Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
final
| Question | Answer |
|---|---|
| The ICMP protocol is designed to | Check and report on network error conditions |
| Possible to capture packets from the network that are not destined for your machine? | True [Promiscuous Mode] |
| Authorization means | Using your confirmed identity to assign access rights |
| During a packet capture you notice TCP packets with "F" and "A" flags, what is going on? | A TCP/IP session shutdown process |
| The loss or omission of any security goal is | A compromise |
| If you run password crackers or packet sniffers at work, what is most important? | You must have permission from management before proceeding |
| Packet sniffing is a form of | passive reconaissance |
| The data ______ is the person have responsibility and authority for the data | Owner |
| The data ______ is the person temporarily accessing and/or modifying the data | Custodian |
| The term no tech hacking refers to | Methods used by a hacker to obtain information without the use of technology |
| What are the security goals? | Security, Functionality, Ease of Use |
| What is the CIA Triad? | Confidentiality, Integrity, Availability |
| What part of a packet can you examine when using a packet sniffer? | All of it |
| You receive a few SYN packets, followed by RST, but no ACK packets. What happened? | SYN Stealth open port scan from NMAP |
| Security policies should be written while keeping in mind | Information, People, Assets |
| In the CIA Triad, _____ is responsible for ensuring that legitimate users maintain access to information and resources they need access to | Availability |
| In terms of security, social engineering is | non technical ahcking |
| A _______ attaches itself to a program or file so it can spread from one computer to another with the file as it travels, leaving infections as it travels | Virus |
| A man in the middle attack exploits a _____ between computers | Trust relationship |
| In security, Authorization means | Using your identity to assign access rights |
| The TCP three-way handshake used to open a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? | SYN, ACK |
| What is an effective vulnerability scanner? | Nessus |
| What will a closed port respond to a SYN packet with? | RST Packet |
| A tries to open TCP session with B. A's initial sequence number is 123, B will respond with | It's own initial sequence number and an acknowledgement number of 124 |
| From the perspective of risk management, security is | Reducing / minimizing the risks to the organization and its assets to an acceptable level |
| The loss of one of the goals of security through an incident is known as | A Compromise |
| A fragmented IP Datagram can only be reassembled by | the host it is destined for |
| ______ is designed as a connectionless protocol | UDP |
| Each TCP conenction on a given system can be uniquely identified by | Source and Destination Port and IP |
| _____ spread from computer to computer, has the ability to travel and replication itself without any user intervention | Worm |
| What is a threat? | Something that could cause a security issue if allowed to get in, can't do anything with a vulnerability to get in, external to system but may be internal to security environment |
| What is a vulnerability? | Potential security hole that may exist and needs to be fixed to ensure it isn't exploited by a threat. So long as it exists, a compromise exists. Internal to system/security environment. |
| What is active reconassiance? | The goal is to gather more direct information while remaining unseen. Improve on passive recon while still treading lightly. Visibility becomes a possibility at this level. |
| Name some examples of active reconaissance | scanning to find systems and vulnerabilities, searching for non-public, protected or privileged information, system profiling, hacking, social engineering |
| What is the concept of least privileges? | Every security object (user, process, etc) should only be assigned the MINIMUM PERMISSIONS required to be able to accomplish it's assigned tasks |
| What are the 3 main types of security? | 1. System security: Protection of information and services on a system. 2. Communication Security, protection of information while it's being transmitted. 3. Physical security: protection from physical access to computer, facilities |
| Why is physical security necessary? | If the enemy has access to the hardware they can use a much broader set of skills and tools to breach any security. |
| What vulnerability is hardest to secure against? | The human element |
| In security, authentication is | confirming your identity with an element unique to the individual |
| What is the optimal information security strategy? | Defense in Depth |
| Which of the CIA Triad elements are responsible for ensuring that personal information is not disclosed to unauthorized users? | Confidentiality |
| _____ reconaissance is used by hackers for observing and learning about the target from afar | Passive |
| _____ reconaissance is used by hackers to gain more direct knowledge of the target | Active |
| The TCP Three-way handshake used to close a TCP connection uses 3 packets. What 2 flags are required to be set across these 3 packets? | FIN, ACK |
| How can you determine what O/S a company is using? | You can't |
| No tech hacking refers to | acquiring technical information without the need for technical tools |
| A weakness in a computer system, or a point where the system is susceptible to attack is | A vulnerability |
| In order for a packet sniffer to work properly, it needs to put the NIC card into what mode? | Promiscuous |
| Which TCP/IP layer is concerned with physically moving electrons across a wire? | Physical |
| _____ is a connection protocol? | UDP |
| Are natural disasters considered a threat to security? | Yes |
| How to break codes and ciphers | Cryptoanalysis |
| What is SIGINT? | Signal intelligence |
| What is COMINT? | Communications Intelligence (between people) |
| What is ELINT? | Electronic Intelligence (radar) |
| What is DES? | Data Encryption Standard |
| What is AES | Advanced Encryption Standard |
| What is a block cipher? | Algorithm - takes fixed-length |
| How many rounds of functions does DES go through? | 16 |
| What is the study of cipher systems? | Cryptography |
| What is the mechanism that encrypts and decrypts | Cipher |
| What is a KPA? | Known Plaintext Attack - attacker has samples of plaintext and it's encrypted version |
| What is CPA? | Chosen Plaintext Attack - attacker has ability to choose a plaintext to be encrypted and obtain the ciphertext |
| What is COA? | Ciphertext Only Attack - Attacker only has access to set of ciphertexts |
| What is CCA? | Chosen Ciptertext Attack - attacker has ability to choose a ciphertext and obtain its decryption under an unknown key |
| What is a Chosen Key attack? | Attacker has the ability to use a ciphertext and attack with random keys until a message is gained. |
| What is a symmetric encryption? | Uses 1 shared secret key to encrypt/decrypt |
| What is asymmetric encryption? | Uses 2 keys; 1 private, 1 shared. |
| What is a hash function? | Makes data of arbitrary size to hashed data of fixed size. Slight change in input makes large changed in output. Used for data validation. |
| How does 3DES work? | Encrypt with Key A, Decrypt with Key B, Encrypt with Key C |
| What is ROT13? | Move letters 13 down the alphabet |
| What is substitution | Alters letters with others, A = J, etc |
| When did DES become broken? | 1999 |
| What is the advantage of quantum cryptography? | You can detect if someone is intercepting messages |
| What is a PKI? | Public Key Infrastructure. A way to distribute public keys using a trusted 3rd party (certificate authority) |
| What type of VPN would a telecommuter use? | Remote access VPN, uses application software on computer |
| What type of VPN would a remote office use? | Site to Site VPN, uses VPN Routers |
| Difference between IPSec VPN and SSL VPN? | IPSec = application, SSL = web browser |
| IDS vs IPS? | IDS monitors traffic (passive), IPS takes immediate actions (active) |
| What is steganography? | Concealing data in a carrier medium |
| Steganography: Injection? | Data in usused part of file |
| Steganography: Data Substituion? | Non-critical data is replaced |
| 0th byte of IPv6 header (1st and 2nd number) | Version and IHL |
| 1st byte of IP header (3rd & 4th number) | TOS |
| Second and Third byte of IP header (5th, 6th, 7th, 8th number) | Total Length |
| Fourth and fifth byte of IP header (9th-12th numbers) | ID |
| 6th byte of IP header (13th number) | IP Flag |
| 6th through 7th byte (14th-16th number) | Fragment Offset |
| 8th byte of IP header (17th and 18th number) | TTL |
| 9th byte (19th and 20th number) | PROTOCOL [IMPORTANT] |
| What is protocol 1? | ICMP |
| What is protocol 6? | TCP |
| What is protocol 17? | UDP |
Created by:
ZEOHI
Popular Engineering sets