Security +

Question 1

vulnerability

Answer 1

flaw that affects security

Question 2

flaw that affects security

Answer 2

vulnerability

Question 3

Threat vector

Answer 3

The path that the threat takes to the target

Question 4

The path that the threat takes to the target

Answer 4

Threat vector

Question 5

What are some common paths threat vectors can take?

Answer 5

• email:embedded links, attached files
• web browser: Fake site, session hijack
• wireless hot spot: Rogue access point
• telephone: Social engineering
• USB Flash drive: Auto - executing malware
• physical access: Stolen data and equiptment

Question 6

Nmap is a utility used for ________ discovery, administration and security auditing.

Answer 6

network

Question 7

What is the name of a utility used for network discovery, administration and security auditing?

Answer 7

Nmap

Question 8

In our Nmap lab we will learn and understand how to:

Answer 8

• scan a whole Subnet
• trace all the sent and received packets
• perform a slow comprensive scan
• create a new profile to perform a nul scan
• scan TCP and UDP ports
• Analyze host details and their topology

Question 9

TCP Connect Scan

Answer 9

Uses a normal TCP connection to determine if a port is available

Question 10

Xmas Scan

Answer 10

Involves sending TCP segments with the all flags sent in the packet header, generating packets taht are illegal according to RFC 793.

Question 11

ACK Flag Scan

Answer 11

Involves sending spoofed packets to a target.

Question 12

Information Security Triad

Answer 12

More secure means harder to use; less functionality

Question 13

confidentiality

Answer 13

The data is only readable by those authorized

Question 14

Integrety

Answer 14

The data has not changed

Question 15

Availability

Answer 15

The data is accessable

Question 16

Authenticity

Answer 16

The data source is valid

Question 17

Non repudiation

Answer 17

The data source can not deny it’s creation

Question 18

What are the five pillars of Information Security?

Answer 18

Confidentiality
Integrity
Availability
Authenticity
Non - Repudiation

Question 19

• email:embedded links, attached files
• web browser: Fake site, session hijack
• wireless hot spot: Rogue access point
• telephone: Social engineering
• USB Flash drive: Auto - executing malware
• physical access: Stolen data and equipment

Answer 19

Common paths threat vectors can take

Question 20

Nmap can be used for:

• scan a whole _________
• ______ all the sent and received packets
• perform a slow comprehensive scan
• create a new profile to perform a nul scan
• scan TCP and UDP ports
• Analyze host details and their topology

Answer 20

Subnet

trace

Question 21

Nmap can be used for:

• scan a whole Subnet
• trace all the sent and received ______
• perform a slow comprehensive _______
• create a ____ ______ to perform a nul scan
• scan __________________ ports
• Analyze host details and their ___________

Answer 21

packets
scan
new profile
TCP and UDP
topology

Question 22

“A” record (AAAA) A stands for address and this is how we ultimately define a name with an IP address. A IPV4 AAAA IPV6

Answer 22

One of the most common records on the DNS server