Network Security | Compliance and Operational Security | Threats and Vulnerabilities | Application, Data, and Host Security | Access Control and Identity Management |
---|---|---|---|---|
What is signature-based detection?
A detection method where a database of known vulnerabilities or attack patterns is used.
|
What is PII?
Any information that can be used to identify a specific individual.
|
What is a logic bomb?
A string of code embedded into an application or script that will execute in response to an event.
|
What is input validation?
The lack of this security control is one of the most common security issues on web-based applications. It allows for many different types of attacks, such as buffer overflow, SQL injection, and XSS.
|
What is the principle of least privilege?
A principle which states that individuals and processes should only be granted the rights and permissions needed to perform assigned tasks or functions, but no more.
|
What is implicit deny?
The last rule in an ACL.
|
What is the order of volatility?
The order in which you should collect evidence (in general, starting with the least stable and moving to the most stable).
|
What is ARP poisoning?
An attack that misleads computers or switches about the actual MAC address of a system.
|
What is BYOD?
A policy whereby employees are allowed to use their own smartphones and tablets to connection to the organization’s network.
|
What is password history?
An example of this would be an organization which keeps track of every user’s last 24 passwords and prevents users from reusing those passwords until they’ve used 24 new passwords.
|
What is a DMZ?
A buffered zone between a private network and the Internet.
|
What is a bollard?
Short vertical posts, often made of reinforced concrete and/or steel. Good a preventing a car from driving into a building.
|
What is polymorphic malware?
Malware that has the ability to mutate when it replicates or executes itself.
|
What is fuzzing?
A technique in which a computer program sends random data to an application, often in the hopes of finding a security vulnerability.
|
What is something you have?
A smart card would be an example of this type of authentication factor.
|
What is SSID broadcasting?
Turning this feature off will stop the casual user from seeing your wireless network.
|
What is ALE?
SLE X ARO.
|
What is SQL injection?
An attack in which specifically crafted input is given to a web application, resulting in a back-end database returning information.
|
What is a virtualized sandbox?
Before deploying a patch to the whole network, it may be useful to test it in one of these.
|
What is RADIUS?
A centralized method of authentication for multiple remote access servers. Its name is also a geometry term.
|
What is NAT?
A protocol that translates public IP addresses to private IP addresses and private addresses back to public.
|
What is RAID-1?
A system to provide fault tolerance for disks and increase the system availability. In this version, data written to one disk is also written to another disk (a process called mirroring).
|
What is a smurf attack?
An attack that spoof the source address of a directed broadcast ping packet to flood a victim with ping replies.
|
What is TPM?
A hardware chip on a computer’s motherboard that stored cryptographic keys used for encryption. Provides full disk encryption capabilities.
|
What is Kerberos?
A network authentication mechanism used within Windows Active Directory domains and some Unix environments known as realms. Relies on the issuing of tickets which are used for authentication.
|