Terms

Question 1

What is Risk Management?

Answer 1

A practice of identifying, monitoring, and limiting risks to a manageable level.

Question 2

What are the 3 Risk Control Types?

Answer 2

Administrative
Technical
Physical

Question 3

What is Risk Assessment?

Answer 3

Used to understand the current risks, probability, impact, and the solution to prevent them.

Question 4

What are the 4 Risk Management Options?

Answer 4

Avoidance
Transference
Acceptance
Mitigation

Question 5

Is a living document used to track different types of data elements associated to risk factors and scenarios.

Answer 5

Risk Register

Question 6

Continuity of operations plan (COOP)

Answer 6

Provides an alternate location for operations after a critical outage.

Question 7

Business Continuity Plan (BCP)

Answer 7

Ensures that critical business operations continue and the organization can survive the outage. Identify key items.

Question 8

What is DRP?

Answer 8

Disaster Recovery Plan: Provides a step-by-step procedure that personnel will follow to save human life and recover/restore your business .

Question 9

What is BIA?

Answer 9

Business Impact Analysis: Identifies systems and components that are essential to the organization’s success and potential for financial loss.

Question 10

What is ALE?

Answer 10

Annual Loss Expectancy: The possible yearly cost of all instances of a specific realized threat against a specific asset. Allows for proper budgeting of the security measures if risk happens

Question 11

What is ARO?

Answer 11

Annual Rate of Occurrence: The frequency with which a specific threat or risk will occur within a single year.

Question 12

what is SLE?

Answer 12

Single Loss Expectancy: The cost associated with a single realized risk against a specific asset

Question 13

How do you calculate the ALE?

Answer 13

ALE = ARO * SLE

Question 14

What is SLA?

Answer 14

Service Level Agreement

Question 15

What is BPA?

Answer 15

Business Partnership Agreement

Question 16

What is MOA/MOU ?

Answer 16

Memorandum of Agreement/Understanding

Question 17

What is ISA?

Answer 17

Interconnection Security Agreement

Question 18

What is AUP?

Answer 18

Acceptable Use Policy

Question 19

What is BYOD?

Answer 19

Bring Your Own Device

Question 20

What is CYOD?

Answer 20

Choose Your Own Device

Question 21

What isCOPE?

Answer 21

Company Owned, Personally Enabled

Question 22

What is VDI?

Answer 22

Virtual Desktop Infrastructure

Question 23

What is AV?

Answer 23

Asset Value - Monetary value of the information asset

Question 24

What is EF?

Answer 24

Exposure Factor: Percentage of loss that an organization would experience if a specific asset were violated by a realized risk.

Question 25

How is the SLE calculated?

Answer 25

SLE = AV * EF

Question 26

What are the 4 pillars of Sec+

Answer 26

Confidentiality
Integrity
Availability
Safety/Security

Question 27

What are the 6 Access Control Types?

Answer 27

Preventative
Detective 
Corrective 
Deterrent 
Recovery 
Compensation

Question 28

What is PAP?

Answer 28

Password Authentication Protocol: passwords are sent over the wire in cleartext.

Question 29

What is CHAP?

Answer 29

Challenge Handshake Authentication Protocol: passwords are sent over the network encrypted.

Question 30

What is PPP?

Answer 30

Point-to-Point Protocol

Question 31

What is FFR?

Answer 31

False Reject Rate OR Type 1

Question 32

What is FAR?

Answer 32

False Acceptance Rate OR Type 2

Question 33

What are the 5 Authentication Factors?

Answer 33

Something You Know (Password) - [Weakest]
Something You Have (Multi-Factor)
Something You Are (Biometric) - [Strongest]
Somewhere You Are (Geolocation)
Something You Do (Gestures)

Question 34

What is Single Factor Authentication?

Answer 34

Authentication that requires a single authentication factor type.

Question 35

What is Multi-Factor Authentication?

Answer 35

Authentication that requires more then one authentication factor type.

Question 36

What is Mutual Authentication?

Answer 36

Two-way Authentication: client to server, & server to client.

Question 37

What is SSO?

Answer 37

Single Sign On: authentication that allows for access of multiple applications without requiring additional authentication.

Question 38

What are 2 services that use SSO Secure Token?

Answer 38

Kerberos (Domain)

LDAP (Active Directory)

Question 39

What are 4 Federated Identity Management services?

Answer 39

OpenID
Oauth
SAML (Domain to Domain)
Shibboleth

Question 40

What are the 2 Categories of Identify Management

Answer 40

Centralized Access Control: authorization verification performed by a single entity.

Decentralized Access Control (Distributed Access Control): various entities located throughout a system perform authorization verification.

Question 41

What is LDAP/LDAPS?

Answer 41

Lightweight Directory Access Protocol (Secured)
TCP 389
SSL/TLS TCP 636/3269
uses x.500 Standard

Question 42

What is PKI?

Answer 42

Public Key Infrastructure

Question 43

What is ADDS?

Answer 43

Active Domain Services OR Domain Controller

Question 44

What are the 2 types of Domain Administrators?

Answer 44

Root Domain

Enterprise Domain

Question 45

What is AES?

Answer 45

Advanced Encryption Standard: symmetric encryption to protect the users logon credentials.

Question 46

Whats is KDC?

Answer 46

Key Distribution Center OR Kerberos

Question 47

What are the 4 parts of KDC?

Answer 47

Authentication Server (AS)
Ticket Granting Service (TGS)
Ticket Granting Ticket (TGT)
Domain Controller

Question 48

What is IDaaS

Answer 48

Identity as a Service:

Question 49

What is Federated Identify Management?

Answer 49

is when organizations join a group of organizations, to share authentication.

Cloud identify authentication

Question 50

What 2 protocols used for Personal Federations?

Answer 50

OpenID
OAuth

Google, Facebook, LinkedIN, Microsoft, & Twitter

Question 51

What 2 protocols are used for Business Federation?

Answer 51

Security Assertion Markup Language (SAML) [Cloud]

Shibboleth

Question 52

What is SOAP?

Answer 52

Simple Object Access Protocol

Question 53

What is CRM?

Answer 53

Customer Relation Managment

Question 54

What is SAML?

Answer 54

Security Assertion Markup Language (business to business)

Question 55

What is used by SSH?

Answer 55

SFTP

SCP

Question 56

What is PEAP?

Answer 56

Protected Extensible Authentication, works with SSL/TLS

Question 57

What are the 3 phases of Account Management?

Answer 57

Provisioning (on-boarding)
Review
Deprovisioning (off-boarding)

Question 58

What are the 3 types of Authorization?

Answer 58

Rights
Permissions
Privileges

Question 59

What are the 5 Access Control Models?

Answer 59

Role-based access control (role-BAC) 
Rule-based access control (rule-BAC) 
Discretionary access control (DAC) 
Mandatory access control (MAC)
Attribute-based access control (ABAC)

Question 60

What is Separation of Duties?

Answer 60

Dividing roles and responsibilities of individuals or departments so that one critical task cannot be performed by one entity.

Question 61

What is Dual Control?

Answer 61

Ensuring that more than one individual has to be involved in completing a task.

Question 62

What are the 4 Role-based access control (Role-BAC) types?

Answer 62

Administrators
Executives
Project Managers
Team Members

Question 63

What is rule-BAC?

Answer 63

Rule-based access control: uses IF/THEN logic.

Question 64

What is MAC?

Answer 64

Mandatory access control: uses sensitivity labels

Question 65

What is DAC?

Answer 65

Discretionary access control: Owner establishes access for the objects (files and folders)

Question 66

What is a RAS?

Answer 66

Remote Access Service: example VPN

Question 67

What are the 3 types of user authentication?

Answer 67

Point-to-Point (PPP)
Client Side
Server Side

Question 68

What are the 4 Client Side protocols used for user authentication?

Answer 68

PAP
CHAP
MSCHAP (mutual authentication)
EAP

Question 69

What are the 5 Server Side protocols used for user authentication?

Answer 69

AAA
TACACS+
802.1X
RADIUS/ Radius Federation 
DIAMETER

Question 70

What are the 3 Network Authentication Server (AAA) protocols?

Answer 70

RADUIS (UDP)
TACACS+ (Cisco, TCP 49)
Diameter (TCP)

Question 71

What does AAA stand for?

Answer 71

Authentication, Authorization, and Accounting

Question 72

What is IdP?

Answer 72

Identity Provider: creates, maintains and manages users identity information.

Question 73

What is Change Management?

Answer 73

Controls software changes, patches

Question 74

What are the 2 Cryptographic Methods?

Answer 74

Symmetric Cryptography: 1 key, out-of-band

Asymmetric Cryptography: 2 separate keys, in-band

Question 75

What are 5 Popular Symmetric Algorithms?

Answer 75

Advanced Encryption Standard (AES) strongest
Data Encryption Standard (DES) weakest
Triple Data Encryption Standard (3DES) slow
RC4 (Rivest Cipher), weakest encryption
Blowfish, next most secure

Question 76

What are 5 Popular Asymmetric Algorithms?

Answer 76

RSA
DSA
Diffie-Hellman (Groups, DHE, ECDHE)
Elliptic curve
PGP/GPG

Question 77

What are the 4 Data Encryption Standard (DES) Modes?

Answer 77

ECB, weakest
CBC
CTR
GCM

Question 78

What are the 4 most common Hashing Algorithms?

Answer 78

MD5
SHA, NSA 256
HMAC
RIPEMD

Question 79

What is HMAC?

Answer 79

Hash-based Message Authentication Code: used in IT security with VPNs.

Question 80

What are 2 Key Stretching Algorithms?

Answer 80

Bcrypt [salts, and hashes with Blowfish] strongest

Password-Based Key Derivation Function 2 (PBKDF2)

Question 81

What are 3 advantages of using digital signatures?

Answer 81

Authentication
Non-repudiation
Integrity

Question 82

What 2 things are utilized when a Certificate Revocation takes place?

Answer 82

Certificate Revocation List (CRL)

Online Certificate Status Protocol (OCSP)

Question 83

What are the 3 main Certificate Formats & PKI Structures?

Answer 83

Distinguished Encoding Rules (DER), Ascii
PKCS#7, Share public key
PKCS#12, Private key with certificate

Question 84

What are the 4 types of Trust Models?

Answer 84

Web Of Trust [decentralized]
Third-Party (Single Authority) Trust
Hierarchical Trust [centralized]
Cross-trust [different organizations]

Question 85

What is Encapsulation/Multiplexing in regards to OSI?

Answer 85

Going from High to Low, Application to Physical Layer.

Question 86

What is Decapsulation/De-multiplexing in regards to ISO?

Answer 86

Going from Low to High, Physical to Application Layer.

Question 87

What are the 7 layers of the ISO model?

Answer 87

7. Application
8. Presentation
9. Session
10. Transport
11. Network
12. Data Link
13. Physical

Question 88

What are the 7 layers of the ISO model?

Answer 88

7. Application [data]
8. Presentation [data]
9. Session [data]
10. Transport [protocols]
11. Network [packets]
12. Data Link [frames]
13. Physical [bits]

Question 89

What are the 3 types of communication sessions?

Answer 89

Simplex [one way]
Full-duplex [two way, same time]
Half-duplex [two way, one at a time]

Question 90

What are the 4 layers of the TCP/IP model?

Answer 90

Application
Transport
Internet
Link/Network Interface

Question 91

What are the 4 protocol groups?

Answer 91

Basic connectivity protocols
Encryption protocols
Application protocols
Email protocols

Question 92

What is SNMP?

Answer 92

Simple Network Management Protocol
UDP 161 (query); UDP 162 (trap/notifications)
SNMPv2, authentication
SNMPv3, encryption TCP 10161, TCP 10162

Question 93

What is SRTP?

Answer 93

Secure Real-time Protocol
Used to implement voice encryption (VoIP)
UDP 5004

Question 94

SMTP

SMTPS

Answer 94

TCP 25

TCP 465

Question 95

POP3

POP3S

Answer 95

TCP 110

TCP 995

Question 96

IMAP4

IMAPS

Answer 96

TCP 143

TCP 993

Question 97

DHCP

Answer 97

Dynmic Host Configuration Protocol 
UDP 67 (server)
UDP 68 (client)

Question 98

DNS Comands

Answer 98

Nslookup (Windows)

Dig (Linux)

Question 99

What is a BIND server?

Answer 99

Berkeley Internet Name Domain, a DNS server

Question 100

What does SCP use?

Answer 100

Uses SSH

TCP 22

Question 101

What does TFTP use?

Answer 101

UDP 69

Question 102

What does HTTP use?

Answer 102

TCP 80

Question 103

What does HTTPS use?

Answer 103

TCP 443

Question 104

What port does SIP use?

Answer 104

5060/5061

Question 105

What port does H.323 use?

Answer 105

1720

Question 106

What port does RADUIS use?

Answer 106

UDP 1812/1813

Question 107

What are the 3 types of FIREWALLS?

Answer 107

Packet filtering (Stateless Inspection)
Stateful
Application-Aware Firewall (WAF)

Question 108

Application-Aware Firewall

Answer 108

Web based firewall

Host based firewall

Question 109

What are the 6 types of Proxy Servers?

Answer 109

Forward proxy (protects client)
Reverse proxy (protects servers)
Transparent (does not modify)
Nontransparent (modify or filter)
Application (specific applications)
Multipurpose (multiple protocol types)

Question 110

What are the 2 modes of Internet Protocol security (IPsec)?

Answer 110

Transport

Tunnel

Question 111

What is SIEM?

Answer 111

Security Information and Event Management

Question 112

What is WORM in relation to SIEM?

Answer 112

Write Once, Read Many (offer tamper-proof data)

Question 113

What is a HSM?

Answer 113

Hardware Security Module

-can generate, store, and manage RSA keys used in asymmetric encryption

Question 114

What is a NAC?

Answer 114

Network Access Control

-entry point or gateway into the network, typically for remote or mobile clients

Question 115

What is Host Health Check / Posture Assessment?

Answer 115

Enforces NAC

Question 116

What is 802.1x ?

Answer 116

Switch Port based authentication

• RADIUS server
• Diameter server
• redirect unauthorized clients to a non-production network via a VLAN

Question 117

What is EPA?

Answer 117

Extensible Authentication Protocol

Question 118

What is NAC?

Answer 118

Network Access Control: provides continuous security monitoring by inspecting computers and preventing them from accessing the network if they don’t pass the inspection.

Question 119

What is ESP?

Answer 119

Encapsulating Security Payload

Question 120

What is SSTP?

Answer 120

Secure Socket Tunneling Protocol: encrypts VPN traffic using TLS over TCP 443

Question 121

What is PPTP?

Answer 121

Point-to-Point Tunneling Protocol: TCP 1723

Question 122

What is L2TP?

Answer 122

Layer 2 Tunneling Protocol: uses IPsec, UDP 1701

Question 123

SSL Accelerator

Answer 123

Offloads the SSL process to a hardware accelerator, makes secure connection faster, and provides load balancing options.

Question 124

What is FDE?

Answer 124

Full disk encryption: software based

Question 125

What is SED?

Answer 125

Self-encrypted devices: hardware or software based

Question 126

What is UEFI?

Answer 126

Unified Extensible Firmware Interface: replaces a BIOS, supposed to be better.

Question 127

What is a TPM?

Answer 127

Trusted Platform Module: Prevent any type of dictionary attack

Question 128

What is HSM?

Answer 128

Hardware Security Module: manage, generate, and securely store cryptographic keys in a secure location

Question 129

What is SCADA?

Answer 129

Supervisory control and data acquisition

Industrial Control System (ICS) is associated with SCADA

Question 130

What is IaaS?

Answer 130

Infrastructure-as-a-service [host, servers]

Question 131

What is PaaS?

Answer 131

Platform as a service [build, operating systems]

Question 132

What is SaaS?

Answer 132

Software as a service [consume, applications]

Question 133

What is SECaaS?

Answer 133

Security as a Service

Question 134

What is CASB?

Answer 134

Cloud access security broker

Question 135

Virtualization Hypervisors

Answer 135

Type 1: it is an OS, faster, more expensive
Type 2: runs on an OS, cheaper, slower
Type 3: Container virtualization, runs within isolated cells and does not have its own kernel

Question 136

802.11x

Answer 136

Captive Portal