Security+ F

what is Computer security act

requirement to develop security policies for computer systems that process confidential info

1 of 41

ISAC

Information sharing centre for industry threat intel

2 of 41

What is Threat Hunting used for?

used to scan without disruption

3 of 41

What is steganogrophy?

steganogrophy - obscures presence of a message to encode messages within tcp

4 of 41

What is homomorphic encryption and EKU?

homomorphic encryption - used to encrypt sensitive data sets like healthcare info

EKU - extended Key Usage - defines what a key does what apps its to be used for

5 of 41

What is IAM and what does it require?

IAM - identity access management ( logon using access card and PIN)

6 of 41

What is CER and what it is a measure of?

CER - crossover error rate (Biometrics when FER and FAR matchup) Shows accuracy

7 of 41

What is a TGT?

TGT - ticket granting ticket - provides info about client suchas name IP timestamp and how long valid for, uses session key

8 of 41

What is a data steward and data custodian ?

data steward - ensures data has correct labels and correct metadata
data custodian - enforces access control encryption and backup measures

9 of 41

What is IRM

IRM - microsoft information rights management - stops info being forwarded or printed (anything to do with microsoft products)

10 of 41

What is DAC, SAML, LDAP ?

DAC - Directory access control - who can assign permissions

SAML - exchange autehntication information

LDAP - works from most specific to least CN to DC ( Suchas cn=jude-DC=Live.MDU.Local)

11 of 41

What is discretionary access control?

discrecionary access control - most flexible weakest access control and assigned by only one use

12 of 41

What is active passive clustering?

active passive clustering - fault tolerance and consistent

13 of 41

What is session affinity and session persistence?

session affinity - once session established it remains with the node that started it

session persistence - uses cookie

14 of 41

What is TAP and SIEM used for ?

TAP - active or passive access point (passive is most redundancy resiliant - redirects traffic if security sys goes down

SIEM - agent based and collector for log collection - uses correlation to diagnose incidents - all local to host

15 of 41

Waht are these firewalls?
application firewall
appliance firewall
packetfiltering firewall

application firewall - stateful multilayer - analyses code present in HTTP Packets to see if it matches datbase
appliance firewall - just basic firewall

packetfiltering firewall - only allows minimum information inbound

16 of 41

What is ROT?

ROT - root of trust is validating boot and OS Sys files

17 of 41

Waht does Wrapper do?

wrapper - hides all contents only header viewable

18 of 41

Waht are these?
edescovery
forensics
carving
legal hold

edescovery - filtering evidence
forensics - court of law evidence gather
carving - retrieving deleted files
legal hold - information that must be preserved

19 of 41

What are the requirements for Live aquisition?

live aquisition requires specialist programs

20 of 41

Whats an audit logging service used for ?

audit loggin service - to capture attempted and successful intrusions historically

21 of 41

What is MTA?

MTA - message transfer agents handles transmission between email

22 of 41

What does serverless approach require?

serverless approach - need containerisation for performing tasks, needs event orchestration

23 of 41

How are FOG nodes adn edge gateway used for exfiltration?

fog node - used for exfiltration as close to edge
edge gateway used for exfiltration as on edge

24 of 41

What is REST?

REST - representational state transfer - sumbits requests as HTTP an dis looser framework, makes easier for computers to communicate

25 of 41

What is Stackoverflow?

stackoverflow - stack = return address overflow = changing

26 of 41

What is reverse shell?

reverseshell - linux based attack - victim open connection to host through remote shell

27 of 41

What is samesite
memoryleak
canonical

samesite - controls where cookies can be sent

memoryleak - allocated mem not cleared after use

canonical - trick input validation

28 of 41

What is a Runbook?

runbook - automate as many stages of the playbook as possibel

29 of 41

What is the purpose of asymmetric ?

asymmetric - slower but better

30 of 41

how long after publish period should certs be valid for ?

certs should only be valid for 1 or 2 hours longer than publish period

31 of 41

What does TLS3.1 do?

TLS1.3 removes ability to downgrade attack

32 of 41

What is MofN ?

MofN - amount of admins present to gain access must be more than 0 and highest without being over n is best

33 of 41

What are these two types of cypher?
stream cypher
block cypher
CTM block cypher

stream cypher - communications encrypted in flow
block cypher - padding if there is not enough info and enrypted at once not in a flow

CTM block cypher - allows to behave like stream cypher

34 of 41

What is teh difference in EOL and EOSL?

eol slow support

eosl stop support

35 of 41

What is config drift ?

configuration drift - service port changes leave a port open when not in use

36 of 41

What is COBO?

cobo - corp owned business only

37 of 41

What creates an airgap?

airgap - disconnecting system from network

38 of 41

What is Agile development?

agile development - usees iteration through smaller modules

39 of 41

What is persistence in hacking?

persistence - threat actors backdoor restarts if teh host reboots to let them back in

40 of 41

What is black adn whitebox?

blackbox - no inside info
whitebox - all inside info

41 of 41

Get Revising

Security+ F

Other cards in this set

Card 2

Front

Back

Card 3

Front

Back

Card 4

Front

Back

Card 5

Front

Back

Comments

Similar All resources:

Other cards in this set

Card 2

Front

Back

Card 3

Front

Back

Card 4

Front

Back

Card 5

Front

Back

Comments

Related discussions on The Student Room

Similar All resources: