Sec_Vista Flashcards
BIA
business impact analysis interviewing to gather info about business units and their functions.
Id and Prioritize business function
contingency plan
detail how all business function will be carries out during an outage or disaster
Occupant Emergency Plan (OEP)
OEP minimize injury or loss of life during an outage or disaster
Define Privilege Escalation vs attack
Gain access to a file you should not have access to by changing permission of your valid account
Hacking is using another user’s credentials
Social Engineering is impersonating a user to get their credentials
What is a use for CSR?
Certificate Signing Request: first step to verify the authenticity of a certificate issued by a CA
Define OID
Object Identifiers: id X.509 certificates (dotted #s)
What type of encryption is EIGamal
asymmetric public key encryption based on D-H.
Used for digital signatures, key exchange, & data encryption
What is HAVAL, IDEA, & Knapsack?
HAVAL: hashing algorithm (message digests)
IDEA: International data encrypt algo: block cipher used by PGP for secret key encryption
Knapsack: asymmetric encryption algo; not D-H based
Would you format storage media? And what methods would destroy it?
No, format aka delete data does not remove data. Pulverize, degauss, purge, & wiping
What is degaussing and when to not use it?
Reduce or eliminate unwanted magnetic field on storage media. Does not work on CD or DVDs
How to describe DNS poisoning?
Practice of dispensing IP addresses & host names with the goal of traffic diversion.
What are other DNS attacks?
Syn Flood: send DNS server sync messages with spoofed packets
DNS DoS: transmit malformed packets to DNS server to cause a crash
How to log changes to a file?
Use a file integrity check to examine files and check for changes then log any changes that occurred
Define HIDS/HIPS
Alert for a Single server or computer & stop the attack
i.e. shut port 80 when if traffic exceeds baseline norm
What is a VPN?
A virtual private network is not a physical network. It allows secure communication between companies not located together or between private networks. It transports encrypted data
What is a VLAN?
Allows networks to be segmented logically without physically rewiring the network. Provides added security layer by isolating resources into subnets.
What is denial of service?
Attacker floods a system with messages to prevent the system from replying to valid requests
What model does PGP, PKI, and CA use?
PGP uses web of trust to validate key pairs
PKI & CA use hierarchy to sign key pairs
What is a RADIUS federation used for?
A group of RADIUS servers assisting with network roaming. The servers validate login credentials of a user belonging to another RADIUS server’s network.
i.e. tenants in a shopping area want all customer to access internet in their area
Define EAP-FAST, EAP-TLS, EAP-TTLS
These are all authentication protocols
EAP manages key tranmissions
TLS - uses X.509 digital certificate to authenticate
TTLS - encapsulates TLS allowing for client authentication
FAST - creates TLS tunnel used in wireless & point-to-point network
What devices connect multiple LAN segments?
Bridge, switches, & routers
Bridge & switch (layer 2) use MAC to send packets to destination
Routers (layer 3-network) use IP address to route packets to destination
What is ISA
Interconnection security agreement gives security requirements for interconnection between two organizations
Why use airgapping & sandboxing?
Air gapping: physically separate secure networks & equipment from insecure networks & equipment. Data can only be moved physically via disk or USB
Sanbox: test a system to security patches or issues i.e. legacy system
Who is responsible for access in DAC & RBAC?
DAC: data owner
RBAC: security administrator
what do phreakers attack?
VoIP or PBX equipment
What are 2 VPN protocols?
PPTP: create a secure WAN connection
L2TP: VPN, packets, encrypt data
Both use tunnels for security
PPP: establish dial-up network connections
What replaced Infrared?
Infrared needs line-of-sight communication i.e. TV. Replaced by Bluetooth & Wi-fi
What is ANT?
Low-power (proprietary) tech used in wearable devices like fitness sensors. NFC: connects devices automatically when in range i.e. smartphone or mobile payments
TPM vs. HSM
TPM chip implement hardware-based encryption
HSM stores key or digital certificates and can be replaced
What type of attack redirects a user to a fake website?
Hyperlink spoofing aka web spoofing or URL spoofing
Gets browser to connect to a fake server to get access to confidential info: PIN, credit card, bank details
Uses hyperlinks instead of DNS addresses