Short Answer: 1-10

Question 1

What are the causes for widesperad vulnerabilites?

Answer 1

+ large number of vulnerabilities

+ end of life systems

+ lack of vendor support

Question 2

Name 3 configuration issues.

Answer 2

+ default configuration

+ week configuration

+ misconfigurations

Question 3

Name 3 reasons why it is difficult to defend against today’s attacks.

Answer 3

+ delay in security updates

+ increased speed of attacks

+ simplicity of attack tools

Question 4

Name 3 ideas about the nature of security.

Answer 4

+ security is a goal

+ security includes the necessary steps to protect from harm

+ security is a process

Question 5

Name the successive layers that information secutiy is achieved.

Answer 5

+ products

+ people

+ procedures

Question 6

Name 3 types of risk response techniques.

Answer 6

+ transfer risk

+ mitigate risk

+ avoid risk

Question 7

Name 4 security principles

Answer 7

+ obscurity

+ diversity

+ limiting

+ layering

Question 8

Name 3 traits that can be applied to malware.

Answer 8

+ circulation

+ infection

+ concealment

Question 9

Name the types of malware.

Answer 9

+ worms

+ rootkits

+ adware

+ viruses

+ ransomware

Question 10

Name the types of mutations that viruses can undergo

Answer 10

+ betamorphic

+ oligimorphic

+ polymorphic

+ metamorphic

Question 11

Define logic bomb.

Answer 11

+ used to delete data

+ computer code that is added to legitimate applications but lies dormant until a specific logical event triggers it

Question 12

Name characteristics of a rootkit.

Answer 12

+ rootkit is able to hide its prescence and the prescence of other malware

+ rootkit accesses “lower layers” of the operating system

+ the risk of a rootkit is less today than previously

Question 13

Name 3 facts about keylogger.

Answer 13

+ keylogger can be used to capture passwords, credit card number, or personal information

+ hardware keylogger are installed between the keylogger connector and computer keyboard USB port

+ software keylogger can be desigend to send captured information back to the attacker through the internet

Question 14

Name the psychological approaches used by attackers in social engineering.

Answer 14

+ familiarity + urgency

+ scarcity + familiarity

+ intimidation + trust

+ consensus

+ impersonation

Question 15

Name items that would be helpful to find when dumpster diving.

Answer 15

+ calendars

+ organizational charts

+ memos

Question 16

Why is adware hated by people?

Answer 16

+ it displays objectionable content

+ it can intefer with a user’s productivity

+ it can cause a computer to crash or slow down

Question 17

Explain how a hash algorithm works and how it is primarily used.

Answer 17

A hash alogrithm creates a unique “digital fingerprint” of a set of data. This process is called hasing. It produces a resulting fingerprint called a digest that represents the contents. It is primarily used for comparision purposes.

Question 18

Name the basic security protections for information using cryptography

Answer 18

+ authenticity

+ integrity

+ ciphertext

Question 19

Which areas of a file can be used by stenography to hide date?

Answer 19

+ areas that contain content data itself

+ in teh file header fields that describe a file

+ in data that is used to describe the content or structure of the actual data

Question 20

Which characteristics are applicable to secure hash algorithm?

Answer 20

+ collisions happen often

+ a message cannot be produced from a predfined hash

+ the results of a hash function should not be reversed

+ hash should always be the same fixed size

Question 21

Name 4 protections that can be used in protecting data.

Answer 21

+ diffusion

+ confusion

+integrity

+ chaos

Question 22

Name the benefits htat a digital signature provides.

Answer 22

+ verify the sender

+ prove the integrity of the message

+ enforce non-repudiation

Question 23

Name 6 key exchanges/systems.

Answer 23

+ Diffe-Hellman-RSA (DHRSA)

+ Diffe-Hellman Ephemeral (DHE)

+ Diffe-Hellman (DH)

+ Elliptic-Curve Diffe-Helman (ECDH)

+ Public Key Exchange (PKE)

+ Perfect Forward Secrecy

Question 24

Name 4 symmetric crypotographic algorithms.

Answer 24

+ data encryption standard

+ triple data encryption standard

+ advanced encryption standard

+ RCI

Question 25

Name 4 asymmetric cryptographic algorithms.

Answer 25

+ SHA-2 + ME-312 + BTC-2 + RSA

Question 26

List the four stages of a certificate life cycle.

Answer 26

1) creation 2) suspension 3) revocation 4) expiration

Question 27

Name the methods used to strengthen a key.

Answer 27

+ randomness + cryptoperiod + length

Question 28

Name 4 clock ciphers.

Answer 28

+ Electronic Code Block (ECB) + Galois/Counter (GCM) + Counter (CTR) + Cipher Block Chaining (CBC)

Question 29

Digital certificates can be used in which situations.

Answer 29

+ to encrypt channels to provide secure communication betweeen clients and servers + to verfiy the idtenty of clients and servers on the web + to encrypt messages for secure email communication

Question 30

Name 4 trust models.

Answer 30

+ bridge + hierarchical + distributed + third-party trust

Question 31

Name 4 facts about hierachical trust models.

Answer 31

+ designed for use on a small scale + root signals all digital certificate authorities with a signal key + it assigns a single hierarchy with one master CA + the master CA is called the root

Question 32

Name 4 common attacks used by hackers.

Answer 32

+ Man-In-Middel (MITM) + Man-In-The-Browswer (MITB) + Replay + ARP poisoning

Question 33

Name 3 actions that can be done in a SQL injection attack

Answer 33

+ erase a database table + display a list of customer telelphones numbers + discover the names of different fields in a table

Question 34

Name 3 types of DoS attacks.

Answer 34

+ SYN flood + DOVS amplication + smurf attack

Question 35

Name 3 characteristics that describe Replay attack

Answer 35

+ cannot be prevented by patching the web browser + is not considered to be a type of DoS attack + makes a copy of transmission for use at later time + does not replay attack over and over to food server

Question 36

Describe DNS poisoning.

Answer 36

+ doesnt flood a DNS server with requests until it can no longer respond + host tables do not slow it down + substitues DNS addres so that the computer is automatically redirected to another device + is not the same as ARP poisoning.

Question 37

Which standard network device is good for adding new technology for security purposes?

Answer 37

+ router

Question 38

Name 4 standard networking devices.

Answer 38

+ router + hub + virtual private network + SIEM device

Question 39

What is found in a firewall ACL rule?

Answer 39

+ source address + direction + protocol

Question 40

Which functions does Internet content filter perform?

Answer 40

+ URL filtering + Malware inspection + content inspection

Question 41

What does NAT stand for?

Answer 41

+ network address translation

Question 42

What security action can a flood guard do when a MAC flooding attack occurs?

Answer 42

+ ignore the new MAC addresses while allowing normal traffic from the single preaproved MAC address + record new MAC addresses up to a specific limit + block the port entirely

Question 43

What are 3 facts about demilitarized zone (DMZ) ?

Answer 43

+ it can be configured to have one or two firewalls + it typically includes an email or web server + provides an extra degree of security

Question 44

What is used in scheduling a load balancer?

Answer 44

+ data within the application message itself + affinity +round robin

Question 45

Which configurations are all load balances inactive at some point?

Answer 45

+ active-passive + passive-active-passive + active-load-passive-load

Question 46

What can be used to hide information about the internal network?

Answer 46

+ NAT + subnetter + proxy server

Question 47

What is the basis for domain name resolution of names-to-IP addresses?

Answer 47

In order for domain name resolution of names-to-IP addresses to happen, a DNS server must be present to translate a domain name into an IP address.

Question 48

Explain how attacker can use priviliges escalation to gain access to a resources that are restricted?

Answer 48

Vertical privilege escalation requries the attacker to grant himself higher priviliges. This is typically achieved by performing kernel-level operations that allow the attacker to run unauthorized code. Horizontal privilege escalation requires the attacker to use the same level of priviliges he already has been granted, but assume the identity of another user with similar priviliges. For example, someone gaining access to another person's online banking account would constitute horizontal privilige escalation.

Question 49

Discuss at least two security advantages of a host running visualization?

Answer 49

One advantage of a host running virtualization is that security updates can be downloaded and run in a virtual machine to determine compatibility or the impact on other software or even hardware. This prevents administrators from having to roll back updatess, on a production machine, when issues arise from the updates. A second advantage of a host running virtualization is that a snapshot of a state of a virtual machine can be saved for later use. If something happens that adversely affects a user's physical computer, a backup can be used to restore a user's virtual environment on another machine. This drastically decreases the down time a user may face when confronted with a technical issue.

Question 50

What TCP/IP protocols relate to security?

Answer 50

+ SNMP + HTTPS + FTP

Question 51

Name 3 facts about Domain Name Systems Extensions (DNSSEC).

Answer 51

+ it is fully supported in BIND9 + it adds additional resource records + ti adds message header information

Question 52

Name 3 facts about SSL accelarator.

Answer 52

+ it can be separate hardward card that inserts into a web server + it can be a separate hardware module + it should reside between the user's device and the web servers

Question 53

Name 3 source models for cloud computing.

Answer 53

+ Software as a Service (SaaS) + Platform as a Service (PaaS) + Infrastructure as a Service (IaaS)

Question 54

Which entries in a log file for firewall must be looked at?

Answer 54

+ suspicious outbound connections IP address that are being rejected and dropped

Question 55

Which type of hypervision runs on underlying operating system?

Answer 55

+ Type II + Type III + Type IV

Question 56

Name 4 models for computing in enterprises environment.

Answer 56

+ virtual service + off-premises + on-premises + hosted services

Question 57

Name 3 concerns of virtualized environments.

Answer 57

+ virtual machines must be protected from teh outside world and from other virtual machines on the same physical computer + physical security appliances are not always designed to protect virtual systems + live migration can immediately move from one virtualized server to another hypervisor

Question 58

Which email protocols are secure?

Answer 58

+ S/MIME + TLS

Question 59

Name 4 bluetooth attacks.

Answer 59

+ bluesnarfing + bluecreeping + bluejacking + bluestealing

Question 60

Which tech is found in wireless router?

Answer 60

+ router + Dynamic host configuration protocol (DHCP) + firewall

Question 61

What are 3 risks associated with a wireless router that is not secured?

Answer 61

+ data can be stolen from one filder that is being the shared + financial info can be stolen if its sent over WLAN + malware can be injected into computer connected to WLAN

Question 62

What does WPS mean?

Answer 62

+ WiFi protected setup

Question 63

Name 4 types of access points.

Answer 63

+ captive portal + web based portal + rouge portal + authenicated portal

Question 64

Name 3 options to protect wireless peripherals.

Answer 64

+ update/replace vulernable device + switch to move fu lly tested bluetooth model + substitute a wired device

Question 65

Name 3 limitations of turning off SSID broadcast from an AP?

Answer 65

+ frequency band + channel selection + channel width

Question 66

Name 3 types of AP probes.

Answer 66

+ wireless device probe + AP probe + dedicated probe

Question 67

Name 3 reasons why supply chain infections are considedred especially dangerous.

Answer 67

+ malware planted in the ROM firmware of device makes it hard to clean device + users gets infected devices at the point of purchase with no knowledge + impossible to watch every step in the supply chain

Question 68

Name 3 motion detection methods.

Answer 68

+ magnetism + moisture + infrared

Question 69

Name 4 types of residential locks.

Answer 69

+ encrypted key lock + keyed entry lock + privacy lock + passage lock

Question 70

Name 3 typical OS security configurations.

Answer 70

+ employing least functionality + disability default accounts/password + disabling unnecessary ports and services

Question 71

Name 3 characteristics of alarmed carrier PDS.

Answer 71

+ uses continuous monitoring + eliminate need to seal connetions

Question 72

Name 3 memory vulnerabilities.

Answer 72

+ DLL injection + pointer deference + buffer overthrow

Question 73

Name stages of code development.

Answer 73

1) development 2) testing 3) staging 4) production

Question 74

Name 4 models of design.

Answer 74

+ waterfall + rigid + agile + secure

Question 75

Name 4 types of testing.

Answer 75

+ stress testing + static analysis + dynamic analyzer + runtime testing

Question 76

Describe how content management is used.

Answer 76

Content management is used to support the creation and subsequent edting and modifciation of digital content by multiple employees. It can included tracking ediiting history, version control, indexing, and searching. It can also provide app security support. This includeds application whitelisting and geofencing.

Question 77

Name the type of USB connections you will find on a laptop.

Answer 77

+ mini + micro + standard

Question 78

Name types of enterprise development deployjment models.

Answer 78

+ BYOD (Bring Your Own Device) + CYOD (Chose Your Own Device) + COPE (Corporate Owned Personally Enabled) + corporate owned

Question 79

Name 3 reasons why Android doesn't push alot of updates for its its operating system.

Answer 79

+ prevent OEM to differentiate between differnt models of phones with Android + Android has lots of modified versions and updates may cause them to fail + prevent users from keeping one phone forever

Question 80

Name 3 reasons why mobile phones are at risk on public networks.

Answer 80

+ public networks are beyond control of employee's organization control + replay attacks occur on public networks + MITM attacks are possible on public networks

Question 81

Name 3 security features for lost/stolen mobile devices.

Answer 81

+ remote lockout + alarm + thief picture

Question 82

Name 4 types of paswords for mobile devices

Answer 82

+ password + pin + fingerprint + connecting dots

Question 83

Name 3 benefits of CYOD.

Answer 83

+ less oversight + increased employee performance + management flexibilty