Security Techniques

Question 1

What is the primary goal of security techniques in computing resources?

Answer 1

Protecting digital assets from evolving cyber threats

Security techniques range from traditional to advanced methods.

Question 2

Name the key areas of application security.

Answer 2

• Input validation
• Secure cookies
• Static and dynamic code analysis
• Code signing
• Sandboxing

These areas aim to prevent, detect, and remediate security vulnerabilities.

Question 3

What does NAC stand for in network security?

Answer 3

Network Access Control

NAC protects networks by assessing the security status of devices before granting access.

Question 4

True or false: WPA3 is the latest and most secure wireless security protocol.

Answer 4

TRUE

WPA3 introduces new features for enhanced security, including simultaneous authentication of equals.

Question 5

Fill in the blank: WPA2 uses the _______ protocol for stronger encryption.

Answer 5

AES

AES stands for Advanced Encryption Standard, which is used in WPA2 for secure wireless communication.

Question 6

What are the types of web filtering techniques mentioned?

Answer 6

• Agent-Based Web Filtering
• Centralized Proxy
• URL Scanning
• Content Categorization
• Block Rules
• Reputation-Based Filtering

These techniques help control or restrict internet content access.

Question 7

What is the purpose of input validation in application security?

Answer 7

Ensures applications process well-defined, secure data

It guards against attacks exploiting data input vulnerabilities like SQL injection.

Question 8

What does DMARC stand for in email security?

Answer 8

Domain-based Message Authentication, Reporting and Conformance

DMARC helps detect and prevent email spoofing by setting policies for email handling.

Question 9

Name the protocols used for email security.

Answer 9

• DKIM
• SPF
• DMARC

These protocols protect email content and accounts from unauthorized access.

Question 10

What is the function of RADIUS in network security?

Answer 10

Offers Authentication, Authorization, and Accounting services

RADIUS is widely used for secure access to network resources.

Question 11

What is the significance of Wireless Access Point (WAP) placement?

Answer 11

Influences network range, coverage, and security

Proper placement prevents unauthorized access by limiting signal leakage.

Question 12

What are the types of interference that can affect Wireless Access Points?

Answer 12

• Co-Channel Interference
• Adjacent Channel Interference

These interferences occur when multiple WAPs use the same channels or overlapping frequencies.

Question 13

What does EAP stand for in authentication protocols?

Answer 13

Extensible Authentication Protocol

EAP supports multiple authentication methods and provides common functions.

Question 14

What is the role of sandboxing in application security?

Answer 14

Isolates running programs to limit access to resources

Sandboxing prevents harmful actions on the host device or network.

Question 15

Fill in the blank: WEP stands for _______.

Answer 15

Wired Equivalent Privacy

WEP was introduced in 1999 and is considered insecure due to its weak encryption.

Question 16

What are the benefits of DKIM in email security?

Answer 16

• Email authentication
• Protection against email spoofing
• Improved email deliverability
• Enhanced reputation score

DKIM adds a digital signature to email headers for integrity verification.

Question 17

What is the purpose of static code analysis (SAST)?

Answer 17

Identifies issues like buffer overflows and SQL injection before running the program

SAST is important for proper input validation in both front-end and back-end code.

Question 18

What does AAA stand for in network security?

Answer 18

Authentication, Authorization, and Accounting

AAA protocols are important for centralized user authentication and access control.

Question 19

What is the function of email gateways?

Answer 19

Facilitate secure and efficient email transmission

Email gateways handle routing, security, policy enforcement, and encryption.

Question 20

What is a Cloud-Based Email Gateway?

Answer 20

Hosted by third-party cloud service providers, providing scalability but limited control over configurations

This type of gateway allows organizations to leverage cloud resources for email security.

Question 21

What is a Hybrid Email Gateway?

Answer 21

Combines on-premises and cloud-based gateways for a balance between control and convenience

This approach allows organizations to utilize both local and cloud resources.

Question 22

What is the purpose of Spam Filtering?

Answer 22

Detects and prevents unwanted and unsolicited emails from reaching users’ inboxes

Techniques include content analysis, Bayesian filtering, DNS-based sinkhole list, and email filtering rules.

Question 23

Name the techniques used in Spam Filtering.

Answer 23

• Content analysis
• Bayesian filtering
• DNS-based sinkhole list
• Email filtering rules

These techniques help identify and manage spam emails.

Question 24

What does Endpoint Detection and Response (EDR) focus on?

Answer 24

Monitoring endpoint and network events and recording the information in a central database

EDR continuously monitors for advanced threats.

Question 25

What are the key functions of **EDR**?

Answer 25

* Analysis * Detection * Investigation * Reporting * Alerting ## Footnote These functions enhance security monitoring and incident response.

Question 26

How does **EDR** work?

Answer 26

* Data Collection * Data Consolidation * Threat Detection * Alerts and Threat Response * Threat Investigation * Remediation ## Footnote These steps outline the process of detecting and responding to threats.

Question 27

What is **File Integrity Monitoring (FIM)**?

Answer 27

Validates the integrity of operating system and application software files by comparing their current state with a known, good baseline ## Footnote FIM helps identify unauthorized changes to critical files.

Question 28

What is **Extended Detection and Response (XDR)**?

Answer 28

Integrates multiple protection technologies into a single platform ## Footnote XDR improves detection accuracy and simplifies incident response.

Question 29

What is the difference between **EDR** and **XDR**?

Answer 29

* EDR: Focused on endpoints * XDR: Comprehensive solution including endpoints, networks, cloud, and email ## Footnote XDR integrates multiple protection technologies for broader threat detection.

Question 30

What is **User Behavior Analytics (UBA)**?

Answer 30

Uses big data and machine learning to analyze user behaviors for detecting security threats ## Footnote UBA focuses on understanding user behavior to identify patterns and anomalies.

Question 31

What does **User and Entity Behavior Analytics (UEBA)** extend to?

Answer 31

Monitors entities like routers, servers, and endpoints in addition to user accounts ## Footnote UEBA enhances security by analyzing both user and entity behavior.

Question 32

What are the key aspects of **UBA** and **UEBA**?

Answer 32

* Establishing normal behavior baselines * Identifying deviations from normal behavior * Generating alerts for anomalies ## Footnote These aspects help in early detection of security threats.

Question 33

What are **secure protocols**?

Answer 33

Protocols that protect data in transit from unauthorized access ## Footnote Examples include HTTPS, SFTP, and SSH.

Question 34

What is the difference between **HTTP** and **HTTPS**?

Answer 34

HTTP transmits in plaintext; HTTPS uses encryption ## Footnote Always use the encrypted version for secure data transmission.

Question 35

What are the categories of **ports**?

Answer 35

* Well-known ports (0-1023) * Registered ports (1024-49151) * Dynamic/private ports (49152-65535) ## Footnote Port numbers indicate whether a protocol is secure.

Question 36

What is **TCP (Transmission Control Protocol)**?

Answer 36

Connection-oriented, ensuring data delivery without errors ## Footnote Ideal for applications where data accuracy is crucial.

Question 37

What is **UDP (User Datagram Protocol)**?

Answer 37

Connectionless and faster, but doesn't guarantee data delivery ## Footnote Suitable for applications prioritizing speed over accuracy.