Security Controls

Question 1

Auditing (security controls)

Answer 1

One time evaluation
vs monitoring which is on going

Question 2

Bollards

Answer 2

Vehicle barricades usually outside of government buildings

Question 3

Duress based alarm

Answer 3

Alarm that’s set off by a person when there is some kind of emergency

Question 4

Proximity alarms

Answer 4

RFID to tell when something moves

Like tagged clothing at a retail store

Question 5

Magnetometer

Answer 5

Metal detectors

Question 6

5 types of door locks

Answer 6

Key
Mechanical (cipher lock) like at fast food
Electronic
Badge reader
Biometric

Question 7

Biometric scanner intrusiveness order
Least to most

Answer 7

Facial id
Fingerprint
Palm reader
Retina scan

Question 8

Access control vestibule

Answer 8

Metro turnstile access type thing

Can be a full cage also
(Prevent tailgating and piggybacking)

Question 9

3 types of badge readers

Answer 9

Magnet strip (old)
Smart card (new) like a credit card
RFID (new)

Question 10

3 types of equipment locks
(Not including Kensington locks)

Answer 10

Lockable rack cabinet
Chassis locks
Faceplate

Question 11

Least privilege principle

Answer 11

Things and people should always use as little permission possible

Question 12

Three role based access types

Answer 12

DAC (discretionary access control)
MAC (mandatory access control)
RBAC (role based access control)

Question 13

Discretionary access control
(DAC)

Answer 13

Each owner decides rights and permissions

Question 14

Mandatory access control
(MAC)

Answer 14

The computer system decides who gets access (military style)
-Unclassified
-Confidential
-Secret
-Top secret
Also uses “need to know”

Question 15

Role-Based Access Control
(RBAC)

Answer 15

Group based permissions like in a domain
(Considered best practice)

Question 16

Power users

Answer 16

Between a normal user and a admin

Question 17

Zero-trust framework
(4 parts)

Answer 17

reexamine default access controls

employ a variety of prevention techniques

Enable real time monitoring

Ensure zero trust aligns with security strategy

Question 18

Identification

Answer 18

Is provided by the user
Examples:
Usernames
Account number
Social security number

Question 19

Authentication

Answer 19

Validates identity

Question 20

Multi factor authentication 5 types
MFA

Answer 20

Knowledge - something you know
Ownership - something you have
Characteristic - something you are
Location - somewhere you are
Action - something you do

Question 21

TOTP

Answer 21

Time-based One Time Password

Question 22

HOTP
HMAC-based one time password

Answer 22

Hash based one time password

Question 23

In-band authentication

Answer 23

Uses the same device to do both authentications

Password on your phone and email on your phone

Question 24

Out of band authentication
OOB

Answer 24

Uses separate communication to send the OTP or PIN

Question 25

EMM

Answer 25

Enterprise mobility management

Management of corporate mobile devices
the policy’s and the tools

Question 26

MDM

Answer 26

mobile device management
The tools that control the devices

Question 27

6 MDM features

Answer 27

Application control
Passwords
MFA requirements
Token based access
Patch management
Remote wipe

Question 28

OU (Active Directory)

Answer 28

Oganizational unit

Question 29

Login scripts

Answer 29

On login:
Use to map network drives, permissions, open programs, and folder redirection