Section 2.1 Security Concepts in an Enterprise Environment

Question 1

What ensures that systems are configured similarly, configurations are known and documented?

Answer 1

Configuration Management

Question 2

What helps reduce outages or weakened security from unauthorized changes?

Answer 2

Change Management

Question 3

What uses a labeling or numbering system to track changes in updated versions of software?

Answer 3

Versioning

Question 4

What ensures that systems are deployed with a common baseline or starting point, and imaging is a common method?

Answer 4

Baselining

Question 5

What make identifying device type (router, server, printer) easier?

Answer 5

Standard Naming Convention

Question 6

What do you call maintaining an up to date asset register to ease the process of tracking and maintaining assets?

Answer 6

Asset Management

Question 7

What do you call using network segmentation to reduce broadcast traffic and enable filtering/restricting traffic to subnets containing sensitive resources?

Answer 7

IP Schema

Question 8

What is it called when digital data is subject to the laws and regulations of the country in which it was created? It cannot be moved to another region, even for a backup-related reason.

Answer 8

Data Sovereignty

Question 9

Confidentiality is often protected through?

Answer 9

Encryption (at rest and in transport)

Question 10

What is it called where meaningful data is replaced with a token that is generated randomly, and the original data is held in a vault? Stateless, stronger than encryption, keys not local.

Answer 10

Tokenization

Question 11

What do you call the de-identification procedure in which PII fields within a data record are replaced by one or more artificial identifiers, or pseudonyms? Reversal requires access to another data source

Answer 11

Pseudo-Anonymization

Question 12

What is it called when only partial data is left in a data field? Commonly implemented within the database tier, but also possible in code of front-end applications.

Answer 12

Data Masking

Question 13

What is a way to protect sensitive information and prevent its inadvertent disclosure? Can identify, monitor, and automatically protect sensitive information in documents?

Answer 13

DLP

Question 14

CSP storage providers usually protect data at rest by?

Answer 14

automatically encrypting before persisting it

Question 15

What helps you encrypt Windows and Linux IaaS VM’s disks using BitLocker (Windows) and dm-crypt feature of Linux to encrypt OS and data disks?

Answer 15

Full Disk Encryption

Question 16

What helps protect SQL Database and data warehouses against threat of malicious activity with real-time encryption and decryption of database, backups, and transaction log files at rest without requiring app changes?

Answer 16

Transparent Data Encryption (TDE)

Question 17

What is on the motherboard and is used to store the encryption keys so when the system boots, it can compare keys and ensure that the system has not been tampered with?

Answer 17

TPM

Question 18

When using certificates for Full Disk Encryption, the use _____________ that verifies that the keys match before the secure boot process takes place?

Answer 18

Hardware root of trust

Question 19

What is the industry standard for self-encrypting drives? This is a hardware solution and typically outperforms software based alternatives.

Answer 19

OPAL Storage specification

Question 20

What are purchased already set to encrypt data at rest and keeps the encryption keys stored on the hard drive controller? They are immune to a cold boot attack and are compatible with all OS’s.

Answer 20

Solid State Drives (SSD)

Question 21

Data in motion is most often encrypted using?

Answer 21

TLS or HTTPS

Question 22

What allows content owners to enforce restrictions on the use of their content by others? Commonly protect entertainment and media content, such as music, movies, and e-books.

Answer 22

DRM

Question 23

What kind of programs enforce data rights, provisioning access, and implementing access control models? Can be used to block specific actions, like print, copy/paste, download and sharing.

Answer 23

Information Rights Management (IRM)

Question 24

What type of incident response plan has you distribute copies of the plans to the members of the incident response team for review? Team members then provide feedback about any updates needed to keep the plan current.

Answer 24

Read-through test

Question 25

What type of incident response plan has members of the disaster recovery team gather in a large conference room and role-play a disaster scenario? The team members refer to the document and discuss the appropriate responses to that particular type of disaster.

Answer 25

Structured Walkthrough/Tabletop Exercise

Question 26

What type of incident response plan is similar to structured walkthroughs, except some of the response measures are then tested (on non-critical functions)?

Answer 26

Simulation Test

Question 27

How do you secure email traffic?

Answer 27

Standards for encrypted messages include S/MIME protocol and Pretty Good Privacy (PGP)

Question 28

How do you secure web traffic?

Answer 28

The de facto standard for secure web traffic is the use of HTTP over TLS

Question 29

How do you secure network traffic?

Answer 29

IPsec protocol standard provides a common framework for encrypting network traffic and is built into many common OS’s.

Question 30

What is a set of exposed interfaces that allow programmatic interaction between services?

Answer 30

API’s

Question 31

What uses the HTTPS protocol for web communications to offer API end points?

Answer 31

REST

Question 32

What is it called when the security teams/tools send false information back to an attacker spotted using offensive security tools, like port scanners?

Answer 32

Fake Telemetry

Question 33

What protects users by intercepting DNS requests attempting to connect to known malicious domains and returning a false address?

Answer 33

DNS Sinkhole