Download SBOLC Security Fundamentals Questions and Answers and more Exams Advanced Education in PDF only on Docsity!
SBOLC Security Fundamentals
Questions and Answers 2024
AAA Security Model (AAA Triad Model) - ANSWER--Authentication: Proof that the subject/source is as they claim to be -Authorization: Specifying which actions the subject is allowed to perform -Accounting: Monitoring, tracking, reviewing, or assessing the actions of a subject identification ACE - ANSWER-Access Control Entry -A single entry in an ACL Advantages of Qualitative Risk Assessment - ANSWER--Impact is easily understood -Can provide rich information beyond financial impacts, such as impact on perceived safety, health, or reputation Advantages to Quantitative Risk Assessment - ANSWER--Supports cost-benefit analysis of risk response options -Allows computation of necessary capital to achieve a business goal Annualized Loss Expectancy (ALE) - ANSWER-ALE = SLE x Annual Rate of Occurrence (ARO) Anomaly-Based Detection - ANSWER--Must learn which activities are normal and acceptable -Compares event to a baseline of normalcy APIPA - ANSWER-Automatic Private Internet Protocol Addressing -When an Operating System assigns itself an IP address Appliance Firewall - ANSWER--Filters or restricts network traffic to/from networked resources -Content and protocol filtering -Screened network host and subnetwork -Port Restrictions
APT - ANSWER-Advanced Persistent Threat -Prolonged, stealthy, ongoing series of sophisticated attacks -Usually entails diddling attack techniques and redundant attack vectors to maintain adaptable, long-term control Asymmetric Cryptography - ANSWER--Also known as Public Key Cryptography (PKC) -Each user is assigned a mathematically related key pair -Public key is available t oeveryone -Private key is kept a secret -One key encrypts the data and the other key decrypts the data AUP - ANSWER-Acceptable Use Policy Backdoors - ANSWER-Allows access to a system without having to authenticate Behavior-based detection (Heuristics) - ANSWER-Looks for evidence of compromise based upon abnormal system responses BPA - ANSWER-Business Partners Agreement -A written agreement defining the general relationship between business partners with a focus on financial matters Broadcast Storm - ANSWER--Frames are broadcasted, received and rebroadcasted by each switch, resulting in the frame never being delivered. -Can cause severe network congestion -Degrades switch processing BSSID - ANSWER-Basic Service Set ID -ID of the wireless network Buffer Overflow - ANSWER-More information is placed in a buffer (memory stack or heap) than it can hold, which then overflows into the next buffer Business competitors - ANSWER-A business adversary trying to gain a competitive advantage Business Continuity Planning (BCP) - ANSWER--The preventative and proactive strategic plan to mitigate disruptive incidents to business operations -Focuses on anticipating business operation disruptions
CYOD - ANSWER-Choose Your Own Device -Employees choose from a list of company supported devices DAR - ANSWER-Data at Rest: Stored data Data Backups and Storage Solutions - ANSWER--Disk-based data backups -Tape-based data backups -Onsite storage: readily available, online versus offline data backups -Offsite storage: Geographical considerations -Cloud storage: data sovereignty issues Data in Transit/Motion - ANSWER-Data passed between systems through the network Data in use/Point of Sale (POS) - ANSWER-Data being processed in a system Data Sanitization Techniques - ANSWER--Purging: altering or removing the data in a way so that it can no longer be accessed -Degaussing: using a strong electromagnetic field on magnetic media to make the data unreadable -Wiping: overwriting the media with multiple rounds of intermittent bits (zeroization) -Encryption: encrypting the data but deleting the decryption key Data State Model - ANSWER-Implement the CIA triad within each of the data states Database Normalization - ANSWER-Process of refining a relational database to reduce data redundancy and improve the integrity of the data Database stored procedures - ANSWER-Prewritten functions stored within the database data dictionary Database Tokenization - ANSWER-Replacing sensitive data with arbitrary data DDoS - ANSWER-Distributed Denial of Service -Multiple attackers prevents access to resources for authorized users -Often causes resource exhaustion
De-militarized Zone (DMZ) - ANSWER--Screened subnet accessible from the internet -Specific devices have access to the DMZ Development Environment - ANSWER-An environment in which product concepts are turned into written code DHCP - ANSWER-Dynamic Host Configuration Protocol DHCP Snooping - ANSWER--Layer 2 security filtering feature that is implementable on switches to mitigate the negative effects of rogue DHCP servers DHE - ANSWER-Diffle-Hellman Ephemeral Key Exchange Protocol Digital Signature - ANSWER-Digital version of someone's paycheck signature Disadvantages of Qualitative Risk Assessment - ANSWER--Prone to inaccuracy or exaggeration -Limited usefulness towards cost-benefit analysis Disadvantages to Quantitative RIsk Assessment - ANSWER--Use of numbers may imply greater precision than what truly exists -Requires concrete units of measure that may cause obscure, or infrequent risk from being recognized DLP - ANSWER-Data Loss Prevention -Security control that mitigates the accidental unauthorized disclosure of data -Must be implemented at communication chokepoints -Examples: --Removing PII/PHI from emails --Preventing the use of removable media (USB blocking) --Preventing the uploading of sensitive company information to social media sites or untrusted cloud services DNS - ANSWER-Domain Name Service -Hierarchical, distributed, object oriented database of IP addresses and FQDNs Domain Hijacking - ANSWER--Unethical actor registers a web domain with a name very similar to a legitimate organization EX: comptia.org vs comtia.biz
EV certificate - ANSWER-Extended Validation Certificate: A certificate that has gone through a much more rigorous identity vetting process Extranet - ANSWER-Screened subnet set aside for trusted partners/organizations File Integrity Checks - ANSWER--Process of verifying the correct files or programs are being used through the use of cryptographic checksums -Must be exercised to maintain a trusted operating system -Can be done: --Manually as part of a scheduled audit check --Automatically through a file integrity checker program/script --Continuously through a HIDS or Host Intrusion Prevention System (HIPS) FQDN - ANSWER-Fully Qualified Domain Name -Root DNS server -Top Level Domain (TLD) DNS Servers FTP - ANSWER-File Transfer Protocol -Used to transfer files between systems on the internet -Ports TCP 20 and TCP 21 FTPS - ANSWER-File Transfer Protocol Secure -Session is encrypted using SSL/TLS Protocols -Ports TCP 989 and 990 GAN - ANSWER-Generative Adversarial Network Generic Information Classifications - ANSWER--Low -Medium -High Geofencing - ANSWER-Restricting the use of the device or certain apps when in certain areas Hackers - ANSWER--Authorized hacker (AKA White Hat Hacking). Ethical hacker or penetration tester
-Semi-authorized hacker (AKA Gray Hat Hacking) -Unauthorized hacker (AKA Black Hat Hacking) Hacktivists - ANSWER-Attackers with a political or ideological agenda Hardware-based WAF - ANSWER--Multi-homed, in-line, standalone security appliance that sits in front of the web server Hashing - ANSWER-The algorithm that takes a variable-length input and generates a one-way function, fixed-length output HIDS - ANSWER-Host-based Intrusion Detection System -Installed on individual high-value hosts -Detects attacks against the host and the level of their success HIPS - ANSWER-Host-based Intrusion Prevention System -Monitors internal system activity -Employs file integrity checking and replaces tampered system files Hiring and Termination Policy Elements - ANSWER--Background checks -Social media analysis -Onboarding procedures (NDA/AUP/Sign for equipment) -Offboarding procedures (NDA/Return of equipment) -Exit interview -Non-disclosure Agreement (NDA) HMAC - ANSWER-Hashed MAC: Establishes packet authenticity -packet data is concentrated with the session key, then hashed with a hashing algorithm Honeyfile - ANSWER-Bogus data file that aids in tracking and identifying the attacker or policy violator Honeynet - ANSWER-Decoy network: collection of honeypots Honeypot - ANSWER--A bogus system that appears to be a production server -Configured with pseudo flaws -Can be used to learn the hacking techniques and methods that hackers employ
-Reputation -Revenue -Property In-Band Exchange - ANSWER-Within the same communication channel In-band management interface - ANSWER--Management and alerts occur on the same interface as the security sensor -Attackers can snoop the traffic and discover if a network device is a security control and what kind of security control Information Lifecycle Model - ANSWER--Creation -Processing -Dissemination -Usage -Storage -Disposal Insider Threats - ANSWER-Attackers within the employ of the target organization Integer Overflow - ANSWER--Large number being place into a buffer designed for smaller numbers -Can lead to DoS and data corruption -Countermeasure: bounds checking Intermediate CA - ANSWER-Creates and signs keys for the leaf objects Internal Physical Security Controls - ANSWER--Two-person rule -Access control vestibule (mantrap) -Faraday cages and faraday sleeves -Protect sensitive cables with conduits -Utilized safes and vaults -Locks --Physical locks --Electronic locks --Biometric locks --Cable locks
Internet Protocol Security (IPsec) - ANSWER--Most widely deployed VPN technology -Works at Layer 3 to protect IPv4 or IPv6 traffic Intranet - ANSWER-A private network not to be directly accessed from the internet ISAKMP - ANSWER-Internet Security Association and Key Management Protocol Defines the framework of procedures and packet formats that establish, negotiate, modify, and delete Security Associations IV - ANSWER-Initialization Vector: random values used in conjunction with algorithms Job Rotation (rotation of duties) - ANSWER--Identify or uncover fraud -Cross training / Experience for employees Kerberos V5 - ANSWER--Enterprise authentication protocol that operates within a trusted realm or a domain -Only Access Control to use Tickets -Port 88 Key Escrow - ANSWER-A 3rd party that has access to specified keys, allows for key recovery Key Pinning - ANSWER-Server's certificate is stored within the client itself. The certificate sent by the server is compared to the cached server certificate inside the client Keystroke Logger - ANSWER-Logs the keystrokes from the computer's user Layer 2 Tunneling Protocol (L2TP) - ANSWER--Combines L2F and PPTP at Layer 2 Message types -Control Messages: Establish, maintain, and tear down tunnels -Data Messages: Encapsulates PPP frames LDAP - ANSWER-Lightweight Directory Access Protocol LEAP - ANSWER-Lightweight EAP -Cisco proprietary authentication protocol designed to be used with Wired Equipment Protocol (WEP)
-Shredding: Hardcopy documents are thinly sliced and cross-sliced before throwing the media away -Pulping: Churning the media into a soup so that the printed ink is separated from the media Memory Leak - ANSWER-A program requests memory to be allocated from the memory heap but never releases the memory Military Information Classifications - ANSWER--Unclassified -Confidential -Secret -Top Secret Mitigating Operational Risk - ANSWER--Identify risk due to ongoing business operations (risk control self-assessment/assessment) -Assess the risk created due to business operations (likelihood and impact) -Identify appropriate controls to mitigate the risk (control risk) -Assessment of controls (identify control gaps) MOA - ANSWER-Memorandum of Agreement -A legally binding written document between multiple parties on a project detailing how they will work together to achieve agreed-upon goals and objectives. MOU - ANSWER-Memorandum of Understanding -A less formal agreement of mutual goals between two or more organizations with a focus on partitioning of responsibilities MS-CHAP - ANSWER-Microsoft Challenge Handshake Authentication Protocol -Based on CHAP but uses MD-4 instead of MD- MTBF - ANSWER-Mean Time Between Failures -The anticipated time frame of operational longevity MTD - ANSWER-Maximum Tolerable Downtime -Point of no return
MTTR - ANSWER-Mean Time to Repair -Anticipated time frame to return to the operation status Multi-domain extension - ANSWER--Subject Alternative Name (SAN) extension -One certificate that can be used to identify all domain names owned by a single organization NAC - ANSWER-Network Access Control -Automated process of evaluating a prospective system's security posture before allowing it to be connected to the trusted network -Health check or posture assessment before connectivity is allowed NAT - ANSWER-Network Address Translation: Translates a private address into a public address Next Generation Firewall (NGFW) - ANSWER--Deep Packet Inspection (DPI) -Examines layer 3/layer 4 headers and content -Context and Content Aware -Slowest form of a firewall -AKA: Application Gateway Firewall NFC - ANSWER-Near Field Communication -Standard primarily used in mobile devices to facilitate easily accessed communications between 2 or more devices -Performs a type of automatic synchronization and associations between devices by touching them together NIDS - ANSWER-Network-based Intrusion Detection Systems -Monitor's network traffic in real time --Analyzes protocols and relevant packet information --Sensors are deployed and report back to a system running a management console -Passive versus active NIDS
PAT - ANSWER-Port Address Translation -Allows many hosts to share a single IP address by multiplexing streams differentiated by TCP/UDP port numbers Patch Management - ANSWER-Methodical way of updating the security baseline of firmware, applications, or operating systems in order to eliminate known bugs or flaws, or to add new features and capabilities PFS - ANSWER-Perfect Forward Secrecy Pharming - ANSWER-Manipulation of DNS that redirects a user to a malicious website designed to look like a legitimate website Phishing - ANSWER-Target is anyone Physical perimeter/Zone security controls - ANSWER--Fences/gates/cages -Walls/barricades/bollards -Surveillance systems/CCTV -Visibility and accessibility controls -Lightning, posted signs, industrial camouflage (make a building ugly so people won't think there's stuff inside) Physical Separation - ANSWER--Collision domains are separated by switches -Broadcast domains are separated by routers -Air Gapping: When a network is not connected to other networks PKI - ANSWER-Public Key Infrastructure: A framework for provision, storing, and de- provisioning asymmetric keys, including X.509 digital certificates Port Security - ANSWER--Controlling access to physical ports on a network device, such as ports on a network switch -Mitigates intruders from getting on the local network Pre-Shared Key (PSK) authentication - ANSWER--Password-based authentication -Poorly implemented in WEP, causing a static key issue
-Credentials and keys are managed manually and are vulnerable to dictionary attacks Prepending - ANSWER-Adding deception or malice to an object's header Principle of least privilege management - ANSWER-Just what you need to do your job Privilege Escalation Attack - ANSWER--An attacker is able to increase what they have access to -Violation of least privilege management PRNG - ANSWER-Pseudo-Random Number Generator Production Environment - ANSWER-The environment in which the product interacts with live systems Protocol Analyzer - ANSWER--Hardware or software utility for capturing and analyzing real-time network traffic -Helps record initial network traffic baselines -Sniffs network traffic for policy violations Proxy Server - ANSWER--A 3-tier architecture intermediary between a client and a server -Client and server and typically in separate security zones -Forward proxy: facilitates a connection from a LAN client to an internet server -Reverse proxy: facilitates a connection from an internet client to a LAN server such as a web server Qualitative Risk Assessment - ANSWER-Based on human opinion or judgment derived from interviews, surveys, benchmarking, scenario-based exercise, lessons learned analysis, or cross-function workshops Quantitative Risk Assessment - ANSWER--Requires numerical values or both impact and likelihood using data from a variety of sources -Can be used to support cost-benefit analysis calculations RA - ANSWER-Registration Authority: Collects and verifies identities on behalf of CA Race Condition - ANSWER--An attacker makes processes execute out of sequence to control the result in a way that accomplishes the attacker's goals
-Safeguard (a mitigation security control) Risk Management - ANSWER-The process of identifying, monitoring, and reducing risk to an acceptable level. Risk Management Strategies - ANSWER--Acceptance: Have an established plan of action -Avoidance: Removing the activity that creates risk -Transference: Offloading the risk to an external party -Mitigation: Reducing risk by installing security control, safeguard, or countermeasures Root CA - ANSWER-Creates and signs keys for Intermediate CA Root certificate - ANSWER-Asymmetric public key created by the root CA server and has been self-signed by the root CA Rootkits - ANSWER--Malware that has the ability to embed itself deep within the OS -Hides from spyware blockers, the anti-virus program, and system utilities -Goal is to subvert the OS security kernel or a privileged, trusted service Roving Security / Guads - ANSWER--Security Guards -Robot Sentries -Drones -UAVs RPO - ANSWER-Recovery Point Objective -Acceptable loss RSA - ANSWER-Rivest, Shamir, Adleman Key Exchange Protocol RTO - ANSWER-Recovery Time Objective -Acceptable downtime Sandbox Environment - ANSWER-A containment environment where a potential unstable process is prevented from causing harm to surrounding processes
Scenario: a building is worth $1,000,000, and a fire breaks out, consuming 70% of the building. A fire occurs about once every 7 years in this geographical area. What is the SLE, and what is the ALE? - ANSWER--SLE = 1,000,000 x 70% =700, -ALE = 700,000 x 1/7 = 700,000/7 = 100, Script Kiddies - ANSWER-Attacks who lack the knowledge of how the protocols and technologies work Security Monitoring Architecture - ANSWER-Comprised of sensors, collectors, aggregators, analyzer, and a report console Separation of Duties - ANSWER-Partitions responsibilities to minimize abuse or fraud SFTP - ANSWER-Secure File Transfer Protocol -Tunneling protocol that uses SSH -Port TCP 22 Shadow IT - ANSWER--Non-IT department, non-authorized, implemented systems -Multiple policy violations Shimming - ANSWER--Code that acts as a man-in-the-middle between two system processes -Can redirect the system call to another location -Can change system call parameters Shoulder Surfing - ANSWER-Looking over the shoulder of someone interacting with a computing interface to observe logon credentials, financial information, etc. Sideloading - ANSWER-Transferring of firmware, apps, or files between two local devices, such as from a workstation to a mobile phone. Signature-Based Detection - ANSWER-Evaluates attacks based on a database of vendor signatures Simultaneous Authentication of Equals (SAE) - ANSWER-Password-based authentication and key agreement protocol used in WPA3 Personal mode Single Loss Expectancy (SLE) - ANSWER-SLE = Asset Value (AV) x Exposure Factor (EF%)
