Test Questions Flashcards

1
Q

Uses a challenge message during authentication?

A

-CHAP - Challenge Handshake Authentication Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which hashing algorithms are NOT secure?

A

Which hashing algorithms are NOT secure?

  • MD5 - collisions
  • RIPEMD - collisions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which hashing algorithms are NOT secure?

* list not complete

A

Which hashing algorithms are NOT secure?

  • MD5 - collisions
  • SHA-0, SHA-1

-RIPEMD-160 is secure, but other version maybe not good. SHA-2 is better

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

EV Certificate

A

EV Certificate
Extended Validation
-Additional checks have been made to validate site owner

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

tracerout

A

tracerout

  • Maps each hop by incrementing TTL (Time To Live) for each request
  • When TTL reaches 0, receiving router drops packet and sends ICMP TTL Exceeded message back to original station.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AAA Framework

-Four phases, and what they need

A

AAA Framework

  1. Identification - username - who you claim to be
  2. Authentication - password - prove you are who you say you are
  3. Authorization - based on identification and authentication, what do you have access to?
  4. Accounting - Resources use - login time, data send/received, logout time
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Data Steward/Custodian

-What are this role’s responsibilities

A
Data Steward/Custodian
Handles routine tasks to protect data
-ensure data backed up
-ensure backups properly labeled and stored
-Data owners delegate task to custodian
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Data Owner

-What are this role’s responsibilities

A

Data Owner

  • A higher-level executive
  • Identifying classification of data
  • Ensure data labeled to match classification
  • Ensure security controls implemented to protect data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

ICS

A

ICS
Industrial Control System
-Dedicated network to manage and control manufacturing equipment, power generation equipment, etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

802.1X supports what types of authentication?

A
  1. 1X supports what types of authentication?
    - Authentication server receives request for access via EAP
    - RADIUS
    - LDAP
    - TACAS+
    - Kerberos
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which authentication mechanism does 802.1x usually rely upon?

A

Which authentication mechanism does 802.1x usually rely upon?

  • EAP - Extensible Authentication Protocol
  • Request for access from supplicant on computer and authentication server (RADIUS, etc)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

PKCS

A

PKCS
Public Key Cryptography Standard
-Asymmetric
-A digital signature algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Data Wiping

  • Another name?
  • What does it do?
  • Is media reusable?
A

Data Wiping

  • aka clearing
  • software tool to overwrite data on hard drive to destroy all electronic data.
  • May be performed with a 1x, 7x, or 35x overwriting, with a higher number of times being more secure.
  • Allows the hard drive to remain functional and reused.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Degaussing

  • What does it do?
  • Is media reusable?
A

Degaussing

  • demagnetizing a hard drive to erase its stored data.
  • cannot reuse a hard drive once it has been degaussed.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Data Purging

  • What does it do?
  • Is media reusable?
A

Data Purging

  • aka sanitizing
  • Removing sensitive data from a hard drive using the device’s own electronics or an outside source (like a degausser).
  • Not reusable.
  • Three methods: physical destruction, cryptographic erasure and data erasure
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Behavior-Based Analysis

A

Behavior-Based Analysis

  • Capture/analyze normal behavior and then alert when an anomaly occurs.
  • Configuring a behavior-based analysis tool requires more effort to set up properly, but it requires less work and manual monitoring once it is running.
  • Ex: could be used to detect unexpected output from an application being managed or monitored
17
Q

ECC

A

ECC
Elliptic Curve Cryptography
-Asymmetric

18
Q

FTK Imager

-Open source or proprietary?

A

FTK Imager

  • Forensic imager
  • proprietary
19
Q

dd

A

dd

  • Forensic imager
  • open source
20
Q

Autopsy

-Open source or proprietary?

A

Autopsy

  • Forensic tool suite
  • cross–platform
  • open source
21
Q

SAML

-Roles

A

SAML Roles

  • XML
  • Exchange authentication and authorization info between parties
  • SAML is a solution for providing single sign-on (SSO) and federated identity management for web-based apps
  • SP (Service Provider), RP (Relying Partner) - a web application that wants to authenticate and eventually authorize access to data.
  • IdP (Identity Provider) - Provides authentication and authorization for service providers/relying parties (SPs/RPs). It may rely on itself, or another Identity Provider (IdP) (ex: the OP provides a front-end for LDAP, WS-Federation, OIDC or SAML).
22
Q

SHA-1 Output Length

A

SHA-1 Output Length

-160 bit

23
Q

SHA-2 Output Length

A

SHA-2 Output Length

256 bit

24
Q

NTLM Output Length

A

NTLM Output Length

-128 bit

25
Q

MD5 Output Length

A

MD5 Output Length

-128 bit

26
Q

Phishing

A

Phishing
-Sending out a large volume of email to a broad set of recipients in the hopes of collecting the desired action or information.

27
Q

Pharming

A

Pharming

  • Fake website
  • Domain spoofing in an attempt to gather the desired information from a victim.
28
Q

MSSP

A

MSSP
Managed security service provider (MSSP)
-provides security as a service (SECaaS)

29
Q

Anomaly-Based Detection

A

Anomaly-Based Detection

  • aka heuristic detection
  • aka behavioral
  • Can detect unknown (zero-day) anomalies
  • Can be used by IDS, IPS
  • Detect attacks by comparing operations against baseline
30
Q

Hoax

A

Hoax

-Message that tells of impending doom from virus or other threat

31
Q

DHCP Sniffing

A

DHCP Sniffing
Dynamic Host Configuration Protocol
-A device connected to the network requests an IP address from the DHCP server using the DHCP protocol
-When DHCP servers are allocating IP addresses to the clients on the LAN, DHCP snooping can be configured on LAN switches to prevent malicious or malformed DHCP traffic, or rogue DHCP servers

32
Q

XSS vs Remote Code Exploit

A

XSS vs Remote Code Exploit

  • XSS targets server
  • Remote Code Exploits target client (user input)
33
Q

ASLR

A

ASLR
Address space layout randomization
-computer security technique involved in preventing exploitation of memory corruption vulnerabilities. In order to prevent an attacker from reliably jumping to, for example, a particular exploited function in memory, ASLR randomly arranges the address space positions of key data areas of a process, including the base of the executable and the positions of the stack, heap and libraries.

34
Q

BPDU

A

BPDU
A bridge protocol data unit (BPDU) is a data message transmitted across a local area network to detect loops in network topologies

35
Q

CSU

A

CSU
Channel Service Unit or CSU is a digital communication device that is used to connect a digital line to a digital device.

36
Q

DNAT

A

DNAT
Destination network address translation is a technique for transparently changing the destination IP address of an end route packet and performing the inverse function for any replies. Any router situated between two endpoints can perform this transformation of the packet.

37
Q

POODLE

A

POODLE

  • Padding Oracle on Downgrade Legacy Encryption
  • Downgrade attack - take advantage of falling back to SSL from TLS
  • SSL Man in the Middle exploit - attacker inserts self into comms session and forces browser to use SSL 3.0
  • SSL no longer maintained
  • Disable SSL to prevent
38
Q

Rootkits

  • How do they hide?
  • How can they be discovered?
A

Rootkits

  • Hide their running processes with hooking
  • Tools that inspect RAM can discover hidden hooked processes