Professor Messer test

Question 1

MTBF

Answer 1

The MTBF (Mean Time Between Failures) is a prediction of how often a
repairable system will fail.

Question 2

MTTF

Answer 2

MTTF (Mean Time to Failure) is the expected lifetime of a non-repairable
product or system.

Question 3

RTO

Answer 3

RTO (Recovery Time Objectives) define a set of objectives needed to
restore a particular service level.

Question 4

Vishing

Answer 4

Vishing (voice phishing) attacks use the phone to obtain private information from others. In this example, the attacker was not asking for confidential information.

Question 5

EAP-TTLS

Answer 5

EAP-TTLS (Extensible Authentication Protocol - Tunneled Transport Layer
Security) allows the use of multiple authentication protocols transported
inside of an encrypted TLS (Transport Layer Security) tunnel. This allows
the use of any authentication while maintaining confidentiality with TLS.

Question 6

CASB uses

Answer 6

A CASB (Cloud Access Security Broker) can be used to apply security policies to cloud-based implementations. Two common functions of a CASB are visibility into application use and data security policy use. Other
common CASB functions are the verification of compliance with formal standards and the monitoring and identification of threats.

Question 7

False negative

Answer 7

A false negative is a result that fails to detect an issue when one actually exists. (think of the scenario where a patch exists but the vulnerability scanner fails to pick it up)

Question 8

non persistent environment

Answer 8

A non-persistent environment is always in motion, and application instances can be created, changed, or removed at any time.

Question 9

nbtstat

Answer 9

The nbtstat (NetBIOS over TCP/IP statistics) command is used in Windows to send NetBIOS queries to other Windows devices.

Question 10

Virtual Mobile Infrastructure (VMI)

Answer 10

Virtual Mobile Infrastructure (VMI) is a mobile-centric technology that runs mobile apps on a mobile operating system (OS)/virtual machine that is located on a remote server. This essentially creates a virtual device running in the data center that can be accessed by a thin client app on mobile endpoints.

Question 11

Virtual Mobile Infrastructure (VMI)

Answer 11

Virtual Mobile Infrastructure (VMI) is a mobile-centric technology that runs mobile apps on a mobile operating system (OS)/virtual machine that is located on a remote server. This essentially creates a virtual device running in the data center that can be accessed by a thin client app on mobile endpoints.

Question 12

threshold analysis

Answer 12

A threshold analysis is the process of identifying business processes that
are privacy-sensitive, and it’s usually associated with privacy compliance
and not with the identification of security weaknesses.

Question 13

ITIL

Answer 13

ITIL is a framework of best practices for delivering IT services. ITIL’s systematic approach to IT service management can help businesses manage risk, strengthen customer relations, establish cost-effective practices, and build a stable IT environment that allows for growth, scale and change.

Question 14

COBIT

Answer 14

example, COBIT (Control Objectives for Information and Related Technologies) is a framework that many organizations use to ensure that business goals and IT security goals are linked together.

Question 15

SOX

Answer 15

The Sarbanes-Oxley Act (SOX) was passed in 2002 to ensure that shareholders and citizens were protected from accounting errors or fraudulent practices occurring in enterprises. It also helps to ensure the accuracy of public disclosures made by these enterprises.

Question 16

GLBA

Answer 16

This is also known as the Financial Services Modernization Act and includes a Financial Privacy Rule. This rule requires financial institutions to provide consumers with a privacy notice explaining what information they collect and how that information is used.

Question 17

Certificate pinning

Answer 17

Certificate pinning embeds or “pins” a certificate inside of an application.When the application contacts a service, the service certificate will be compared to the pinned certificate. If the certificates match, the
application knows that it can trust the service.

Question 18

ISA

Answer 18

An interconnection security agreement (ISA) is commonly used by the
United States federal government to define security controls between
organizations.

Question 19

PEM

Answer 19

The PEM (Privacy-Enhanced Mail) certificate format is a BASE64 encoded
DER certificate. This represents the certificate in an ASCII format with
letters and numbers, which makes it very easy format to email.

Question 20

PKCS #7

Answer 20

The PKCS #7 (Public Key Cryptography Standards #7) format is commonly
associated with the P7B file extension. This stores the certificate in a
human-readable ASCII format, and usually contains certificates and chain
certificates. Private keys are not included in a P7B file.

Question 21

CER

Answer 21

The CER (Certificate) format is a Windows X.509 file extension that
usually contains a public key. It is a common format for Windows
certificates, and often has a CER file extension.

Question 22

P7B

Answer 22

The PKCS #7 (Public Key Cryptography Standards #7) format is commonly associated with the P7B file extension. This stores the certificate in a human-readable ASCII format, and usually contains certificates and chain certificates. Private keys are not included in a P7B file.

Question 23

Continuity planning

Answer 23

Continuity planning focuses on keeping the business running when a disruption occurs. Disaster recovery planning is a type of continuity plan.

Question 24

Change management

Answer 24

Change management is the process for making any type of change. This could be a software upgrade, a hardware replacement, or any other type of modification to the existing environment. Having a formal change management process minimizes the risk of a change and makes everyone aware of the changes as they occur.

Question 25

NULL pointer dereference

Answer 25

If an application is written to reference a portion of memory, but nothing is currently allocated to that area of memory, a NULL pointer dereference
will occur. This can cause the application to crash, display debug information, or create a denial of service (DoS).

Question 26

Anomaly-based detection

Answer 26

Anomaly-based detection will build a baseline of what it considers to be
normal. Once the baseline is established, the IPS (Intrusion Prevention
System) will then block any traffic that deviates from the baseline.

Question 27

Heuristic IPS

Answer 27

Heuristic IPS technology uses artificial intelligence to identify attacks that have no prior signature.

Question 28

Behavior-based IPS

Answer 28

Behavior-based IPS technology will alert if a particular type of bad behavior
occurs.

Question 29

Signature-based IPS

Answer 29

A signature-based IPS is looking for a specific traffic flow pattern, and once that traffic matches the signature the traffic can be blocked.

Question 30

Alternate business practice

Answer 30

Modifying the normal business process for another working option is an alternate business practice. This alternate can be less efficient, but it can provide a useful option while the original business practice is unavailable.

Question 31

Failover

Answer 31

A failover process allows for the normal recovery of a business process without any significant change to normal operations

Question 32

Differential recovery

Answer 32

A differential backup creates a copy of every file that has changed since
the last full backup. A differential recovery uses a full backup and each
differential backup to complete the recovery process.