Unknown answers Flashcards
What are the stages of digital Forensics?
Acquisition
* Obtain Data without altering origional evidence
* Look for artifacts, left behind log information etc.
Reporting
* Document all findings
* Summary information
Preservation
* Handling Evidence
* Manage collection process
Differerence between Vertical and Horizontal password attacks
Vertical
* Targeting one account with large number of possible passwords
Horizontal
* Targeting multiple accounts trying a few common passwords
Why is inventory important
- Enables a organization to maintain up-to-date records of hardware, software and data assets
- This enables timely patch management, as administrators can easily identify assets that require updates or patches
Explain Buffer overflow
- Occurs when an application receives more data than it´s allocated to handle
- Causing the excess data to overflow into adjacent memory locations
- Can lead to application crashes potentially allowing attacker to execute arbitrary code
What is a Golden Image?
- Ensures consistency and saves time by providing a standardized confoguration for each VM empoyed
What is SCAP
** Security Content Automation Protocol **
* Different standards for automating the management of computer security threats and vulnerabilities
* Ensures organizations infrastructure is compliant with regulatory standards and guidelines
* Provides common language for security content
* Aids in automating the process of detecting vulnerabilities and managing configurations in a system
What is a Security custodian?
- Responsible for day-today management and implementation of security controls
- Work under guidance of CISO or Security owner to ensure security measures are applied
- Do not have primary responsibility for defining and establishing organization wide security procedures
What is a Data Controller
- Responsible for determining the purposes and means of processing personel data
- Defining how personal data is handled
- Data governance and compliancewith data protection regulations
How is the ALE calculated?
SLE x ARO
SIngle Loss expectancy x Annual Rate of Occurrence
What is Federation?
- Linking together of of several seperate systems, databases or applications to create unified cooperative system
- Allows different computing system,s and organozations to share and access data
- Typically in cloud environments
What is the main significance of implementing XDR?
- Ability to integrate and correlate security data from various souces
- Endpoints, networ, and cloud environments
- Detect and respond to sophisticated, multi-vector threats
- Still, primary role is detect and respond
What is a rogue WAP and which attack can you conclude from it?
Refers to any Wifi access point that has ben installed without explicit authorization from a network administrator
- On-path-attack
WAF
- Web application Firewall
- Protects Web applications by monitoring, filtering and blocking HTTP/HTTPS traffic
- Layer 7
Client based
- Software that runs on computer and requires installation and configuration
- May have vulnerabilities if not patched
ABAC
Attribute-Based Access Control
* Access permissions based on various user attributes: Job Role, department, location, and time of access
RBAC
Role-based Access Control
* Soley based on job roles or job functions
DAC
Discretionary access control
* Allows individual users to have discretion or control over their own resources
What is Enumeration in the effective management of Hardware, software, and data assets?
- Practice of assigning unique identifiers, access controls and attributes to each asset
- Helps establish ensurance only authorized users can interact with assets
Cellular
- Use GSM or CDMA technologies to provide wireless communication between devices
- Secure
- Best way for secure and reliable communication between offices
What is an AUP?
Acceptable use policy
* Is a directive control because it helps direct employee behavior by specifying what actions are allowed and not allowed when using company resources
What could be a security implication of Microservices?
As applications are broken down into microservices, ecah service might need specific access controls potentially complicating permissions landscape
What is the purpose of an audit committee?
Overseeing and evaluating an organizations internal controls, financial reporting and compliance processes
Which common method of authenticating systems is used in SSL/TLS?
Uses digital certificates to authenticate the identity of the server and optionally client during SSL/TLS handshake
How is a CVE identifier formated?
Year and sequence of numbers
2023-12345
Volume encryption
Affects defined, formatted block of storage which could span across multiple partitions
Name SCADA systems vulnerabilities
- Hard to patch
- Often legacy protocols without encryption
Partition Encryption
Encrypts only defined partition on a storage device
False Negative
Dismisses threath
false positive
Legitimate action but labeled as threath
Data owner
The owner’s role is accountable for the data’s security and compliance with the organization’s strategic objectives. Outlines the purposes, conditions, and methods of personal data processing to comply with GDPR pertain to the controller role, not the owner.
What is the primary purpose of internal compliance reporting?
Provide updates on compliance status, identify potential issues, and inform organizations management
ECC
Elliptic Curve Cryptography
* Primarily used for digital signatures and key exchanges rather than direct encryption of data
What means Employee retention?
- Organization can retain experienced staff who have gained valuable knowledge and expertise
Explain an audit comittee
- Makes sure that an organization meets necessary regulatory standards.
- Overerseeing risks and ensuring regulatory compliance