Terms Flashcards
Risk Management
1
Q
What is Risk Management?
A
A practice of identifying, monitoring, and limiting risks to a manageable level.
2
Q
What are the 3 Risk Control Types?
A
Administrative
Technical
Physical
3
Q
What is Risk Assessment?
A
Used to understand the current risks, probability, impact, and the solution to prevent them.
4
Q
What are the 4 Risk Management Options?
A
Avoidance
Transference
Acceptance
Mitigation
5
Q
Is a living document used to track different types of data elements associated to risk factors and scenarios.
A
Risk Register
6
Q
Continuity of operations plan (COOP)
A
Provides an alternate location for operations after a critical outage.
7
Q
Business Continuity Plan (BCP)
A
Ensures that critical business operations continue and the organization can survive the outage. Identify key items.
8
Q
What is DRP?
A
Disaster Recovery Plan: Provides a step-by-step procedure that personnel will follow to save human life and recover/restore your business .
9
Q
What is BIA?
A
Business Impact Analysis: Identifies systems and components that are essential to the organization’s success and potential for financial loss.
10
Q
What is ALE?
A
Annual Loss Expectancy: The possible yearly cost of all instances of a specific realized threat against a specific asset. Allows for proper budgeting of the security measures if risk happens
11
Q
What is ARO?
A
Annual Rate of Occurrence: The frequency with which a specific threat or risk will occur within a single year.
12
Q
what is SLE?
A
Single Loss Expectancy: The cost associated with a single realized risk against a specific asset
13
Q
How do you calculate the ALE?
A
ALE = ARO * SLE
14
Q
What is SLA?
A
Service Level Agreement
15
Q
What is BPA?
A
Business Partnership Agreement
16
Q
What is MOA/MOU ?
A
Memorandum of Agreement/Understanding
17
Q
What is ISA?
A
Interconnection Security Agreement
18
Q
What is AUP?
A
Acceptable Use Policy
19
Q
What is BYOD?
A
Bring Your Own Device
20
Q
What is CYOD?
A
Choose Your Own Device
21
Q
What isCOPE?
A
Company Owned, Personally Enabled
22
Q
What is VDI?
A
Virtual Desktop Infrastructure
23
Q
What is AV?
A
Asset Value - Monetary value of the information asset
24
Q
What is EF?
A
Exposure Factor: Percentage of loss that an organization would experience if a specific asset were violated by a realized risk.
25
How is the SLE calculated?
SLE = AV * EF
26
What are the 4 pillars of Sec+
Confidentiality
Integrity
Availability
Safety/Security
27
What are the 6 Access Control Types?
```
Preventative
Detective
Corrective
Deterrent
Recovery
Compensation
```
28
What is PAP?
Password Authentication Protocol: passwords are sent over the wire in cleartext.
29
What is CHAP?
Challenge Handshake Authentication Protocol: passwords are sent over the network encrypted.
30
What is PPP?
Point-to-Point Protocol
31
What is FFR?
False Reject Rate OR Type 1
32
What is FAR?
False Acceptance Rate OR Type 2
33
What are the 5 Authentication Factors?
Something You Know (Password) - [Weakest]
Something You Have (Multi-Factor)
Something You Are (Biometric) - [Strongest]
Somewhere You Are (Geolocation)
Something You Do (Gestures)
34
What is Single Factor Authentication?
Authentication that requires a single authentication factor type.
35
What is Multi-Factor Authentication?
Authentication that requires more then one authentication factor type.
36
What is Mutual Authentication?
Two-way Authentication: client to server, & server to client.
37
What is SSO?
Single Sign On: authentication that allows for access of multiple applications without requiring additional authentication.
38
What are 2 services that use SSO Secure Token?
Kerberos (Domain)
| LDAP (Active Directory)
39
What are 4 Federated Identity Management services?
OpenID
Oauth
SAML (Domain to Domain)
Shibboleth
40
What are the 2 Categories of Identify Management
Centralized Access Control: authorization verification performed by a single entity.
Decentralized Access Control (Distributed Access Control): various entities located throughout a system perform authorization verification.
41
What is LDAP/LDAPS?
Lightweight Directory Access Protocol (Secured)
TCP 389
SSL/TLS TCP 636/3269
uses x.500 Standard
42
What is PKI?
Public Key Infrastructure
43
What is ADDS?
Active Domain Services OR Domain Controller
44
What are the 2 types of Domain Administrators?
Root Domain
| Enterprise Domain
45
What is AES?
Advanced Encryption Standard: symmetric encryption to protect the users logon credentials.
46
Whats is KDC?
Key Distribution Center OR Kerberos
47
What are the 4 parts of KDC?
Authentication Server (AS)
Ticket Granting Service (TGS)
Ticket Granting Ticket (TGT)
Domain Controller
48
What is IDaaS
Identity as a Service:
49
What is Federated Identify Management?
is when organizations join a group of organizations, to share authentication.
Cloud identify authentication
50
What 2 protocols used for Personal Federations?
OpenID
OAuth
Google, Facebook, LinkedIN, Microsoft, & Twitter
51
What 2 protocols are used for Business Federation?
Security Assertion Markup Language (SAML) [Cloud]
| Shibboleth
52
What is SOAP?
Simple Object Access Protocol
53
What is CRM?
Customer Relation Managment
54
What is SAML?
Security Assertion Markup Language (business to business)
55
What is used by SSH?
SFTP
| SCP
56
What is PEAP?
Protected Extensible Authentication, works with SSL/TLS
57
What are the 3 phases of Account Management?
Provisioning (on-boarding)
Review
Deprovisioning (off-boarding)
58
What are the 3 types of Authorization?
Rights
Permissions
Privileges
59
What are the 5 Access Control Models?
```
Role-based access control (role-BAC)
Rule-based access control (rule-BAC)
Discretionary access control (DAC)
Mandatory access control (MAC)
Attribute-based access control (ABAC)
```
60
What is Separation of Duties?
Dividing roles and responsibilities of individuals or departments so that one critical task cannot be performed by one entity.
61
What is Dual Control?
Ensuring that more than one individual has to be involved in completing a task.
62
What are the 4 Role-based access control (Role-BAC) types?
Administrators
Executives
Project Managers
Team Members
63
What is rule-BAC?
Rule-based access control: uses IF/THEN logic.
64
What is MAC?
Mandatory access control: uses sensitivity labels
65
What is DAC?
Discretionary access control: Owner establishes access for the objects (files and folders)
66
What is a RAS?
Remote Access Service: example VPN
67
What are the 3 types of user authentication?
Point-to-Point (PPP)
Client Side
Server Side
68
What are the 4 Client Side protocols used for user authentication?
PAP
CHAP
MSCHAP (mutual authentication)
EAP
69
What are the 5 Server Side protocols used for user authentication?
```
AAA
TACACS+
802.1X
RADIUS/ Radius Federation
DIAMETER
```
70
What are the 3 Network Authentication Server (AAA) protocols?
RADUIS (UDP)
TACACS+ (Cisco, TCP 49)
Diameter (TCP)
71
What does AAA stand for?
Authentication, Authorization, and Accounting
72
What is IdP?
Identity Provider: creates, maintains and manages users identity information.
73
What is Change Management?
Controls software changes, patches
74
What are the 2 Cryptographic Methods?
Symmetric Cryptography: 1 key, out-of-band
| Asymmetric Cryptography: 2 separate keys, in-band
75
What are 5 Popular Symmetric Algorithms?
Advanced Encryption Standard (AES) strongest
Data Encryption Standard (DES) weakest
Triple Data Encryption Standard (3DES) slow
RC4 (Rivest Cipher), weakest encryption
Blowfish, next most secure
76
What are 5 Popular Asymmetric Algorithms?
```
RSA
DSA
Diffie-Hellman (Groups, DHE, ECDHE)
Elliptic curve
PGP/GPG
```
77
What are the 4 Data Encryption Standard (DES) Modes?
ECB, weakest
CBC
CTR
GCM
78
What are the 4 most common Hashing Algorithms?
MD5
SHA, NSA 256
HMAC
RIPEMD
79
What is HMAC?
Hash-based Message Authentication Code: used in IT security with VPNs.
80
What are 2 Key Stretching Algorithms?
Bcrypt [salts, and hashes with Blowfish] strongest
| Password-Based Key Derivation Function 2 (PBKDF2)
81
What are 3 advantages of using digital signatures?
Authentication
Non-repudiation
Integrity
82
What 2 things are utilized when a Certificate Revocation takes place?
Certificate Revocation List (CRL)
| Online Certificate Status Protocol (OCSP)
83
What are the 3 main Certificate Formats & PKI Structures?
Distinguished Encoding Rules (DER), Ascii
PKCS#7, Share public key
PKCS#12, Private key with certificate
84
What are the 4 types of Trust Models?
Web Of Trust [decentralized]
Third-Party (Single Authority) Trust
Hierarchical Trust [centralized]
Cross-trust [different organizations]
85
What is Encapsulation/Multiplexing in regards to OSI?
Going from High to Low, Application to Physical Layer.
86
What is Decapsulation/De-multiplexing in regards to ISO?
Going from Low to High, Physical to Application Layer.
87
What are the 7 layers of the ISO model?
7. Application
6. Presentation
5. Session
4. Transport
3. Network
2. Data Link
1. Physical
88
What are the 7 layers of the ISO model?
7. Application [data]
6. Presentation [data]
5. Session [data]
4. Transport [protocols]
3. Network [packets]
2. Data Link [frames]
1. Physical [bits]
89
What are the 3 types of communication sessions?
Simplex [one way]
Full-duplex [two way, same time]
Half-duplex [two way, one at a time]
90
What are the 4 layers of the TCP/IP model?
Application
Transport
Internet
Link/Network Interface
91
What are the 4 protocol groups?
Basic connectivity protocols
Encryption protocols
Application protocols
Email protocols
92
What is SNMP?
Simple Network Management Protocol
UDP 161 (query); UDP 162 (trap/notifications)
SNMPv2, authentication
SNMPv3, encryption TCP 10161, TCP 10162
93
What is SRTP?
Secure Real-time Protocol
Used to implement voice encryption (VoIP)
UDP 5004
94
SMTP
| SMTPS
TCP 25
| TCP 465
95
POP3
| POP3S
TCP 110
| TCP 995
96
IMAP4
| IMAPS
TCP 143
| TCP 993
97
DHCP
```
Dynmic Host Configuration Protocol
UDP 67 (server)
UDP 68 (client)
```
98
DNS Comands
Nslookup (Windows)
| Dig (Linux)
99
What is a BIND server?
Berkeley Internet Name Domain, a DNS server
100
What does SCP use?
Uses SSH
| TCP 22
101
What does TFTP use?
UDP 69
102
What does HTTP use?
TCP 80
103
What does HTTPS use?
TCP 443
104
What port does SIP use?
5060/5061
105
What port does H.323 use?
1720
106
What port does RADUIS use?
UDP 1812/1813
107
What are the 3 types of FIREWALLS?
Packet filtering (Stateless Inspection)
Stateful
Application-Aware Firewall (WAF)
108
Application-Aware Firewall
Web based firewall
| Host based firewall
109
What are the 6 types of Proxy Servers?
```
Forward proxy (protects client)
Reverse proxy (protects servers)
Transparent (does not modify)
Nontransparent (modify or filter)
Application (specific applications)
Multipurpose (multiple protocol types)
```
110
What are the 2 modes of Internet Protocol security (IPsec)?
Transport
| Tunnel
111
What is SIEM?
Security Information and Event Management
112
What is WORM in relation to SIEM?
Write Once, Read Many (offer tamper-proof data)
113
What is a HSM?
Hardware Security Module
| -can generate, store, and manage RSA keys used in asymmetric encryption
114
What is a NAC?
Network Access Control
| -entry point or gateway into the network, typically for remote or mobile clients
115
What is Host Health Check / Posture Assessment?
Enforces NAC
116
What is 802.1x ?
Switch Port based authentication
- RADIUS server
- Diameter server
- redirect unauthorized clients to a non-production network via a VLAN
117
What is EPA?
Extensible Authentication Protocol
118
What is NAC?
Network Access Control: provides continuous security monitoring by inspecting computers and preventing them from accessing the network if they don’t pass the inspection.
119
What is ESP?
Encapsulating Security Payload
120
What is SSTP?
Secure Socket Tunneling Protocol: encrypts VPN traffic using TLS over TCP 443
121
What is PPTP?
Point-to-Point Tunneling Protocol: TCP 1723
122
What is L2TP?
Layer 2 Tunneling Protocol: uses IPsec, UDP 1701
123
SSL Accelerator
Offloads the SSL process to a hardware accelerator, makes secure connection faster, and provides load balancing options.
124
What is FDE?
Full disk encryption: software based
125
What is SED?
Self-encrypted devices: hardware or software based
126
What is UEFI?
Unified Extensible Firmware Interface: replaces a BIOS, supposed to be better.
127
What is a TPM?
Trusted Platform Module: Prevent any type of dictionary attack
128
What is HSM?
Hardware Security Module: manage, generate, and securely store cryptographic keys in a secure location
129
What is SCADA?
Supervisory control and data acquisition
| Industrial Control System (ICS) is associated with SCADA
130
What is IaaS?
Infrastructure-as-a-service [host, servers]
131
What is PaaS?
Platform as a service [build, operating systems]
132
What is SaaS?
Software as a service [consume, applications]
133
What is SECaaS?
Security as a Service
134
What is CASB?
Cloud access security broker
135
Virtualization Hypervisors
Type 1: it is an OS, faster, more expensive
Type 2: runs on an OS, cheaper, slower
Type 3: Container virtualization, runs within isolated cells and does not have its own kernel
136
802.11x
Captive Portal
