Essential functions of Anti-Malware:

(signature scanning, integrity checking, file changes, centralized updates, heuristic scanning)
characteristics of malware: (encryption, stealth, polymorphism, time dependence)
List the 5 basic protections of information security. (Confidentiality, Integrity, Availability, Non-repudiation, Authentication)
List the 3 types of mutating malware. (oligomorphic, polymorphic, metamorphic)
List 2 ways of implementing encryption through software. (file system cryptography, whole disk encryption)
Which information security protections does asymmetric cryptography provide? (ALL 5 CIAAN-R)
List the two physical procedures/approaches for social engineering attacks. (dumpster-diving, tailgating)
List the 4 traits by which malware can be classified. (circulation, infection, concealment, payload)
List the ways of implementing hardware encryption. (USB device encryption, Hard disk drive encryption, trusted platform module, hardware security module)
Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose
all that apply.) industry-standard frameworks, Reference Frameworks Which of the following is a common security framework? ISO, Cobit, ASA
What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data? Drive file Slack
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is
known as: SLA (Service Level Agreement) What dedicated hardware device aggregates hundreds or thousands of VPN connections? VPN Concentrator
Select the technology that can be used to examine content through application-level filtering. Web Security Gateway
Which network address below is not a private IP address network? 172.63.255.0
What type of network is a private network that can also be accessed by authorized external customers, vendors, and partners? Extranet
If Bob wants Sue to read Alice's reply to an encrypted message that Bob sent, which key should Bob use to send the message to Sue? Sue’s public key
Which security procedure is being demonstrated if an administrator is using Wireshark to watch for specific inbound and outbound traffic? Firewall monitoring
What is the term for a network set up with intentional vulnerabilities? Honeynet
If a user uses the operating system's "delete" command, what type of data removal procedure was used? Purging
Which of the following accounts is a user account that is created explicitly to provide a security context for services running on a server? Service account
Which of the following is a category of group password settings in Microsoft Windows? (Choose all that apply.)
Password Policy Settings, Account Lockout Policy What federation system technology uses federation standards for SSO and exchanging attributes? Shibboleth
What criteria must be met for an XSS attack to occur on a specific website? Accept user input without validating & use
What systems control locally or at remote locations by collecting, monitoring, and processing real-time data so that machines can directly control devices such as
valves, pumps, and motors without the need for human intervention? ICS
What type of computer code is typically added to a legitimate program but lies dormant until a specific logical event triggers it? Logic Bomb
If I were to implement a control to prevent an attack, what would the name(s) of that control be? Preventative, Physical
Which term below describes the art of helping an adult learn? Andragogical
If I were to implement a control before an attack, what would the name(s) of that control be? Preventative, Physical, Deterrent
7 steps in the Cyber Kill Chain:
Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, Actions on Objectives
Reduce risk of losing mobile device: Keep out of sight, be aware of surroundings, use both hands.
Hash Algorithm: Creates a unique digital fingerprint of data by applying a one-way algorithm on it. It is often used to determine if the contents of some sort of
data have been altered. This is because the hash of the altered data will differ from the hash of the original data.
OSI Model: Physical, Data Link, Network, Transport, Session, Presentation, Application
Disaster Plan: 1. Contact names and phone numbers for emergency coordinators
2. Details on which data and servers are being backed up, how frequently backups occur, etc.
3. Details on network topology redundancy
4. Regular strategies for testing the plan
RADIUS servers -> RADIUS Proxy Subject -> Operation -> Object User password = Authentication
ACL = Access Control List Orphaned Accounts -> ExpirationPartner on-boarding = Trust Rel.
ISA = agreement minimize risk SLA = service contract andragogical = adult learning
Supply chain; companies suppliers intermediate final to customer
Program virus Content mgmt = support creation and subseq editing and modif of digital content
NOT a benefit of using the CYOD = increased internal service public & corporate apps = MDM
man-in-the-browser intercepts
XSS The website must accept user input while validating it and use that input in a response.
Create a mask – rule attack Running user desktop inside virtual machine = VDI
What monitors emails for spam and other unwanted content to prevent these messages from being delivered?
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the
surveillance? CCTV Which of the following are considered to be part of a typical OS security configuration? (Choose all that apply.) ALL
(Disabling unnecessary ports and services, Employing least functionality, Password auditing, Disabling default accounts/passwords)
Which of the following are application development stages? (Choose all that apply.) Staging and Testing (not proofing and analysis)
What type of OS in firmware is designed to manage a specific device like a video game console?
Appliance OS
What security standard was introduced in conjunction with UEFI?
Secure Boot
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the
name for this technology?
Roller Barrier