Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security Final

QuestionAnswer
What are the three parts of the Security Triad? Confidentiality, Integrity, Availability
What are the levels of security classification? Unclassified Sensitive Confidential Secret Top Secret
What are 7 security measures? Authentication, Anti-Virus Software, DMZ IDS/IPS, Logging, Physical Security, VPN
Name 3 Security Controls 1. Administrative (Policies and Procedures Governing, Technical, end-user) 2. Physical (Mechanical) 3. Technical (Hardware and Software)
Formula for managing risk Annualized Rate of Occurrence (ARO) Single Loss Expectancy (SLE) Asset Value (AV) Exposure Factor (percentage Destroyed - EF) SLE = AV x EF ALE=SLE x ARO
How to evaluate risk. 1. Threat -€“ External Danger 2. Vulnerability -€“ A weakness in the System 3. Exploit -€“ takes advantage of vulnerability 4. Probability -€“ Annualized Rate of Occurrence 5. Impact - Single Loss Expectancy
Risk net impact of exploitation of vulnerability
Vulnerability Testing Tools - Packet Analyzer Wireshark) - Network Scanner - Vulnerability Scanner (Nessus) - Password Cracker - Penetration Testing (Metasploit) - Data Mining (meatgo) - War Driving
Quantitative vs qualitative risk analysis Quantitative risk analysis uses a mathematical model. Qualitative risk analysis uses a scenario model. Risk management uses mechanisms to reduce risk.
4 ways of dealing with Risk 1.Risk Avoidance 2. Risk Acceptance 3. Risk Transfer 4. Risk Reduction
9 steps of Risk Assessment 1. System Characterization 2. Threat Identification 3. Vulnerability Identification 4. Control Analysis 5. Likelihood Determination (ARO) 6. Impact Analysis (EF) 7. Risk Determination SLE & ALE 8. Control Recommendations 9. Results Documentation
Systems Development Lifecycle (SDLC) Phases 1. Initiation 2. System Concept Development 3. Planning 4. Requirements Analysis 5. Design 6. Development 7. Integration and Test 8. Implementation 9. Operations and Maintenance 10. Disposition
Phase 1 - Initiation a. Security Categorization b. Preliminary Assessment
Phase 2 - Acquisition a. Cost Considerations b. Security Planning c. Testing
Phase 3 - Implementation a. Inspection b. Integration c. Certification d. Accreditation
Phase 4 - Operations a. Config mgmt and ctrl b. Continuous monitoring
Phase 5 - Disposition a. Information Preservation b. Media Sanitization c. Disposal
Principles of Operations Security 1. Separation of Duties a. Two Man control b. Dual Operator 2. Rotation of Duties 3. Trusted Recovery
Change and Configuration Conrol 1. Apply 2. Catalogue 3. Schedule 4. Implement 5. Report
Incident Handling 1. Preparation 2. Identification a. Event or incident 3. Containment 4. Eradication 5. Recovery 6. Documentation
Exploitation Steps 1. Reconnoiter 2. Exploit 3. Escalate 4. Download 5. Backdoor 6. Leverage
Standard ACLs filter source address only
Extended ACLs filter destination, ports, etc.
Dynamic ACLs Also known as lock and key ACL. Lock-and-key access allows you to set up dynamic access lists that grant access per user to a specific source/destination host through a user authentication process.
Time-based ACLs activate at specific times
Reflexive ACLs Reflexive access lists provide the ability to filter network traffic at a router, based on IP upper-layer protocol "session" information.
What are firewalls? Software or hardware set up in such a fashion so as to allow or prevent network communication over various ports or protocols.
What is an IDS An Intrusion Detection System. It can log malicious packets, but cannot take immediate action.
What is an IPS An Intrusion Protection system. It can identify malicious packets and can take immediate action
What is a True Positive It is when your firewall blocks and logs a malicious event as such. It worked as intended.
What is a False Positive It is when your firewall logs an even as potentially harmful and blocks it, even though it is not. It is a waste of resources
What is a True Negative It's when your firewall logs an actual harmless event as harmless and allows it. Nothing to see here
What is a False negative Worst case scenario, it's when your firewall logs something as safe and allows it, but it is really malicious.
What is a Honeypot a decoy system (IPS) Lures and traps hackers Can distract and confuse attackers Can log attacks in detail Can collect data on attackers
What are Proxies (IPS) Forward – pass internal requests out Open – pass requests anywhere Reverse – pass requests from Internet
What is Cryptography study of code and ciphers
What is Cryptoanalysis how to break codes and ciphers
What is Sigint Intelligence from interception of signals
What is Comint Communications Intelligence
What is Elint Electronics Intelligence
What is DES? Data Encryption Standard
What is AES? Advanced Encryption Standard
What are the goals of Encryption? 1. Confidentiality 2. Data Integrity 3. Authentication 4. Non-Repudiation
What is a Cipher Encrypts and decrypts
What is Encryption convert plain text to ciphertext
What is Decryption Convert ciphertext to plain text
What is Symmetric Encryption Same key is used to encrypt and decrypt msg
What is Asymmetric Encryption Receiver has private key, receives public key from sender.
What are the characteristics of DES Symmetric 64-bit block 56-bit key strength
How does Triple-DES work 1. Sender Encrypts Key A 2. Sender Decrypts key B 3. Sender Encrypts Key C 4. Cipher text 5. Receiver Decrypts Key C 6. Receiver Encrypts Key B 7. Receiver Encrypts Key A 8. Plain Text
What are three common Encryption Methods 1. Rotation 2. Substitution 3. Permutation
What are 4 DES Modes 1. ECB (Electronic Code Book) 2. Cipher Block Chaining (CBC) 3. Cipher Feedback (CFB) 4. Output Feedback (OFB)
What is RSA? It's one of the first public key cryptosystems. Its names is based on its three inventors - Rivest, Shamir, Adleman
What is Steganography Steganography conceals data in a carrier medium
What is Null Cipher A method of steganography where a message hidden in the body
What is Injection A method of steganography where data is hidden in unused part of file
What is Substitution A method of steganography where non-critical data is replaced
What are 4 Means of Authentication 1. Something you know 2. Something you have 3. Something you are 4. Something you do
What are some means of exploiting Password Vulnerability 1. Offline Dictionary attack 2. Specific Account attack 3. Popular password attack 4. Password guessing 5. Workstation hijacking 6. Exploiting user mistakes 7. Exploiting multiple password use 8. Electronic monitoring
What are four password protection techniques 1. User education 2. Computer generated passwords 3. Reactive password checking 4. Proactive password checking
What are two examples of Token-based authentication 1. Memory cards 2. Smart Cards
Principles of access control 1. Authentication 2. Authorization 3. Audit
Policies for access control 1. Discretionary Access Control (DAC) 2. Mandatory Access Control (MAC) 3. Role-based Access Control (RBAC)
What is Discretionary Access Control (DAC) Controls access based on the identity of the requestor and on access rules. Discretionary because one person can set permissions.
What is Mandatory Access Control (MAC) Controls access based on comparing security labels with security clearances.
What is Role-based Access Control (RBAC) Controls access based on roles that users have within the system and on rules stating what accesses are allowed users in given rules.
Which iptables rule would generate a destination unreachable error? iptables –A FORWARD –s 0/0 –d 0/0 –j REJECT
Standards for protocols and associated information are first published in? RFCs
ICMP protocol is specifically designed to do what? Check & report on network error conditions
What is an example of egress filtering? Only allowing traffic to leave you network with a source IP in your company's IP range
Which vulnerability is considered the hardest to harden against? The human element
In security environments, Authorization means Using your identity to assign access rights
It is possible to capture packets from the network that are not destined for your machine. True
During a packet capture, you notice a couple of TCP packets with the “F” flag and some “A” flags. What is likely going on? A TCP/IP session shutdown process
Which of the following devices are likely to be found at the network perimeter? "Firewall" "Border Router" "Remote Access Gateway" VLAN Switch Protected Web Servers
TCP has ___ states 11
Based on the packet capture code below, what network protocol is being used? 4500 0064 0000 4000 40"01" b755 c0a8 0101 ICMP
The loss or omission of one of the goals of security is known as: A compromise
Which of the following tools will help you determine which services are running on a port? Ping Nmap "Nessus" Traceroute Nslookup
A stateful inspection firewall creates a ___ to track history for each communication. State Table
Which one of the following software tools are not considered to be a packet sniffer? "Ping" Snort "Nmap" Ethereal Tcpdump
An ___ is to detection what an ___ is to protection. IDS, IPS
Which of the following statements about packet filtering routers is FALSE? Can examine ports Can examine flags "Can examine protocol commands" Can examine addresses None of the above answers are true
Packet sniffing is a form of Passive reconnaissance
___ is a mechanism to verify identity prior to allowing access to protected resources. Access control
Computer A wishes to open a TCP session with Computer B. If Computer A's initial sequence number is 145678913, then Computer B will respond with: An initial sequence number of its own and an acknowledgement number of 145678914
The Data ____ is the person having responsibility and authority for data, while the Data ___ is the entity temporarily accessing and/or modifying the data. Owner, Custodian
Passwords are considered to be the most common security weakness. True
When referring to firewalls, the word chains means: A set of rules created for a specific type/direction of traffic
A proxy server is responsible for: Making information requests to the outside world as if it was you doing it
The DoD Trusted Computer Evaluation Criteria is also known as: The Orange Book
A ___ attack does not involve the end-user in the attack, while in a ___ attack there is an actual active victim to the attack. Spoofing, Hijacking
Based on the packet capture code below, what protocol is being used? "45"00 0064 0000 4000 4001 b755 c0a8 0101 TCP ICMP UDP ARP "None of the above"
Which of the following is not an Access Control mechanism? Photo ID Biometrics RFID Passwords "They are all Access Control mechanisms"
When talking about O/S passwords, a “salt” refers to: The random bits used as part of the input for encrypting the password
A ___ outlines specific requirements or rules that must be met. Policy
Each TCP connection is uniquely identified by: A. Source and Destination IP B. Source and Destination Port C. Sequence Number D. Connection Number "A & B only"
Which of the following is not an Access Control Protocol? CHAP SSL PAP "TCP" 802.11x
This tool is considered to be a port sniffer/mapper, but not a vulnerability scanner. NMap
Which of the following is not one of the Security Goals? Security "Accountability" Ease of Use Functionality They are all Security Goals
Stateful Inspection Firewalls can examine all layer 4 information in the packet and application level commands. False
Scanning network traffic using a sniffer is not considered an infraction in Canadian Law. False
In the CIA Triad, ____ is responsible for ensuring that legitimate users maintain access to information and resources they need access to. Availability
Which one of the following is NOT a fundamental principle of the Computer Security Triad? Confidentiality Integrity Availability "Disclosure" Accountability
Decoding captured packets DESTINATION MAC (6 bytes), SOURCE MAC (6 bytes)
Created by: evilfrosty