Test 2 Smaller Flashcards
What are the five basic steps in a vulnerability assessment?
Asset Identification, Threat Identification, Vulnerability Appraisal, Risk Assessment, Risk Mitigation
What is the purpose of an attack tree in threat modeling?
Visually displays possible attacks, their goals, and the techniques used, structured as an inverted tree.
What are the three possible states of a network port?
Open, Closed, Blocked.
Name three tools used in protocol analysis.
Wireshark, Microsoft Message Analyzer, tcpdump.
What is a honeypot?
A decoy system used to lure attackers and study their methods.
What does the ping command do in network security?
Tests the reachability of a device by sending ICMP packets and measuring response time.
What is tracert used for?
Displays the path packets take to a destination, identifying each router along the route.
How does a port scanner help assess network security?
Identifies which ports are open, closed, or blocked to determine service vulnerabilities.
What is the function of a vulnerability scanner?
Checks for known vulnerabilities in systems like unpatched software or open ports.
What does a protocol analyzer like Wireshark do?
Captures and analyzes network traffic for performance or security issues.
What’s the difference between a honeypot and a real server?
A honeypot is fake and lures attackers, while a real server hosts production services.
What is banner grabbing?
Collecting information from services like version and type, often via connection banners.
Name 3 password cracking tools.
John the Ripper, Cain and Abel, THC Hydra.
What’s the key difference in schema between SQL and NoSQL?
SQL requires a predefined schema; NoSQL is schema-less and flexible.
What are typical use cases for NoSQL?
Social apps, ads, BI, massive user growth, horizontally scaled systems.
Explain vertical vs horizontal scaling.
Vertical: upgrade single machine; Horizontal: add more machines.
Why is denormalization used in NoSQL?
Improves read speed by duplicating data.
Can NoSQL support transactions?
Only within a single document.
What is vertical scaling in SQL databases?
Improving performance by upgrading the CPU/RAM of a single server.
Why is horizontal scaling important in NoSQL?
Allows growth by adding more servers, essential for high-traffic apps.
What does it mean that SQL is ‘schema-first’?
Requires table structures and types to be defined before use.
How does NoSQL handle data integrity compared to SQL?
It lacks constraints, so integrity checks must be handled by the app.
What is a JOIN in SQL and why is it useful?
Combines rows from different tables using a related column.
What are the 4 main components of Hadoop?
Hadoop Common, HDFS, MapReduce, YARN.
Describe the MapReduce approach.
Map functions process data in parallel; reduce functions combine results.
What does the NameNode do?
Tracks metadata and block locations in HDFS.
What is the FsImage in Hadoop?
Snapshot of the file system state.
What is Hadoop’s default replication factor?
3 (each file is stored on 3 nodes).
What does HDFS do in Hadoop?
Stores large files across many nodes with redundancy.
Why is replication important in Hadoop?
Ensures fault tolerance by storing multiple copies of data.
What’s the difference between Docker containers and VMs?
Containers share the OS kernel; VMs simulate entire hardware.
What are Linux namespaces and cgroups?
Namespaces isolate resources; cgroups limit resource usage.
Name the 3 components of Docker.
Docker daemon, Docker objects (containers/images), Docker registries.
What’s the purpose of Docker Compose?
Manages multi-container apps using a YAML config file.
What is Docker Swarm?
Clusters multiple Docker engines into one virtual engine.
What is the purpose of Linux namespaces in containers?
To isolate file systems, users, and network environments per container.
What does the Docker Engine do?
Manages container lifecycles, networking, and storage.
What is the difference between Docker Hub and Docker Cloud?
Hub is a public registry; Cloud offered CI/CD features (now deprecated).
What are the 3 cloud service models?
IaaS, PaaS, SaaS.
What’s AaaS (Analytics as a Service)?
Cloud-based analytics platform offering prebuilt models and dashboards.
What is a distributed ledger?
A decentralized database shared across multiple locations without a central authority.
What are the four requirements for adding a block to a blockchain?
- Transaction, 2. Verified, 3. Stored in block, 4. Block is hashed.
List blockchain alternatives.
Tangle, Hashgraph.
How does IaaS differ from SaaS?
IaaS provides infrastructure; SaaS provides complete software apps.
What is the purpose of a hash in blockchain?
Ensures block integrity and links it to previous blocks.
How is consensus achieved in a blockchain?
Majority of nodes validate transactions using algorithms like PoW or PoS.
What is Analytics as a Service (AaaS)?
SaaS-based platform for performing analytics without managing infrastructure.
