Other Sec Plus Terms

Question 1

a type of computerized cryptography where block cipher algorithms are applied three times to each data block. Each block contains 64 bit of data

Answer 1

3DES

Question 2

a symmetric block cipher algorithm with a block/chunk size of 128 bits

Answer 2

AES

Question 3

which has a key length of 256 bits, supports the largest bit size and is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard

Answer 3

AES256

Question 4

enables the real-time exchange of machine-readable cyber threat indicators and defensive measures to help protect participants of the community and ultimately reduce the prevalence of cyberattacks

Answer 4

automated indicator sharing

Question 5

is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory

Answer 5

Address space layout randomization ASLR

Question 6

works as a secondary RAM, enable the system to remove infrequently accessed modified pages from physical memory to let the system use physical memory more efficiently for more frequently accessed pages

Answer 6

page file

Question 7

enables web servers to dynamically generate webpages and create interactive web applications by using server-side scripting technology.

Answer 7

active server pages ASP

Question 8

is a document that outlines how a business will continue operating during an unplanned disruption in service

Answer 8

business continuity planning BCP

Question 9

global routing system of the internet. It manages how packets get routed from network to network through the exchange of routing and reachability information among edge routers

Answer 9

Border Gateway Protocol BGP

Question 10

predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies

Answer 10

Business Impact Analysis BIA

Question 11

s used in infrastructure mode to identify the media access control (MAC) address of the access point.

Answer 11

Basic Service Set Identifier BSSID

Question 12

a report of measures taken to address root causes of non-conformances to prevent recurrence of issues

Answer 12

CAR Correction Action Report

Question 13

Action taken to prevent the occurrence of such non-conformities, generally as a result of a report

Answer 13

Preventive Action Report

Question 14

is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents

Answer 14

Computer Emergency Response Team

Question 15

Group of individuals usually consisting of Security Analysts organized to develop, recommend, and coordinate immediate mitigation actions for containment, eradication, and recovery resulting from computer security incidents.

Answer 15

Computer Incident Response Team

Question 16

software suites that allow site administrators to easily manage the design, functionality, and operation of websites with minimal technical expertise

Answer 16

Content Management System

Question 17

A type of checksum algorithm that is not a cryptographic hash but is used to implement data integrity service where accidental changes to data are expected

Answer 17

Cyclic Redundancy Check

Question 18

is an executive responsible for the safety and security of company data, personnel, and assets.

Answer 18

chief security officer

Question 19

is a hardware device that converts a digital data frame from the communications technology.

Answer 19

Channel Service Unit CSU

Question 20

uses an arbitrary number (the counter) that changes with each block of text encrypted is encrypted with the cipher, and the result is XOR’d into ciphertext

Answer 20

counter mode

Question 21

top executive that oversees the entire information technology department and is responsible for integrating business needs and requirements into IT planning and operations

Answer 21

Chief Technology Officer

Question 22

approach generates a public and private key on both sides of the transaction, but only shares the public key

Answer 22

diffie hellman DHE

Question 23

a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify

Answer 23

Domain Keys Identified Mail DKIM

Question 24

helps mail administrators prevent hackers and other attackers from spoofing their organization and domain.

Answer 24

Domain-Based Message Authentication Reporting and Conformance DMARC

Question 25

when a volume or character of plaintext is separated or divided into several blocks of data, each or every of which is then encrypted independently divides it of other blocks

Answer 25

electronic code book

Question 26

a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel

Answer 26

Elliptic-curve Diffie–Hellman

Question 27

a cryptographic algorithm used by Bitcoin to ensure that funds can only be spent by their rightful owners. While the private key is a secret number, known only to the person that generated it.

Answer 27

Elliptic-curve Digital Signature

Question 28

facilitates file or directory encryption and decryption with the help of complex cryptographic algorithms.

Answer 28

Encrypted File System EFS

Question 29

used to track the address of the current instruction running inside the application.

Answer 29

EIP Extended Instruction Pointer

Question 30

refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management and compliance, and supply chain operations.

Answer 30

ERP Enterprise Resource Planning

Question 31

you have more than one access point and they all are set to the same SSID and all are connected together in the same VLAN or distribution system so users can roam

Answer 31

Extended Service Set Identifier ESSID

Question 32

a block cipher mode of operation that uses universal hashing Works with hmac and counter.

Answer 32

Galois counter mode

Question 33

Open source that allows you to encrypt and sign your data and communications; it features a versatile key management system, along with access modules for all kinds of public key directories

Successor of PGP

Answer 33

GNU Privacy Guard

Question 34

tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links

Answer 34

generic routing encapsulation

Question 35

cryptographic authentication technique that uses a hash function and a secret key. achieve authentication and verify that data is correct and authentic with shared secrets

Answer 35

Hash-based Message Authentication Code

Question 36

verifying the integrity of operating systems and application software files to determine if tampering or fraud has occurred by comparing them to a trusted “baseline.

Answer 36

File Integrity Monitoring

Question 37

network layer protocol used by network devices to diagnose network communication issue

Associated with the ping command

Answer 37

Internet Control Message Protocol ICMP

Question 38

is a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input

Answer 38

International Data Encryption Algorithm IDEA

Question 39

wall-mounted rack for managing and interconnecting a telecommunications cable between end-user devices

Answer 39

Intermediate Distribution Frame IDF

Question 40

nurtures, develops, and advances the building of global technologies. As a leading developer of industry standards in a broad range of technologies

Answer 40

Institute of Electrical and Electronics Engineers IEEE

Question 41

a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).

Answer 41

Internet Key Exchange IKE

Question 42

specific protocol through which individuals can hold real-time online conversations via PCs and other devices

Answer 42

Internet Relay Chat IRC

Question 43

A document that regulates security-relevant aspects of an intended connection between an agency and an external system

Answer 43

Interconnection Security Agreement ISA

Question 44

a new class of firewall that can be deployed rapidly with minimum disruption while keeping up the multi-gigabit speeds of internal networks. Instant visibility and protection can be applied to specific parts of the internal network.

Answer 44

Internal Segmentation Firewall

Question 45

Individual with assigned responsibility for maintaining the appropriate operational security posture for an information system or program

Answer 45

Information Systems Security Officer ISSO

Question 46

a planned course of action designed to help an organization respond effectively to a significant future incident, event or situation that may or may not happen

Answer 46

IT Contingency Plan

Question 47

symmetric encryption that allows the access of two or more systems in a network by generating a unique ticket type key for establishing a secure connection over which data is shared and transferred

Answer 47

Key Distribution Center

Question 48

A key that encrypts other key (typically Traffic Encryption Keys or TEKs) for transmission or storage.

Answer 48

Key Encryption Key

Question 49

is a computer network that connects computers within single large city, multiple cities and towns

Answer 49

Metropolitan Area Network

Question 50

is the information in the first sector of a hard disk or a removable drive. It identifies how and where the system’s operating system

Answer 50

Master Boot Record

Question 51

a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

Answer 51

MD5

Question 52

the primary hub or demarcation point that interconnects private or public IT and telecommunication lines coming into a building to an internal network via any number of intermediate distribution frame

Answer 52

Main Distribution Frame

Question 53

designed to provide more secure authentication for 802.11 WLANs (wireless local area networks) that support 802.1X port access control

Answer 53

Lightweight Extensible Authentication Protocol

Question 54

a networking technology that routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks

Answer 54

Multiprotocol Label Switching

Question 55

thorough assessment of a measurement process, and typically includes a specially designed experiment that seeks to identify the components of variation in that measurement process

Answer 55

Measurement Systems Analysis

Question 56

an identity checking protocol that periodically re-authenticates the user during an online session

Answer 56

Challenge Handshake Authentication Protocol

Question 57

an identity checking protocol that periodically re-authenticates the user during an online session. challenge response packet is in a format designed specifically for Windows platforms. does not require the use of plaintext or reversibly encrypted passwords the way CHAP does and uses Md4 hash of the password to validate the response

Answer 57

MS Chap

Question 58

a measurement in bytes of the largest data packets that an Internet-connected device can accept

Answer 58

Maximum transmission unit MTU

Question 59

is the replacement of network appliance hardware with virtual network machines

Answer 59

Network Function Virtualization NFV

Question 60

a suite of security protocols offered by Microsoft to authenticate users’ identity and protect the integrity and confidentiality of their activity.

Answer 60

New Technology LAN Manager NTLM

Question 61

Name the seven layers of the OSI

Answer 61

Application
Presentation
Session
Transport
Network
Data link
Physical

Question 62

router protocol used to find the best path for packets as they pass through a set of connected networks

Answer 62

Open Shortest Path First

Question 63

An open format for describing vulnerabilities within a target system. It standardizes models for analyzing vulnerabilities and presenting basic information about the system being investigated. The report provides a comprehensive overview of the issue

Answer 63

Open Vulnerability and Assessment Language OVAL

Question 64

a decentralized platform whereby two individuals systems interact directly with each other, without intermediation by a third party.

Answer 64

peer to peer P2P

Question 65

an information security (infosec) mechanism that safeguards identities with special access or capabilities beyond regular users.

Answer 65

Privileged Access Management

Question 66

account modules check that the specified account is a valid authentication target under current conditions. This may include conditions like account expiration, time of day, and that the user has access to the requested service.

Answer 66

Pluggable Authentication Modules

Question 67

provides a simple method for the peer to establish its identity using a two-way handshake

Answer 67

password authentication protocol

Question 68

extension of Network Address Translation (NAT) that permits multiple devices on a LAN to be mapped to a single public IP address to conserve IP addresses.

translates the private unregistered IP addresses into public registered IP addresses

Answer 68

Port Address Translation

Question 69

s simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic operations

Answer 69

Password-based Key Derivation Function 2 PBKDF2

Question 70

used to describe a business telephone system that offers multiple inbound and outbound lines, call routing, voicemail, and call management features

Answer 70

Private Branch Exchange PBX

Question 71

is the standard file format for executables, object code and Dynamic Link Libraries (DLLs) used in 32- and 64-bit versions of Windows operating systems.

Answer 71

Portable Executable

Question 72

legacy Open source a popular program used to encrypt and decrypt email over the internet, as well as authenticate messages with digital signatures and encrypted stored files.

Answer 72

pretty good privacy PGP

Question 73

are a set of standard protocols, numbered from 1 to 15. These standards were developed to enable secure information exchange on the internet by using a public key infrastructure

Answer 73

Public Key Cryptography Standards

Question 74

a TCP/IP protocol that is used to connect one computer system to another.

Answer 74

PPP Point to Point Protocol

Question 75

protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network

Answer 75

point to point tunneling protocol

Question 76

cameras are built with mechanical parts that allow them to swivel left to right, tilt up and down, and zoom in and out of a scene

Answer 76

pan tilt zoom

Question 77

model is based on prototyping and iterative model with no (or less) specific planning. In general, approach to software development means putting lesser emphasis on planning tasks and more emphasis on development and coming up with a prototype.

Answer 77

rapid application development

Question 78

one of the most commonly used stream ciphers. It encrypts messages one byte at a time via an algorithm

Answer 78

RC4

Question 79

a fast cryptographic hash function that is tuned towards soft- ware implementations on 32-bit architectures

Answer 79

RIPEMD

Question 80

defined as the maximum amount of data – as measured by time – that can be lost after a recovery from a disaster, failure, or comparable event before data loss will exceed what is acceptable to an organization

Answer 80

Recovery Point Objective

Question 81

a public-key encryption algorithm that uses an asymmetric encryption algorithm to encrypt data

Answer 81

RSA

Question 82

filtering is used to push the packet drops off the customer/POP routers and shift them to the edge of the network.

Answer 82

Remotely Triggered Black Hole

Question 83

authentication is performed with a hash of a generated key that is unique to each authentication, rather than having the same Pairwise Master Key every time

Answer 83

Simultaneous Authentication of Equals SAE

Question 84

is a multi-purpose framework of specifications that supports automated configuration, vulnerability and patch checking, technical control compliance activities, and security measurement.

Answer 84

Security Content Automation Protocol SCAP

Question 85

an open source protocol that is widely used to make digital certificate issuance at large organizations easier, more secure, and scalable

Answer 85

Simple Certificate Enrollment Protocol

Question 86

is a process of planning, creating, testing, and deploying information systems across hardware and software.

Answer 86

Software Development Life Cycle

Question 87

A hashing algorithm shortens the input data into a smaller form that cannot be understood by using bitwise operations, modular additions, and compression functions

Answer 87

SHA

Question 88

the monetary value expected from the occurrence of a risk on a single asset

Answer 88

single Loss Expectancy

Question 89

network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network

uses port 445 and 139

Answer 89

Server Message Block

Question 90

protocol used to send and receive email.
ues port 25

Answer 90

SMTP

Question 91

a lightweight XML-based protocol that is used for the exchange of information in decentralized, distributed application environments

Answer 91

SOAP Simple Object Access Protocol

Question 92

operations center is to monitor, prevent, detect, investigate, and respond to cyber threats around the clock

Answer 92

security operations center

Question 93

is an email authentication method designed to detect forging sender addresses during the delivery of the email.

Answer 93

Sender Policy Framework

Question 94

sitting between users and the Internet. gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible

Answer 94

Secure Web Gateway

Question 95

connection-oriented protocol a bit slower
protocol that is used on top of IP to ensure reliable transmission of packets. includes mechanisms to solve many of the problems that arise from packet-based messaging, such as lost packets, out of order packets, duplicate packets, and corrupted packets.

Answer 95

Transport Control Protocol

Question 96

connectionless protocol a bit faster

a communications protocol that is primarily used to establish low-latency and loss-tolerating connections between applications on the internet

Answer 96

User Datagram Protocol

Question 97

a small amount of encrypted data that is issued by a server in the Kerberos authentication model to begin the authentication process

Answer 97

Transaction Granting Ticket

Question 98

the digital information used in cryptocurrency transactions to verify the identity of its participants

Answer 98

Transaction Signature

Question 99

user behavior analytics , is the process of gathering insight into the network events that users generate every day

Answer 99

UEBA User and Entity behavior analytics

Question 100

a subnet – a segmented piece of a larger network – design strategy where all subnet masks can have varying sizes.

Answer 100

Variable-length Subnet Masking

Question 101

monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools. The system monitors the radio spectrum used by wireless LANs, and immediately alerts a systems administrator whenever a rogue access point is detected.

Answer 101

Wireless Intrusion Detection System WIDS

Question 102

compares the MAC addresses of all wireless access points on a network against the known signatures of pre-authorized, known wireless access points and alerts an administrator when a discrepancy is found.

Answer 102

Wireless Intrusion Prevention System WIPS

Question 103

a data storage technology that allows data to be written to a storage medium a single time and prevents the data from being erased or modified

Answer 103

WORM Write Once Read Many

Question 104

exchanging files between two TCP/IP machines but also doesn’t require authentication

Uses port 69

Answer 104

TFTP TRIVAL file transfer protocol

Question 105

Process of PII in a dataset , to protected individual idenfitication. Can still be used and protected

Answer 105

Data Anonmization

Question 106

Cloud vulnerability can allow an attacker to compromise containers of other teneants on the same host.

Answer 106

Shared Tenancy Vulnerability

Question 107

Name the four coding stages in order

Answer 107

Development , test , stage and production

Question 108

Name the four risk management strategies

Answer 108

Acceptance
Transferrance
Avoidance
Reduction

Question 109

Name the 7 phases of cyber kill chain

Answer 109

Phase 1: Reconnaissance
Phase 2: Weaponization
Phase 3: Delivery
Phase 4: Exploitation
Phase 5: Installation
Phase 6: Command and Control
Phase 7: Actions on Objective