Random Topics to memorize

Question 1

This allows you to modify an application to run as though it is in an older/newer type of OS such as Windows 7, or 8 while installed on Windows 10. A malware creator, could write their own version of this to pretend as if it was a previous version.

Answer 1

Shimming

Question 2

This can also be called “Metamorphic” malware. If you’re looking for a virus to be the same every time, for instance with an anti-virus signature, this now makes it much more difficult to identify because it will change the way it is written.

Answer 2

Refactoring

Question 3

Tester is given little to no information about the company that they are going to penetrate.

Answer 3

Black Box Testing

Question 4

Tester is given plenty of information about the company that they will penetrate. They are told about the infrastructure of the network and other important details.

Answer 4

White Box Testing

Question 5

This form of testing includes giving the tester something like a guest account and seeing how someone could escalate their privileges.

Answer 5

Gray Box Testing

Question 6

Only needs rules for outbound traffic, it then develops a new rule table to keep track of active sessions. Any communication outside of the session will be blocked.

Answer 6

Stateful Firewall

Question 7

Need rules to allow outbound traffic and inbound traffic.

Answer 7

Stateless Firewall

Question 8

Allows you set up an encrypted tunnel. Any data sent through the tunnel is useless to anyone else.

Answer 8

VPN Concentrator

Question 9

The type of VPN you could use to access your network’s resources from a remote location.

Answer 9

Remote Access VPN

Question 10

Type of VPN that two networks or sites use to send encrypted information to one another.

Answer 10

Site-To-Site VPN

Question 11

Both the IP header and the data are encrypted. They’re wrapped around an IPSec header and an IPSec trailer, and then a completely different IP header is put on the front of the packet.

Answer 11

IPSec Tunnel Mode

Question 12

The data is encrypted. You have an IPSec header and an IPSec trailer put on either side of the data, and then you use the original IP header to be able to get that data to the remote site.

Answer 12

IPSec Transport Mode

Question 13

Adds encryption to AH header, the original IP header, and data. Then it adds a new header and a IPSec trailer.

Answer 13

Encapsulation Security Payload (ESP)

Question 14

The IPS watches for specific traffic based off of a particular signature. If the signature matches what is on the system it will be blocked.

Answer 14

Signature Based NIPS/NIDS

Question 15

Instead of using a specific set of characteristics it will use artificial intelligence to decide if the data coming through it is malicious or not.

Answer 15

Heuristic/Behavioral NIPS/NIDS

Question 16

Your IPS will sit in the network and learn/understand what is considered normal traffic flow. If something comes through the network that isn’t apart of the usual flow of data it will block it.

Answer 16

Anomaly Based NIPS/NIDS

Question 17

This is where your IPS sits in the middle of the conversation and if something malicious tries to come through it, it will be denied.

Answer 17

Inline NIPS/NIDS

Question 18

Is set up in the network in an out-of-band installation. Traffic will go through the network and a copy is sent to the IPS/IDS and if it malicious it will send you a message and block the traffic.

Answer 18

Passive NIPS/NIDS

Question 19

To protect against DDoS you can configure the maximum number of MAC addresses that can access the network through MAC filtering.

Answer 19

Flood Guard

Question 20

Makes requests on the user’s behalf and analyzes data that is sent back as a response and determines if it is safe for the user.

Answer 20

Forward Proxy

Question 21

Sits on the outside of the Internet, anyone who needs to gain access to an internal service such as a web server will first connect to a proxy.

Answer 21

Reverse Proxy