1. What device will tell you if you’re being hit by a bot net?
    performance monitor (PM)
  2. ___ is where an attacker leaves a piece of removable media like a CD ROM, in a place where an unsuspecting user is likely to find it.
    Baiting. This attack is sometimes called a road apple
  3. What are Nessus and Nmap?
    security analyzers for UNIX systems
  4. What are MBSA and SCW?
    security analyzers for Microsoft
  5. What is mutual authentication?
    first a service or resource verifies the client’s credentials, then the client verifies the resource’s credentials
  6. The “marker” in a message, is an example of ___.
  7. How do you decrypt a hash?
    you cannot
  8. What is a one-time pad?
    an encryption algorithm where a key is used only once
  9. What is TPM?
    trusted platform module that goes with “bit locker” that generates keys and random numbers. Can be used to encrypt your drive or for digital rights management or to authenticate hardware
  10. What is MD5?
    a hashing algorithm
  11. What is SHA?
    secure hash algorithm
  12. What is LANMAN?
    a hashing algorithm that creates weak passwords
  13. What is NTLM?
    a hashing algorithm authentication protocol
  14. AES and ___ go together.
  15. Reindale and ___ go together.
  16. Elliptic curve algorithm is ___.
  17. Another term for a marker inserted into a message is ____.
    digital signature
  18. What was the first successful algorithm to be designed for public key encryption?
  19. Rijindel is the most popular form of ___.
  20. What is PPP?
    point-to-point protocol
  21. What does PPP (point to point) protocol do?
    it enables a work station to communicate to a server using a serial connection. It requires little configuration
  22. What does Diffe-Hellman provide you?
    secure key exchange
  23. What is IDS?
    intrusion detection system
  24. What is a domain name?
    the symbolic name that identifies a domain, like www.everythingforcoffee.com usually associated with a company or other organization
  25. HIDS stands for ___.
    host-based intrusion detection system
  26. DSA stands for ___.
    Digital signature algorithm, used only for authentication. Similar to RSA
  27. 802.11i specifies what kind of encryption?
  28. Shared-key encryption is the same as ___.
    Symmetric encryption
  29. Symmetric encryption is the same as ___.
    Shared-key encryption
  30. Why might environmental controls be considered to be critical?
    if the HVAC system goes out during summertime
  31. What is port 25?
  32. What is port 110?
  33. What is port 443?
  34. What is port 80?
  35. What really is HTTPS?
    HTTP over SSL
  36. What are the two OSI model layer acronyms?
    all people seem to need data processing, and please do not throw stale pizza away
  37. DAC and RBAC are very similar, so look for the word ___ in the working of the question.
  38. Why require a mandatory vacation?
    to audit the person on vacation
  39. What is PMI?
    privilege management infrastructure
  40. Does MAC or DAC deal with top secret, secret, etc. levels?
  41. Does MAC or DAC use ACLs?
  42. What does ACL mean?
    access control list
  43. ___ over-rules any other access you may have.
  44. List the three authentication factors.
    something you know, have and are
  45. Kerberos authentication is based on a ___ ticket granting system.
    time sensitive
  46. What is a DC?
    domain controller: a server that responds to security authentication requests
  47. What is KBA?
    knowledge based authentication, i.e. Your mother’s maiden name
  48. What two things are related by the DNS server?
    host names and their associated IP addresses
  49. Most hosts are named ___.
  50. A ___ is a computer that enables resource sharing by other computers on the same network.
  51. A (or an) ___ maps MAC addresses with host IP addresses.
    ARP table
  52. What uniquely identifies nodes on a TCP/IP network?
    IP address
  53. What is the bottom-up acronym for the 7 layers?
    people dare not throw salty pretzels away
  54. What is DES?
    data encryption standard
  55. DES requires “what” of both the sender and the receiver?
    that they possess the same secret key
  56. What is the main disadvantage of 3DES?
    it’s three times slower than DES
  57. What is meant by “symmetric”?
    a symmetric encryption scheme is where both parties use the same key for encryption and decryption
  58. What is the main disadvantage to symmetric encryption schemes?
    they don’t scale well when you have a large number of users
  59. What is war driving?
    hackers with wireless laptops connecting to unprotected WLANs to access their resources
  60. What is a smurf attack?
    DoS attack where ping messages are broadcasted to an entire network on behalf of a victim computer, to flood him with responses
  61. What is SNMP?
    simple network management protocol which is vulnerable because it uses clear text. “v1” is much more vulnerable than “v2”. Someone who gains administrative control, can take over network connection devices.
  62. What is stateful packet inspection?
    In SPI, every time a packet is sent out of the computer, the firewall keeps track of it. When a packet comes back to the firewall, the firewall can tell whether the inbound packet is a reply to the packet that was sent out. This way the firewall can handle most network traffic safely without a complex configuration of firewall rules
  63. What is TPM?
    trusted platform module is something that goes with Bit locker
  64. What is VCPU?
    virtual CPU on a server
  65. Where is “virtual supervisor” used?
    in Cisco systems
  66. What is zone transfer used for?
    for security logging on a DNS server
  67. What is NTLMv2?
    a hashing algorithm authentication protocol from Microsoft
  68. What is OVAL?
    Open vulnerability and assessment language. It’s a standard that uses an XML-based language for the storage and dissemination of security information.
  69. What is quantum encryption?
    it involves sending data by way of photons, which are polarized in one of four directions. Eavesdroppers cause detectable changes in orientation which prevents them from getting secret information.
  70. What is RC4W?
    a symmetric algorithm using variable key lengths
  71. What is RSA?
    the first successful algorithm designed for public key encryption
  72. The “sandbox” is used by ___.
  73. What is SFTP?
    secure FTP, which is a SSH-encrypted version of FTP protocol
  74. What is SHA?
    secure hash algorithm modeled after MD5
  75. What is Hypervisor?
    virtual machine component that monitors and manages the various virtual instances
  76. What is IDS?
    intrusion detection system which scans, audits and monitors the security infrastructure for signs of attacks in progress
  77. What is IETF?
    the internet engineering task force
  78. What’s meant by “implicit deny”?
    blocks everything and only allows explicitly granted permissions
  79. What’s an internet content filter?
    tool used for allowing users to go to approved business-related websites only
  80. What is ISAKMP?
    Internet security association and key management protocol. They define procedures for authenticating computing peers, security associations, key generation techniques, and thread mitigation
  81. Who uses the “Key distribution center”?
  82. Who uses the “key ring”?
  83. What is 10base5?
    cable that uses thicknet coaxial copper
  84. What is AES?
    it is the most recent addition of cryptography
  85. What is Blowfish?
    a free 64-bit block cipher algorithm that uses variable key length
  86. What is DES?
    a weak form of encryption using symmetric keys
  87. What kind of encryption has the smallest keyspace?
  88. What are GRE packets?
    Generic routing encapsulation point-to-point tunneling protocol to create private networks
  89. What is meant by Gutman sanitization?
    removing data from storage media with reasonable assurance it can’t be retrieved and reconstructed
  90. What is 3DES?
    a symmetric encryption algorithm that processes each block of data three times with a different key each time
  91. What is 80211 modE?
    it has to do with “over the air” modulation techniques
  92. What is 8021x?
    a standard for port-based network access control for devices wishing to connect to a LAN
  93. What is ACL?
    access control list is statements used by a router to permit or deny the forwarding of traffic on a network, based on one or more criteria
  94. What is AES?
    a symmetric block cipher for encryption. Uses private key. Rijndael is the most popular form
  95. What is ARP?
    Address resolution protocol in the network layer. Relates MAC addresses to their IP addresses
  96. What is blue snarfing?
    process where attackers gain access to unauthorized information on a wireless device using a Bluetooth connection
  97. What is a CA?
    certificate authority issuing and maintaining digital certificates as part of the public key infrastructure
  98. What is CHAP?
    Challenge handshake authentication protocol that operates over PPP. It requires the authenticator to take the first step by offering the other computer a challenge
  99. What is a CRL?
    certification revocation list, of certificates that are no longer valid
  100. What is DAC?
    discressionary access control, where access is controlled based on users identity. Objects are configured with a list of users that are allowed to access them
Card Set