Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
45 Cards in this Set
- Front
- Back
What is true of the current threatscape? Evolving? How complex? |
The threatscape is constantly evolving. It is so complex that it is impossible to catalog in it's entirely. |
|
What is the primary difference between a DoS and a DDoS attack? |
The number of hosts from which they emanate. |
|
What is the most common types of spoofing? |
IP address spoofing. |
|
In a reflection attack, how is spoofing used? |
The attacker uses the IP address of the intended target as the source address of the packets it transmits. |
|
Which variations of phishing rely on email as a medium? |
Spear phishing, and whaling. |
|
Which type of password attack is most likely to succeed? |
Brute force attack.
|
|
In a reconnaissance attack, which type of activity typically follows a ping sweep? |
Port scan. |
|
How can man-in-the-middle attacks be implemented? |
In many different scenarios. Intercept public key, financial sites, intercept login credentials. |
|
Which type of malware is known to create back doors to give malicious users access to a system? |
Trojan horses. |
|
Which option lowered the threshold of experience that is required for a novice attacker to perform sophisticated attacks? |
Metasploit. |
|
Which two capabilities does an NGFW (next gen firewall) have that a traditional firewall does not have? |
Ability to provide actionable indications of compromise to identify malware activity, and comprehensive network visibility. |
|
Which type of traffic inspection uses pattern matching? |
Signature-based inspection |
|
Which VPN requirement is satisfied by encryption? |
Confidentiality |
|
When are antivirus and antispyware software products to be updated, and what is their purpose? |
They are to be updated frequently and they can remove malicious software. |
|
What is important about logging and log-monitoring? |
It is important for troubleshooting purposes, and policy-compliance auditing. |
|
What three important services aim to manage risk in network security. |
Confidentiality, Availability, and Integrity. |
|
Can you name examples of preventative network security? |
Firewalls, physical locks, and security policies. |
|
Can you name examples of detective network security? |
Log monitoring and correlation, intrusion prevention systems, and surveillance cameras. |
|
Can you name examples of corrective network security? |
Virus cleaning procedues or IPS signature updates after a worm update. |
|
Can you name examples of deterrent network security? |
Signage, or the mere presence of controls such as surveillance cameras. |
|
Log monitoring and correlation, intrusion prevention systems and surveillance cameras are examples of what type of countermeasure? |
Detective |
|
What two types of risk analysis are of interest in information security? |
Qualitative, and quantitative. |
|
Which security term refers to a person, property, or data of value to a company? |
Asset |
|
A comprehensive security policy does not take in to account what type of component? |
Economic |
|
Name examples of technical or end-user policy? |
Email, network, and application policy. |
|
What compliance regulation affects only organizations that are in the health industry? |
HIPAA (Health Insurance Portability and Accountability Act) |
|
Which two algorithms in a VPN provide the confidentiality? |
AES (Advanced Encryption Standard) and 3DES (Triple Data Encryption Standard) |
|
What type of cipher is invulnerable to frequency analysis? |
Polyalphabetic |
|
What type of cipher retains the letter frequency of their original message? |
Substitution |
|
What type of cipher rearranges letters, instead of replacing them? |
Transposition |
|
What type of cipher would apply the exclusive OR (XOR) operation to plaintext with a key? |
One-time pad. |
|
What is a significant difference that HMAC provides as compared to existing hash functions? |
HMACs add a secret key as input to the hash function. |
|
How can a publicly available and well-known cipher be used to securely encrypt data between two endpoints of a VPN tunnel? |
PKI (Public key infrastructure) |
|
What encryption ciphers are symmetrical? |
AES and 3DES |
|
What is the primary difference between a hash and an HMAC (hashed message authentication code) |
The keys |
|
What is true of asymmetric encryption algorithms? |
They key that is used for encryption is different from the key that is used for decryption. Asymmetric algorithms are substantially slower than symmetric algorithms. |
|
Describe confidentiality, |
Ensuring that only authorized parties can read the message. |
|
Why is data integrity important? |
Ensures that changes to data will be detected and rejected, |
|
Why is origin authentication important? |
Ensures that messages received were actually sent from the perceived origin. |
|
What is non-repudiation? |
Ensures that the original source of a secured message cannot deny having produced the message. |
|
Why is the public key in a typical public-private pair referred to as public? |
Because it is shared publicly. |
|
What standard format is used to request a digital certificate from a certification authority (CA)? |
PKCS #10 |
|
True or false. The RSA algorithm is based on the fact that each entity has two keys, a public and a private key. The public key can be published and given away but the private key must be kept secret. |
True |
|
What might you find in a typical intentity certificte. |
Validity period, public key, issuer ID, and hash algorithm. |
|
What is a reflection attack? |
Attacker sends a flood of protocol requests to various IP hosts. Attacker spoofs source IP so targets forward packets to single target, reflecting the attack.
|