Generic Security Concepts ReviewQ: What is the CIA triad, what does each mean?. Generic Security Concepts ReviewQ: What type of authentication system does the OS Security Kernel determi
Trang 1Generic Security Concepts Review
Q: What is the CIA triad, what does each
mean?
Q: What is non-repudiation?
Q: Define Layered Security
Q: What is the main security reasoning for
mandatory vacations?
Trang 2Generic Security Concepts Review
Q: What type of authentication system does the OS (Security Kernel) determined who is allowed access
to a resource
Q: What access control model helps fight
“authorization creep”
Q: Biometrics are an example of “What you ”
Q: What is a better security model, network based or host based? Justify your answer
Trang 3Chapter 2 – Review Questions
Q What is the best countermeasure against phishing attacks?
Q Why is a hoax still a security concern?
Q Installing camera to read credit card numbers at gas pumps is what type of attack?
Q Does an Organization Security Policy Statement detail specifics such as how to properly encrypt
data?
Trang 4Chapter 2 – Review Questions
Q What is the difference between Due
Diligence and Due Care?
Q What is the term for a set of “required steps
to be taken” when doing some action called?
Trang 5Cryptography review
Q Which of the CIA triad does a hash provide?
Q An HMAC is used to try to prevent MiM
attacks Does a HMAC provide
non-repudiation?
Q Why don’t we just use Asymmetric
Encryption for all encryption?
Q What is Diffie-Hellman primarily used for?
Trang 6Cryptography review
Q What is AES meant to replace, what is the
algorithm that was chosen to be AES?
Q True or false, If I encrypt a message with
someone's public key, anyone with the public key can decrypt it
Q What is the Asymmetric algorithm commonly used
in PDAs and cell phones?
Q How many rounds of transposition/substitution
does DES have? How about Triple DES?
Trang 7PKI review questions
Q What is a digital certificate? What is it intended to represent?
Q What are two important pieces of info in a digital certificate
Q Why would you use multiple certificates
Q If you have 100 users, in a 2 certificate model
(encryption & signing) how many total keys do you have?
Trang 8PKI review
Q What is key escrow
Q How do I validate the identity of a certificate that someone has given me? When does the validation chain end?
Q What version of X.509 were extensions added?
Q My certificate has been revoked, how do I
“un-revoke it”
Trang 9Physical Security Review
Q What feature can allow a windows computer to
automatically run a Trojan program on an inserted
CD or USB drive
Q Which of the following water based automatic fire suppression systems would be best used for a data center
Q Why is access to a network jack a risk?
Q What is the CER in terms of biometrics
Q What is a type 1 and type 2 error?
Trang 10Physical Security Review
Q If providing access to a bank vault, would I
prefer higher false positives or higher false
negatives?
Q What type of fire rating is electrical fires?
Q What is the difference between smart cards and memory cards
Q What type of motion sensor detects a human
through emanated heat?
Trang 11Chapter 8 - Review
Q What layer of the OSI model does a switch
operate at, what addresses does it “switch”
Q What layer of the OSI model does a router look
at, what addresses does it “route”
Q What is the purpose of MAC flooding?
Q What is a DNS poisoning attack
Trang 12Chapter 8 Review
Q What is a Bastion Host
Q What is the purpose of a DMZ
Q What is NAC/NAP?
Q What is the main purpose of a circuit layer proxy
Q How is an application layer proxy different than a circuit layer proxy?
Trang 13Chapter 9 – Review Questions
Q Name the 3 AAA protocols we talked about
Q Which of the following items does Kerberos use
– Shared keys
– Tickets
– Public keys
– Digital signatures
Q Does L2TP use TCP or UDP?
Q Explain the difference between CHAP and PAP
Trang 14Chapter 9 – Review Questions
Q What protocol (TCP/UDP) does Radius use, how about TACACS+
Q Why is Telnet bad?
Q What is the purpose of a VPN?
Q What protocol does PPTP require for
operation?
Trang 15Chapter 10 – Review Questions
Q What encryption protocol does WEP use
Q What 2 key lengths does WEP support
Q WPA takes the algorithm from WEP and changes the
encryption key with every packet What is this called? T_ _ _
Q What encryption protocol does WPA2 use?
Q Why is MAC filtering or turning off SSID broadcasting not sufficient security?
Q What does WAP use as the “secure” WAP protocol?
W _ _ _
Trang 16Chapter 10 – Review Questions
Q What is the WAP GAP
Q Define how to accomplish a MiM attack on a
Trang 17Chapter 11 - IDS
Q What is an IDS?
Q What is the difference between an HIDS and a
NIDS
Q What is the difference between a IDS and an IPS?
Q What are two “types” of IDS detection, explain
them?
Trang 18Chapter 11 - IDS
Q What is the purpose of a honey pot?
Q If an IDS detects traffic coming in from the internet with internal IP addresses as the src addresses,
why should I be concerned?
Q Which is the first version of Windows that
Windows Defender is shipped with? What other
Windows OS’es is it available for?
Q Can signature based scanning detect 0days
attacks?
Trang 19Chapter 12
Q What is a security baseline?
Q What is a windows feature that you can use to push computer settings to all computer in a domain?
Q What is a windows “security template”
Q Does a hot fix generally add new functionality to an
OS or application?
Q What is system hardening?
Trang 20Chapter 12
Q What is a buffer overflow
Q What are TCP wrappers?
Q Describe Unix File Permissions?
Trang 22Chapter 13
Q What are the steps in a 3 way handshake
Q What is the difference between a virus
and a worm
Q What is a SYN flood
Q What is a Smurf attack
Trang 23Chapter 13
Q What is the concept of stealing another persons live TCP communication stream called
Q What is a replay attack?
Q What is a root kit?
Q What is a vishing attack? (not phishing)
Q What is the best defense for phishing?
Trang 25Chapter 14
Q What is a problem with POP
Q What is a problem with IMAP
Q Is SMTP encrypted? Does is provide user authentication?
Q.What is a real-time Black Hole List?
Trang 26Chapter 14
Q What is greylisting?
Q What is S/MIME, which symmetric encryptions methods does it support _ _ 2 & _ _ _ S
Q What “PKI” model does PGP use?
Trang 27Chapter 15
Q Why is SSL used for websites? What does SSL and a website provide?
Q What is Active X, what access to your
computers does Active X have?
Q What is Java
Q What is application signing?
Trang 28Chapter 15
Q What does application signing provide?
Q What restrictions does Java place on
unsigned applications?
Q Is safe to run ANY signed java/active X app?
Q Briefly define Cross Site Scripting (XSS)
Q Where does a CGI program run.
Trang 29Chapter 16
Q What is a Hot Site
Q What is a warm site.
Q What is a cold Site.
Q What is the difference between a Hot Site and a Mirror Site
Trang 30Chapter 16
Q What is a Full Backup
Q What is an incremental Backup
Q What is a differential Backup?
Q What is a continuous Backup?
Trang 31Chapter 16
Q What is RAID0
Q What is RAID1
Q What is RAID5
Q If I have 4 30G disks setup as a RAID 5
array, how much actually usable storage do I have?
Trang 33$30K a year, should I implement it?
Q If my ALE is $50K a year, a countermeasure will reduce the ALE by 50%, and the
countermeasure costs 30K a year, should I
implement it?
Trang 34Chapter r17
Q What is “residual risk”
Q What is risk transference
Q What is risk avoidance
Q What is risk acceptance
Trang 36Chapter 18
• Change management… nothing really here
Trang 37Chapter 19
Q What is role based access control
Q What is MAC? Where is it usually used?
Q What is DAC? Where is it usually used?
Q What is rule based access control?
Trang 38Chapter 19
Q What is single sign on, name one SSO technology
Q What is a minimum password age
Q What is a password “history”
Q Name the main components of Kerberos Does
Kerberos every send passwords across the
network?
Q What is a major “gotcha” when debugging
Kerberos login failures?
Trang 39Chapter 20 – Review Questions
Q What is the concept of best evidence
Q When you want to do forensics on a
computer, you should make a copy of the
hard drive What type of copy should you
make?
Q What is the MINIMUM number of copies you should make of the original hard drive
Trang 40Chapter 20 – Review Questions
Q Put these step of analysis in the correct order
A Analyze the Drive
B Power down the system
C Dump Memory
D Image the hard drive
Q Why do you run checksums/hashes on the original files