Test Study 4 Flashcards
1
Q
What is Type 2 XSS?
A
Persistent
Malicious scripts that are submitted and stored on the server to be presented to other users.
2
Q
What works on port 25?
A
SMTP
3
Q
What has an IP header of 51?
A
AH
4
Q
What are the key concepts of Common Criteria?
A
Target of Evaluation Protection Profile Security Functionality Requirements Security Assurance Requirements Evaluation Assurance Level
5
Q
What operates on port 515?
A
CUP
6
Q
What is the trusted path?
A
A secure channel for system management activities to prevent imitation.
7
Q
What is PRI in networking?
A
Primary Rate Interface ISDN, consists of 24 x 64 kb/s channels for a total of 1.544 Mb/s
Also known as T1 or E1
8
Q
Which standard certificate format is used most often by CAs?
A
PEM
9
Q
What port does SNMP work on?
A
161
10
Q
What packet has an IP header of 1?
A
ICMP
11
Q
What ISDN can provide speeds of at least 30 Mb/s?
A
E-3, T-3
12
Q
What part of the TCB is responsible for handling user access requests?
A
Security kernel.
13
Q
What happens in the analyze step of continuous monitoring?
A
Analyze the data collected and report the findings and determine the appropriate response.
14
Q
What is the IP header for ESP?
A
50
15
Q
What RMF step includes reporting findings and determining the appropriate response?
A
Analyze and Report
16
Q
What framework will provide an indication of maturity of security controls?
A
COBIT
17
Q
What operates on port 67/68
A
BootP / DHCP
18
Q
What happens in the review and update step of continuous monitoring?
A
Review and update the monitoring program, adjusting the strategy and maturing measurement capabilities to increase visibility into assets and awareness of vulnerabilities.
19
Q
What is the IP header for ICMP?
A
1
20
Q
What port does SMTP work on?
A
25
21
Q
What happens in the establish step of continuous monitoring?
A
Determine metrics, status monitoring frequencies, control assessment frequencies, and technical architecture.
22
Q
What provides digital network over voice cabling?
A
ISDN
23
Q
What encryption method replaces characters based on a fixed number of positions away?
A
Shift cipher
24
Q
What RMF step includes collecting security related information required for metrics?
A
Implement
25
What are the wireless standards that can operate at 5 ghz?
802. 11a
802. 11ac
802. 11n
26
What are the speeds of T-1, T-3, E-1, and E-3?
T-1 is 1.544 Mb/s
T-3 is 45 Mb/s
E-1 is 2.048 Mb/s
E-3 is 34.368 Mb/s
27
What works on port 143?
IMAP
28
What is a capability table?
A list of subjects that are authorized to access a specific object.
29
What is PASTA?
Process for attack simulation and threat analysis
| It's a seven step risk oriented threat assessment methodology.
30
What is the difference in S/MIME and PGP?
PGP relies on web of trust, S/MIME requires PKI
31
What protocol can apply encryption and digital signatures to email, and is compatible with a wide range of key management approaches?
MOSS
32
What happens in the respond step of continuous monitoring?
Respond to findings with technical, management, and operational mitigating activities or acceptance, transference, or avoidance.
33
What are the wireless standards and their ranges?
```
5ghz
802.11a
802.11ac
2.5ghz
802.11b
802.11g
Both
802.11n
```
34
What is an ephemeral key?
a key generated based on all new parameters and randomized.
35
What is a secure channel for system management?
Trusted Path
36
What is the reference monitor?
An abstract machine that is used to validate access to objects by authorized subjects. It operates at the boundary between the trusted and untrusted realm.
37
What is BR in networking?
Basic Rate ISDN, it consists of 2 x 64kb/s channels for a total of 128 kb/s
38
What are the key principals of GDPR?
```
Lawfulness, fairness and transparency.
Purpose limitation.
Data minimization.
Accuracy.
Storage limitation.
Integrity and confidentiality (security)
Accountability.
```
39
What is a statement of importance?
A document derived from the BIA which is relevant to continuity plans.
40
What is OCSP stapling?
The presenter of a certificate bears the resource cost involved in providing OCSP responses by appending a time-stamped OCSP response signed by the CA to the initial TLS handshake.
41
What works on port 110?
POP
42
What is a tunneling protocol that works at the network layer that cannot handle its own encryption?
GRE
| Generic Routing Encapsulation
43
What is material evidence?
Evidence that bears a significant relationship to the facts of the case.
44
What is S/MIME?
Secure Multi Purpose Internet Mail Extentions
| A protocol for sending digitally signed or encrypted email.
45
What operates on port 2049?
NFS
46
What are AH, UDP, ESP in long form?
Authentication Header
User Datagram Protocol
Encapsulation Security Protocol
47
What port does LDAPS work on?
636
48
What is the name of the process where the presenter of a certificate also provides a time-stamped and signed OCSP response to prove validity of a certificate?
Stapling
49
What is a tunneling protocol that works at the data link layer that cannot handle its own encryption?
L2TP
50
What operates on port 389?
LDAP
51
What port does TFTP operate on?
69
52
What port does POP work on?
110
53
What is Common Criteria?
A standard/framework for security certification.
54
What kind of key is generated based on all new parameters?
Ephemeral key
55
What are the types and names of XSS?
Type 1 - Reflected
| Type 2 - Persistent
56
What operates on port 20?
FTP
57
What is the ports for BootP?
67/68
58
What is GRE?
Generic Routing Encapsulation
| An old, layer 3 tunneling protocol that cannot do its own encryption.
59
What port does NFS work on?
2049
60
What are the wireless standards that can operate at 2.5ghz?
802. 11b
802. 11g
802. 11n
61
What is PEM?
A commonly used standard by CAs.
62
Which XSS involves a user clicking on a bad hyperlink?
Type 1, Reflected
63
What is the security kernel?
Handles all user/application requests for access to system resources. It enforces controls
64
What is a shift cipher?
ROT-13, converts paintext by replacing it with another character a fixed number of positions away.
65
What RMF step includes adjusting the strategy and maturing measurement capabilities?
Review and Update
66
What is Type 1 XSS?
Reflected
| Associated with a gullible user clicking a hyperlink with parameters in it
67
What describes the rights a subject has to every object in the system?
Access control matrix
| Rights management matrix
68
What protocol can handle either point to point or tunneled communication by itself?
IPSEC
69
What encryption method changes clear text into ciphertext on a letter by letter basis?
Cipher
70
Which XSS involves malicious scripts being served up to the user?
Type 2, Persistent
71
What describes the rights that subjects have to a specific object?
Capability Table
72
Which is faster, T-1 or E-1?
E-1
73
What is an ISDN?
Integrated services digital network, a digital network over voice cabling.
74
What type of evidence bears a relationship to the facts of the case?
Material
75
What type of evidence is reliable?
Competent
76
What are the steps of the SDLC?
```
Planning
Defining
Designing
Building / Developing
Testing
Deployment
```
77
Which ISDN would be the minimum to support 30 Mb/s?
E-3
78
What is PPTP?
Point to point tunneling
| a vpn protocol that operates at the data link layer, largely in disuse, but can provide authentication and encryption.
79
What ISDN format provides 128 kb/s?
BR
| Basic Rate
80
What port does LDAP work on?
389
81
What is IPSEC?
A protocol to provide either point to point or tunneled communication and provide non-repudiation and confidentiality.
82
What is COBIT?
A framework that will provide an indication of the maturity of security controls.
83
What is the IP header for the AH?
51
84
How does a cipher work?
Letter by letter basis
85
What is the TCB and what are some of its properties?
Trusted Computing Base
The sum of all the protection mechanisms within a computer and is responsible for enforcing security policy.
Defined in the orange book
Includes hardware, software, and firmware
Higher TCB ratings require detailed testing procedures and documentation
TCB enforcement depends on parameters supplied by system admins
86
What port does DHCP work on?
67
87
What is a protocol for sending encrypted email?
S/MIME
88
What operates on port 69?
TFTP
89
What is a method that can be used to authenticate email to reduce phishing or spam?
DKIM
90
What happens in the implement step of continuous monitoring?
Implement a continuous monitoring program and collect the security related information required for metrics, assessments and reporting. Automate where possible
91
What RMF step includes determining metrics and control assessment frequencies?
Establish
92
What ISDN format provides up to 1.544 Mb/s
PRI or T1
93
What is DKIM?
Domain Keys Identified Mail
| A method used to authenticate email so as to minimize phishing and spam
94
What is L2TP
Layer 2 Tunneling Protocol
An extension of PPTP, it is designed to encapsulate messages for constructing a tunnel but relies on other protocols for encryption
95
What is the IP header for UDP?
17
96
What RMF continuous monitoring step includes a formulating a strategy based on risk tolerance?
Define
97
What is PPP
Point to point protocol
| Deprecated protocol for encapsulation of data between permiters.
98
What is an access control matrix and what is it also known as?
Rights management matrix
| A model that describes the rights of each subject with respect to every object in the system.
99
What is the port for FTP?
20
100
What is relevant evidence?
Evidence that is of consequence to the determination of the outcome of the case.
101
What operates on port 636
LDAPS
102
What are the steps in continuous monitoring?
```
Define
Establish
Implement
Analyze and Report
Respond
Review and Update
```
103
What continuous monitoring step includes handling findings via mitigation, acceptance, transference, or avoidance?
Respond
104
What port does CUP operate on? And what is CUP?
515, common unix printer
105
What port does IMAP work on?
143
106
What packet has an IP header of 17?
UDP
107
What is a seven step process for threat analysis and attack simulation?
PASTA
108
What has an IP header of 50?
ESP
109
What part of the TCB is responsible for validating access?
Reference monitor
110
What is a protocol that works at the data link layer that can provide encryption?
PPTP
111
What is Competent evidence?
Evidence that is reliable.
112
What works on port 161?
SNMP
113
What happens in the define step of continuous monitoring?
Define a strategy based on risk tolerance that maintains clear visibility into assets, awareness of vulnerabilities, up to date threat information, and mission/business impacts.
114
What is a deprecated protocol intended to operate between perimeters?
PPP or point to point
115
What type of evidence is consequential to the outcome of the case?
Relevant
116
What is MOSS?
MIME Object Security Services
A protocol that can apply encryption and digital signatures to MIME objects. It is also intended to be compatible with a wide range of public key management approaches
