Student Text Flashcards
1
Q
What are the standard computer capabilities and characteristics?
A
- Speed
- Accuracy
- Diligence
- Versatility
2
Q
What is the fastest possible speed for information transmission?
A
Speed of light
3
Q
What is limited by the efficiency of the programmed algorithms being computer and system components?
A
Computer speed
4
Q
What is a personal computer that may of may not be connected to a network?
A
Workstation
5
Q
What are the different types of client workstations?
A
- Thin client
- Thick client
6
Q
What is a software program or actual computer relying heavily on another computer to do most of its work?
A
Thin client
7
Q
What operates on a network with client software or computer acting as an interface & the network doing all the processing work?
A
Thin client
8
Q
What is a workstation computer in a client server configuration functioning independent of the server?
A
Thick client
9
Q
What pulls some data from a central server and may run on its own without being connected to the server?
A
Thick client
10
Q
What is a computer on a network managing shared resources for other systems on the network?
A
A server
11
Q
What are some common types of servers?
A
- Application
- Catalog
- Database
- DHCP
- File
- Proxy
- Web
12
Q
What is a computer system weakness that is open to exploitation?
A
Vulnerability
13
Q
What is a possible danger that may take advantage of a vulnerability?
A
Threat
14
Q
What is the likelihood that a threat will take advantage of a vulnerability?
A
Risk
15
Q
What are some types of malicious code?
A
- Viruses
- Worms
- Logic bombs
- Spyware
- Adware
- Rootkits
- Botnets
16
Q
What is code that spreads from one computer to another by attaching itself to other files?
A
A virus
17
Q
What is code that spreads from one computer to another on its own but not by attaching itself to another file?
A
A worm
18
Q
What is code that sits dormant on a target computer until it’s triggered by a specific event?
A
A logic bomb
19
Q
What stealthily installs malicious software intended to track and report data from a target system?
A
Spyware
20
Q
What is software that automatically displays or downloads advertisements?
A
Adware
21
Q
What is code intended to take full of partial control of a system at low levels?
A
A rootkit
22
Q
What is a collection of software robots run by a command & control (C2) program which in turn is controlled by a person?
A
A botnet
23
Q
What are some common causes of vulnerabilities?
A
- Configuration/familiarity
- Implementation
- Design
24
Q
What can a system or application misconfiguration cause?
A
A vulnerability
25
What can using well known software increase?
The probability of an attacker finding a vulnerability to exploit
26
What can lack of input validation cause?
A vulnerability
27
Is there a possibility that there are vulnerabilities that are inherent in protocols, applications, or architecture used in the design?
Yes
28
What are the primary threat categories?
- Unstructured threats
- Structured threats
- Internal threats
- External threats
29
What are unfocused attacks on one or more network systems often by individuals with limited skill?
An unstructured threat
30
What types of threats are focused by one or more individuals with high skills actively working to compromise a specific system?
A structured threat
31
What threats originate from individuals who have (or had) authorized access to the network?
Internal threats
32
What threats originate from individuals outside the organization?
External threats
33
What are common vulnerability sources?
- Common Vulnerability and Exposure (CVE)
- US National Vulnerability Database (NVD)
- Exploit Database (DB)
34
What was developed by MITRE in 1999 and has a list of vulnerability entries?
Common Vulnerability Sources (CVE)
35
What contains an ID number, description, and at least one public reference?
A Common Vulnerability Source (CVE) entry
36
What was launched by the US National Vulnerability Database (NVD) in 2005?
The US National Vulnerability Database (NVD)
37
What is a vulnerability database built upon & fully synchronized with the CVE list?
The US National Vulnerability Database (NVD)
38
What provides a Common Vulnerability Scoring System (CVSS)?
The US National Vulnerability Database (NVD)
39
What is maintained by Offensive Security and is an archive of exploits, shell code, & security papers?
Exploit Database (DB)
40
What is on the motherboard and controls the number of tasks the computer may accomplish at once and how quickly it can complete those tasks?
The Central Processing Unit (CPU)
41
What is on the motherboard and is the circuitry responsible for managing specific hardware components?
Chipsets
42
What is on the motherboard and is a small chip the CPU relies on to synchronize & control timing on all computer operations?
The system clock
43
What is on the motherboard and is a small plastic slot used to install various devices?
Expansion slots
44
What is on the motherboard, translates processor requests into instructions the component can understand and executes Power-On-Self-Test (POST)?
The BIOS
45
What is on the motherboard, contains the computer's inventory list & advanced setup options, and stores data read by the BIOS?
The CMOS
46
What are the two types of memory?
RAM (Random Access Memory) and ROM (Read Only Memory)
47
What is a memory chip on a computer responsible for storing temporary data and is volatile in nature?
RAM
48
What is a chip with read-only data that are essential instructions when the system is turned on and is non-volatile in nature?
ROM
49
What stores changing digital data in a relatively permanent form with the most popular being SCSI, SAS, and SATA?
Hard drives
50
What are the two basic distributed system architectures?
- Client-server model (centralized environment)
- Peer-to-peer model (decentralized environment)
51
What is an architecture where smart clients contact the server for data then format and displays it to the user?
The client-server model
52
What is an architecture where there are no special machines that provide a server or manage the network resources and every node can serve as both client and server?
The peer-to-peer model
53
What are the security basics?
- The CIA triad
- Enforce system policies & procedures
- The four A's
- System hardening
- Vulnerability management
- Due care, due diligence, & due process
- Operations continuity & disaster recovery plans
54
What is the CIA Triad?
Confidentiality, Integrity, and Availability
55
What does a policy statement do?
Outlines a plan for the user security component
56
What measures the level of adherence to the security policy?
Standards
57
What are recommendations or best practices for how to meet the policy standard?
Guidelines
58
What are step-by-step instructions that detail how to implement components of the policy?
Procedures
59
What are the four A's?
Authentication, authorization, access control, auditing/accounting
60
What is the process of uniquely ID'ing a particular individual or entity?
Authentication
61
What is the process of determining what rights & privileges a particular entity has?
Authorization
62
What is the process of determining & assigning privileges to resources, objects, or data?
Access Control
63
What is the process of tracking & recording system activities & resource access?
Auditing/accounting
64
What is system hardening?
Eliminate as many security risks as possible
65
What are some examples of system hardening?
- Disabling unnecessary services
- Protecting management interfaces & applications
- Disabling unnecessary accounts
- Password protection
66
What is an ongoing comprehensive process or program that aims at managing an organization's vulnerabilities in a holistic & continuous manner?
Vulnerability management
67
What are some types of vulnerability management?
- Asset management
- Software management
- Vulnerability assessment
- Patch management
- Change management
68
What is a policy describing how individuals should use & maintain organization issued hardware & software and includes both using the equipment safely & using it in an approved manner?
Due Care
69
What is investing & researching all issues & options relating to a particular subject, ensuring security policies & practices are effective, and ensuring no violations in laws, statutes, or individual human rights?
Due diligence
70
The organization does not assume an individual is guilty?
Due process
71
What defines how an organization will maintain normal day-to-day Ops during a disruption or crisis?
Operations continuity plan
72
What defines how people & resources will be protected in case of a natural or man-made disaster?
Disaster recovery plan
73
What are the capabilities & benefits of websites?
- Reduces communication costs
- Enhances communication & coordination
- Accelerates the distribution of knowledge
- Improves the customer service & customer satisfaction
74
What are some capabilities & benefits of databases?
- Data sharing is improved in the organization
- Improvement in data security
- Effective data integration
- DBMS minimizes data inconsistency
- Better access to data
- Increase in productivity of the end user
- Quick decision making
75
What are the 10 most critical security risks?
- Injection
- Broken authentication
- Sensitive data exposure
- XML External Entities (XXE)
- Broken access control
- Security misconfiguration
- Cross-site scripting (XSS)
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient logging & monitoring
76
What is it called when untrusted data is sent to an interpreter as part of a command or query and tricks it into accessing data without proper authorization?
Injection
77
What is it called when issues with application functions related to authentication & session management allow someone to assume another users' identity temporarily or permanently?
Broken authentication
78
What is it called when lack of encryption for data at rest or in transit leads to the release of PII, healthcare, etc?
Sensitive data exposure
79
What is it called when someone fails to enforce authenticated user restrictions?
Broken access control
80
What allows someone to exploit unpatched flaws or default configurations?
Security misconfigurations
81
What is it called when theirs insufficient input validation and attackers are able to add malicious content to a website & content executed on other victim's browser?
Cross-Site Scripting (XSS)
82
What is it called when existing data structures are used but content is changed?
Insecure deserialization
83
When you use preconfigured client/server-side components but you don't understand the component patch state what are you possibly doing?
Using components with known vulnerabilities
84
When you are not validating logging & monitoring capabilities what are you setting yourself up for?
Insufficient logging and monitoring
85
What are the various website components?
- Web page
- Web content
- Websites
- Web browser
- Web applications
- Browser engine
86
What is a computer file that is suitable for the World Wide Web & a web browser?
Web page
87
What are the two types of web pages?
Static and dynamic
88
What is a flat/stationary web page called?
Static web pages
89
What web page is controlled by application server processing server-side scripts and client web browser processing client-side scripts?
Dynamic web pages
90
What is the textual, visual or aural content that is encountered as part of the user experience on a website?
Web content
91
What is a collection of related web pages ID'd by a common domain name, published on at least one web server and accessible by IP networks or private LAN by URL?
Websites
92
What is an application for accessing information on WWW by retrieving web page & content by distinct URLs onto the user's device?
Web browser
93
What is a client-server program which the client runs in a web browser?
Web application
94
What is the core software component of every major web browser?
Browser engine
95
What are some common database terms?
- Data
- Database
- Database system (Schema)
- Database Management System (DBMS)
96
What are recorded facts & figures called?
Data
97
What is a collection of meaningful information organized for searching & retrieving that information?
Database
98
What is the logical layout for the database?
Database system (Schema)
99
What is a set of programs & utilities executed on a computer to create, process, & administer a database?
Database management system (DBMS)
100
What are the four major components?
Data, hardware, users, software
101
What is known facts recorded & implicit meaning?
Data
102
What are data characteristics?
Persistent, integrated, shared
103
What is computing equipment needed to use & maintain the database?
Hardware
104
What are individuals manipulating or maintaining aspects of the database?
Users
105
What are the four broad classes of users?
- End-user
- Database designers
- Database administrators (DBA)
- Applications programmers
106
What are the DBMS key components?
- Data dictionary
- Data security
- Performance management
- Data recovery
- Data integrity
- Data interface
107
What are the four web language types?
- Markup languages
- Style sheets
- Client-side scripting languages
- Server-side scripting languages
108
What is a modern system for annotating a document in a way syntactically distinguishable from text?
Markup languages
109
What are the general categories of markup languages?
- Presentational
- Procedural
- Descriptive
110
What are the most common markup languages?
- HyperText Markup Language (HTML)
- Extensible HyperText Markup Language (XHTML)
- Extensible Markup Language (XML)
111
What is a form of separation of presentation & content for web design?
Style sheets
112
What are some examples of style sheets?
- Cascading Style Sheets (CSS)
- Extensible Stylesheet Language (XSLT)
113
What is a class of computer programs on the web executed client-side instead of server-side (on the Web Server)?
Client-side scripting languages
114
What is executed by the web server when the user requests a document?
Server-side scripting languages
115
What are embedded in server-side scripts to retrieve data from databases?
Database Management System Languages
116
What are the two major categories of database design?
Flat file databases and relational databases
117
What consists of only one large table, records no structured relationships, and has tables found in Microsoft Excel & Apple Numbers?
Flat file databases
118
What consists of numerous tables containing rows & columns of data where tables are associated with each other through shared data values?
Relational databases
119
What is a characteristic or property of the entity that will be stored?
Attribute (Column Name)
120
What refers to storing information about an object?
Entity (Table Name)
121
What are the top ten proactive controls?
- Define security requirements
- Leverage security frameworks and libraries
- Secure database access
- Encode and escape data
- Validate all inputs
- Implement digital identity
- Enforce access controls
- Protect data everywhere
- Implement security logging and monitoring
- Handle all errors and exceptions
122
What is derived from industry standards, applicable laws, & vulnerability history?
Security requirements
123
What is guarding against security-related design & implementation flaws?
Leveraging security frameworks and libraries
124
What is securing data stores including queries, configuration, authentication, & communication?
Securing database access
125
What are defensive techniques meant to stop injection attacks?
Encode and escape data
126
What is a programming technique that ensures only properly formatted data may enter a software system component?
Input validation
127
What is a name for using authentication and session management?
Implementing digital identity
128
What is a name for granting or denying specific requests from a user, program or process?
Enforcing access controls
129
What is another name for protecting sensitive data?
Protect data everywhere
130
What are the two parts of security logging?
Log and monitor the logs
131
What is a name for allowing an application to respond to errors correctly?
Handle all errors and exception
132
What are the six AF cyber weapon systems?
- Cyber Command & Control Mission System (C3MS)
- AF Cyber Security and Control System (CSCS)
- AF Intranet Control (AFINC)
- AF Cyberspace Defense (ACD)
- Cyberspace Defense Analysis
- Cyberspace Vulnerability Assessment/Hunter (CVA/H)
133
What provides 24/7/365 awareness, management, & control of the AF domain?
Cyber Command & Control Mission System (C2MS)
134
What provides 24/7/365 NetOps & management functions enabling enterprise services within AF unclassified & classified networks?
AF Cyber Security and Control System (CSCS)
135
What manages top-level boundary & entry point into the AFIN and controls flow of all external & inter-base traffic through 16 gateways?
AF Intranet Control (AFINC)
136
What prevents, detects, responds to, & provides forensics of intrusions intro unclassified & classified AF networks?
Af Cyberspace Defense (ACD)
137
What executes vulnerability, compliance, pen-testing & Hunter missions on AF & DoD networks & systems and performs defensive sorties world-wide via remote or on-site access?
Cyberspace Vulnerability Assessment/Hunter (CVA/H)
138
What characterizes and then eliminates threats for the purpose of mission assurance?
Hunter ops
139
What are the delivery vector categories?
1. Reconnaissance
2. Authorized User
3. Social Engineering
4. Configuration Management
5. Software Flaw
6. Transitive Trust
7. Resource Exhaustion
8. Physical Access
9. Other
10. Unknown
140
What are the sub categories of delivery vector category 1?
A. Information gathering & data mining
B. Network scan
C. System scan
141
What are the sub categories of delivery vector category 2?
A. Purposeful
B. Accidental
142
What are the sub categories of delivery vector category 3?
A. E-mail
B. Website
C. Other
143
What are the sub categories of delivery vector category 4?
A. Network
B. OS
C. App
144
What are the sub categories of delivery vector category 5?
A. Exploited new vulnerability
B. Exploited known vulnerability
145
What are the sub categories of delivery vector category 6?
A. Other IS compromise
B. Masquerading
146
What are the sub categories of delivery vector category 7?
A. Non-distributed network activity
B. Distributed network activity
147
What are the sub categories of delivery vector category 8?
A. Mishandled or lost resource
B. Local access to system
C. Abuse of resources
148
What are the sub categories of delivery vector category 9?
A. New delivery vector
149
What are the sub categories of delivery vector category 10?
A. Unable to determine
150
What provides operational level C2 & situational awareness of AF cyberspace forces, networks & mission systems?
Cyber Command & Control Mission System (C3MS)
151
What are the major sub-components of C3MS?
1. Situational Awareness (SA)
2. Intelligence, Surveillance & Reconnaissance (ISR)
3. Planning
4. Execution
5. Integration
152
What provides 24/7/365 network ops & management functions by enabling key enterprise services within AF unclassified & classified networks and supports DCO within those networks?
Cyberspace Security and Control System (CSCS)
153
What are the major subcomponents of CSCS?
1. DoDIN Ops & Management
2. Enterprise Services
154
What consists of two Integrated Management Suites (IMS)?
AF Intranet Control
155
What are the sub discipline areas of AFINC?
1. Defense in depth
2. Situational awareness
3. Proactive defense
3. Network standardization
156
What are the sub-discipline areas of ACF?
1. Incident prevention
2. Incident detection
3. Incident response
4. Computer forensics
157
What are the sub-discipline areas of CDA?
1. Telephony
2. Radio frequency
3. Email
4. Internet based capabilities
5. Cyberspace op risk assessment
6. Web risk assessment
158
What are the sub components of CVA/H?
1. Mobile Interceptor Platform (MIP)
2. Deployable Interceptor Platform (DIP)
3. Garrison Interceptor Platform (GIP)
4. Information Ops Platform (IOP) Flyaway Kit
159
What is a collection of computing environments (includes personnel & physical security) connected by one or more internal networks under the control of a single authority?
Enclave
160
What is the name for the AF network used to change unclassified information and provides users access to the Internet, email, file storage, etc?
NIPRNet
161
What is the largest private network in the world, is comprised of routers and nodes owned by the US DoD, and is part of the Defense Information System Network (DISN)?
NIRPNet
162
What is the name of the private US IP network used to exchange secret information and provides access to the DoDs classified intranet services?
SIPRNet
163
What is comprised of routers and nodes owned by the US DoD but is also used by the US Department of State?
SIPRNet
164
What are the DCO Tactical Mission Types?
- Surveillance
- Reconnaissance
- Access
- Strike
- Escort
- Strike Coordination and Reconnaissance (SCAR)
-Secure
- Threat emulation
165
What mission type has the object of collecting relevant data & information in/on the AO?
Surveillance
166
What are some tasks that could be part of a surveillance mission?
- Collect/monitor network infrastructure status, changes, trends & events
- Collect/monitor network user characteristics & trends
- Collect/monitor data from individual system(s)
167
What mission type has the objective of collecting relevant data & information on threats within the AO?
Reconnaissance
168
What are some tasks that could be part of a reconnaissance mission?
- Find & track specified enemies, adversaries, & threats in the cyber
terrain
- Understand & characterize specified enemies, adversaries, & threats in the assigned AO
169
What mission type has the objective of providing sufficient access for support cyber forces?
Access
170
What are some tasks that could be part of an access mission?
- Configuring firewall rules and/or policies
- Routing configuration changes
- Provisioning/configuring accounts
- Configuring permission(s)
171
What mission type has the object of damaging or destroying an objective or a capability?
Strike
172
What are some tasks that could be part of a strike mission?
- Destroying resident adversary/malicious code or other artifacts in
assigned AO
- Quarantining malicious code and/or preventing code execution
- Manipulating, denying, degrading, or disrupting adversary network traffic
173
What mission type has an objective of providing defensive support to cyber weapon systems or mission partners conducting primary missions in the AO?
Escort
174
What are some tasks that could be part of an escort mission?
- Deploying countermeasures
- Ensuring all required forces have the necessary level of access to assigned AO during the mission vulnerability window
175
What mission type has an objective of conducting strike coordination and reconnaissance in response to adversary activity within the AO?
SCAR
176
What are some tasks that could be part of a SCAR mission?
- Patrolling the AO, or a portion of the AO
- Conduct or support strike and/or follow-on Intelligence Preparation of the Environment (IPOE) missions
177
What mission type has an objective of enhancing the defenses of the assigned AO in response to active threats?
Secure
178
What are some tasks that could be part of a secure mission?
- Enhancing the defenses of cyber key terrain
- Reconfiguring network appliances to a more secure configuration in response to active threats
179
What mission type has an objective of replicating realistic TTPs of specific cyber threats to evaluate cyber defenses?
Threat emulation
180
What are some tasks that could be part of a threat emulation mission?
- Emulate known adversary TTP
- Identify unmitigated vulnerabilities
- Assesses defensive posture and processes
181
What units operate the CDA?
- 68th Network Warfare Sq out of JBSA, TX
- 860th Network Warfare Flt out of Offutt AFB, NE
182
What units operate the ACD?
33rd Network Warfare Sq out of JBSA, TX
183
What units operate the AFINC?
26th Network Ops Sq out of Gunter Annex, AL
184
What units operate the CSCS?
- 83rd Network Ops Sq out of JBLE, VA
- 561st Network Ops Sq out of Peterson AFB, CO
- 690 Cyberspace Ops Sq out of JBPHH, HI
- 691st Cyberspace Ops Sq out of Ramstein Air Base, Germany
185
What units operate C3MS?
616th Ops Center out of JBSA, TX
186
What is a worldwide collection of interconnected public telephone networks that are circuit switched to allow users to make landline calls?
Public Switch Telephone Networks (PSTN)
187
What are able to deliver voice communications & multimedia over the internet and are packet-switched networks allowing users to make calls?
Voice over Internet Protocol (VoIP)
188
What is world wide non-secure voice, secure voice, data, facsimile, & video teleconferencing services for DoD C2 elements and assures non-blocking services for users with flash & flash override precedence capabilities?
Defense Switched Network (DSN)
189
What are communication networks with last link being wireless and able to connect to PSTN & Internet?
Cellular Networks
190
What are some vulnerabilities of Public Switched Telephone Networks (PSTN)?
- Phreaking
- War dialing
- Dialup modems
191
What are some vulnerabilities of Voice over Internet Protocol (VoIP)?
- Registration hijacking
- Session initiation protocol attack vectors
192
What are some vulnerabilities of cellular networks?
- Tower hijacking
- Generic computer exploits
193
What is reverse engineering the system tones used to route long-distance calls for free calls?
Phreaking
194
What is a technique to automatically scan a list of telephone number to search for modems?
War dialing
195
What is an overlooked "backdoor" through a
PSTN into another IT network used by admins to remote into Control System equipment?
Dialup modems
196
What is rogue device which registers as the registration server by impersonating a valid user?
Registration server hijacking
197
What are Session Initiation Protocol (SIP) attack vectors?
- Enumeration
- Fuzzing
- Man-in-the-Middle
198
What is enumeration?
Means to ID SIP systems
199
What is a type of DoS attack used to send malformed data packets to crash the SIP system?
Fuzzing
200
What is it called when an attacked intercepts SIP call-signaling traffic, masquerades as the calling & the called parties, and hijacks calls via redirection server?
Man-in-the-middle
201
What is it called when an attacker ID's bug in base transceiver station software services, exploits vulnerabilities and takes over the tower transceiver
Tower Hijacking
202
What is it called when incorrect system permission settings grant great access to other areas in the device or there are exposed internal communication protocols that pass messages internally within the device to itself or to other apps?
Mobile device software?
203
What connects to multiple class 4 and 5 offices and a class 1 (regional center) office?
Class 4 (toll office)
204
What connects to class 4 and 5 offices and is the only office that connects to individual or business subscribers?
Class 5 (end office)
205
What is the physical connection between a carrier's class 5 and the subscribers' premises?
Local loop ("Last Mile")
206
What is the telephone exchange, typically owned by the customer, where calls are made at no cost?
Private Branch Exchange (PBX)
207
What uses VoIP technologies allowing telephone calls to be made over an IP network?
IP phone/softphone (Skype)
208
What is the entity that receives registrations from a UAC (User Client Access/User Agent Client) and extracts info about current location and stores it?
Registration server
209
What forwards requests on behalf of the endpoint by consulting the register and handles the Session Initiation Protocol (SIP) requests of the user agent?
Proxy Server
210
What accepts a request, maps the address of the called party or more addresses & returns to the client but does not pass the request on to other servers?
Redirect server
211
What provides consolidated services and sets up & monitors calls, maintains the dial plan, and performs phone number translations?
Call manager
212
What is the interfacing IP network based voice communications w/ traditional circuit-switched networks?
Media gateway
213
What routes calls to other nodal switches and is a multifunction switch?
DSN backbone switches
214
What is the name for switches at bases, posts, camps & stations?
Installation switches
215
What is the primary switch for long distance services for either an installation or group of installations in a geographic area?
End Office (EO)
216
What switch serves as the primary switch, is used at smaller DoD installations and will not service installation with critical missions?
Small End Office (SMEO)
217
What are switches with Multilevel Precendences & Preemption (MLPP) capabilities?
Private Base Exchange 1 (PBX-1)
218
Which type of Private Branch Exchange does not have MLPP capabilities?
PBX-2
219
What has a switching capability that is connected to a host as a remote and is dependent on the host switch for software control?
Remote Switch Unit (RSU)
220
What is considered the "Radio Tower" with "RF"?
Base Transceiver Station (BTS)
221
What controls one or more BTS ("Radio Towers") and can be thought of as a cell?
Base Station Controller (BSC)
222
What acts like a PTSN Local Loop for cellular networks and combines the BTS & BSC?
Base Station System (BSS)
223
What is considered the PTSN Central Office but for cellular networks and each carrier in each city runs one office?
Mobile Telephone Switching Office (MTSO)
224
What represents an area within which a diverted Regional Bell Operating Company (RBOC) is permitted to offer exchange telecommunications & exchange access services?
Local Access & Transport (LATA)
225
What is a system used to direct telephone calls to a particular region and provides a telephone numbering scheme?
North American Numbering Plan (NANP)
226
What is used for call set up (INVITE) & terminate/call transfer (BYE), uses two types of messages (requests & responses), leverages port 5060, and is similar to the TCP three-way handshake except with more steps?
SIP
227
What is a media protocol that describes the packet format for the actual data?
Realtime Transport Protocol (RTP)
228
What is the workload standard for cellular networks and uses subscriber Id module (SIM) cards for different service providers in different countries?
Global System for Mobile Communication (GSM)
229
What is an American standard which assigns each call a certain portion of time on a designated frequency?
Time Division Multiplexing (TDMA)
230
Which is an American standard which gives a unique code to each call and spreads it over the available frequencies?
Code Division Multiple Access (CDMA)
231
What are the different network data technologies?
- 1G
- 2G
- 3G
- 4G
- 5G
232
What are the different types of Public Switched Telephone Networks (PSTN) security?
- Physical security
- Network security
233
What are the different types of Voice over Internet Protocol (VoIP) security?
- Physical security
- Layer-2 network segregation
- Layer-3 address segregation
234
What are the different methods to encrypt VoIP?
- Voice over Secure IP (VoSIP)
- Secure VoIP (SVoIP)
- Secure Voice over Secure IP (SVoSIP)
235
What are the different types of cellular network security?
- Physical security
- Mobile device
- Patch Management
- Treat it like a computer
- Encryption
- Two-factor Authentication
236
What is a general term that encompasses several types of control systems?
Industrial Control System (ICS)
237
What is a computerized system that is capable of gathering & processing data & applying operational controls over long distances?
Supervisory Control & Data Acquisition (SCADA)
238
What is it called when control is achieved by intelligence that is distributed about the process to be controlled?
Distributed Control System (DCS)
239
What are the ICS industrial sectors?
Manufacturing and distribution industries
240
What are the different ways the manufacturing industry can be divided?
Process based and discrete based
241
What are the different ways a process based industry can be divided?
A continuous manufacturing process or a batch manufacturing process
242
What is run continuously, often w/ transitions for different grades of a product?
A continuous manufacturing process
243
What manufacturing process is divided into distinct processing steps?
A batch manufacturing process
244
What process is a series of steps on a single device to create an end product?
Discrete based
245
What is used to control geographically dispersed assets?
A distribution industry
246
What is similar between manufacturing and distribution systems?
Control systems
247
What systems are usually located within a confined area?
Manufacturing systems
248
What systems are spread over large areas?
Distribution systems
249
What are multiple, independent systems combined to form larger more complex systems called?
System of systems
250
What are some features of critical infrastructure?
- System of systems
- Interconnected and mutually dependent in complex ways
251
What uses sensors, actuators, and controllers to manipulate some controlled process?
Control loops
252
How does the control loop process work?
- Sensors measure a physical property and sends info to controllers
- Controllers interprets the signals and generates corresponding variables based on algorithms and target set points
Actuators (e.g. valves, switches, and motors) directly manipulate the controlled process based on commands sent by the controller
253
What is used by operators/engineers to monitor & configure elements of the controllers & actuators and displays process status information & historical information?
Human-machine Interface (HMI)
254
What are used to prevent, identify, & recover from abnormal operation or failures?
Remote diagnostics
255
What are the different design considerations?
- Control Timing Requirements
- Geographic Distribution
‐ Hierarchy
‐ Control Complexity
‐ Availability
‐ Impact of Failures
‐ Safety
256
What has a wide range of requirements, humans might not be reliable or consistent enough, and systems might require computation to take place as close to the sensor as possible?
Control timing requirements
257
What has varying degrees of distribution?
Geographic distribution
258
What allows human operators to have a comprehensive view?
Hierarchy
259
What drives some systems to require more than just controllers and preset algorithms?
Control complexity
260
What requires more redundancy?
Systems with high availability requirements and high impact of failure
261
What are some safety considerations?
- Systems need ability to detect unsafe conditions
- Take actions to reduce those conditions
- Human oversight in safety critical operations
262
What is used to control dispersed assets where centralized data acquisition is as important as control, is designed to collect field information, transfer it to a central computer facility & display the information to the operator so they can monitor or control an entire system?
Supervisory Control and Data Acquisition (SCADA)
263
What is the typical hardware in a SCADA system?
- Control center
- Communications equipment
- Remote terminal units (RTUs)
- Programmable Logic Controllers (PLC)
264
What is used to control production systems within the same geographic region and is usually process control or discrete part control systems?
Distributed Control Systems (DCS)
265
What is implemented as the primary controller in smaller control system configurations to provide operational control of a discrete process and generally lacks a central control server & HMI?
Programmable Logic Controller (PLC)
266
What controls the physical world?
ICS systems
267
What manages data?
IT systems
268
What are the similarities and differences between ICS systems and IT systems?
- Different risks & priorities
- Risk to health & safety, damage to environment, financial loss
‐ Different performance & reliability requirements
‐ May use OSs & Apps that may be considered unconventional in a typical IT network
269
What are some different components of Security Architecture?
‐ Network Segmentation & Segregation
‐ BoundaryProtection
‐ Firewalls
‐ Logically Separated Control Network
‐ NetworkSegregation
‐ Recommended Defense-in-Depth Architecture
‐ General Firewall Policies for ICS
‐ Recommended Firewall Rules
‐ Specific ICS Firewall Issues
270
What is one of the most effective architectural concepts to protect ICS?
Network segmentation & segregation
271
What are the different methods for network segmentation & segregation?
- Logical network separation (VLANs, VPNs, unidirectional gateways)
- Physical network separation
- Network traffic filtering (IP/route based, restrict based on function, port/protocol filtering, application filtering)
272
What are key to enforcement of security policies, can be used to isolate ICS & enterprise components, and includes gateways, routers, firewalls, IDS, etc?
Boundary protection
273
What controls flow of traffic between networks employing differing security postures and is most often deployed between ICS and enterprise networks?
Firewalls
274
What are some special considerations with firewalls?
- Possible addition of delay to control system communications
- Lack of experience in the design of rule sets suitable for ICS
275
At a minimum how should ICS be separated from enterprise networks?
Logically separated
276
What can enhance security using different architectures and lead to the rule that no system should be dual-NIC'd?
Network segregation
277
What is it called when overlapping security mechanisms are used?
Defense in depth
278
What are the best practices for general firewall policies?
‐ The base rule set should be deny all, permit none
‐ All “permit” rules should be both IP address and TCP/UDP port specific
‐ All rules should restrict traffic to a specific IP address or range of addresses
279
What are some recommended firewall rules?
- In most cases there is little reason to allow DNS requests out of the control network to the corporate network and no reason to allow DNS requests into the control network
- HTTP should not be allowed to cross from the public/corporate to the control network
- All TFTP communications should be blocked, while FTP communications should be allowed for outbound sessions only
- Use SSH over Telnet
280
What are specific ICS firewall issues?
- Data Historians
- Remote Support Access
- Multicast Traffic
- Unidirectional Gateways
- Single Points of Failure
- Redundancy and Fault Tolerance
- Preventing Man-in-the-Middle Attacks
- Authentication & Authorization
- Monitoring, Logging, and Auditing
- Incident Detection, Response, & System Recovery
281
What was introduced because of incomplete, inappropriate, or nonexistent security policy?
Policy & procedure and predisposing conditions
282
What can occur in hardware, firmware, software, and large complex systems and networks?
System and predisposing conditions
283
What are some possible sources for system and predisposing conditions?
- Design Flaws
- Development Flaws
- Misconfigurations
- Poor Maintenance
- Poor Administration
- Connections with other systems & networks
284
What are some examples of adversarial incidents?
‐ Denial of Control Action
‐ Control Devices Reprogrammed
‐ Spoofed System Status Information
‐ Control Logic Manipulation
‐ Safety Systems Modified
‐ Malware on Control Systems
285
