Sec+ Unknown terms

Question 1

What is Degaussing?

Question 2

What are the components of WPA 1, 2, and 3?

Answer 2

WPA3 implements saw simultaneous authentication of equals. Stronger than passwords or pass phrases

Question 3

Explain API Keys

Answer 3

Keys which Allow individual customers authenticate to the API service. Can be disabled if customer causes issues.

Question 4

What is Kerberos? Explain

Answer 4

• ## Authentication protocol

Question 5

What is 802.11i? Explain.

Answer 5

• Security standard used within WPA2 and WPA3
• not for device authentication

Question 6

What is CHAP? Explain

Answer 6

• Stands for Challenge Handshake Authentication Protocol
• not best choice for device authentication.
• Periodically re-authenticates user.
• Stops Session Hijacking

Question 7

What is 802.1x? Explain

Answer 7

• Protocol frequently used to authenticate devices.
• IEEE standard for port based network access control.

Question 8

What is CCMP? Explain

Question 9

What is WEP? Explain

Question 10

What is Infrared? Explain

Question 11

What is WPA2? Explain

Answer 11

• Wireless Network Protocol
• Uses AES-based CCMP for network encryption
• Counter Mode Block Chaining Message Authentication (CBC-MAC) Protocol

Question 12

What is DHCP? Explain

Question 13

What is IMAP? Explain

Question 14

What is SNMPv3? Explain

Answer 14

(Simple Network Management Protocol)

Question 15

What is LDAP? Explain

Answer 15

Lightweight Directory Access Protocol
- lists all network resources
- can be secured with TLS

Question 16

What is RADIUS? Explain

Answer 16

( )
- Remote Access Protocol
- does not handle authentication

Question 17

What is NTLM. Explain

Answer 17

(New Technology Lan Manager)
- Not XML based

Question 18

What is OAuth? Explain

Answer 18

Allows user’s information to be used by 3rd party services without revealing users password.

Question 19

What is SAML? Explain

Answer 19

(Security Assertion Markup Language)
- XML Based standard for exchanging authentication and authorization data between parties.

Question 20

What is PAP? Explain

Answer 20

(Password Authentication Protocol)
- Does not stop session hijacking

Question 21

What is TACACS+? Explain

Answer 21

• Does not stop session hijacking

Question 22

What is OPAL? Explain

Answer 22

Standard for specifying how to protect confidentiality for stored user data and how storage devices from storage manufacturers can work together.

Question 23

What is UEFI? Explain

Answer 23

(Unified Extensible Firmware Interface)
- checks binaries during boot process to make sure hashes are valid.

Question 24

What is FUZZ?

Question 25

What is Storm Control?

Answer 25

• limits the bandwidth used by broadcast packets that could potentially take down a network.

Question 26

What is Man-In-Browser attack? Explain

Question 27

What is DNS Poisoning?

Question 28

What is Typo Squatting?

Question 29

What is Snarfing? Explain

Question 30

What is SMTP? Explain? What port does it use?

Answer 30

(Simple Mail Transfer Protocol)
- Vulnerable to open access attacks.
- mitigate attacks by close relays open to the public. Or require username and password for authorization.

Question 31

What is PEAP? Explain

Question 32

What is LEAP? Explain

Question 33

What is an IV Attack! Explain

Answer 33

(Wireless Attack)
When an attacker observes the operation of a cipher using several keys and finds a mathematical relationship between those keys. Leads to decryption of data

Question 34

What is Enumeration? Explain

Answer 34

Enumeration is the process of determining and defining a list of attack vectors on a computer, such as a list of open ports. The attacker can use this list to determine the best method of attack.

Question 35

PAM?

Answer 35

Privilege Access Management

Question 36

What is Load balancing and its forms? Explain.

Question 37

What is Salting? Explain

Question 38

What is Tokenization?

Answer 38

Tokenization allows for sensitive data to be stored at a token service provider instead of being stored locally. The locally-stored token can be replaced with the real value when needed.

Question 39

Jack is following the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). He has finished the preparation and categorization steps. Which is the next step in the risk management framework?

Answer 39

1. Prepare
2. Categorize system
3. Select controls
4. Implement controls
5. Assess controls
6. Authorize system
7. Monitor controls

Question 40

Standard for Attestation Engagements (SSAE) SOC 2?

Answer 40

SOC 2 engagement assesses the security and privacy controls that are in place

Question 41

Standard for Attestation Engagements (SSAE) SOC 1?

Answer 41

report assesses the controls that impact the accuracy of financial reporting

Question 42

Standard for Attestation Engagements (SSAE) Type 1?

Answer 42

reports a review auditor’s opinion of the description provided by management about the suitability of the controls as designed. They do not look at the actual operating effectiveness of the controls.

Question 43

Standard for Attestation Engagements (SSAE) Type 2?

Answer 43

report provides information on the auditor’s assessment of the effectiveness of the controls that are in place

Question 44

ISO 27002

Answer 44

ISO 27002 is an international standard for implementing and maintaining information security systems.

Question 45

ISO 27017

Answer 45

ISO 27017 is an international standard for cloud security;

Question 46

NIST 800-12

Answer 46

NIST 800-12 is a general security standard and it is a U.S. standard, not an international one

Question 47

NIST 800-14

Answer 47

NIST 800-14 is a standard for policy development, and it is also a U.S. standard, not an international one.

Question 48

ALE (annual loss expectancy?

Answer 48

SLE (single loss expectancy) × ARO (annualized rate of occurrence).

Question 49

RPO

Answer 49

RPO (recovery point objective) specifies the allowable data loss. It is the amount of time that can pass during an interruption before the quantity of data lost during that period surpasses business continuity planning’s maximum acceptable threshold.

Question 50

MTBF

Answer 50

MTBF (mean time between failures) is the rating on a device or component that predicts the expected time between failures.

Question 51

MTTR

Answer 51

MTTR (mean time to repair) is the average time it takes for a failed device or component to be repaired or replaced.

Question 52

ARO

Answer 52

ARO (annual rate of occurrence) is the ratio of an estimated possibility that a threat will take place within a one-year time frame.

Question 53

PPTP? Explain

Answer 53

Point-to-point tunneling protocol (PPTP) is a protocol used in VPNs. It encapsulates PPP packets, ultimately sending encrypted traffic. PPP is used for dial-up connections, but it’s not suitable for VPN without PPTP.

Question 54

Kerberos is a widely used network authentication mechanism and is used in Windows Active Directory domains and some Unix environments. When implemented in an environment, it has several requirements in order to operate optimally and provide a secure authentication process.

Answer 54

Kerberos provides mutual authentication, which assists in the prevention of man-in-the-middle attacks and uses tickets in order to avert replay attacks. When a user logs on with Kerberos, the key distribution center (KDC) issues a ticket that will last for 10 hours before it expires. This relies on a method of issuing tickets for authentication, which is handled by the KDC. It also requires time synchronization because of the timestamps applied to the communications and tickets. Finally, it requires a database that houses the various objects representing the users or subjects.

Question 55

ESP

Answer 55

ESP - The Encapsulating Security Payload (ESP) protocol provides all three security services: authentication, integrity, and confidentiality. It can encrypt the header of packets while in tunnel mode for VPNs, while not encrypting the header in transit mode for local networks.

Question 56

IKE

Question 57

L2TP

Question 58

AH

Question 59

Explain a PKI Infrastructure

Question 60

What is isolation?

Question 61

What is segmentation?

Question 62

What is containment?