- Both the _______ and _________ use ACLs to block traffic by port, protocol, or IP address.
Router, firewall
- Where the router or firewall has no allow rule for a particular type of traffic, the traffic is blocked by a technique called ________ ____.
Implicit deny
- When setting up IPSec across the internet, it is used in _________ mode but when it is used in the LAN between client and server or server to server, it is known as ___________ mode.
Tunnel, transport
- I have installed a _________ ________ is my DMZ so that it will decrypt incoming traffic so that my firewall or inline NIPS can __________ the traffic.
Reverse proxy, inspect
- If I disable the SSID on my wireless access point, it can be discovered by a ___________ _________ _________ as the SSID is included in the packet or an SSID _______ device.
Wireless packet sniffer, decloak
- The role of the VPN concentrator is to set up the _________ ________ before the exchange of data.
Secure tunnel
- _____ ___________ is used to prevent someone plugging a laptop into my network; however, ________ is used to prevent a rogue access point being plugged into my network as it authenticates the user or device itself.
Port security, 802.1x
- A __________ is a device that is used by cybersecurity administrators so that they can observe the attack method used by hackers. This will then enable them to prevent these types of attacks in the future.
Honeypot
- A security administrator has noticed in the SIEM system log files that an attack was detected on Server 1 but when they manually inspected the server, the attack was not shown; this is known as a ______ ___________.
False positive
- One of the reasons why a SIEM system records a false positive is because the wrong ______ _________ were being used, therefore it was monitoring the wrong type of attack.
Input filters
An ________ NIPS has traffic flowing through it; however, the NIDS is known as ________ and relies on sensors and collectors to discover new attacks.
Inline, passive
_________ __________ inspects traffic going to a website, whereas a _______ ________ inspects traffic across the network.
Banner Grabbing, packet sniffer
Banner grabbing uses tools such as Dimitri, _____, ________, and ________.
Nmap, telnet, and netcat
__________ shows established connections in a Windows environment, whereas _________ shows established connections in a Linux/Unix environment.
Netstat, netcat (nc)
A _____ system correlates security logs from various devices such as servers and firewalls. The security administrator has decided to store the logs into a _______ drive so that they can be read but not tampered with as they may be needed as evidence at a later date.
SIEM, WORM
A company could use a ____-__-____ VPN instead of an expensive lease line or even more expensive dark fiber, but it must be set to _______ - ___ mode.
Site-to-site, always-on
A _____ ________ could be used as a spam filter and a ____ solution to prevent PII and sensitive information from leaving the company.
Mail gateway, DLP
Both ____ and a ______ can detect when new hosts have been added to your internal network.
Nmap, NIDS
A __________-______ NIDS/NIPS uses a known database and is reliant on regular updates where _______- _____ NIDS/NIPS start with a known database but can identify new variants.
Signature-based, anomaly-based
A security administrator changes the default _________ and _________, disables the SSID, and enables ______ filtering to make a wireless access point more secure.
Username, password, MAC
-
Categories & Types of security controls50
-
Chapter 1 - Types of security controls21
-
Threats, Attacks, and Vulnerabilities60
-
Threats, Attacks, and Vulnerabilities 250
-
Threats, Attacks, and Vulnerabilities 325
-
Mock Exam151
-
Cheat Sheet80
-
Chapter 2: Technologies and Tools Practice Tests50
-
Chapter 2: Technologies and Tools20
-
Chap2: Technologies and Tools 224
-
Mock Exam 250
-
Chap3 - Architecture and Design50
-
Chapter 3: Architecture and Design265
-
Mock Exam 350
-
Chapter4: Identity and Access Management50
