Test Study 6 Flashcards
What is the ISC2 code of ethics?
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly , responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.
What data state (in flight, at rest, etc) does SQLi affect?
Data in use
What is SED?
Self-encrypting drives, primarily usb storage with automatic encryption.
What is RTOS?
Real time operating system
Used in high speed robotics and manufacturing.
What type of system should be used for robotics or manufacturing?
RTOS / Real time operating system
What is type 1 virtualization?
Bare metal hypervisors, runs directly on the physical hardware of a host machine and doesn’t require an underlying operating system to load. Most efficient
What is type 2 virtualization?
Hosted, runs on a host OS, it relies on the OS it is installed on for certain operations. Supports a wide range of hardware.
Which type of virtualization doesn’t require a host operating system?
Type 1 / Bare Metal
Which type of virtualization relies on other portions of the system to handle things like CPU calls and network resources?
Type 2 / Hosted
What is a SAN certificate?
Subject Alternative Name
Allows a single certificate to possess and authenticate multiple names. Can handle multiple top level and sub domains, but requires explicitness.
What is a wildcard certificate?
A certificate to secure multiple subdomains. Doesn’t require an explicit list.
Which type of domain certificate is good for multiple uses where you may add new subdomains repeatedly?
Wildcard
Which type of domain certificate should be used for multiple domains where you have a complete list of domains it should be used for?
SAN / Subject Alternate Name
List and detail the certificate formats.
PEM, DER, PFX, CER, P12, P7B
PEM - most common format for CAs, contains any or all of the whole cert chain and keys, widely used by Unix, base 64 encoded ascii files, extensions such as .pem, .crt, .cer, .key, apache uses PEM
DER - binary form of a PEM key, storage of a single cert without private key or the chain, .cer and .der, typically used by Java
PFX, PKCS12, P12 - interchangeable, for storing a server or intermediate cert along with private key in one encrypted file
P7B / PKCS7 - contains certificates and chains, but not the private key, has extension .p7b, .p7c, used by several platforms.
Which is the most common certificate format issued by CAs?
PEM
What are the properties and makeup of a PEM file?
Base 64 encoded ascii file, can contain any or all of the cert, chain, and keys, typically uses .pem, .crt, .cer, .key, often used in Apache.
What are the properties and makeup of a DER file?
Binary form of PEM, .cer or .der extensions, typically used in Java.
What certificate format is typically used in Java?
DER
What are the properties and makeup of a PFX key?
PFX, PKCS12, P12
Use for storing the server and intermediate certificates and the private key in one encrypted file.
.pfx, .p12, typically used in Windows
Which certificate format is encrypted and stores the certificates and private key in one file?
PFX / PKCS12 / P12
What are the properties and makeup of a P7B file?
P7B/PKCS7
Base 64 encoded, can contain certificates and chain, but NOT private key
.p7b, .p7c
Supported by several platforms - Windows, Java, Tomcat
Which certificate format is base 64 encoded and contains the certificates and chains in one file, but not the private key?
P7B / PKCS7
Which certificate format is base 64 encoded and contains the certificates, chains, and private key in one file?
PEM
Which certificate format is supported by several platforms such as Windows, Java, and Tomcat?
P7B / PKCS7
What are some properties of transport mode vpn?
Point to point or end to end encryption
The IP payload is protected
What are some properties of tunnel encryption?
Uses ESP & AH
Tunnel between two network devices, or site to site
IP payload AND header are protected, entire IP packet becomes a payload of a new IP packet and header
Which vpn mode should be used for end to end encryption?
Transport
Which vpn mode should be used between networks?
Tunnel
What does transport mode protect?
Only the IP payload.
What does tunnel mode protect?
The IP payload and header
Which vpn mode encapsulates the entire IP packet?
Tunnel
What is FDDI?
Fiber Distributed Data Interface
Optical fiber based networking
What is a DISA?
Direct Inward System Access
A feature of PBX that allows external callers to dial in to access or configure PBX
Allows outside users access to an internal dial tone to allow for internal features used externally.
What is a PBX?
Private branch exchange
Central part of an organization’s telephone system that interfaces with the PSTN
What phone feature allows for a business to split one single phone line among many internal extensions?
PBX
What phone feature allows a traveling employee to place a call that appears to come from the business itself?
DISA
What are the versions of Kerberos and what encryption do they use?
Kerberos 4 - DES
Kerberos 5 - AES
Which version of kerberos uses weaker encryption?
4, DES
Which version of kerberos uses AES?
5
What is a constrained interface?
A setting that restricts what users can see or limits functionality.
What feature can limit user functionality to add security?
Constrained interface
What ports might describe a Linux device being on the network?
22 and 111
What ports might describe a router being on the network?
22
What ports might describe a Windows workstation being on the network?
139 and 445
Ports 22 and 111 are found open on an IP, what device likely lives there?
Linux
Port 22 is found open on an IP, what device likely lives there?
Router / Switch
Ports 139 and 445 are found open on an IP, what device likely lives there?
Windows workstation
What is functional testing?
Verifying that the application works according to specifications
What is interface testing?
Verifying that different modules of the application work correctly together as a group.
What type of testing validates that different components are working together properly?
Interface
What type of testing verifies that applications are working according to their specifications?
Functional
What classification of evidence may be affected by being highly technical or hard to understand?
Relevance
What is something that threatens the relevance of evidence?
Being highly technical or hard to understand.
What is MTTR?
Meat time to recovery
How long it takes a system to recover from failure
What is the term for the duration it takes a system to recover?
MTTR
What is confusion?
Each bit of ciphertext should depend on several parts of the key.
Confusion hides the relationship between the ciphertext and the key.
Changes the key values used during repeated rounds of encryption
Works with stream and block ciphers.
What is diffusion?
Changing a single bit of the plaintext then half of the ciphertext should change.
Adds randomness to the ciphertext.
Mixes up the location of the plaintext throughout the ciphertext.
Hides the relationship between the ciphertext and the plain text.
Only works with block ciphers.
What method of securing a cipher identity only works with block ciphers?
Diffusion
What method of securing a cipher identity works with stream and block ciphers?
Confusion
What method of securing a cipher identity hides the relationship between the ciphertext and the key?
Confusion
What method of securing a cipher identity hides the relationship between the ciphertext and the plain text?
Diffusion
What method of securing a cipher identity appears to add randomness to the ciphertext?
Diffusion
What method of securing a cipher identity makes the key appear to change repeatedly?
Confusion
What is NIST 800-160?
System Security Engineering
What is NIST 800-18?
Developing Security Plans
What is Nist 800-70
Repository of Security Checklists
Which NIST SP covers system security engineering?
800-160
Which NIST SP covers developing security plans?
800-18
Which NIST SP covers a repository of checklists?
800-70
What does ESP do?
Encapsulating security protocol
Secures the payload of a packet by using encryption
What does AH do?
Uses a hash function and a secret, shared key to allow integrity and authentication.
Which packet header secures the payload?
ESP
Which packet header ensures integirty?
AH
What is the Oakley protocol?
A key agreement protocol for exchanging keys across an insecure connection using Diffie-Helman, succeeded by IKE
What protocol is based on DH for key exchange?
Oakley
