Vocabulary

Question 1

A block cipher type of encryption considered to be less vulnerable than DES.

Answer 1

3DES (Triple Data Encryption Standard)

Question 2

The act of restricting both physical, file and server access so those who need it have it, but those who don’t need it do not have it.

Answer 2

Access Control

Question 3

The process of preventing an account from logging on after a number of incorrect log on attempts

Answer 3

Account Lockout

Question 4

A directory service used in a Windows domain to store and administer users, groups, printers, devices, and other objects.

Answer 4

Active Directory

Question 5

A type of share that is only accessible by administrators, backup operators, and server operators.

Answer 5

Administrative Shares

Question 6

A form of malware which displays advertisements while an app is being used.

Answer 6

Adware

Question 7

A block cipher type of encryption which comes in 128, 192, and 256 bits

Answer 7

AES (Advance Encryption Standard)

Question 8

Files that are copies of files from network drives.

Answer 8

Antispam

Question 9

A firewall filtering method which analyzes data at layer 5 (the session layer) of the OSI model.

Answer 9

Application-Level Firewall

Question 10

An impostor-like misuse of a network protocol for the purpose of attacking a network.

Answer 10

ARP Spoofing

Question 11

A type of encryption in which one key encrypts data and the other key decrypts data.

Answer 11

Asymmetric Encryption

Question 12

the totality of ways in which a system can be attacked.

Answer 12

Attack Surface

Question 13

A mechanism by which a log tracks who has logged on to a system and what has been accessed on the system.

Answer 13

Auditing

Question 14

The act of verifying identification to a application or a system

Answer 14

Authentication

Question 15

the part of the CIA triangle that ensured data is accessible by those who need it, when they need it.

Answer 15

Availability

Question 16

Malware used to do unauthorized tasks on a system through an opening in the system.

Answer 16

Backdoor

Question 17

A certificate type which support storage of a single certificate.

Answer 17

Base-64-Encoded X.509

Question 18

The for of authentication that uses devices such as retina scanners, voice recognition, fingerprint scanners, or facial recognition for authentication.

Answer 18

Biometrics

Question 19

An encryption system which encrypts entire dives.

Answer 19

BitLocker

Question 20

A type of encryption system which encrypt removable hard drives.

Answer 20

BitLocker To Go

Question 21

a block of plain text plus a key to encrypt the block of text.

Answer 21

Block Cipher

Question 22

An Attack in which all possible combinations of characters are used in an attempt to crack a password.

Answer 22

Brute Force Attack

Question 23

An overloading of a reserved space of data, this causes the system to slow down, freeze, or crash.

Answer 23

Buffer Overflow

Question 24

A server or third-party entity used to issue digital certificates

Answer 24

CA ( Certificate Authority)

Question 25

A challenge-response authentication protocol which uses MD5 hashing

Answer 25

CHAP (Challenge Handshake Authentication Protocol)

Question 26

the combination of confidentiality, integrity, and availability as it relate to securing data systems.

Answer 26

CIA Triangle

Question 27

A filtering mechanism in which data packets are filtered by port and/or protocol.

Answer 27

Circuit Filtering

Question 28

The act of keeping data and systems secure from unauthorized access.

Answer 28

Confidentiality

Question 29

A piece of text which stores information, site preference, and shopping cart contents.

Answer 29

Cookie

Question 30

Used to store certificates that have been revoked due to expiration or being compromised.

Answer 30

CRL (Certificate Revocation List)

Question 31

An attack in which data on a network is captured and then resent.

Answer 31

Cross-site Scripting Attack

Question 32

An attack in which a network is disrupted to the point to where they cannot function.

Answer 32

DDoS (Denial of Service) Attack

Question 33

Security through layers of a building, such as the external perimeter, the physical doors, and the internal part of a building.

Answer 33

Defense in Depth

Question 34

the act of passing control of a resource (such as an organizational unit) from one entity to another.

Answer 34

Delegation

Question 35

Encoded binary X.509 certificates which do not support private key storage.

Answer 35

DES (Data Encryption Standard)

Question 36

A tool which uses code integrity policies to lock devices to only run trusted apps.

Answer 36

Device Guard

Question 37

a type of certificate used to store public keys and information such as user, organization, serial number, and expiration date.

Answer 37

Digital Certificate

Question 38

A certificate which is used to verify authenticity of a document or email message.

Answer 38

Digital Signature

Question 39

A computer which becomes part of Botnet and helps carry out DDoS

Answer 39

DNS Poisoning

Question 40

A form of spoofing in which MAC address/IP address combinations are compromised through stealing the IP address of a host and then using that to force traffic to an attacking machine.

Answer 40

DNS Spoofing

Question 41

A mechanism used to securely transmit data over part of a VPN connection.

Answer 41

DNSSEC

Question 42

A tool sued to capture network packets on connected ports. this can be used for analysis or for hacking.

Answer 42

DoS Attack

Question 43

A form of NAT which maps one private IP address to one public IP address.

Answer 43

Dynamic NAT

Question 44

the cumulative total of inherited and explicit permissions given to a user or group on a resource.

Answer 44

Effective Permissions

Question 45

A Windows encryption mechanism which encrypts file and folders

Answer 45

EFS (Encrypting File system)

Question 46

An attack in which a virus or worm takes advantage of a software vulnerability.

Answer 46

Email Bombing

Question 47

the adding of a cipher text to data to scramble the data to make it unreadable without a decryption key.

Answer 47

Encryption

Question 48

An attack of an IP address to where a source IP is forged.

Answer 48

ESP

Question 49

A Windows tool used store and present application, security, and system logs, all for the purpose of information and troubleshooting.

Answer 49

Event Viewer.

Question 50

Permissions which are granted to a user or group by an administrator.

Answer 50

Explicit Permissions

Question 51

The entry area to a building and the immediate area outside of the building

Answer 51

External Perimeter

Question 52

A network security system and/or hardware device which controls any incoming and outgoing network traffic based on a set of rules provided by an administrator.

Answer 52

Firewall

Question 53

A Windows tool which is used to control rights for users, groups, and organizational units.

Answer 53

Group Policies

Question 54

A concept by which multiple services are installed across multiple servers.

Answer 54

Hash Function