Security+ F

?
  • Created by: Jude1819
  • Created on: 18-11-23 14:06
what is Computer security act
requirement to develop security policies for computer systems that process confidential info
1 of 41
ISAC
Information sharing centre for industry threat intel
2 of 41
What is Threat Hunting used for?
used to scan without disruption
3 of 41
What is steganogrophy?
steganogrophy - obscures presence of a message to encode messages within tcp
4 of 41
What is homomorphic encryption and EKU?
homomorphic encryption - used to encrypt sensitive data sets like healthcare info

EKU - extended Key Usage - defines what a key does what apps its to be used for
5 of 41
What is IAM and what does it require?
IAM - identity access management ( logon using access card and PIN)
6 of 41
What is CER and what it is a measure of?
CER - crossover error rate (Biometrics when FER and FAR matchup) Shows accuracy
7 of 41
What is a TGT?
TGT - ticket granting ticket - provides info about client suchas name IP timestamp and how long valid for, uses session key
8 of 41
What is a data steward and data custodian ?
data steward - ensures data has correct labels and correct metadata
data custodian - enforces access control encryption and backup measures
9 of 41
What is IRM
IRM - microsoft information rights management - stops info being forwarded or printed (anything to do with microsoft products)
10 of 41
What is DAC, SAML, LDAP ?
DAC - Directory access control - who can assign permissions

SAML - exchange autehntication information

LDAP - works from most specific to least CN to DC ( Suchas cn=jude-DC=Live.MDU.Local)
11 of 41
What is discretionary access control?
discrecionary access control - most flexible weakest access control and assigned by only one use
12 of 41
What is active passive clustering?
active passive clustering - fault tolerance and consistent
13 of 41
What is session affinity and session persistence?
session affinity - once session established it remains with the node that started it

session persistence - uses cookie
14 of 41
What is TAP and SIEM used for ?
TAP - active or passive access point (passive is most redundancy resiliant - redirects traffic if security sys goes down

SIEM - agent based and collector for log collection - uses correlation to diagnose incidents - all local to host
15 of 41
Waht are these firewalls?
application firewall
appliance firewall
packetfiltering firewall
application firewall - stateful multilayer - analyses code present in HTTP Packets to see if it matches datbase
appliance firewall - just basic firewall

packetfiltering firewall - only allows minimum information inbound
16 of 41
What is ROT?
ROT - root of trust is validating boot and OS Sys files
17 of 41
Waht does Wrapper do?
wrapper - hides all contents only header viewable
18 of 41
Waht are these?
edescovery
forensics
carving
legal hold
edescovery - filtering evidence
forensics - court of law evidence gather
carving - retrieving deleted files
legal hold - information that must be preserved
19 of 41
What are the requirements for Live aquisition?
live aquisition requires specialist programs
20 of 41
Whats an audit logging service used for ?
audit loggin service - to capture attempted and successful intrusions historically
21 of 41
What is MTA?
MTA - message transfer agents handles transmission between email
22 of 41
What does serverless approach require?
serverless approach - need containerisation for performing tasks, needs event orchestration
23 of 41
How are FOG nodes adn edge gateway used for exfiltration?
fog node - used for exfiltration as close to edge
edge gateway used for exfiltration as on edge
24 of 41
What is REST?
REST - representational state transfer - sumbits requests as HTTP an dis looser framework, makes easier for computers to communicate
25 of 41
What is Stackoverflow?
stackoverflow - stack = return address overflow = changing
26 of 41
What is reverse shell?
reverseshell - linux based attack - victim open connection to host through remote shell
27 of 41
What is samesite
memoryleak
canonical
samesite - controls where cookies can be sent

memoryleak - allocated mem not cleared after use

canonical - trick input validation
28 of 41
What is a Runbook?
runbook - automate as many stages of the playbook as possibel
29 of 41
What is the purpose of asymmetric ?
asymmetric - slower but better
30 of 41
how long after publish period should certs be valid for ?
certs should only be valid for 1 or 2 hours longer than publish period
31 of 41
What does TLS3.1 do?
TLS1.3 removes ability to downgrade attack
32 of 41
What is MofN ?
MofN - amount of admins present to gain access must be more than 0 and highest without being over n is best
33 of 41
What are these two types of cypher?
stream cypher
block cypher
CTM block cypher
stream cypher - communications encrypted in flow
block cypher - padding if there is not enough info and enrypted at once not in a flow

CTM block cypher - allows to behave like stream cypher
34 of 41
What is teh difference in EOL and EOSL?
eol slow support

eosl stop support
35 of 41
What is config drift ?
configuration drift - service port changes leave a port open when not in use
36 of 41
What is COBO?
cobo - corp owned business only
37 of 41
What creates an airgap?
airgap - disconnecting system from network
38 of 41
What is Agile development?
agile development - usees iteration through smaller modules
39 of 41
What is persistence in hacking?
persistence - threat actors backdoor restarts if teh host reboots to let them back in
40 of 41
What is black adn whitebox?
blackbox - no inside info
whitebox - all inside info
41 of 41

Other cards in this set

Card 2

Front

ISAC

Back

Information sharing centre for industry threat intel

Card 3

Front

What is Threat Hunting used for?

Back

Preview of the front of card 3

Card 4

Front

What is steganogrophy?

Back

Preview of the front of card 4

Card 5

Front

What is homomorphic encryption and EKU?

Back

Preview of the front of card 5
View more cards

Comments

No comments have yet been made

Similar All resources:

See all All resources »See all secuirty+ resources »