Sec_Vista Flashcards

1
Q

BIA

A

business impact analysis interviewing to gather info about business units and their functions.
Id and Prioritize business function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

contingency plan

A

detail how all business function will be carries out during an outage or disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Occupant Emergency Plan (OEP)

A

OEP minimize injury or loss of life during an outage or disaster

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Define Privilege Escalation vs attack

A

Gain access to a file you should not have access to by changing permission of your valid account
Hacking is using another user’s credentials
Social Engineering is impersonating a user to get their credentials

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a use for CSR?

A

Certificate Signing Request: first step to verify the authenticity of a certificate issued by a CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Define OID

A

Object Identifiers: id X.509 certificates (dotted #s)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What type of encryption is EIGamal

A

asymmetric public key encryption based on D-H.

Used for digital signatures, key exchange, & data encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is HAVAL, IDEA, & Knapsack?

A

HAVAL: hashing algorithm (message digests)
IDEA: International data encrypt algo: block cipher used by PGP for secret key encryption
Knapsack: asymmetric encryption algo; not D-H based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Would you format storage media? And what methods would destroy it?

A

No, format aka delete data does not remove data. Pulverize, degauss, purge, & wiping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is degaussing and when to not use it?

A

Reduce or eliminate unwanted magnetic field on storage media. Does not work on CD or DVDs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How to describe DNS poisoning?

A

Practice of dispensing IP addresses & host names with the goal of traffic diversion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are other DNS attacks?

A

Syn Flood: send DNS server sync messages with spoofed packets
DNS DoS: transmit malformed packets to DNS server to cause a crash

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How to log changes to a file?

A

Use a file integrity check to examine files and check for changes then log any changes that occurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Define HIDS/HIPS

A

Alert for a Single server or computer & stop the attack

i.e. shut port 80 when if traffic exceeds baseline norm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a VPN?

A

A virtual private network is not a physical network. It allows secure communication between companies not located together or between private networks. It transports encrypted data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a VLAN?

A

Allows networks to be segmented logically without physically rewiring the network. Provides added security layer by isolating resources into subnets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is denial of service?

A

Attacker floods a system with messages to prevent the system from replying to valid requests

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What model does PGP, PKI, and CA use?

A

PGP uses web of trust to validate key pairs

PKI & CA use hierarchy to sign key pairs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What is a RADIUS federation used for?

A

A group of RADIUS servers assisting with network roaming. The servers validate login credentials of a user belonging to another RADIUS server’s network.
i.e. tenants in a shopping area want all customer to access internet in their area

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Define EAP-FAST, EAP-TLS, EAP-TTLS

A

These are all authentication protocols
EAP manages key tranmissions
TLS - uses X.509 digital certificate to authenticate
TTLS - encapsulates TLS allowing for client authentication
FAST - creates TLS tunnel used in wireless & point-to-point network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What devices connect multiple LAN segments?

A

Bridge, switches, & routers
Bridge & switch (layer 2) use MAC to send packets to destination
Routers (layer 3-network) use IP address to route packets to destination

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is ISA

A

Interconnection security agreement gives security requirements for interconnection between two organizations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Why use airgapping & sandboxing?

A

Air gapping: physically separate secure networks & equipment from insecure networks & equipment. Data can only be moved physically via disk or USB
Sanbox: test a system to security patches or issues i.e. legacy system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Who is responsible for access in DAC & RBAC?

A

DAC: data owner
RBAC: security administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
what do phreakers attack?
VoIP or PBX equipment
26
What are 2 VPN protocols?
PPTP: create a secure WAN connection L2TP: VPN, packets, encrypt data Both use tunnels for security PPP: establish dial-up network connections
27
What replaced Infrared?
Infrared needs line-of-sight communication i.e. TV. Replaced by Bluetooth & Wi-fi
28
What is ANT?
Low-power (proprietary) tech used in wearable devices like fitness sensors. NFC: connects devices automatically when in range i.e. smartphone or mobile payments
29
TPM vs. HSM
TPM chip implement hardware-based encryption | HSM stores key or digital certificates and can be replaced
30
What type of attack redirects a user to a fake website?
Hyperlink spoofing aka web spoofing or URL spoofing Gets browser to connect to a fake server to get access to confidential info: PIN, credit card, bank details Uses hyperlinks instead of DNS addresses
31
What should you consider when choosing a mail gateway?
Spam Filter, DLP, encryption Spam filters: trap undesirable mail DLP: prevent unauthorized access, protect data Encrypt: critical feature, scramble outgoing messages
32
When creating a wireless network what protocol has maximum security and supports older wireless clients?
WPA: wi-fi protected access WPA fixed WEP issues WAP: wireless app protocol is the weakest (don't use) WEP: security standard for wireless networks and devices to encrypt data - not as secure as WPA
33
WAP vs. WAP2
WPA uses TKIP (temporal key integrity protocol) WPA2 uses CCM Mode Protocol (CCMP) for encryption with AES Operate in two modes: personal & enterprise Personal uses Preshared Key (PSK) Enterprise uses EAP for authentication more secure than WPA2-PSK & needs a digital certificate
34
Which protocols should be used for implementing a secure wireless authentication method using a RADIUS server for authentication?
LEAP (lightweight extensible authentication protocol) to PEAP (protected extensible authentication protocol) Both offer to simplify secure authentication, but PEAP is more secure
35
How do Trojan horses, worms, viruses, and spyware work?
Spyware: tracks cookies to collect & report on user's activities Virus (malware) relies on other apps to execute itself and infect a system Worm: spreads itself through network connections Trojan Horse: disguised as a useful utility but contains malicious code that can damage a network or give hackers a pathway into a network
36
What is DER?
DER (distinguished encoding rules) certificate encoded by ASN.1 not Base64 ASCII Its a parent format of PEM (used by webservers) And does not support storage of private key or cert paths
37
What are PFX, P12, P7B?
All are certificate types using Base64 ASCII encoding | PFX & P12 are ways to export private keys
38
What is DIAMETER used for?
VoIP & wireless services | DIAMETER uses EAP and was meant to handle tech that RADIUS could not
39
What is SAML?
Security Assertion Markup Language: an XML data format for exchanging authentication & authorization data between an identity provider and a service provider
40
Is Kerberos more secure than RADIUS, TACACS, or LDAP and what is it for?
Yes, its a method of access, authentication, & authorization | TACACS is a CISCO implement of RADIUS, TACACS+ uses challenge response
41
What are some security solutions for a mobile device?
White-listing: permit certain apps to be installed & run on the device Transitive Trust: federated user identities allow users to access multiple apps, devices, & resources Remote Wiping & Screen Lock
42
When using social media at work what is a concern?
Data Exfiltration
43
How does a weak security configuration happen?
Neglecting to implement a specific security device or not configuring security settings properly
44
What cipher & hash algorithm would be good to use on an organization's network?
RC4 - encrypts streaming video based on a stream cipher for streaming video providing 56-bit encryption A type of symmetric algo
45
What is one-way hashing and which algorithm uses it?
MD5 inserts a string of variable length into a hashing algorithm and produces a hash value of a fixed length then it attaches to the end of the message and if the recomputed hash value is the same then the message wasn't altered during transmission Used to verify file integrity
46
What are SHA variants?
Secure Hash Algorithm (SHA) are MD2, MD4, MD5, HAVAL MD5 is a one-way hashing algorithm Mostly replaced by SHA-2 aka SHA-256
47
What are the four modes of symmetric ciphers?
ECB (Electronic Cook Book) implements the cipher in its original form (each block independent from the rest) CBC (Cipher Block Chaining) uses output & XOR to increase diffusion CTM or CTR (Counter Mode) converts block into a stream cipher GTM (Galois Counter Mode) uses hash function to complicate encrypt
48
What is XSRF?
Cross-site request forgery aka session riding involves unauthorized commands from a trusted user to a or web site (usually social networking involved) i.e. 2 friends chatting on instant message app and one clicks on a link that ends up sending bank info
49
What type of attack is a buffer overflow attack? What does a macro virus do?
Buffer is a DoS occurring when more data goes into the buffer than it can handle Macro Virus commands an app to perform actions using programming instructions
50
What control type is a security policy that includes system testing and security awareness training?
Preventative Administrative Controls Admin Control dictate how security policies are implemented to fulfill a company's security goals Includes policies & procedures, training, supervisory structure Detective is monitoring & supervising
51
What are detective & preventative technical controls
Detective include audit logs & IDS | Preventative: include ACL, routers, A-V, smart cards,...
52
What is throughput?
The rate at which something is processed | Processor speed, memory, & bandwidth allocated affect a workstation's throughput
53
What is an advantage & disadvantage to using NIDS?
Low maintenance in analyzing network traffic Monitors a packets sent over a network segment but cannot analyze encrypted information i.e. packets going through a VPN
54
What are the advantages & disadvantages of HIDS?
HIDS are difficult to configure & monitor Uses OS audit logs & system logs Not affected by a switched network
55
Explain Kerberos using AS, TGT, TGS, & CS
AS (Authentication Service) authenticates users with TGT User, who wants access to a network resources, gives TGT to TGS TGS turns TGT into a session key The CS (client-server) takes the session key letting the client & server authenticate with one another AS, TGS, CS are the main protocols to authenticate & authorize use of resources
56
Define how a firewall, proxy server & NAT server work on a network?
Firewall: allows & denies network access through communication ports NAT server: presents IP to the internet on behalf of computers on a private network Proxy server: enables hosts to access internet resources Increases performance by caching web pages and filtering content
57
What does RSA encryption algorithms do?
RSA is an asymmetric cryptography that can prevent MiTM by authenticating with public & private keys Does not use logarithms its uses prime numbers and is the de factor standard for digital signatures
58
Least privilege can be called what?
File system security only allow what is necessary to do a job
59
Define recertification
Examine a user's permissions to determine if they still need access to what was previously granted
60
What is Snort & Wireshark?
Snort is a network intrusion detection system (NIDS) Wireshark is a network protocol analyzer: monitors data traffic & analyze captured signals as it moves along LAN, PAN, & wireless networks
61
What does Message Authentication Code (MAC) ensure?
Message Integrity Protects against message replay, but does not ensure availability of data or confidentiality HMAC - Hash-MAC is a symmetric key appended to message to the authorized recipient but lack confidentiality too CBC-MAC symmetric key in CBC cipher mode encrypts the message
62
What should you implement if you need to ensure wireless clients can only communicate with wireless access points and not other wireless clients?
Isolation Mode | FYI: SSID is a wireless network's name
63
What are the steps in a change control process?
``` Make a Request Analyze the Request (cost, security?,...) Record the Request Submit the Request for Approval Make the Change Send to management for review ```
64
Define spoofing
Spoofing aka masquerading is when a person or program pretends to be another person or program the source IP addr is spoofed/modified to imitate an IP address from an authorized source i.e. MiTM or session hijacking or email
65
Pharming vs. spoofing
Both redirect to a fake site to steal info but pharming often poisons the DNS cache to ensure redirect even if correct URL is entered
66
What does a packet-filtering firewall do?
Looks at a data packet to obtain source & destination addresses along with the protocol & port used Compares to rules based on ACL An application-level firewall examines the entire packet
67
Define stateful firewal
Examines all packet layers to compile information for the state table
68
What is a KDC?
Key Distribution Center used in Kerberos for storing, distributing, & maintaining cryptographic session keys Client requests resource access through the KDC which Stores secret keys used to generate session keys so it does not use public keys
69
What are 4 SIEM features?
Automated Alerting & Triggers for when a predetermined event occurs i.e. NIPS shut down port 80 during unusually high web traffic Correlation: find patterns between events among different devices Logs/WORM long-term storage & security so data can't be modified Aggregation: collects events that are flagged by network hardware & SW applications
70
Which algorithm does the US gov't use for digital signatures that NIST & NSA developed?
Digital Signature Algorithm (DSA)
71
Name three secret key encryption standards used to encrypt files.
AES, DES, IDEA | SHA-1 is a hashing algo to determine if the file was changed
72
Define Protocol Analyzer
Provides info regarding traffic flow & statistical information on your network Also called network analyzer or packer sniffer
73
What are transport & tunnel modes used for?
Provided by IPSec to transmit IP packets securely Tunnel good for VPN & entire IP packet Transport good for ESP host-to-host & upper layer Method to send encrypted data over the internet
74
Difference between what backdoor & escalation of privilege use to gain access
Backdoor attacker inserts code to enter an app and bypass security Escalation of privilege uses design flaws to gain unauthorized access Vertical: obtains higher privileges to run unauthorized code Horizontal: same level of permissions but using a different user account
75
Define database views
A content-dependent access control based on sensitivity of info & user privilege Partitioning ensures database security making it difficult to collect & combine confidential information to deduce facts
76
Define stored procedures
SQL statements executed as a group & similar to scripts. Protects from SQL injection attacks