Sec+ Book

Question 1

Cross Site Scripting (XXS)

Answer 1

Attackers embed malicious html or java code into website to capture cookies or hased passwords

Question 2

Cross Site Request Forgery

Answer 2

attacker tricks user into preforming an action on a website that creates a html link

Question 3

Code Signing

Answer 3

provides digital signature for code +certification includes hash for code

Question 4

Static Code Analysis

Answer 4

examines code without running it

Question 5

Dynamic Code Analysis

Answer 5

examines code while running

Question 6

Sanboxing

Answer 6

isolated area used for testing

Question 7

Domain Hijacking

Answer 7

attacker changes registration of domain name without permissions from the owner, usually social engineering

Question 8

Shimming

Answer 8

produces solution that makes it appear that older drivers are compatible

Question 9

Refractoring

Answer 9

Rewriting code without changing behavior

Question 10

Memory Leak

Answer 10

a bug in the app that consumes more memory as it runs

Question 11

Integer overflow attack

Answer 11

attempts to create numeric value that is too big for an application to handle

Question 12

Buffer Overflow

Answer 12

when an app recieves more input or different input then expected

Question 13

Diffie Hellman

Answer 13

algorithm used to private share key between two paroes

Question 14

MD5

Answer 14

Message Digest - Produces 128 bit hash shown in hexadecimal

Question 15

SHA

Answer 15

Secure Hash Algorithm - Verifies integrity

Question 16

Diffusion

Answer 16

Small changes in plain text result in large changes in cipher

Question 17

Block Cipher

Answer 17

encrypts data in specific sized blocks of 8

Twofish
Blowfish
RC5
CFB

Question 18

Stream Cipher

Answer 18

encyrpts data as a stream of bits rather than blocks and is more efficent

RC4
TLS
AES

Question 19

Online Certificate Status Protocol (OCSP)

Answer 19

allows the client to query the ca with serial number of the certificate

Question 20

Transport Layer Security (TLS)

Answer 20

encrypts https traffic, replacement for SSL,port 443 (TLS)

Question 21

Secure Sockets Layer (SSL)

Answer 21

certificate based authentication + encrypts data with a combinations of both symmetric and asymmetric

Question 22

Pretty good Privacy (PGP)

Answer 22

Encrypts email traffic with RSA

Question 23

CA

Answer 23

Certificate Authority

Question 24

CRL

Answer 24

certificate revocation list, CA Revoked

Question 25

XSRF

Answer 25

cross site request forgery

web application tricks user into performing acts on a site ex. purchasing

Question 26

DAC

Answer 26

Discretionary access control

all objects have owners they modify permissions. DAC allows coworkers to share information within a corporate file system

Question 27

AES

Answer 27

Advanced Encryption. BLOCK CIPHER encrypts in 128 bit blocks. Can use key sizes 128.192. 256

Question 28

DES

Answer 28

data encryption standard. Used to provide confidentiality, replaced by AES and 3DES

Question 29

DLP

Answer 29

Group of technologies that prevent data loss ex. block usb

Question 30

DSA

Answer 30

Digital Signature Algorithm

encrypts hash of a message

Question 31

LDAP

Answer 31

Lightweight directory access protocol

used to communicate with directories, indentifies objects and query strings using codes

Question 32

IPSEC

Answer 32

Internet protocol security

a suite of protocols used to encrypt data in transit

Question 33

IMAP

Answer 33

Internet Message Access Protocol. Store and manage emails on server

Question 34

HMAC

Answer 34

Hashed based one message authentication code. A hashing algorithm to verify message of shared key

Question 35

HOTP

Answer 35

HMAC Based one time password. one time password combines with a secrete key

Question 36

FDE

Answer 36

Full disk encryption

Question 37

RADIUS

Answer 37

Remote Authentication Dial In User Service

Process central authentication for remote access client

Question 38

PKI

Answer 38

Public Key Infrastructure

Group tech used to request, create, manage, store, distribute or revoke digital certificates. Allows two entities privately share symmetric keys without any prior communication

Question 39

PAP

Answer 39

Password Authentication Protcol. Old protocol that used cleartext

Question 40

OSCP

Answer 40

Online Certificate Status Protocol

Alternative to CRL. Allows entities to query into the CA with the serial number of a certification

Question 41

NTLM

Answer 41

New Technology LAN Manager. Protocols that provide CIA in windows systems,128 bits

Question 42

NAC

Answer 42

Network Access Control - System inspects client to observe health

Question 43

MSCHAPv2

Answer 43

Microsoft Challenge Handshake Authentication Protocol, provides mutual authentication

Question 44

Mandatory Access Control (MAC)

Answer 44

restricting access to system resources based on the sensitivity (as represented by a label) of the information contained in the system resource and the formal authorization (i.e., clearance) of users to access information of such sensitivity. method of limiting access to resources based on the sensitivity of the information that the resource contains and the authorization of the user to access information with that level of sensitivity. You define the sensitivity of the resource by means of a security label

Question 45

RAT

Answer 45

Remote Access Trojan

Question 46

RSA

Answer 46

Rivest, SHamir, Adleman - AYSEMMETRIC algorithm used to encrypt data and digitally sign transmissions

Question 47

SAML

Answer 47

Security Assertion Markup Language

an XML based standard used to exchange authentication

IdP gigitally signs request confirming users identity, then this isent to the SP Service Provider to grant access

Question 48

SCADA

Answer 48

Security Control and Data Acquisition - system used to control an Industry Control System

Question 49

SOAR

Answer 49

(security orchestration, automation and response) is a stack of compatible software programs that enables an organization to collect data about cybersecurity threats and respond to security events with little or no human assistance.

Question 50

SIEM

Answer 50

Security Information and Event Management - Security system that attempts to look at security events throughout organization

Question 51

SNMPv3

Answer 51

Simple network management Protocol - monitor and manage network devices

Question 52

SSH

Answer 52

Secure shell - used to encrypt network traffic

Question 53

SSO

Answer 53

Single Sign on - Authentication method where users can access multiple resources on a network using a single sign on

Question 54

STP

Answer 54

Spinning Tree Protocol - protects switches from looping

Question 55

TACACS+

Answer 55

Terminal Access Controller Access Control System+

provides central authentication for remote access clients

Question 56

TOTP

Answer 56

time based one time password

uses a timestamp that expires after a set time

Question 57

TPM

Answer 57

Trusted Platform Module- chip on a motherboard that produces full disk encryption, remote attestation, and a secure boot process

Question 58

UTM

Answer 58

Unified Threat Manager - group of security controls combined in a single solution

Question 59

Technical Control

Answer 59

one that uses tech to reduce vulnerabilities. encryption, antivirus, IDS, firewalls, least priveldge

Question 60

least privilege (PoLP)

Answer 60

user or entity should only have access to the specific data, resources and applications needed to complete a required task.

Question 61

Administrative Controls

Answer 61

risk vulnerability assessments, day to day ops, security and awareness training

Question 62

Preventive Controls

Answer 62

Prevent security incidents including hardening, user training, guards, account management

Question 63

Corrective Controls

Answer 63

attempts to reverse the impact of an incident or problem after its occured, IPS< backups, recover plans

Question 64

Compensating Control

Answer 64

when you cant use the primary control

Question 65

Netstat

Answer 65

view stats for TCP/IP Protocols

Question 65

Virtualization

Answer 65

allows multiple servers to operate on a single physical host

Question 65

VM Sprawl

Answer 65

when the number of virtual machines (VMs) on a network reaches a point where administrators can no longer manage them effectively

Question 65

ARP Command

Answer 65

view and manipluate the ARP cache

Question 66

VM Escape

Answer 66

the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor

Question 67

RoleBAC

Answer 67

Role Based Access Control - used roles to manage rights and perms for users.

Question 68

RuleBAS

Answer 68

uses rules like a firewall

Question 69

ABAC

Answer 69

Attribute based access control uses policies to evaluate attributes and grant access when the system detects a match in the policy. You can also use an ABAC policy to enforce more complex behavior, such as ‘users from the Sales department can only edit CRM records during work hours.

Question 70

Crossover Error Rate

Answer 70

quality of the biometric system

Question 71

False Rejection Rate

Answer 71

percentage of time false rejections occur

Question 72

Smart Cards

Answer 72

credit card sized cards that authenticate using PKI. Certificate based

Question 73

Kerberos

Answer 73

Authentication protocol using tickets

Question 74

Airgap

Answer 74

A metaphor for physicals isolation, indicating that a system or network is completelty isolated from another system/network

Question 75

DMZ

Answer 75

Demilitriziaed Zone - provides a layer of security for servers that are accessible from the internet

Question 76

WAF

Answer 76

Protects a web server against web application attacks, usually placed in the DMZ

Question 77

802.1x server

Answer 77

provides strong port secuirty using port based authentication. Prevents rogue devices form connection to a network by ensuring that only authorized clients can

Question 78

SSID

Answer 78

Server Set Identifier is the name of the wireless network. Disabling ssid broadcast hides a wireless network from casual users

Question 79

Bluejacking

Answer 79

sends information to a device

sending unsolicited messages thru the phone.

Question 80

Bluesnarfing

Answer 80

g takes information from a device

unauthorized access from a bluetooth device

Question 81

IaaS

Answer 81

Infastrucutre as a service provides hardware resources via cloud. Limit the size of an org’s hardware footprint

Question 82

PaaS

Answer 82

Platform As A service - provides an easy to configure OS and on demand computing for customers

Question 83

chmod

Answer 83

changes commands on a linux system

Question 84

Watering Hole Attack

Answer 84

attackers modify a sites that a targeted groups visits and infects them with malware

Question 85

APR Poisoning

Answer 85

misleads the computer about the actual mac. used for man in the middle attacks

Question 86

Hash Collision

Answer 86

occurs when the hashing algorithm creates the same hash for different passwords

Question 87

Birthday Attack

Answer 87

Attacker is able to create a passwords that uses the same has as the actual users password

Question 88

What attacks does input validation prevent?

Answer 88

buffer overflow, SQL Injection, command injection, cross site scripting, XSRF

Question 89

race condition

Answer 89

where the system’s substantive behavior is dependent on the sequence or timing of other uncontrollable events, leading to unexpected or inconsistent results

Question 90

Black Box Testing

Answer 90

pen testing with zero prior knowledge

Question 91

White Box Testing

Answer 91

pen testing with full knowledge of the enviroment

Question 92

TCPdump

Answer 92

a command line protocol analyzer.

Question 93

Nmap

Answer 93

network scanner run form the command line

Question 94

Netcat

Answer 94

used to remotley administer servers. can be used for banner grabbing

Question 95

syslogs

Answer 95

identify when service starts and stops

Question 96

SIEM

Answer 96

Security Information and Event Management

aggregate and correlate logs from multiple sources in a single location. continous monitoring and automated alerting and triggering

Question 97

Physical Controls

Answer 97

Tech controls you can touch

Question 98

Cable Locks

Answer 98

Secure mobile computers and laptops

Question 98

Airgap

Answer 98

physical sec control that ensures a computer or network is physically isolated from another computer or network

Question 99

RPO

Answer 99

Recovery Point Object

Refers to the amount of data you can afford to lose

Question 100

RTO

Answer 100

Recover Time Object

maximum amount of time it should take to restore a system after an outage

Question 101

MTBF

Answer 101

Mean Time Before Repair

average time between failures

Question 101

MTTR

Answer 101

Mean Time To Repair

average time it takes to restore a failed system

Question 102

Table Top Exercises

Answer 102

Discussion based only

Question 102

Symmetric Ecnyrption

Answer 102

Uses the same key to encrypt and decrypt data

Question 103

Asymmetric Encyrption

Answer 103

used a public and private key to create a matched pair

Question 104

Non-Repudiation

Answer 104

prevents a party from denying an action

Question 105

RC4

Answer 105

Commonly used stream cipher, symmetric

Question 106

These methods secure email with encryption and digital signatures

Answer 106

S/MIME and PGP, both use RSA and certificates

Question 107

Key Escrow

Answer 107

stores cop of private keys used in PKI

Question 108

Wildcard Certificates

Answer 108

use a * for child domains to reduce the admin burden of managing certificates

Question 109

Purging

Answer 109

all sensitive data has been removed from the device

Question 110

Wiping

Answer 110

completely removing all remnants of data on a disk by using 1s and 0s to overwrite bits

Question 111

Degaussing

Answer 111

a very powerful electronic magnet that renders data on a tape and data disk drives unreadable

Question 112

AUP

Answer 112

Acceptable Use Policy

proper system usage for users and spells out rules of behavior when accessing systems and networks

Question 113

NDA

Answer 113

Non disclosure Agreement

ensure that proprietary data is not shared

Question 114

Data Owner

Answer 114

Overall responsible for the data

Question 114

Privacy Officer

Answer 114

Ensure the company complies with relevant laws to protect private data, PII, PHI

Question 114

SLA

Answer 114

Service Level Agreement

agreement between a company and a vendor that stipulated performance expectations such as min uptime and max downtime

Question 115

Privacy Custodian/Steward

Answer 115

handles routine tasks to protect data

Question 116

Order of Votality from Most to Least volatile

Answer 116

cache memory, RAM, paging file, hard drive data, logs stored remote, achrived media

Question 117

DNS Blackholing

Answer 117

uses a list of known domains/IP addresses belonging to malicious hosts and uses an internal DNS server to create a fake reply.

Question 118

Proximity Cards

Answer 118

commonly used with physical access control systems and relies upon RFID devices embedded into a token

Question 119

Physical Controls

Answer 119

Any security measures that are designed to deter or prevent
unauthorized access to sensitive information or the systems that
contain it

Alarm systems, locks, surveillance cameras, identification cards, and
security guards

Question 120

Technical Controls

Answer 120

Safeguards and countermeasures used to avoid, detect,
counteract, or minimize security risks to our systems and
information

Smart cards, encryption, access control lists (ACLs), intrusion detection
systems, and network authentication

Question 121

Administrative Controls

Answer 121

Focused on changing the behavior of people instead of removing
the actual risk involved

Policies, procedures, security awareness training, contingency planning,
and disaster recovery plans. User training is the most cost-effective security control to use

Question 122

White Hats Hacker

Answer 122

Non-malicious hackers who attempt to break into a company’s
systems at their request

Question 123

Open-Source Intelligence (OSINT)

Answer 123

Methods of obtaining information about a person or organization through public records, websites, and social media

Question 124

Kill Chain

Answer 124

A model developed by Lockheed Martin that describes the stages by which a threat actor progresses a network intrusion

Question 125

Polymorphic

Answer 125

Advanced version of an encrypted virus that changes itself
every time it is executed by altering the decryption module
to avoid detection

Question 126

Watering Holes

Answer 126

Malware is placed on a website that you know your potential victims will
access

ex. diontrainings.com rather than diontraining.com

Question 127

Privilege Escalation

Answer 127

Occurs when you are able to exploit a design flaw or bug in a system to
gain access to resources that a normal user isn’t able to access

Question 128

Logic Bomb

Answer 128

Malicious code that has been inserted inside a program and will execute
only when certain conditions have been met

Question 129

Signature-based Detection

Answer 129

A specific string of bytes triggers an alert

Question 130

True positive

Answer 130

Malicious activity is identified as an attack

Question 131

False positive

Answer 131

Legitimate activity is identified as an attack

Question 132

True negative

Answer 132

Legitimate activity is identified as legitimate traffic

Question 133

False negative

Answer 133

Malicious activity is identified as legitimate traffic

Question 134

Basic Input Output System (Bios)

Answer 134

Firmware that provides the computer instructions for how to accept input
and send output
▪ Unified Extensible Firmware Interface (UEFI)
▪ BIOS and UEFI are used interchangeable in this lesson

Question 135

SCCM

Answer 135

Microsoft’s System Center Configuration Management

Question 135

Network Attached Storage (NAS)

Answer 135

Storage devices that connect directly to your organization’s network. NAS systems often implement RAID arrays to ensure high availability

Question 136

Unified Extensible Firmware Interface (UEFI)

Answer 136

A type of system firmware providing support for 64-bit CPU
operation at boot, full GUI and mouse operation at boot, and
better boot security

Question 137

Secure Boot

Answer 137

A UEFI feature that prevents unwanted processes from executing
during the boot operation

Question 138

Hypervisor

Answer 138

Manages the distribution of the physical resources of a host machine
(server) to the virtual machines being run (guests)

Question 139

Defense in Depth

Answer 139

Layering of security controls is more effective and secure than relying on
a single control

Question 140

Directory Traversal

Answer 140

Method of accessing unauthorized directories by moving through the
directory structure on a remote server

Question 141

Race Conditions

Answer 141

A software vulnerability when the resulting outcome from execution processes is
directly dependent on the order and timing of certain events, and those events
fail to execute in the order and timing intended by the developer

Question 142

MAC Flooding

Answer 142

Attempt to overwhelm the limited switch memory set aside to store the
MAC addresses for each port

Switches can fail-open when flooded and begin to act like a hub

Question 143

Access Control List

Answer 143

▪ An ordered set of rules that a router uses to decide whether to permit or
deny traffic based upon given characteristics
▪ IP Spoofing is used to trick a router’s ACL

Question 144

Bastion Hosts

Answer 144

▪ Hosts or servers in the DMZ which are not configured with any services
that run on the local network
▪ To configure devices in the DMZ, a jumpbox is utilized

Question 145

Network Address Translation (NAT)

Answer 145

Process of changing an IP address while it transits across a router
▪ sing NAT can help us hide our network IPs

Question 146

NAT Filtering

Answer 146

Filters traffic based upon the ports being utilized and type of connection
(TCP or UDP)

Question 147

Web Application Firewall

Answer 147

Firewall installed to protect your server by inspecting traffic being sent to
a web application
▪ A WAF can prevent a XSS or SQL injection

Question 148

Proxy Server

Answer 148

A device that acts as a middle man between a device and a remote server

Question 149

Unified Threat Management

Answer 149

Combination of network security devices and technologies to provide
more defense in depth within a single device. UTM may include a firewall, NIDS/NIPS, content filter, anti-malware, DLP,
and VPN. UTM is also known as a Next Generation Firewall (NGFW)

Question 150

Virtual Desktop Infrastructure (VDI)

Answer 150

VDI allows a cloud provider to offer a full desktop operating system to an
end user from a centralized server

Question 151

Software as a Service (SaaS)

Answer 151

Provides all the hardware, operating system, software, and applications
needed for a complete service to be delivered

Question 152

Infrastructure as a Service (IaaS)

Answer 152

Provides all the hardware, operating system, and backend software
needed in order to develop your own software or service

Question 153

Platform as a Service (PaaS)

Answer 153

Provides your organization with the hardware and software needed for a
specific service to operate

Question 154

Domain Controller

Answer 154

A server that acts as a central repository of all the user accounts and their
associated passwords for the network

Question 155

FTP Server

Answer 155

A specialized type of file server that is used to host files for distribution
across the web

Question 156

Continuous Integration

Answer 156

▪ A software development method where code updates are tested and
committed to a development or build server/code repository rapidly
▪ Continuous integration can test and commit updates multiple times per
day
▪ Continuous integration detects and resolves development conflicts early
and often

Question 157

Continuous Deployment

Answer 157

Continuous deployment focuses on automated testing and release of
code in order to get it into the production environment more quickly. A software development method where application and platform updates
are committed to production rapidly

Question 158

Continuous Delivery

Answer 158

A software development method where application and platform
requirements are frequently tested and validated for immediate
availability. Continuous delivery focuses on automated testing of code in order to get it ready for release

Question 159

Ping Flood

Answer 159

An attacker attempts to flood the server by sending too many ICMP echo
request packets (which are known as pings)

Question 160

Smurf Attack

Answer 160

Attacker sends a ping to subnet broadcast address and devices reply to
spoofed IP (victim server), using up bandwidth and processing

Question 161

SYN Flood

Answer 161

Variant on a Denial of Service (DOS) attack where attacker initiates
multiple TCP sessions but never completes the 3-way handshake

Question 162

Man-in-the-Middle (MITM)

Answer 162

Attack that causes data to flow through the attacker’s computer where
they can intercept or manipulate the data

Question 163

Watering Hole

Answer 163

Occurs when malware is placed on a website that the attacker knows his
potential victims will access

Question 164

Replay Attack

Answer 164

Network-based attack where a valid data transmission is fraudulently or
malicious rebroadcast, repeated, or delayed

Question 165

Service Set Identifier (SSID)

Answer 165

▪ Uniquely identifies the network and is the name of the WAP used by the
clients
▪ Disable the SSID broadcast in the exam

Question 165

Evil Twin

Answer 165

A rogue, counterfeit, and unauthorized WAP with the same SSID as your
valid one

Question 166

Simultaneous Authentication of Equals (SAE)

Answer 166

▪ A secure password-based authentication and password-authenticated key
agreement method

Question 166

WiFi Protected Access version 2 (WPA2)

Answer 166

802.11i standard to provide better wireless security featuring AES with a
128-bit key, CCMP, and integrity checking
▪ WPA2 is considered the best wireless encryption available

Question 167

!! if you are asked about…..

Answer 167

Open == No security or protection provided
WEP + IV
WPA == TKIP and RC4
WPA2 = CCMP AND AES

Question 168

HVAC

Answer 168

HVAC systems may be connected to ICS and SCADA networks

Question 169

OpenID

Answer 169

An open standard and decentralized protocol that is used to
authenticate users in a federated identity management system
● User logs into an Identity Provider (IP) and uses their account at
Relying Parties (RP)
● OpenID is easier to implement than SAML
● SAML is more efficient than OpenID

Question 170

Security Assertion Markup Language (SAML)

Answer 170

Attestation model built upon XML used to share federated identity
management information between systems

Question 171

802.1x

Answer 171

IEEE standard that defines Port-based Network Access Control (PNAC) and
is a data link layer authentication technology used to connected devices
to a wired or wireless LAN

▪ RADIUS
▪ TACACS+
▪ 802.1x can prevent rogue devices

Question 172

Extensible Authentication Protocol (EAP

Answer 172

A framework of protocols that allows for numerous methods of
authentication including passwords, digital certificates, and public key
infrastructure

Question 173

Lightweight Directory Access Protocol (LDAP

Answer 173

A database used to centralize information about clients and objects on
the network
Unencrypted Port 389
Encrypted Port 636
Active Directory is Microsoft’s version

Question 174

Challenge Handshake Authentication Protocol (CHAP)

Answer 174

Used to provide authentication by using the user’s password to encrypt a
challenge string of random numbers

Question 175

Virtual Private Network (VPN)

Answer 175

Allows end users to create a tunnel over an untrusted network and
connect remotely and securely back into the enterprise network. Client-to-Site VPN or Remote Access VPN

Question 176

Remote Authentication Dial-In User Service (RADIUS)

Answer 176

Provides centralized administration of dial-up, VPN, and wireless
authentication services for 802.1x and the Extensible Authentication
Protocol (EAP)

Question 177

Discretionary Access Control (DAC)

Answer 177

The access control policy is determined by the owner

1. Every object in a system must have an owner
2. Each owner determines access rights and permissions for each
   object

Question 178

Mandatory Access Control (MAC)

Answer 178

An access control policy where the computer system determines
the access control for an object. The owner chooses the permissions in DAC but in MAC, the computer does. MAC relies on security labels being assigned to every user (called a subject) and every file/folder/device or network connection (called an object). Data labels create trust levels for all subjects and objects

Question 179

Implicit Deny

Answer 179

All access to a resource should be denied by default and only be allowed
when explicitly stated

Question 180

Separation of Duties

Answer 180

Requires more than one person to conduct a sensitive task or operation

Question 180

Job Rotation

Answer 180

Occurs when users are cycled through various jobs to learn the overall
operations better, reduce their boredom, enhance their skill level, and
most importantly, increase our security

Question 181

chmod

Answer 181

Program in Linux that is used to change the permissions or rights of a file
or folder using a shorthand number system

Question 182

Risk Avoidance

Answer 182

A strategy that requires stopping the activity that has risk or
choosing a less risky alternative

Question 183

Quantitative analysis

Answer 183

s uses numerical and monetary values to calculate risk

Question 184

Dictionary Attack

Answer 184

Method where a program attempts to guess the
password by using a list of possible passwords

Question 185

Rainbow Table

Answer 185

List of precomputed valued used to more quickly break a password since values don’t have to be calculated for each password being guessed. crack the password hashes in a database

Question 186

Simple Network Management Protocol (SNMP)

Answer 186

A TCP/IP protocol that aids in monitoring network-attached devices and
computers. SNMP is incorporated into a network management and monitoring system

Question 187

Runbook

Answer 187

An automated version of a playbook that leaves clearly defined
interaction points for human analysis

Question 188

dd

Answer 188

A command line utility used to copy disk images using a bit by bit copying
process

Question 189

FTK Imager

Answer 189

A data preview and imaging tool that lets you quickly assess electronic
evidence to determine if further analysis with a forensic tool is needed

Question 190

Memdump

Answer 190

A command line utility used to dump system memory to the standard
output stream by skipping over holes in memory maps

Question 191

SSH

Answer 191

Utility that supports encrypted data transfer between two computers for
secure logins, file transfers, or general purpose connections

Question 192

netstat

Answer 192

Utility that displays network connections for Transmission Control
Protocol, routing tables, and a number of network interface and network
protocol statistics

Question 193

Risk Appetite vs Risk Acceptance

Answer 193

Risk acceptance: choosing (or not choosing) to take an action that affects risk to the organization

Risk appetite: how much risk you can accept.