Test Prep

Question 1

MOU

Answer 1

Memorandum of understanding - preliminary or exploratory agreement to express an intent to work together that is not legally binding and does not involve monetary exchange

Question 2

Rules of engagement

Answer 2

define how that testing is to occur.

Question 3

CRLF Injection

Answer 3

software application coding vulnerability that occurs when an attacker injects a CRLF character sequence where it is not expected

Question 4

MOA

Question 5

CSRF

Answer 5

malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts

Question 6

Full Disk Encryption

Question 7

Data Masking

Question 8

LDAP

Answer 8

Lightweight directory access protocol: uses a client-server model for mutual authentication.

Question 9

Directory Traversal

Answer 9

allows attackers to access restricted directories and execute commands outside the web server’s root directory

Question 10

NTLM

Answer 10

Creates a 128-bit fixed output

Question 11

RIPEMD

Answer 11

160-bit, 256-bit, or
320-bit message digest

Question 12

Air Gaps

Answer 12

designed to remove connections between two networks to create physical segmentation between them.

Question 13

Symmetric encryption

Answer 13

Private key : encryption algorithm in which both the sender and the receiver must
know the same secret using a privately-held key, 1 key

example: DES, IDEA, AES, RC4, RC5, Blowfish

Question 14

Asymmetric encryption

Answer 14

Public key: Encryption algorithm where different keys are used to encrypt and
decrypt the data, 2 keys are needed.

Example: Diffie-Hellman, RSA, ECC

Question 15

Stream cipher

Answer 15

Utilizes a keystream generator to encrypt data bit by bit using a
mathematical XOR function to create the ciphertext

Question 16

Block Cipher

Answer 16

Breaks the input into fixed-length blocks of data and performs the
encryption on each block

Question 17

DES

Answer 17

Data encryption standard: Encryption algorithm which breaks the input into 64-bit blocks and uses
transposition and substitution to create ciphertext using an effective key
strength of only 56-bits

Question 18

3DES

Answer 18

Triple DES: uses three separate symmetric keys to encrypt, decrypt, then encrypt the plaintext into ciphertext

Question 19

IDEA

Answer 19

International Data Encryption Algorithm: Symmetric block cipher which uses 64-bit blocks to encrypt plaintext into
ciphertext

Question 20

AES

Answer 20

Advanced encryption standard: uses 128-bit, 192-bit, or 256-bit blocks and a
matching encryption key size to encrypt plaintext into ciphertext

Question 21

Blowfish

Answer 21

uses 64-bit blocks and a variable length
encryption key

Question 22

Twofish

Answer 22

uses 128-bit blocks
and a 128-bit, 192-bit, or 256-bit encryption key

Question 23

RC4

Answer 23

Rivest Cipher: 40-bits to 2048-
bits that is used in SSL and WEP, this is the only stream cipher on the exam

Question 24

Diffie-Hellman

Answer 24

Diffie-Hellman is used for the establishment of a VPN tunnel using IPSec

Question 25

RSA

Answer 25

RSA is widely used for key exchange, encryption, and digital signatures RSA can use key sizes of 1024-bits to 4096-bits

Question 26

One-time pad

Answer 26

A stream cipher that encrypts plaintext information with a secret random
key that is the same length as the plaintext input

Question 27

Steganography

Answer 27

The science and art of hiding messages within other messages

Question 28

Ephemeral

Answer 28

A cryptographic key that is generated for each execution of a key
establishment process

Question 29

Homomorphic Encryption

Answer 29

An encryption method that allows calculations to be performed on data
without decrypting it first

Question 30

MD5

Answer 30

Algorithm that creates a fixed-length 128-bit hash value unique to the
input file

Question 31

SHA-1

Answer 31

creates a fixed-length 160-bit hash value

Question 32

SHA-2

Answer 32

SHA-224, SHA-256, SHA-348, and
SHA512

Question 33

SHA-3

Answer 33

creates hash digests between 224-bits and 512-bits

Question 34

Pass the Hash

Answer 34

allows an attacker to authenticate to a remote server or service by using the underlying NTLM or LM hash instead of requiring the associated plaintext password, Mimikatz tool helps to automate the harvesting of hashes

Question 35

PKI

Answer 35

Public key infrastructure: n entire system of hardware, software, policies, procedures, and people
that is based on asymmetric encryption

Question 36

Wildcard certificates

Answer 36

Public key certificate that can be used with multiple subdomains of a domain.

Question 37

BER

Answer 37

Basic encoding rules: original ruleset governing the encoding of data structures for
certificates where several different encoding types can be utilized

Question 38

CER

Answer 38

Canonical Encoding Rules: only allows the use of only one encoding type

Question 39

DER

Answer 39

Distinguished encoding rules: allows one encoding type and has more restrictive rules for length, character strings, and how elements of a digital certificate are stored in X.509

Question 40

GLBA

Answer 40

Gramm-Leahc-Biliey Act - Financial institutions and how they are to protect their customers private information

Question 41

SOX

Answer 41

Sarbanes-Oxley - federal law that sets new or expanded requirements for all US public company boards, management, and public accounting firm

Question 42

FERPA

Answer 42

governs the access to educational information and records

Question 43

WPA

Answer 43

Wi-Fi protected access (WPA) is an improved encryption scheme for protecting Wi-Fi communications that was designed to replace WEP

Question 44

WPA3

Answer 44

Most secure - Wi-Fi protected access version 3 (WPA3) has replaced WPA2 as the most secure wireless encryption method

Question 45

WEP

Answer 45

Least secure - Wired equivalent privacy (WEP) is an older mechanism for encrypting data sent over a wireless connection. WEP is considered vulnerable to attacks that can break its encryption.

Question 46

WPA2

Answer 46

Wi-Fi protected access version 2 (WPA2) replaced the original version of WPA after the completion of the 802.11i security standard

Question 47

Protected Health Information

Answer 47

defined as any information that identifies someone as the subject of medical and insurance records, plus their associated hospital and laboratory test results.

requires notification of the individual, the Secretary of the US Department of Health and Human Services (HHS), and the media (if more than 500 individuals are affected)

Question 48

PII - Personally Identifiable Information

Answer 48

any data that can be used to identify, contact, or impersonate an individual

Question 49

syslog

Answer 49

a way network devices can use a standard message format to communicate with a logging server

Question 50

Proxy Server

Answer 50

server application that acts as an intermediary between a client requesting a resource and the server providing that resource.

Question 51

Port 389

Answer 51

LDAP - This includes the active directory

Question 52

Port 3389

Answer 52

RDP - Remote desktop protocol

Question 53

Port 21

Answer 53

FTP - File transfer protocol

Question 54

MAC

Answer 54

Mandatory access control - requires all access to be predefined based on system classification, configuration, and authentication

Question 55

Diamond Model of Intrusion Analysis

Answer 55

constructed around a graphical representation of an attacker’s behavior.

Question 56

OpenIOC

Answer 56

contains a depth of research on APTs but does not integrate the detection and mitigation strategy.

Question 57

Data Protection Officer (DPO)

Answer 57

ensure that her organization processes the personal data of its staff, customers, providers, or any other individuals

Question 58

Passive Reconnaissance

Answer 58

focuses on collecting information that is widely and openly available from publicly available sources.

Question 59

ICS/SCADA network

Answer 59

machines utilize very specific commands to control the equipment and to prevent malicious activity

Question 60

SPI

Answer 60

Sensitive Personal Information: information about an individual’s race or ethnic origin

Question 61

One-time use pad

Answer 61

Provides the strongest and most secure encryption - ensures that every message is encrypted with a different shared key that only the two owners of the one-time use pad would know.

Question 62

Port 445

Answer 62

SMB service

Question 63

Port 23

Answer 63

TELNET

Question 64

Port 69

Answer 64

TFTP

Question 65

Port 53

Answer 65

DNS

Question 66

EDM

Answer 66

Exact Data Match: a pattern matching technique that uses a structured database of string values to detect matches

Question 67

BeEF

Answer 67

penetration testing tool that focuses on the web browser.

Question 68

SSO

Answer 68

Single Sign On

Question 69

SAML

Answer 69

XML-based framework for exchanging security-related information such as user authentication, entitlement, and attributes

Question 70

PKI

Answer 70

Public key infrastructure: an entire system of hardware, software, policies and procedures that is based on asymmetric encryption

Question 71

SSL

Answer 71

Secure socket layer: Cryptographic protocols that provide secure internet communications for web browsing, email and many other services. Should NOT USE

Question 72

SSH

Answer 72

Secure Shell: A protocol that can create a secure channel between two computers or
network devices, one device takes control of another device.

Question 73

Port 22

Answer 73

SSH

Question 74

Port 1723

Answer 74

PPTP: Port to port tunneling protocol, A protocol that encapsulates PPP packets and ultimately sends data as
encrypted traffic

Question 75

Port 1701

Answer 75

L2TP: Layer 2 tunneling protocol

Question 76

Redundant Power Supply

Answer 76

An enclosure that provides two or more complete power supplies

Question 77

UPS

Answer 77

Uninterruptible Power Supply: Combines the functionality of a surge protector with that of a battery backup

Question 78

RAID

Answer 78

Redundant array of independent disks: Allows the combination of multiple physical hard disks into a single logical hard disk drive

Question 79

RAID 0

Answer 79

Provides data striping across multiple disks to increase performance

Question 80

RAID 1

Answer 80

Provides mirroring the data identically into two hard disks, least amount of down time

Question 81

RAID 5

Answer 81

Striping data and parity data across the disk drives, three physical disks needed.

Question 82

RAID 6

Answer 82

Striping data and double parity data across the disk drives, requires 4 physical disks

Question 83

RAID 10

Answer 83

Two mirrored RAIDS combines RAID 1 and RAID 0

Question 84

TLS

Answer 84

Transport Layer Security: Symmetric tunnel between the private keys

Question 85

Port 25

Answer 85

SMTP: Secure mail transfer protocol

Question 86

Incident response (IMPORTANT TO KNOW)

Answer 86

PICERL: Preparation, Identification, Containment, Eradication, Recovery, Lessons learned

Question 87

SIEM

Answer 87

Security Information and Event Monitoring: combination of different data sources into one tool that provides real time analysis of security alerts generated by applications and network
hardware

Question 88

Tracert

Answer 88

displaying possible routes and
measuring transit delays of packets across an
Internet Protocol network

Question 89

nmap

Answer 89

An open-source network scanner that is used to discover hosts and
services on a computer network

Question 90

Shimming

Answer 90

Alters the external behavior of an application and at the same time does not introduce any changes to application code

Question 91

Refactoring

Answer 91

The practice of modifying an applications code without changing its external behavior

Question 92

RFID

Answer 92

Radio Frequency Identification: wireless system comprised of tags and readers

Question 93

VM Escape

Answer 93

Attack that allows an attacker to break out of a normally isolated VM

Question 94

subnetting

Answer 94

Act of creating subnetworks through manipulating IP addresses.