Test 2 Flashcards
What are the five basic steps in a vulnerability assessment?
Asset Identification, Threat Identification, Vulnerability Appraisal, Risk Assessment, Risk Mitigation
What is the purpose of an attack tree in threat modeling?
Visually displays possible attacks, their goals, and the techniques used, structured as an inverted tree.
What are the three possible states of a network port?
Open, Closed, Blocked.
Name three tools used in protocol analysis.
Wireshark, Microsoft Message Analyzer, tcpdump.
What is a honeypot?
A decoy system used to lure attackers and study their methods.
What does the ping command do in network security?
Tests the reachability of a device by sending ICMP packets and measuring response time.
What is tracert used for?
Displays the path packets take to a destination, identifying each router along the route.
How does a port scanner help assess network security?
Identifies which ports are open, closed, or blocked to determine service vulnerabilities.
What is the function of a vulnerability scanner?
Checks for known vulnerabilities in systems like unpatched software or open ports.
What does a protocol analyzer like Wireshark do?
Captures and analyzes network traffic for performance or security issues.
What’s the difference between a honeypot and a real server?
A honeypot is fake and lures attackers, while a real server hosts production services.
What is banner grabbing?
Collecting information from services like version and type, often via connection banners.
Name 3 password cracking tools.
John the Ripper, Cain and Abel, THC Hydra.
What’s the key difference in schema between SQL and NoSQL?
SQL requires a predefined schema; NoSQL is schema-less and flexible.
What are typical use cases for NoSQL?
Social apps, ads, BI, massive user growth, horizontally scaled systems.
Explain vertical vs horizontal scaling.
Vertical: upgrade single machine; Horizontal: add more machines.
Why is denormalization used in NoSQL?
Improves read speed by duplicating data.
Can NoSQL support transactions?
Only within a single document.
What is vertical scaling in SQL databases?
Improving performance by upgrading the CPU/RAM of a single server.
Why is horizontal scaling important in NoSQL?
Allows growth by adding more servers, essential for high-traffic apps.
What does it mean that SQL is ‘schema-first’?
Requires table structures and types to be defined before use.
How does NoSQL handle data integrity compared to SQL?
It lacks constraints, so integrity checks must be handled by the app.
What is a JOIN in SQL and why is it useful?
Combines rows from different tables using a related column.
What are the 4 main components of Hadoop?
Hadoop Common, HDFS, MapReduce, YARN.
Describe the MapReduce approach.
Map functions process data in parallel; reduce functions combine results.
What does the NameNode do?
Tracks metadata and block locations in HDFS.
What is the FsImage in Hadoop?
Snapshot of the file system state.
What is Hadoop’s default replication factor?
3 (each file is stored on 3 nodes).
What does HDFS do in Hadoop?
Stores large files across many nodes with redundancy.
Why is replication important in Hadoop?
Ensures fault tolerance by storing multiple copies of data.
What’s the difference between Docker containers and VMs?
Containers share the OS kernel; VMs simulate entire hardware.
What are Linux namespaces and cgroups?
Namespaces isolate resources; cgroups limit resource usage.
Name the 3 components of Docker.
Docker daemon, Docker objects (containers/images), Docker registries.
What’s the purpose of Docker Compose?
Manages multi-container apps using a YAML config file.
What is Docker Swarm?
Clusters multiple Docker engines into one virtual engine.
What is the purpose of Linux namespaces in containers?
To isolate file systems, users, and network environments per container.
What does the Docker Engine do?
Manages container lifecycles, networking, and storage.
What is the difference between Docker Hub and Docker Cloud?
Hub is a public registry; Cloud offered CI/CD features (now deprecated).
What are the 3 cloud service models?
IaaS, PaaS, SaaS.
What’s AaaS (Analytics as a Service)?
Cloud-based analytics platform offering prebuilt models and dashboards.
What is a distributed ledger?
A decentralized database shared across multiple locations without a central authority.
What are the four requirements for adding a block to a blockchain?
- Transaction, 2. Verified, 3. Stored in block, 4. Block is hashed.
List blockchain alternatives.
Tangle, Hashgraph.
How does IaaS differ from SaaS?
IaaS provides infrastructure; SaaS provides complete software apps.
What is the purpose of a hash in blockchain?
Ensures block integrity and links it to previous blocks.
How is consensus achieved in a blockchain?
Majority of nodes validate transactions using algorithms like PoW or PoS.
What is Analytics as a Service (AaaS)?
SaaS-based platform for performing analytics without managing infrastructure.
What is the goal of a vulnerability assessment?
To identify, quantify, and prioritize vulnerabilities in a system.
What is an asset in risk analysis?
Anything of value to the organization that needs protection.
Give an example of a threat from technical obsolescence.
An older operating system unable to run new security patches.
What does a risk assessment calculate?
The likelihood of a vulnerability being exploited and its impact.
What are port states used for in port scanning?
They help determine which services are accessible and potentially vulnerable.
What is the purpose of penetration testing tools?
To simulate real-world attacks and identify exploitable vulnerabilities.
What is the role of netstat in network analysis?
Displays active network connections and listening ports.
How can arp help detect ARP poisoning?
It shows the ARP cache, which may contain spoofed IP/MAC pairs.
What type of scanner sends probes to evaluate responses?
An active scanner.
What tool can simulate a DoS attack using ICMP packets?
ping can be used to flood a network as a stress test.
What is a firewall’s role in network security?
It controls incoming and outgoing traffic based on predetermined rules.
What is protocol filtering in analyzers used for?
To focus on specific types of traffic or identify malicious content.
What is a banner in banner grabbing?
A message from a service that reveals version or software type.
What does CRUD stand for?
Create, Read, Update, Delete.
What is the role of a primary key in SQL?
Uniquely identifies each record in a table.
Why is JSON used in NoSQL?
It provides a flexible and readable format for storing data.
What is the main disadvantage of denormalization?
Data redundancy and update complexity.
What is a document in NoSQL?
A self-contained unit of data, typically in JSON format.
Why are NoSQL databases considered flexible?
They allow changes in data structure without modifying schemas.
What is normalization in SQL?
The process of organizing data to reduce redundancy.
What is one key limitation of SQL databases?
They do not scale horizontally by default.
How does NoSQL support high availability?
By replicating data across multiple nodes.
Name a use case where SQL is preferred over NoSQL.
Applications requiring strong data integrity and complex queries.
What does YARN stand for?
Yet Another Resource Negotiator.
What does the Secondary NameNode do?
Assists the NameNode by merging EditLog and FsImage.
What is the EditLog in Hadoop?
A log of recent file system changes.
How is fault tolerance achieved in Hadoop?
Through data replication across multiple nodes.
What is a block in HDFS?
A fixed-size piece of data stored across the cluster.
What is a DataNode?
A node that stores actual HDFS data blocks.
What happens when a DataNode fails?
Hadoop replicates the lost data from another copy.
Why is Hadoop cost-effective?
It uses commodity hardware and is open source.
What is the default block size in HDFS?
128 MB.
What is MapReduce ideal for?
Batch processing large volumes of data.
What is Docker Hub?
A public repository of Docker images.
What is the Docker CLI?
A command-line tool to interact with Docker.
What is a container image?
A read-only template used to create containers.
What is the role of Docker Daemon?
Manages Docker containers, images, and networks.
What is Docker Desktop?
A GUI-based tool to manage Docker on Mac and Windows.
What is docker-compose.yml?
A YAML file defining multi-container applications.
What is container orchestration?
Managing, scaling, and scheduling containers automatically.
Name a container security tool.
Twistlock, Aqua, or StackRox.
What is a virtual machine in contrast to a container?
A full OS environment running on virtualized hardware.
What does docker run do?
Creates and starts a new container from an image.
What is the primary advantage of cloud computing?
On-demand resource availability and scalability.
What is SaaS ideal for?
Providing complete applications without infrastructure management.
What is the hybrid cloud model?
Combines public and private cloud resources.
What is the role of PaaS?
Provides a development platform for building and deploying applications.
What is the purpose of a cryptographic signature in blockchain?
Verifies the identity and integrity of transactions.
What is a permissioned blockchain?
A blockchain where access is restricted to approved participants.
What is a key benefit of cloud for big data?
Easily scalable processing power for analytics.
What does blockchain immutability mean?
Once added, data in a block cannot be changed without altering all subsequent blocks.
What does a snitch do in Cassandra?
Defines which nodes belong to which racks and datacenters.
What is the replication factor in Cassandra?
Number of copies of each piece of data stored across nodes.
What is a node in Cassandra?
A basic unit where data is stored.
What is the purpose of gossip protocol in Cassandra?
Allows nodes to share state information about each other.
