Criado por marc.maranon
aproximadamente 9 anos atrás
|
||
Questão | Responda |
Caeser Chipher | Substitution Algorithm |
Drive by download | visiting a website that automatically makes your computer download from the site. |
trojan | you download a program that looks legit -- disguised or embedded in a legitimate program; malware |
rootkit | system-level kernels which modify system operations files; malware |
Hot site cold site warm site | Hot site – alternate processing site; you need it right away Cold site – 1 week to 2 wks Warm site – couple days to a week |
Cryptography | encrypting things |
cryptanalysis | analyzing; try to break an algorithm, decrypting |
AES cipher standard | Advanced Encrypting Standard - Rijndael |
2 types of hypervisor (virtualization) | bare-metal (hypervisor has direct access to hardware resource and does not need prior OS installation) and hosted (requires pre-installed OS; runs as a file on your main system) |
SNMP | (simple management protocol) layer 7 Application layer; monitors and repairs devices (printers, servers, routers, switches, etc…) on network: port 161 and 162 |
Password cracking software | Cain and Abel; Light crack; John the Ripper |
In order to identify abnormal traffic, establish a baseline | False positive – IDS raises an alert but there is nothing False negative – something got in and it doesn’t tell you IDS responses – no response, false positive, false negative, true positive, true negative Viruses |
EAL (Evaluation Assurance Level) range | 1 (least secure) to 7 (most secure) 1 only tested for functions -> 7 verified design and tested - common criteria |
OVAL | open vulnerability assessment language (XML format) |
Security Labels | mandatory access control |
14. Vulnerability scanner ex | nessus, saint, gfi landguard, retina Vulnerability scanner determines bad software, misconfigured software, open ports, weakness, etc (scans for vulnerabilities) Passive. Uses databases. |
stateful | keeps track of the conversation; firewall examines header and content; 3 way handshake communication; session |
Exposure Factor | percentage of the loss (annual loss expectancy) ALE=SLE x ARO (single loss expectancy) SLE=EF x AV |
key storage | hardware storage (in your token) and software storage (on your computer) |
4 classes of fire extinguishers | 1. (A- “ash”)Combustibles 2. (B- “boiling”)Liquids 3. (C-”current”)Electrical 4. (D-”dent”)Metals |
Protect against EMI and RFI... | by shielding ->tempest |
Social Engineering | Phishing, whaling, etc Mitigate social engineering by training and education |
RISK | reduce, mitigate, accept, transfer it, avoid (can’t reject or eliminate) Risk = Asset value x threat x vulnerability |
Qualitative risk analysis vs Quantitative risk analysis | opinion based & subjective vs cost based & objective |
Exclusive OR – same values = 0; different values = 1 | ● XOR ● used with one-time pad to hash the message before encryption |
Procedures and guidelines make up a policy | Procedures you have to follow and if you don’t, something bad will happen. Guidelines are recommendations |
3 types of Policy | regulatory, compulsory, mandatory |
Chain of evidence (custody)– | chain does not end till it’s in court |
Change Control | get approved and tested before implementation; goal is to keep track of change and maintain your security posture |
Service level agreements (SLA) | agreement with people who provide us services; between you and vendor |
3DES | encrypts 3 times 3DES has a key size for 2 keys 112, 3 keys size 168 for 3DES |
How many parity bits are associated with 3DES? | 24 parity bits (3keys x 8 bits = 24) |
Methods to provide redundancy in power – | UPS, generator, surge protector, voltage regulator, add. Power supply |
Reciprocal agreement | either of you will back the other up to reduce $$$ and resources |
BIA | how much impact will something have on your business and how can we circumvent that; prioritizing for business continuity plan and critical functions within that business |
RAID levels | ● 0 is striping across multiple with no parity; ● 1 does mirroring and everything else does striping; ● 3 is a dedicated level; ● 5 is striping with parity (5 uses two parity disks) |
LDAP | Lightweight Directory Access Protocol Port 389 ; secure LDAP - 636 |
Best Evidence Secondary Evidence | B: Original Document S: Copy or rumor; hearsay Primary, secondary, real, opinion. |
Penetration (pen) testing | 3rd party tester are best because there is no bias and they are not tied to the security (clean look and black box). They can also test your response inside the organization. Active. Actively trying to get into the system. |
Bastion Host | server located in the DMZ that is responsible for it protection |
Residual data | left over data. Ex: someone gave you a used computer and stuff was left on HD. Form of leakage. |
fault tolerant | through proper backups; redundancy; not relying on single points of failure so it doesn’t stop business |
Difference between PAT and NAT | NAT is one to one and PAT is one to many |
Ways to detect employee fraud | auditing. job rotation and mandatory vacations |
biometric error rates | type 1 is false 'rejection rate'; type 2 is false 'acceptance' rate |
weakness | vulnerability |
Physical Access | access control biggest problem and greatest risk |
password hacking | brute force, dictionary, rainbow tables, guessing |
difference between Virus and Worm | Virus needs a user and Worm can self replicate |
Purpose of hashing algorithm | integrity |
spear phishing and pharming are... | social engineering |
stateless | firewall examines header and packet |
Quer criar seus próprios Flashcards gratuitos com GoConqr? Saiba mais.