authorize - Make a decision to authorize a system
6. Monitor - Check for ongoing compliance

Question 40

NIST CSF

Answer 40

National Institute of Standards and Technology Cybersecurity Framework

FRAMEWORK for commercial implementation rather than government.

1. Framework Core - Identify, Protect, Detect, Respond, Recover
2. Framework implementation tiers - Organization’s view of cybersecurity risk and processes to manage the risk
3. Framework Profile - Alignment of standards, guidelines and practices to the framework core

Question 41

ISO/IEC 27001

Answer 41

STANDARD, ISMS (Information Security Management Systems)

Organizations can implement the ISMS requirements. Then they go through a 3 stage process to become ISO 27001 compliant.

Question 42

ISO/IEC 27002

Answer 42

STANDARD

Complement to the ISO 27001. Provides best practice guidelines for organizations relating to implementing the ISMS requirements.

Question 43

ISO/IEC 27701

Answer 43

STANDARD, PIMS (Privacy Information Management System)

Based on ISO 2700. Outlines a framework for managing and protecting PII. Provides guidelines for complying with GDPR.

Question 44

ISO 31000

Answer 44

STANDARD

Related to risk management. Guidelines for organizations to help manage risk.

Question 45

SSAE SOC 2 TYPE I

Answer 45

A report, assesses how well security controls address risk. Not how effective they are in process.

Question 46

SSAE SOC 2 TYPE II

Answer 46

A report, assess how well security controls actually work in practice over a particular interval of time.

Question 47

CSA CCM

Answer 47

Cloud Security Alliance Cloud Controls Matrix FRAMEWORK

Cloud-specific security controls.

Question 48

PCI DSS

Answer 48

Payment Card Industry Data Security Standard

A STANDARD for protecting credit cards. Six control objectives.
1. Build and maintain secure network and systems
2. Protect cardholder data
3. Maintain a vulnerability management program
4. Implement strong access controls measures
5. Regularly monitor and test networks
6. Maintain information security policy

Question 49

Non-repudiation

Answer 49

Proof of data integrity and the origin of the data.

Question 50

MAC (Crypto)

Answer 50

Message Authentication Code

Provides non-repudiation.

Question 51

Data volatility Chart

Answer 51

1. CPU registers, CPU cache
2. Router tables, ARP cache, process table, kernel statistics, memory
3. Temporary file systems
4. Disk
5. Remote logging and monitoring data
6. Physical configuration, network topology
7. Archival media

Question 52

RFC 3227

Answer 52

Guidelines for evidence collection and archiving.

Question 53

ESI

Answer 53

Electronically Stored Information

A legal hold can be placed on this type of data for it to be stored for a certain amount of indefinite amount of time.

Question 54

Admissibility

Answer 54

Not all data you collect can be used in a court of law. Data must be collected with a set of standards in order to be used in court.

Question 55

Chain of Custody

Answer 55

Control the evidence in order to main integrity. A document and hashes that verify that the data remains unchanged and who was responsible for it at any given time.

Question 56

SOAR

Answer 56

Security Orchestration Automation and Response

Integrate third-party tools and data sources. Runbooks. Playbooks.
1. Orchestration - Connect many different tools together
2. Automation - Handle security tasks automatically
3. Response - Make changes immediately

Question 57

Syslog

Answer 57

Standard for message logging. Diverse systems can create a consolidated log. Requires central log collected usually found in the SIEM.

Some flavors: Rsyslog, syslog-ng, NXLog

Question 58

NetFlow

Answer 58

Gather traffic statistics from all traffic flows. Probe and collector. Probe sends summary records to the collector.

Question 59

IPFIX

Answer 59

Newer, NetFlow-based standard

Question 60

sFlow

Answer 60

Only looks at a portion of the actual network traffic. Unlike NetFlow and IPFIX which look at everything. Switches and routers might already support sFlow.

Question 61

MITRE ATT&CK

Answer 61

ATTACK FRAMEWORK, MITRE Adversary Tactics Techniques and Common Knowledge

Gives a bunch of different attack methods that an adversary might use as well as mitigations and detection techniques.

Question 62

Diamond Model of Intrusion Analysis

Answer 62

Question 63

Cyber Kill Chain

Answer 63

1. Reconnaissance
2. Weaponization - Building the payload
3. Delivery - Fire the payload
4. Exploit - Activate it
5. Installation - Install malware
6. Command & Control - C2 channel created
7. Actions on objectives

Question 64

COOP

Answer 64

Continuity of Operations Planning

Plan that explains how to continue operations with certain systems being unavailable. E.g paper receipts, manual transactions, etc

Question 65

CIRT

Answer 65

Computer Incident Response Team

Question 66

DD command

Answer 66

Create a disk image: dd if=/dev/sda of=/temp/sda-image.img Restore from an image: dd if=/temp/sda-image.img of=/dev/sda`

Question 67

Wireshark, tcpdump, tcprelay

Answer 67

Packet analyzers aka protocol analyzers

Question 68

Linux permissions string

Answer 68

Owner, group, user
rwxrwxrwx

Question 69

logger

Answer 69

Add entries to the system log syslog.

Question 70

OCSP Stapling

Answer 70

Online Certificate Status Protocol Stapling

Provides scalability for OSCP checks. Lets a client determine if a certificate is revoked on their own without contacting the CA. OSCP status is “stapled” into the SSL/TLS handshake.

Question 71

Pinning

Answer 71

Pin the expected certificate or public key to an application. Complied in the app or added at first run.

Question 72

Key escrow

Answer 72

Someone else holds your decryption keys.

Question 73

CA

Answer 73

Certificate Authority

Issues, manages, validates, and revokes certs. Can be public or private. Public are big ones like GoDaddy. Can be locally hosted or not.

Question 74

Intermediate CA

Answer 74

Issues certs to child CAs

Question 75

Child CA

Answer 75

Issues certs to devices or end users.

Question 76

CSR

Answer 76

Certificate Signing Request.

Request sent to the CA which will validate your identity and create a cert for you. You can then register this cert with your site.

Question 77

RA

Answer 77

Registration Authority

Can assist the CA by collecting registration information. Never issues certificates, only assists in the registration process.

Question 78

Root CA

Answer 78

Public key cert that identifies the root CA. The starting point.

Question 79

PKI

Answer 79

Public Key Infrastructure

Policies, procedures, hardware, software, people involved in creating, distributing, managing, storing, and revoking certs. PKI creates the foundation of trust for all certs in your organization.

Question 80

CRL

Answer 80

Certificate Revocation List

Maintained by the CA.

Question 81

MAC (Access Control)

Answer 81

Mandatory Access Control

Every object gets a label: confidential, secret, top secret. If user’s labels matches the object, then they get access to the object

Question 82

DAC

Answer 82

Discretionary Access Control

User is the owner and decides permissions.

Question 83

RBAC

Answer 83

Role-based Access control

Roles are given to users. Roles have associated permissions/rights. Think groups in Windows.

Question 84

ABAC

Answer 84

Attribute Based Access Control

Access based on many different criteria. User must hqve certain attributee as well as satisfy the critera. IP address, time of day, desired action, relationship to data, in department etc

Question 85

Rule-BAC

Answer 85

Rule-based access control

Generic term. Access determined through system-enforced rules. E.g only between 9 AM and 5 PM.

Question 86

PAM

Answer 86

Privileged Access Management

Store privileged accounts in a digital vault. Admins can check out the access for a temporary period of time.

Question 87

SAML

Answer 87

Security Assertion Markup Language

Open standard for authentication and authorization.

Question 88

OAuth

Answer 88

Authorization framework. Determines what resources a user will be able to access. Not an authentication protocol. “Zapier wants to access your Google Account.”

Question 89

RADIUS

Answer 89

AAA protocol. Centralize authentication for users.

Question 90

TACACS+

Answer 90

Remote authentication protocol. AAA Protocol.

Question 91

Kerberos

Answer 91

Single sign on. Sign on once and we don’t need to do it again throughout the day.

Question 92

IEEE 802.1X

Answer 92

Port Based Network Access Control (NAC)

Mostly wireless but can be used for wired as well. Linked directly with EAP. Used in conjunction with an access database RADIUS, LDAP, TACACS+, DIAMETER.

Question 93

PAP

Answer 93

Password Authentication Protocol

An authentication protocol. Old, bad, clear text. Simple password.

Question 94

CHAP

Answer 94

Challenge-Handshake Authentication Protocol

Another authentication protocol. Encrypted challenge sent over the network.

Question 95

MS-CHAP

Answer 95

Microsoft’s implementation of CHAP

MS-CHAPv2 and MS-CHAP are not secure.

Question 96

TPM

Answer 96

Trusted Platform Module

Hardware module or part of motherboard that provides with additional secure cryptography functions like key generations. Might have keys burned into the TPM. Can also securely store keys protected from brute force.

Question 97

HSM

Answer 97

Hardware Security Module

Plug in card or separate hardware device that performs cryptographic functions very quickly. Contains cryptographic accelerators.

Question 98

KBA

Answer 98

Knowledge-based Authentication

Personal knowledge as an authentication factor. Static KBA and dynamic KBA. Static KBA are security questions like normal. Dynamic KBA are questions determined dynamically from information gathered on the internet.

Question 99

SSH commands

Answer 99

ssh-keygen - Create public/private key pair
ssh-copy-id user@host - Copy public key to SSH server
ssh user@host - Connect without password prompt

Question 100

CASB

Answer 100

Cloud Access Security Broker.

Can be located on your network edge or edge of cloud. Determines what users can do on the cloud, what they can access, which data they can transfer etc.

Question 101

SWG

Answer 101

Next-Gen secure Web Gateway

Examines JSON strings and API calls. Allows or disallow certain activities.

Question 102

VPC

Answer 102

Virtual Private Cloud

Pool of resources created in a public cloud.

Question 103

VDI/VMI

Answer 103

Virtual Desktop Infrastructure / Virtual Mobile Infrastructure

All data is stored externally. Remote access software used to access it.

Question 104

OTA

Answer 104

Over the Air

Firmware updates applied to a device over the air.

Question 105

WiFi Direct/ad Hoc

Answer 105

Allows devices to connect wirelessly directly.

Question 106

UEM

Answer 106

Unified Endpoint Management

Mostly applies to mobile devices but could be applied to any device. Refers to managing endpoint devices.

Question 107

MAM

Answer 107

Mobile Application Management

Provision, update, remote apps. Create an enterprise app catalog.

Question 108

Point-to-point 802.11 connection

Answer 108

One-to-one connection between two devices. E.g Wi-Fi repeaters connected to eachother

Question 109

Point-to-multipoint 802.11 connection

Answer 109

Devices communicate with multiple other devices.

Question 110

EAP

Answer 110

WIreless Authentication Protocol that integrates directly with 802.1X port based network access control. Support many different flavors.

Question 111

EAP-FAST

Answer 111

Flexible Authentication via Secure Tunnel. Creates a secure tunnel between the supplicant and the authentication server. Uses a PAC, Protected Access Credential (shared secret). Uses a TLS tunnel.

Question 112

PEAP

Answer 112

Protected EAP

Cisco created. Creates a TLS tunnel, but doesn’t use a PAC. Instead uses a digital certificate on the server only to setup the tunnel between the supplicant and the auth server.

Question 113

EAP-TLS

Answer 113

EAP Transport Layer Security

Unlike PEAP requires certs on the clients and server. Mutual authentication is performed before the TLS tunnel is setup between the supplicant and the auth server.

Question 114

EAP-TTLS

Answer 114

EAP Tunneled Transport Layer Security

Allows you to tunnel other authentication protocols in the TLS tunnel. Only requires a single certificate on the auth server which is used to setup the TLS tunnel. Then we can use MSCHAPv2, other versions of EAP, etc inside of that tunnel.

Question 115

RADIUS Federation

Answer 115

RADIUS on the backend, EAP to authenticate. e.g eduroam.

Question 116

WPA3-Personal / WPA3-PSK

Answer 116

WPA3 with a pre-shared key. Everyone uses the same key. WPA3 session key derived from the PSK using SAE (Simultaneously Authentication of Equals)

Question 117

WPA3-Enterprise / WPA3-802.1X

Answer 117

Uses a centralized authentication server e.g RADIUS, TACACS+, LDAP

Question 118

WPS

Answer 118

Wi-Fi Protected Setup

Press a button on the router to connect. Use a basic pin.

Question 119

CCMP

Answer 119

Counter Mode with Cipher BLock Chaining Message Authentication Code Protocol or Counter/CBC-MAC protocol

Question 120

GCMP

Answer 120

Galois/Counter Mode

Question 121

Jump Server

Answer 121

Access secure network zones via hardened server. Jump into the DMZ/screened subnet.

Question 122

NIST SP800-61

Answer 122

Computer Security Incident Handling Guide

1. Preparation
2. Detection and Analysis
3. Containment, Eradication, and Recovery
4. Post-incident Activity

Question 123

memdump

Answer 123

Copy information in system memory.

Question 124

Forward Proxy

Answer 124

The proxy visits the site on your behalf.

Question 125

Reverse Proxy

Answer 125

Internet users use the proxy to get access to resources on your internal network.

Question 126

Open Proxy

Answer 126

3rd party proxy on the internet that anyone can use.

Question 127

Out-of-band Management

Answer 127

Managing a device without using the network. E.g connecting to a serial port on a router to manage it.

Question 128

NAC

Answer 128

Network Access Control

1. Performs health checks and posture assessment on devices
2. Persistent agent - Permanently installed onto a system
3. Dissolvable agent - No installation required. Runs during the posture assessment. Terminates when no longer required.
4. Agentless NAC - Checks are made during login and logoff. Part of the OS itself, on Windows it integrates with AD.

Question 129

QoS

Answer 129

Refers to network traffic congestion control and guaranteeing a fast stable connection.

Question 130

FIM

Answer 130

File Integrity Monitoring

Monitoring files to check for changes. Some files should never change. Often used to monitor important operating system and application files.

Question 131

Broadcast Storm Control

Answer 131

Feature on switches to prevent a broadcast storm by limiting and detecting the number of broadcasts.

Question 132

BPDU

Answer 132

Bridge Protocol Data Unit

Frames that are used in spanning tree protocol. BPDU guard is a feature on switches.

Question 133

MAC Filtering

Answer 133

Only allow certain MAC addresses on your network.

Question 134

Remote Access VPN

Answer 134

Allows you to access resources within a private network from a public network.

Question 135

VPN Protocols

Answer 135

1. L2TP
2. IPSEC in tunnel mode
3. TLS
4. HTML5

Question 136

VPN: Full Tunnel Mode

Answer 136

All traffic goes through the tunnel. Not selective.

Question 137

VPN: Split Tunnel Mode

Answer 137

Some of the traffic goes through the tunnel, other traffic does not. This is determined by the system administrator. Most likely all the traffic going to the internal private network will be tunneled, the rest maybe not.

Question 138

Site-to-site VPN

Answer 138

Two networks connected via VPN. Think of a firewall on each network edge.

Question 139

IPSEC Modes

Answer 139

1. Transport mode - Payload encrypted. Headers are not.
2. Tunnel mode - Payload and headers both encrypted. Hence, is more suited for VPNs.

Question 140

IPSEC Components

Answer 140

1. AH - Authentication Header. A protocol. Does NOT provide encryption. Provides Data integrity, guarantees origin, prevents replay attacks.
2. ESP - Encapsulation Security Payload - Encrypts and authenticates the tunneled data. Integrity checking.
3. Combine them to achieve integrity and authentication.

Question 141

Screened Subnet

Answer 141

Previously known as a DMZ. A sectioned off network by a firewall with a different security zone. We might we use a jump server to access it.

Question 142

Extranet

Answer 142

A sectioned off network by a firewall. Used by vendors, suppliers, and anyone who needs it. Only authorized users are allowed.

Question 143

Intranet

Answer 143

Sectioned off network. Only available internally. Employees only.

Question 144

East-west Traffic

Answer 144

Traffic flow between devices inside the data center.

Question 145

North-south Traffic

Answer 145

Traffic flow inbound or outbound from the data center.

Question 146

Active/Passive load balancing

Answer 146

If one of our active server fails, the passive server takes place.

Question 147

SED

Answer 147

Self Encrypting Drive

Question 148

Boot integrity order

Answer 148

1. Secure boot - Part of UEFI. Verifies the boot loader by checking it’s digital signature.
2. Trusted Boot - Verifies the digital signature of the OS kernel
3. ELAM - Early Launch Anti-Malware. OS checks signatures of drivers before loading them.
4. Measured Boot - Verify that no changes have been made to the OS since last boot. A hash is stored by the UEFI bios in the TPM.
5. Remote attestation - Provide verification report to a management server. Attestation server compares the report with what it knows to be trusted, checking for modifications.

Question 149

EDR

Answer 149

Endpoint Detection and Response

Question 150

NGFW

Answer 150

Next-generation firewall

Inspects the packets. Keeps track of sessions. Can prevent or block very specific actions.

Question 151

HIDS and HIPS

Answer 151

Host-based Intrusion Detection System
Host-based Intrusion Prevention System

Question 152

Secure Protocol: Voice and Video

Answer 152

SRTP - Secure Real-Time transport protocol

Question 153

Secure Protocol: Time synchronization

Answer 153

NTPsec - NTP Secure

Question 154

Secure Protocol: Email

Answer 154

S/MIME
Secure POP
Secure IMAP
SMTP encrypted

Question 155

Secure Protocol: Layer 3

Answer 155

IPSec

Question 156

Secure Protocol: File Transfer

Answer 156

FTPS
SFTP - Inherently secure

Question 157

Secure Protocol: Directory Services

Answer 157

LDAPS

Question 158

Secure Protocol: Remote Access

Answer 158

SSH

Question 159

Secure Protocol: DNS

Answer 159

DNSEC

Question 160

Secure Protocol: Routing and Switching

Answer 160

SNMPv3
SSH
HTTPS

Question 161

Secure Protocol: Network Address Allocation

Answer 161

No secure version of DHCP

Question 162

ECC

Answer 162

Elliptic Curve Cryptography - Asymmetric

Question 163

Stream Cipher

Answer 163

1. Encrypts 1 bit or byte at a time
2. Symmetric
3. Uses an IV (nonce) to add randomization
4. High speed, low hardware complexity

Question 164

Block Cipher

Answer 164

1. Encrypts in fixed length blocks
2. Symmetric
3. Has modes of operations to choose from

Question 165

Block Cipher Mode: ECB

Answer 165

Elctronic Codebook

Each block encrypted with the same key. Identical plaintext blocks create identical ciphertext blocks.

Question 166

Block Cipher Mode: CBC

Answer 166

Cipher Block Chaining

Each plaintext block is XORed with the previous ciphertext block. Uses an IV for the first block.

Question 167

Block Cipher Mode: CTR

Answer 167

Counter Mode

Block cipher acts like a stream cipher. Encrypts successive values of a counter.

Question 168

Block Cipher Mode: GCM

Answer 168

Galois/Counter Mode

Encryption with authentication.

Question 169

PFS

Answer 169

Perfect Forward Secrecy

Changes the keys used to encrypt and decrypt frequently and automatically. Every sessions has different keys. Elliptic curve or Diffie-Hellman ephermeral

Question 170

HE

Answer 170

Homophobic Encryption. Perform calculations on the data while it’s encrypted.

Question 171

PKBDF2

Answer 171

Password-Based Key Derivation Function 2. Key stretching library.

Question 172

Pulping

Answer 172

Paper destruction. Large tank for washing off ink.

Question 173

Narrowband

Answer 173

Long distance embedded systems communication.

Question 174

Baseband

Answer 174

Short range embedded systems communication.

Question 175

Zigbee

Answer 175

IoT networking standard. Alternative to WiFi and Bluetooth. Longer distances than bluetooth and less power than WiFi.

Question 176

SoC

Answer 176

System on a Chip

Multiple components running on a single chip. E.g Raspberry Pi

Question 177

FPGA

Answer 177

Field-Programmable gate array

Integrated circuit that can be configured/programmed after manufacturing. Common in switches, routers, and firewalls.

Question 178

ICS

Answer 178

Industrial Control System

Question 179

MFD

Answer 179

Multifunction Device.

Single device that has multiple features. E.g Scanner, printer, and fax all in the same unit.

Question 180

RTOS

Answer 180

Real-Time Operating System

Operating system with deterministic processing schedule. No time to wait for other processes. Common in industrial equipment, automobiles, and military environments.

Question 181

HA

Answer 181

High availability

Question 182

Full Backup

Answer 182

Everything

Question 183

Incremental Backup

Answer 183

All files changed since the last incremental

Question 184

Differential backup

Answer 184

All files changed since last full backup

Question 185

NAS

Answer 185

Network Attached Storage

Provides file level access to a large storage array over the network. If you want to modify a file you have to overwrite the entire file. Requires a lot of bandwidth.

Question 186

SAN

Answer 186

Storage Area Network

Provides access to a storage drive over the network. Looks and feels like a local storage device. Block level access. If you want to modify a file you only need to change a few blocks not the entire file. Requires a lot of bandwidth.

Question 187

Image Backup

Answer 187

Capture an exact replica of everything on a storage drive. Can be used to restore the operating system to as specific state later on.

Question 188

SAN Replication

Answer 188

Data is replicated between two SANS (SAN-to-SAN).

Question 189

SAN Snapshot

Answer 189

Create a state of data based on a point in time.

Question 190

UPS

Answer 190

Uninterruptible Power Supply2

1. Offline/Standby
2. Line-interactive, UPS ramps up as voltage goes down
3. On-line/Double-conversion, Always on and providing power, if power goes out there’s no switching process.

Question 191

Multipath I/O

Answer 191

Form of disk redundancy. Multiple paths for data transfer to a device.

Question 192

RAID 0

Answer 192

1. Striping without parity.
2. High performance, NO FAULT TOLERANCE, NO REDUNDANCY
3. 2 Disks

Question 193

RAID 1

Answer 193

1. Mirroring
2. Duplicates data for fault tolerance, requires twice the disk space
3. 2 Disks

Question 194

RAID 5

Answer 194

1. Striping with parity
2. Fault tolerant, only requires an additional disk for redundancy
3. 3 Disks

Question 195

RAID 6

Answer 195

1. Extension of RAID 5
2. 4 Disks

Question 196

RAID 10 or RAID 1+0

Answer 196

1. Combines mirroring (RAID-1) and striping (RAID-0)
2. 4 Disks

Question 197

FAR

Answer 197

False Acceptance Rate

Biometrics. Likelihood that an unauthorized user will be accepted. Not sensitive enough.

Question 198

FRR

Answer 198

False Rejection Rate

Biometric. Likelihood that an authorized user will be rejected. Too sensitive.

Question 199

CER

Answer 199

Crossover Error rate

Biometrics. Defines the overall accuracy of the biometric system. Rate at which FAR and FRR are equal.

Question 200

Attestation

Answer 200

Proving the hardware is really yours and that you can trust the system.

Question 201

TOTP

Answer 201

Time-Based One Time Password

No incremental counter. Uses secret key and the time of day.

Question 202

HOTP

Answer 202

HMAC-Based One Time Password

Tokens generated are based on a secret key and a counter.

Question 203

Software Diversity

Answer 203

Using alternative compiler paths to ensure a different binary each time we compile.

Question 204

Scalability: Up and Down

Answer 204

Manually adding or taking away compute resources. Physical hardware

Question 205

Scalability: In and Out

Answer 205

Adding more machines to the cluster.

Question 206

SDN

Answer 206

Software Defined Networking

Directly programmable network appliances. Infrastructure as code.

Question 207

SDV

Answer 207

Software Define Visibility

We can see the data passing through our network appliances. Infrastructure as code.

Question 208

Transit Gateway

Answer 208

How we access our VPC (Virtual Private Cloud). A router in the cloud.

Question 209

SIAM

Answer 209

Service Integration and Management.

Consolidates our services running on different cloud providers into one interfaces.

Question 210

FOG Computing

Answer 210

Cloud + IoT

Local decisions made from local data. Immediate data stays local. Long-term analysis can occur in the cloud.

Question 211

MSP

Answer 211

Managed Service Provider

Cloud service provider. Provides network connectivity management. Backups and disaster recovery. And growth management and planning.

Question 212

Data Sovereignty

Answer 212

Data that resides in a country is subject to the laws of that country. E.g GDPR

Question 213

IRM

Answer 213

Information Rights Management

Restrict data access to unauthorized persons: Prevent copy and paste, control screenshots, manage printing, etc

Question 214

Purple Team

Answer 214

Red and blue teams working together

Question 215

Pentesting Process

Answer 215

1. Initial exploitation
2. Later movement - Move from system to system
3. Persistence
4. Pivoting - Access systems that would normally not be accessible using our current access
5. Cleanup

Question 216

TTP

Answer 216

Tactics, techniques, and procedures

Methods used by the adversaries.

Question 217

AIS

Answer 217

Automated Indicator Sharing

Automated way of sharing threat information between organizations.
STIX data shared is by TAXII.

Question 218

WPA2 PSK Mode

Answer 218

Pre-shared Key

Users connect to the network anonymously with a passphrase.

Question 219

WPA2 Enterprise Mode

Answer 219

Users connect to the network with their own username and password.

Question 220

Horizontal Priv Esc

Answer 220

User A can access user B resources

Question 221

Vertical Priv Esc

Answer 221

The attacker gets a higher privilege level

Question 222

GLB

Answer 222

Gramm-Leach-Bliley

Requires companies to develop privacy practices and policies that detail how they collect, sell, share, and otherwise reuse customer information.

Question 223

Pharming

Answer 223

Similar to phishing but attacking DNS in order to redirect to your malicious site in order to harvest credentals.

Question 224

Birthday attack

Answer 224

Find a collison through brute force. Generate multiple versions of plaintext to match hashes.

Question 225

Bluesnarfing

Answer 225

Access a bluetooth-enabled device and transfer data
e.g Contact list, calendar, email, pictures, video, etc

Question 226

6 Octal

Answer 226

110

Question 227

SOX

Answer 227

Sarbanes-oxley act. Data governance regulation that requires that executives take individual responsibility for the accuracy of financial reports.

Question 228

HIPAA

Answer 228

Health insurance portability and accountability act. A data governance regulation. Mandates that organizations protect health information.

Question 229

AAA

Answer 229

Identification, Authetication, authorization, accounting

Question 230

VPN Authentication Methods

Answer 230

VPN should ensure that only authorized users access it.
1. PAP - Password Authentication Protocol
2. CHAP - Challenge Handshake Authentication Protocol
3. RADIUS
4. TACACS+

Question 231

SOA record

Answer 231

Start of authority record
Includes information about the DNS zone and some of its settings which are useful for clients to know. E.g TTL

Question 232

MX Record

Answer 232

Mail exchange record
Identifies a mail server used for email. Linked to A or AAAA record of the mail server. When there is more than one mail server, the one with the lowest preference number in the MX record is the primary mail server.

Question 233

Corrective control

Answer 233

Mitigates damage

Question 234

Compensating control

Answer 234

Restore from an attack by other means