Term
| What were some significant Viruses? |
|
Definition
Melissa
Michaelangelo
Brain |
|
|
Term
| Classifications of Viruses |
|
Definition
Resident
Nonresident
Boot Sector
Macro |
|
|
Term
| Potential Characteristic of Viruses |
|
Definition
Program and File Infecting Virus
Polymorphic Virus
Armored Virus
Stealth Virus
Multipartite Virus |
|
|
Term
| What were some significant Worms? |
|
Definition
Morris Blaster Stuxnet
Nimba Mydoom
Code Red Love Bug |
|
|
Term
| What were some significant Trojan Horses? |
|
Definition
Acid Rain Simpsons
Nuker Vundo
Mocmex |
|
|
Term
|
Definition
| Also known as slag code. Is a virus or Trojan Horse designed to execute malicious actions when a certain event occurs or after a certain period of time. |
|
|
Term
| What were some significant botnets? |
|
Definition
|
|
Term
|
Definition
| A piece of code between 2 components that is then capable of intercepting calls and even redirecting them elsewhere |
|
|
Term
|
Definition
| Identifying ways to make code more efficient through better design. |
|
|
Term
| What is URL Hijacking also known as? |
|
Definition
| Typo Squatting. This type of attack relies on typographic errors users make on the internet. |
|
|
Term
|
Definition
| Attacker sends ping packets to the broadcast address of the network, replacing the original source address in the ping packets with the source address of the victim (Based on the ICMP or Internet Control Message Protocol). |
|
|
Term
|
Definition
| The attacker sends spoofed UDP packets to the broadcast address of the network. These UDP packets are directed to port 7 (Echo) or port 19 (Chargen). When connected to port 19, a character generator attack can be run (Based on the UDP packets). |
|
|
Term
| 2 well-known methods of brute-force attacks. |
|
Definition
Birthday Attack
Rainbow Table |
|
|
Term
| Name 6 Threat Actor Types? |
|
Definition
Script Kiddies Insiders
Hacktivist Nation States/APT
Organized crime Competitors |
|
|
Term
| What are the 4 Attributes of Actors? |
|
Definition
Internal/External (relationship)
Level of Sophistication (capability)
Resources/Funding (capability)
Intent/Motivation |
|
|
Term
| TERM: What does APT stand for? |
|
Definition
| Advanced Persistent Threat |
|
|
Term
| TERM: What does OSINT stand for? |
|
Definition
|
|
Term
| What are some sources of OSINT? |
|
Definition
Television Academic Publications
Newspapers Photos
Magazines Geospatial Information |
|
|
Term
| 3 types of penetration testing techniques |
|
Definition
- Black Box (No Knowledge)
- White Box (Complete Knowledge)
- Gray Box (Limited Knowlege) |
|
|
Term
| High-Level Components of Penetration Testing |
|
Definition
- Verify That a Threat Exists
- Bypass Security Controls
- Actively Test Security Controls
- Exploit Vulnerability |
|
|
Term
| The 4 Phases of Penetration Testing |
|
Definition
- Planning
- Discovery
- Attack
- Reporting |
|
|
Term
| The 4 Progressive Steps During the Attack Phase |
|
Definition
- Initial Exploitation
- Escalation of Privilege
- Pivoting
- Persistence |
|
|
Term
| 3 Goals of Vulnerability Scans |
|
Definition
- Identify Vulnerabilities
- Identify Common misconfigurations
- Identify Lack of Security Controls |
|
|
Term
|
Definition
| Open Vulnerability Assessment Language |
|
|
Term
|
Definition
| Extensible Markup Language |
|
|
Term
| 2 types of Vulnerability Scans |
|
Definition
- Passive (Non-Intrusive)
- Active (Intrusive) |
|
|
Term
|
Definition
An access control practice in which resource availability is restricted to only logins that are explicitly granted access.
deny ip any any. |
|
|
Term
|
Definition
| Internet Protocol Security |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Encapsulating Security Payload |
|
|
Term
|
Definition
|
|
Term
|
Definition
| International Data Encryption Algorithm |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| 2 ways in which a VPN operates |
|
Definition
- Full Tunnel
- Split Tunnel |
|
|
Term
| How does a full tunnel VPN wor? |
|
Definition
| All requests are routed and encrypted through the VPN. |
|
|
Term
| How does a Split tunnel VPN work? |
|
Definition
| Traffic is divided. Internal traffic requests are routed over the VPN; other traffic, such as web and email traffic, directly accesses the Internet. |
|
|
Term
|
Definition
- Network Base
- Host Base |
|
|
Term
|
Definition
| A typical or expected behavior is identified as irregular or malicious. |
|
|
Term
|
Definition
| An alert that should have been generated that did not occur. |
|
|
Term
|
Definition
| Interior Gateway Routing Protocol |
|
|
Term
|
Definition
| Enhanced Interior Gateway Routing Protocol |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Exterior Gateway Protocol |
|
|
Term
|
Definition
| Intermediate System to Intermediated System |
|
|
Term
| 7 layers of the OSI Model |
|
Definition
7 - Application 3 - Network
6 - Presentation 2 - Data Link
5 - Session 1 - Physical
4 - Transport |
|
|
Term
| What layer of the OSI Does the Router Work At? |
|
Definition
|
|
Term
| What layer f the OSI Does a Switch Work At? |
|
Definition
|
|
Term
| Application Layer of OSI Handles? |
|
Definition
End User Layer
Http, FTP, IRC, SSH, DNS |
|
|
Term
| Presentation Layer of OSI Handles? |
|
Definition
Syntax Layer
SSL, SSH, IMAP, FTP, MPEG, JPEG |
|
|
Term
| Session Layer of OSI Handles? |
|
Definition
Sync and Send to Port
API's, Sockets, WinSock |
|
|
Term
| Transport Layer of OSI Handles? |
|
Definition
End-To-End Connections
TCP, UDP |
|
|
Term
| Network Layer of OSI Handles? |
|
Definition
Packets
IP, ICMP, IPSec, IGMP |
|
|
Term
| Data Link Layer of OSI Handles? |
|
Definition
Frames
Ethernet, PPP, Switch, Bridge |
|
|
Term
| Physical Layer of OSI Handles? |
|
Definition
Physical Structure
Coax, Fiber, Wireless, Hubs, Repeaters |
|
|
Term
|
Definition
4 - Application 2 - Network
3 - Transport 1 - Network Interface |
|
|
Term
| Layer 4 (Application Layer) of TCP/IP Model handle which OSI model layers? |
|
Definition
| Layer 5, 6 and 7 (Session, Presentation and Application Layer) |
|
|
Term
| Layer 3 (Transport Layer) of TCP/IP Model handle which OSI model layers? |
|
Definition
| Layer 4 (Transport Layer) |
|
|
Term
| Layer 2 (Network Layer) of TCP/IP Model handle which OSI model layers? |
|
Definition
|
|
Term
| Layer 1 (Network Interface) of TCP/IP Model handle which OSI model layers? |
|
Definition
| layers 1 and 2 (Physical and Data link) |
|
|
Term
| The 3 functions of a switch |
|
Definition
- Filter and Forward Frames
- Learn MAC Addresses
- Prevent Loops |
|
|
Term
|
Definition
| An advanced firewall guard feature used to control network activity associated with DoS attacks and distributed denial-of-service (DDoS) attacks. |
|
|
Term
|
Definition
| When 2 different network types need to be accessed |
|
|
Term
| What are the 4 types of bridges discussed for the exam? |
|
Definition
- Transparent Bridge
- Source Routing Bridge
- Transparent Learning Bridge
- Transparent Spanning Bridge |
|
|
Term
| How does a Transparent Bridge act? |
|
Definition
| Similar to a repeater. It only stores traffic until it can move on. |
|
|
Term
| How does a Source Routing Bridge act? |
|
Definition
| Interprets the Routing Information Field (RIF) in the LAN frame header. |
|
|
Term
| How does a Transparent Learning Bridge act? |
|
Definition
| Locates the routing location using the source and destination addresses in the routing table. As new destination addresses are found, they are added to the routing table. |
|
|
Term
| How does a Transparent Spanning Bridge act? |
|
Definition
| Contains a subnet of the full topology for creating a loop-free operation. |
|
|
Term
True or False:
Looping problems can occur when a site uses 2 or more bridges in parallel between 2 LANS to increase the reliability of the network. |
|
Definition
|
|
Term
True or False:
A bridge loop occurs when data units can travel from a first LAN segment to a second LAN segment through more than 1 path. |
|
Definition
|
|
Term
| What technique is used to eliminate bridge loops? |
|
Definition
|
|
Term
| How does Network Load Balancing work? |
|
Definition
| By distributing the workload among multiple servers while providing a mechanism for server availability by health-checking each server. From the client's point of view, the cluster appears to be a single server. |
|
|
Term
| What are the different algorithms used in Network Load Balancing? |
|
Definition
- Round Robin
- Random
- Least Connections
- Weighted Round Robin
- Weighted Least Connections |
|
|
Term
True or False?
A fat access point is also know as an intelligent or standalone access point. |
|
Definition
|
|
Term
True or False?
A thin access point is also known as an intelligent antenna and is managed by a WLAN controller. |
|
Definition
|
|
Term
| What are the 3 basic functions of Siems? |
|
Definition
- Centrally manage security events.
- Correlate and normalize events for
context and alerting
- Report on data gathered from various
applications. |
|
|
Term
| What are 3 backdoor applications? |
|
Definition
- NetBus
- Back Orifice
- Masters Paradise |
|
|
Term
| What is an example of privilege escalation? |
|
Definition
| Gaining access to a restricted file by changing the permissions of your valid account. |
|
|
Term
| What type of attack affects a database? |
|
Definition
|
|
Term
| What are the 4 types of alternate data center facilities? |
|
Definition
- Hot
- Redundant
- Warm
- Cold |
|
|
Term
| What are the 2 easiest alternate data center facilities to test? |
|
Definition
|
|
Term
| What technologies provide single sign-on authentication? |
|
Definition
- Kerberos
- SESAME
- Active Directory
- Novell eDirectory |
|
|
Term
| What are 3 access control models that help companies design their access control structure? |
|
Definition
- DAC (Discretionary Access Control)
- MAC (Mandatory Access Control)
- RBAC (Role-Based Access Control) |
|
|
Term
| What contains LDAP entries? |
|
Definition
| They are contained in a DIT (Directory Information Tree), which is a hierarchical structure that can be searched for directory information. |
|
|
Term
| What is the start of the LDAP tree called? |
|
Definition
|
|
Term
| What port does LDAP work on, and what port would you want to use if you wanted LDAP with SSL (LDAPS) |
|
Definition
|
|
Term
| What type of vulnerability is demonstrated with improper input handling? |
|
Definition
|
|
Term
| What is the correct order for the evidence life cycle? |
|
Definition
- Collect
- Analyze
- Store
- Present
- Return |
|
|
Term
| what should you do for disk imaging in an investigation? |
|
Definition
| Make a bit-level copy of the disk. |
|
|
Term
| What is another name for a surrogate proxy? |
|
Definition
|
|
Term
| Where is a transparent proxy placed? |
|
Definition
| Between the intranet and internet. |
|
|
Term
| What are alternative names for transparent proxies? |
|
Definition
- intercepting proxies
- inline proxies
- forced proxies |
|
|
Term
|
Definition
| A Russian private key encryption standard that uses a 256 bit encryption key. |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
| Secure directory services |
|
Definition
|
|
Term
| What protocol uses a dial-up connection that uses a challenge/response mechanism? |
|
Definition
| CHAP (Challenge Handshake Authentication Protocol) |
|
|
Term
| What is intentionally embedded software code that allows a developer to bypass the regual access and authentication mechanisms? |
|
Definition
| Debugging Hooks or Maintenance Hooks |
|
|
Term
|
Definition
| Vulnerable code embedded intentionally in software to trap intruders. |
|
|
Term
| Describe an Omni Antenna. |
|
Definition
| A multi-directional antenna that radiates radio wave power uniformly in all directions in one plane with a radiation pattern shaped like a doughnut. |
|
|
Term
|
Definition
| A directional antenna with high gain and a narrow radiation pattern. |
|
|
Term
| Describe a Sector Antenna. |
|
Definition
| A directional antenna with a circle measure in degrees of arc radiation pattern. |
|
|
Term
| Describe a Dipole Antenna. |
|
Definition
| The earliest, simplest, and most widely used antenna with a radiation pattern and shaped like a donut. |
|
|
Term
| What is secured in a PKI? |
|
Definition
| The private key of the root CA |
|
|
Term
| What type of monitoring requires updates to be regularly obtained to ensure effectiveness? |
|
Definition
| Signature-based monitoring. |
|
|
Term
| What type of monitoring is attached to the network in a place where it can monitor all network traffic? |
|
Definition
| Network-based monitoring. |
|
|
Term
| What type of monitoring detects activities that are unusual? |
|
Definition
| Anomaly-based monitoring. |
|
|
Term
| What is Behavior-based monitoring? |
|
Definition
| Monitoring that looks for behavior that is not allowed and acts accordingly. |
|
|
Term
| PaaS (Platform as a Service) |
|
Definition
| Allows organizations to deploy Web servers, databases and development tools in a cloud. |
|
|
Term
| SaaS (Software as a Service) |
|
Definition
| Allows organizations to run applications in a cloud. |
|
|
Term
| IaaS (Infrastructure as a Service) |
|
Definition
| Allows organizations to deploy virtual machines, servers, and storage in a cloud. |
|
|
Term
| Where is a VPN concentrator placed? |
|
Definition
| In the perimeter network near the gateway. |
|
|
Term
| What is a disadvantage of a hardware-based firewall as opposed to a software-based firewall. |
|
Definition
| Hardware firewalls are purchased with a fixed number of interfaces available. |
|
|
Term
| What is an advantage of a hardware-based firewall as opposed to a software-based firewall. |
|
Definition
| They outperform a software-based firewall and provide increased security. |
|
|
Term
| What principle stipulates that multiple changes to a computer system should NOT be made at the same time. |
|
Definition
|
|
Term
| The following are rules of change management. |
|
Definition
- Distinguish between your system types.
- Document your change process
- Develop your changes based on the current configuration.
- Always test your changes.
- Do NOT make more than 1 change at a time.
- Document your fallback plan.
- Assign a person who is responsible for change management.
- Regularly report on the status of change management. |
|
|
Term
| What is the most detrimental type of firewall to network performance? |
|
Definition
| application-level proxy firewall. |
|
|
Term
| What type of authentication method checks the identity of both ends of the connection? |
|
Definition
|
|
Term
| What type of firewall includes 2 network interfaces? |
|
Definition
| a dual-homed firewall. One interface connects to the public internet while the other interface connects to the private network. |
|
|
Term
| What is another term for a DMZ (demilitarized zone)? |
|
Definition
|
|
Term
| What is another name for a Dynamic Password? |
|
Definition
| A software-generated password. Which is also an OTP or one-time password. |
|
|
Term
| What is a cognitive password based on? |
|
Definition
| Personal things of a user such as a mother's maiden name, favorite color, or school, etc... |
|
|
Term
|
Definition
| Uses a 40-bit or 104-bit key. |
|
|
Term
|
Definition
| Uses a 256-bit pre-shared key |
|
|
Term
|
Definition
| Requires a RADIUS server. |
|
|
Term
| What type of vulnerability is demonstrated by buffer overflows? |
|
Definition
|
|
Term
| What is a captive portal? |
|
Definition
| A type of wireless access point that only permits Internet access to authenticated users. |
|
|
Term
| What size checksum does MD5 produce |
|
Definition
|
|
Term
| What type of secure coding techniques ensure that resources are only allocated when they are needed? |
|
Definition
| Provisioning and Deprovisioning |
|
|
Term
| What concept term is illustrated by network segmentation, air-gaps, multiple firewalls, and virtualization? |
|
Definition
| Defense-in-depth or layered security. |
|
|
Term
|
Definition
| Backs up all new files and files that have changed since the last full or incremental backup, and also resets the archive bit. Incremental build on each other. |
|
|
Term
|
Definition
| Backs up all new files that files that have changed since the last full backup without resetting the archive bit. Differential backups are not dependent on each other. Take longer to backup then Incremental and Full backups. |
|
|
Term
| Important acronym to remember (FRR). |
|
Definition
|
|
Term
| Important acronym to remember (CER) |
|
Definition
| Crossover Error Rate. Is the point where FAR (False Acceptance Rate), and FRR (False Rejection Rate) are equal. |
|
|
Term
| Important acronym to remember (FAR) |
|
Definition
|
|
Term
| Important acronym to remember (DIT) |
|
Definition
| Directory Information Tree |
|
|
Term
|
Definition
| Is a directory service specification on which LDAP is based. |
|
|
Term
| At what layer of the OSI do Bridges and Switches operate on? |
|
Definition
| Layer 2 though switches can also operate at layer 3. |
|
|
Term
| At what layer of the OSI do Hubs and Repeaters operate on? |
|
Definition
|
|
Term
| At what layer of the OSI do Routers operate on? |
|
Definition
|
|
Term
| What is another name for cross-site request forgery (XSRF)? |
|
Definition
|
|
Term
True or False:
Pretty Good Privacy (GPG) is the current de facto email security standard. |
|
Definition
|
|
Term
| Mitigation for Cross-site request forgery |
|
Definition
| Validate both the client and server side |
|
|
Term
| Mitigation for Cross-Site Scripting |
|
Definition
| Implement input validation |
|
|
Term
| Mitigation for Session Hijacking |
|
Definition
| Encrypt communications between 2 parties |
|
|
Term
| Mitigation for Malicious add-ons |
|
Definition
| Implement application white-listing |
|
|
Term
| What is the best protection against cross-site scripting? |
|
Definition
| Disable the running of scripts in the browser and Validate all values entered into an application to prevent data input errors and input-validation vulnerabilities. |
|
|
Term
| What preserves the existence and integrity of relevant electronic records and paper records when litigation is imminent? |
|
Definition
|
|
Term
| What does OAuth or Open Authorization allow? |
|
Definition
| Grants and application limited access to a user's account on a third-party site. |
|
|
Term
| What does OpenID Connect do? |
|
Definition
| provides the authentication necessary in OAuth. It authenticates the user, and stores the user information in a token. |
|
|
Term
| What does standard naming convention solve? |
|
Definition
| Resolves the issue of obvious account names that could identify a job role. |
|
|
Term
| What is a security token? |
|
Definition
| A small device that generates time-sensitive passwords. Helps to secure remote authentication attempts to a network. |
|
|
Term
| What does the Key Distribution Center (KDC) do during the Kerberos protocol |
|
Definition
| The KDC is used to store, distribute, and maintain cryptographic session keys. |
|
|
Term
|
Definition
| VPN gateway requires the use of IPSec for all remote clients. The remote clients use IPSec to connect to the VPN gateway. IPSec is not used for any commmunication between the VPN gateway and the internal hosts on behalf of the remote clients. Only the traffic over the Internet uses IPSec. |
|
|
Term
|
Definition
| Each host must deploy IPSec. Any internal hosts that communicate with the VPN clients would nned to deploy IPSec. |
|
|
Term
|
Definition
| The gateways at each end of the connection provide IPSec functionality. The individual hosts do not. The VPN is transparent to the users. ALSO REFERRED TO AS SITE-TO-SITE. |
|
|
Term
| What 2 attacks target virtual machines? |
|
Definition
|
|
Term
| What is the checksum of SHA-1? |
|
Definition
|
|
Term
| What is the checksum of SHA256 or SHA-2? |
|
Definition
|
|
Term
| 3 elements provided by the implementation of a digital signature |
|
Definition
- integrity
- Authentication
- non-repudiation |
|
|
Term
| What type of devices transmit data via WiFi or Bluetooth only to a host device and is vulnerable to data intercaption and attack? |
|
Definition
|
|
Term
| What are 2 key stretching functions? |
|
Definition
- PBKDF2 (password-based key derivation function 2)
- Bcrypt |
|
|
Term
| What are 3 technologies that provide single sign-on authentication? |
|
Definition
- Kerberos
- SESAME
- Active Directory |
|
|
Term
| What are 3 access control models? |
|
Definition
- Discretionary Access Control (DAC)
- Mandatory Access Control (MAC)
- Role-Based Access Contol (RBAC) |
|
|
Term
| Description of a Wildcard |
|
Definition
| Reduces the certificate management burden by allowing 1 certificate to be used for multiple subdomains. |
|
|
Term
|
Definition
| Checks online certificate status in real-time. |
|
|
Term
|
Definition
| Messages sent from a user or application to a CA to apply for a digital certificate. |
|
|
Term
|
Definition
| Contains a list of certificates that have been issued and subsequently rescinded by a given CA. |
|
|
Term
| Where is a embedded firewall placed? |
|
Definition
|
|
Term
|
Definition
| is an attack that sends unsolicited messages over a Bluetooth connection. Basically it is spamming a Bluetooth environment. |
|
|
Term
|
Definition
| The act of gaining unauthorized access to a device through its Bluetooth connection. Data can be stolen from a disk-encrypted, screen-lock protected smart phone. |
|
|
Term
True or False:
Supporting high resiliency, such as using a highly resilient algorithm, would address the issue of data leakage from a side-channel attack. |
|
Definition
|
|
Term
| What encryption standard is used in the Clipper Chip? |
|
Definition
| Skipjack, which was developed by the US government. Skipjack uses an 80-bit key |
|
|
Term
| What solution is used to avoid accepting invalid keys? |
|
Definition
| OSSP (online certificate status protocol) |
|
|
Term
| PGP (pretty good privacy) uses |
|
Definition
| A web of trust to validate public key pairs. |
|
|
Term
| A buffer overflow is an example of? |
|
Definition
|
|
Term
| Secure coding techniques that ensure that resources are only allocated when they are needed? |
|
Definition
| Provisioning and Deprovisioning |
|
|
Term
| What memory vulnerability is associated with multithreaded applications |
|
Definition
| Race condition - when you have a variable that is accessed by several threads of an application. |
|
|
Term
| What acts as a physical barrier that acts as the first line of defense against an intruder? |
|
Definition
|
|
Term
|
Definition
| Certificate Authentication |
|
|
Term
|
Definition
|
|
Term
|
Definition
| One-Time Password Authentication |
|
|
Term
|
Definition
|
|
Term
| What is the correct order in which items should be preserved for forensic analysis |
|
Definition
- Cache
- RAM
- Running Processes
- Hard Drives
- Backup Media |
|
|
Term
| Who is primarily responsible for determining access control in a discretionary access control (DAC) |
|
Definition
|
|
Term
| When you need to enforce several security setting for all of the computers on your Windows Network in as efficient manner as possible. What should you do? |
|
Definition
|
|
Term
| PIV (Personal Identity Verification) vs CAC (Common Access Card). |
|
Definition
PIV is for nonmilitary federal employees and contractors
CAC is for military personnel and contractors. |
|
|
Term
| What is the best method to avoiding buffer overflows? |
|
Definition
| Execute a well-written program. |
|
|
Term
| What is the best solution to protecting all traffic on a HTTP/HTTPS server |
|
Definition
| implement a Web Application Firewall. |
|
|
Term
| What is another term for technical controls? |
|
Definition
|
|
Term
| A hacker has used a design flaw in an application to obtain unauthorized access to the application. What type of attack has occurred? |
|
Definition
|
|
Term
| What encryption algorithm is based on the Diffie-Hellman key agreement? |
|
Definition
|
|
Term
| What type of encryption algorithm is Knapsack? |
|
Definition
|
|
Term
| What type of encryption algorithm is ElGamal? |
|
Definition
|
|
Term
| What is a TPM (Trusted Platform Module)? |
|
Definition
| Is a specialized chip that you install on a computer's motherboard to assist with full disk encryption. |
|
|
Term
| What secure coding technique ensures that improper data is not allowed into the executed program? |
|
Definition
|
|
Term
|
Definition
MD5 128 bit checksums
SHA 160 bit checksums |
|
|
Term
| What is Defense-in-depth also referred to as? |
|
Definition
|
|
Term
| What is the purpose of DLP (Data Loss Prevention)? |
|
Definition
| monitors data on computers to ensure the data is not deleted or removed. |
|
|
Term
| When implementing a security solution for mobile devices, which 2 common use cases are of primary concern? |
|
Definition
- Low power devices
- Low latency |
|
|
Term
| How many rounds of computation does 3DES (Triple DES) use? |
|
Definition
|
|
Term
| What should you incorporate to ensure that memory allocations have corresponding deallocations when dealing with code quality and testing? |
|
Definition
|
|
Term
| What cryptographic technique changes multiple output bits when you change a single input bit? |
|
Definition
|
|
Term
|
Definition
| Adding additional bits before the text is hashed making it a good countermeasure to protect against a rainbow table attack. |
|
|
Term
| What AAA implementation was created to deal with VOIP (Voice over IP)? |
|
Definition
| Diameter was created to deal with VOIP and Wireless Services. |
|
|
Term
| What is a tabletop exercise? |
|
Definition
| A tabletop exercise simulates a disaster and allows you to check the thoroughness of your disaster recovery plan. |
|
|
Term
| What is one of the most less intrusive biometric system authorization methods? |
|
Definition
| voice print (voice recognition scanner) |
|
|
Term
|
Definition
| A protocol that uses a secure channel to connect a server and a client. |
|
|
Term
| SSL (Secure Sockets Layer) |
|
Definition
| A protocol that secures messages between the Application and Transport layer. |
|
|
Term
| SCP (Secure Copy Protocol) |
|
Definition
| A protocol that allows files to be copied over a secure connection. |
|
|
Term
| ICPM (Internet Control Message Protocol) |
|
Definition
| A protocol used to test and report on path information between network devices. |
|
|
Term
| Steps in the evidence life cycle |
|
Definition
- Collect
- Analyze
- Store
- Present
- Return |
|
|
Term
| How does an Iris scanner work? |
|
Definition
| It takes a picture of the user's iris and compares the picture with pictures on file. |
|
|
Term
| Verifying appropriate access controls, authentication controls, input validation, and proper logging all.... |
|
Definition
| identify a lack of security control. |
|
|
Term
| What 2 fire suppression methods are recommended for paper, laminates, and wood? |
|
Definition
|
|
Term
| A digital signature contains 3 elements? |
|
Definition
- non-repudiation
- integrity
- authentication |
|
|
Term
| What does a message authentication code (MAC) implement? |
|
Definition
|
|
Term
| What does a File Integrity check examine? |
|
Definition
| Files to see if there have been any changes and logs changes to files. |
|
|
Term
| When you need to digitally sign packets that are transmitted on IPSec connection in a VPN, what should be implemented? |
|
Definition
| KHMAC (Keyed Hashing for Message Authentication Code) |
|
|
