General Security Concepts

Question 1

Which term refers to someone providing information that proves they are who they say they are?
A. Authentication
B. Authorization
C. Accounting

Answer 1

A

Question 2

True or False: The AAA framework consists of three parts and they are: Authentication, Availability, and Accounting

Answer 2

False

Question 3

authentication

Answer 3

providing information that proves someone is who they say they are

Question 4

authorization

Answer 4

• the amount of access someone has based on their identification and authentication
• the process of giving someone access to resources

Question 5

CA/Certificate Authority

Answer 5

the entity that signs a certificate authority for a specific device

Question 6

certificate authentication

Answer 6

a certificate included on a device as an authentication factor

Question 7

CIA Triad

Answer 7

A combination of principles that includes confidentiality, integrity, and availability
- confidentiality: sensitive data should be protected
- integrity: statse that data should be accurate and unaltered
- availability: states that data should always be accessible to those who are authorized

Question 8

compensating

Answer 8

a security control type that attempts to make up for the shortcomings of other controls and prevent the exploitation of a weakness

Question 9

corrective

Answer 9

a security control type used to minimize negative impact of an incident; fire suppression system, antivirus software, security training

Question 10

detective

Answer 10

• only triggered during or after an incident has occurred
• examples: smoke alarm detecting smoke, an intrusion detection system, motion detectors, a video surveillance camera

Question 11

deterrent

Answer 11

a security control type that discourages threats from trying to exploit a vulnerability; examples include security guards, login banners,

Question 12

directive

Answer 12

a weak security control type that directs a subject towards security compliance

Question 13

identification

Answer 13

this describes who someone claims to be

Question 14

integrity

Answer 14

• part of CIA triad
• means that information can’t be modified without detection

Question 15

managerial

Answer 15

security control category enforced by management and implemented by employees

Question 16

operational

Answer 16

a security control category that translate managerial policies into routine work. they are the repeatable steps people follow to keep systems secure, detect problems, and restore services when needed

Question 17

physical security controls

Answer 17

security control category implemented to prevent unauthorized physical access to facilities and resources

Question 18

preventative security controls

Answer 18

a security control type that exists to not allow an action to happen; examples include firewalls, fences, and access permissions

Question 19

Proof of Origin

Answer 19

proof that a message was not changed

Question 20

technical

Answer 20

security control category implemented through technology to protect systems and data.

Question 21

True or False: It is possible for a security control to fall into or have more than just one category?
A. True
B. False

Answer 21

A

Question 22

Which refers to the five types of security controls?

Question 23

What are the six types of security controls?

Answer 23

1. Preventative
2. Detective
3. Deterrent
4. Directive
5. Corrective
6. Compensating

Question 24

What are the four security control categories?

Answer 24

1. Managerial
2. Operational
3. Technical
4. Physical

Question 25

What type of security control category would an electric fence fall under?

Answer 25

Physical

Question 26

What does zero trust mean?

Answer 26

It means that authentication is required and nothing is inherently trusted: verification is required at every part of the interaction

Question 27

True or False: Threat scope reduction and policy driven access control are two methods to control trust

Answer 27

True

Question 28

Policy Enforcement Point

Answer 28

Part of the policy enforcement matrix

Question 29

Plane of Operations

Answer 29

How components are split within zero trust framework

Question 30

policy decision point

Answer 30

in the policy driven access control process, this contains the policy engine and policy administrator the process for making an authentication decision (determining whether to grant or deny access to resources)

Question 31

policy engine

Answer 31

in the policy driven access control process, this is in the policy decision point and evaluates each access decision based on policy and other information sources

Question 32

policy administrator

Answer 32

In the policy driven access control process, this is responsible for writing the rules that say who can do what, when, where, on which device, and under what risk level.

Question 33

access control vestibules

Answer 33

secure entry areas that consist of two interlocking doors, ensuring that one door must close before the other opens

Question 34

fencing

Answer 34

this is a physical security control that people sometimes use for their yards in the suburbs

Question 35

video surveillance

Answer 35

this type of physical security control describes things like CCTV cameras

Question 36

security guard

Answer 36

this describes a person whose job it is to ensure that only authorized personnel can get into an area

Question 37

lighting

Answer 37

a way of providing security that provides a well-lit area so cameras can see better; effectiveness depends on how bright it is and the angles it is implemented with

Question 38

sensors

Answer 38

this describes a physical security control that uses things like motion detection hardware to ensure a location is physically safe

Question 39

infrared

Answer 39

this describes a physical security control that uses rays that are invisible to the human eye to determine the presence and heat of someone; not good for a large area

Question 40

pressure

Answer 40

a sensor that can identify a change in force

Question 41

microwave

Answer 41

detects movement across large areas (similar to infrared)

Question 42

ultrasonic

Answer 42

sending soundwaves (when is it best to use soundwaves)

Question 43

access badge

Answer 43

a type of physical security control that ensures only authorized personnel can enter/leave an area

Question 44

honeypot

Answer 44

a way to attract an attacker to a system 🍯

Question 45

honeyfiles

Answer 45

files with fake information; good to have an alert when someone accesses it

Question 46

honeytoken

Answer 46

a way to track malicious actors; something traceable like an api key, or fake email addresses

Question 47

honeynet

Answer 47

this is an entire computer network that serves as a trap for potential attackers

Question 48

Change Management

Question 49

change management

Answer 49

the act of ensuring any operational changes are planned thoroughly with reduced risks to systems; actions include upgrading software, patch an application, change firewall configuration, modify switch ports

Question 50

company

Answer 50

a business entity that needs to make an update

Question 51

owner

Answer 51

in change management, this is the team that actually makes the update

Question 52

stakeholder

Answer 52

anyone impacted by a change in an organization; can be an individual or a group

Question 54

allow list

Answer 54

this is a list that states nothing runs unless it’s approved; very restrictive

Question 55

deny list

Answer 55

nothing on the bad list can be executed (anti-virus) is a deny-list

Question 56

downtime

Answer 56

a period when services may be unavailable, best when scheduled around company operations

Question 57

restarts

Answer 57

rebooting the system; something that might be required in the event of technical change management; can be problematic if the application is a legacy application

Question 58

dependencies

Answer 58

when one situation requires changing another variable

Question 59

documentation

Answer 59

the process of creating something that keeps track of with changes within an organization

Question 60

version control

Answer 60

tracking changes between versions of operation systems

Question 61

Which refers to **a framework that enables the creation, management, distribution, and revocation of digital certificates, which are used to verify the identity of users and devices in secure communications. It utilizes public-key cryptography to ensure the confidentiality and integrity of data exchanged over networks**? A. IKE B. PKI C. KDC D. KEK

Answer 61

B

Question 62

When something is encrypted with the key and decrypted with the same key, this is called A. Symmetric Encryption B. Asymmetric Encryption

Answer 62

A

Question 63

asymmetric encryption

Answer 63

the process of creating two or more mathematically related keys where the private key is kept private but the public key is what anyone can see and give away **key considerations** * -private key is the only key that can decrypt data encrypted with public key * you cannot derive private key from the public key

Question 64

key stretching/strengthening

Answer 64

the process of encrypting a key value multiple times to reduce the likelihood that a user will correctly brute force the password for it

Question 65

What abbreviation represents a symmetric‑key block cipher adopted as the U.S. federal standard for encrypting data; supports 128‑, 192‑, and 256‑bit keys? A. SHA B. AES C. DES

Answer 65

AES

Question 66

What abbreviation refers to a key used to encrypt/wrap other cryptographic keys, facilitating secure key storage and distribution? A. KDC B. IKE C. KEK D. PSK

Answer 66

C. KEK/Key Encryption Key

Question 67

What abbreviation refers to a protocol used to set up a security association (SA) in IPsec, handling mutual authentication and key generation A. KDC B. IKE C. KEK D. PSK

Answer 67

B. Internet Key Exchange

Question 68

True or False: TKIP is an encryption protocol used in early Wi‑Fi security (WPA) that was designed to replace WEP; now considered deprecated

Answer 68

True

Question 69

What is the name of a tool that that establishes root of trust for single computing platform and provides secure storage of keys and attestation of platform’s state?

Answer 69

TPM/Trusted Platform Module

Question 70

What abbreviation refers to a device that is used in large environments and securely stores and backups thousands of cryptographic keys? A. KDC B. HSM C. PKI

Answer 70

B. Hardware Security Module

Question 71

What are the three things you should know about a security enclave?

Answer 71

1. It's a protected area for secrets 2. It's often implemented as a hardware proessor 3. It can do several different things including boot ROM, monitoring system boot, random number generation, real-time encryption, root crypto key generation, and aes encryption

Question 72

What four kinds of steganography techniques and their definitions?

Answer 72

1.** network based:** the process of embedding messages in tcp packets 2. **audio steganography:** the process of hiding messages within in audio track or an audio file 3.** video steganography:** the process of hiding messages within a video 4. **tokenization**: replacing sensitive data with a non-sensitive placeholder that can be reversed

Question 73

hash collision

Answer 73

occurs when you have two different inputs and the encrypted version of each match’ happened with MSD5

Question 74

salted hash

Answer 74

when hash + salted+hash replaces an actual password, which is never shared.

Question 75

salt

Answer 75

random data added to password when hashing

Question 76

rainbow tables

Answer 76

won't work with salted hashes; additional random value added to original password

Question 77

distributed ledger

Answer 77

something that is used to keep track of transactions across computers in a way that ensures data is secure, transparent, and immutable

Question 78

public key certificate

Answer 78

a certificate that binds a public key and other detaills about a keyholder, with a with a digital signature that adds trust

Question 79

digital certificate information

Answer 79

information contains serial number, version, signature, algorithm, issuer, name of cert holder, public key, extensions, and more….

Question 80

Root Of Trust

Answer 80

an inherently trusted component that provides trust for a specific system

Question 81

Certificate Authority

Answer 81

something that has digitally signed a website certificate

Question 82

Wildcard Certificate

Answer 82

A digital certificate that can secure any sub‑domain of a given domain name, using a single private key. The subject name contains a leading asterisk (*).

Question 83

Certificate Revocation List/CRL

Answer 83

a digitally signed list published by a certificate authority that enumerates certificates revoked before their expiration

Question 84

Online Certificate Status Protocol/OCSP | A

Answer 84

A protocol that enables the on demand querying of the status of a digital certificate

Question 85

Symmetric Encryption

Answer 85

One key is used

Question 86

Asymmetric Encryption

Answer 86

Two or more mathematically created where one encrypts and is accessible by all and the private key is kept secret

Question 87

Full Disk Encryption/FDE

Answer 87

Encrypting all of the files on a disk; prevents unauthorized access if computer is lost or stolen - physical equivalent would be locking the front door

Question 88

Partition Encrypting

Answer 88

Encrypting a single storage partition on a device; provide greater flexibility that disk encryption but also less security

Question 88

Volume Encryption

Answer 88

Encrypting several storage partitions on a device - physical equivalent is locking the room

Question 89

Algorithms

Answer 89

AES/Advanced Encryptytio