Security+ section 1

Question 1

W.I a preventative control give examples

Answer 1

it physically blocks a person firewall (technical), on-boarding policy (managerial), guard shake (operational), doorlock (physical)

Question 2

W.I a deterrent control give examples

Answer 2

discourages an intrusion attempt splash screen, demotion, reception desk, warning signs

Question 3

W.I a detective control

Answer 3

identifies and logs intrusion attempts. System logs

Question 4

W.I a corrective control

Answer 4

performs an action after detection of an intrusion. eg restore backups

Question 5

W.I a compensating control

Answer 5

temporary non-comprehensive correction to an intrusion eg block instead of patrch

Question 6

W.I directive control type

Answer 6

direct a subject to more secure procedure file storage policy

Question 7

W.I non-repudiation

Answer 7

proof of integrity and proof of origin

Question 8

W.I the CIA (AIC) triad

Answer 8

Availability, integrity (messages cannot be modified without detection), confidentiality (only authorized users see this data)

Question 9

how do you get proof of integrity

Answer 9

use a hash

Question 10

how do you get proof of origin

Answer 10

use a digital signature with a private key which is decrypted using a public key

Question 11

W.I authentication

Answer 11

prove who you are

Question 11

W.I authorization

Answer 11

what do you have access to

Question 11

W.I accounting

Answer 11

resources used

Question 12

how do you authenticate a system?

Answer 12

with a certificate

Question 13

what is the data plane?

Answer 13

process the frames packets and network data.

Question 14

what is the control plane?

Answer 14

manages the actions of the data plane, define policies and rules, determines how packets should be forwarded.

Question 14

W.I adaptive identity

Answer 14

consider information other than Authentication information. eg location relationship to organization. Then if needed create stronger authentication

Question 14

W.I threat scope reduction

Answer 14

decrease possible entry points

Question 15

W.I security zone

Answer 15

the path of connection

Question 16

W.I policy enforcement point

Answer 16

gatekeeper of resources

Question 17

policy decision point

Answer 17

decider in policy enforcement point

Question 18

W.I. change management

Answer 18

policies for making changes to a system

Question 19

W.I. Public key infrastructure(PKI)

Answer 19

policies procedures, hardwar, software, people associated with certificates

Question 20

W.I. out of band key exchange

Answer 20

exchange not over internet

Question 21

W.I. secure enclave

Answer 21

a protected area for secrets. can be a separate CPU

Question 22

What features does a secure enclave have?

Answer 22

own boot ROM, monitors system boot, true RNG, real-time memory encryption, root cryptographic keys, AES encryption in hardware

Question 23

W.I. steganography

Answer 23

information is hidden inside of other data

Question 24

W.I. data masking

Answer 24

hiding part of the information

Question 25

W.I. a wildcard certificate

Answer 25

1 certificate for man devices using the same domain name

Question 26

W.I. certificate revocation list

Answer 26

a list of certificates you no longer wish to use maintained by certificate authority

Question 27

W.I. online certificate status protocol (OCSP)

Answer 27

scalable OSCP checks

Question 28

name types of threat actors

Answer 28

Nation state, unskilled, hacktivist, insider threat, organized crime, Shadow IT

Question 29

W.I. a watering hole attack

Answer 29

attacker corrupts a 3rd party resource you intend to use

Question 30

W.I. a memory injection attack

Answer 30

injecting malicious code into an other process so that it executes from a legitimate process.

Question 31

W.I. a buffer overflow attack

Answer 31

modifying a variable to use more memory than expect to modify an other variable

Question 32

W.I. a race condition

Answer 32

a variable is used for a process but while its being used it is modified by an other process

Question 33

W.I. a malicious update attack?

Answer 33

malware embedded in an update or when you install a fake update

Question 34

W.I. a cross site scripting attack?

Answer 34

executing code inside a legitimate site

Question 35

W.I. dns poisoning/ spoofing

Answer 35

modification of the host files on a dns server which allows the modification of the response that is sent to requests

Question 36

W.I. domain hijacking

Answer 36

gain access to the full qualified domain name

Question 37

URL hijacking

Answer 37

using URL that is very close to the legitimate site