Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CySA+ Exam Study Guide Quiz with Correct Answers., Exams of Computer Science

CySA+ExamStudyGuideQuizwithCorrect Answers. DNS Sinkhole - > Provide a response to a DNS query that does not resolve the IP address.. Instead targets the addresses for known malicious domains Role-Based access control (RBAC) - > grants permissions based on a user's role or group. Reverse Engineering - > the process of decontructing something in order to discover its features and constituents Banner grabbing - > used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network.

Typology: Exams

2023/2024

Available from 11/12/2024

Joejoski
Joejoski 🇺🇸

3.9

(37)

1.5K documents

1 / 12

Toggle sidebar

Related documents


Partial preview of the text

Download CySA+ Exam Study Guide Quiz with Correct Answers. and more Exams Computer Science in PDF only on Docsity!

CySA+ Exam Study Guide Quiz with Correct

Answers.

DNS Sinkhole - > Provide a response to a DNS query that does not resolve the IP address.. Instead targets the addresses for known malicious domains Role-Based access control (RBAC) - > grants permissions based on a user's role or group. Reverse Engineering - > the process of decontructing something in order to discover its features and constituents Banner grabbing - > used to gain information about a computer system on a network and the services running on its open ports. Administrators can use this to take inventory of the systems and services on their network. Cross-site scripting XSS - > a vulnerability in a web application that allows malicious users to execute arbitrary client side scripts. Forensic Acquisition - > The process of extracting the digital contents from seized evidence so that they may be analyzed Fuzzing - > techniqued used to discover flaws and vulnerabilities in software by sending large amounts of malformed, unexpected, or random data to the target programs in order to trigger failures Netstat - > command-line interface tool that provides information on the status of network connections and listening sockets Input validation - > an approach to protecting systems from abnormal user input by testing the data provided against appropriate values. (cha p 14) Interception Proxy - > is a software tool that is inserted between two endpoints usually on the same network. to monitor traffic and help with security testing.

SQL injection - > A code injection technique that exploits security vulnerabilities in the DB layer of an application. Application Programing Interface - > a set of subroutine definitions, protocols, and tools for building software. In general terms, it is a set of clearly defined methods of communication between various components. types of NAC policy? - > 1. location based 2 time based 3 Role Based 4 rule based a padded cell - > performs intrusion isolation

  • after detection, intruder is automatically transferred here, which resembles a real environment but is fake and attacker cannot perform any dangerous activities
  • admin's can gather evidence here A system that waits for an IDS to detect an attacker and then transfers the attacker to a special host where he or she cannot do any damage to the production environment. firewalking - > The concept of walking a firewall ACL or ruleset to determine what it filters and how. Armitage - > gives you the users interface ARP Spoofing - > Forging a MAC address in ARP messages. An attacker sends false ARP information that contains the MAC address of the attacker's computer mapped to the IP of a legitimate server, causing client to connect to attacker's PC. or ARP poisoning, is a technique used by an attacker to,inject the wrong MAC address association into a network by issuing fake ARP requests. An attacker forges the MAC address of a device and then frames can be sent to the wrong destination. brute force attack - > An attack on passwords or encryption that tries every possible password or encryption key. NIST - > National Institute of Standards and Technology

Cyber-security Framework - > divided in to three components:

  • Frame work Core
  • Implementation Tiers
  • Frame Work Profile Methods to validate a vulnerabilty scan - > 1. repeat the scan with a different scanner
  1. Review logs
  2. compare to the base line
  3. repeat the scan with the same scanner MAC Limiting mitigates - > 1. Flooding attacks
  4. ARP spoofing Sanitize the Media - > prep step before writing to the suspect drive Untidy aka Peach - > Fuzzer solutions ideal for XML appls Easier to filter - > Advantage of NMAP 'grepable" output format Grep - > command for running a regular expression to search for a particular string. ways to perform DNS Harvesting - > Whois nslookup dig ping three approaches to pen testing - > 1. Perform application-specific testing
  5. Test from outside the perimeter to inside the perimeter
  6. Simulate inside attacker and attacks XSS - > a type of injection in which malicious scripts are injected into otherwise benign and trusted web sites.

Three security controls according to Comptia - > 1. Administrative

  1. Logical
  2. Physical Site survey - > reports radio spectrum usage rather than capture packets to help discover a rogue WAP Remote Access Trojan - > software that gives an adversary covert remote control of a host. documentation called out to support forensic investigations - > Incident Form Chain of Custody form Incident response plan different forensics tools - > SIFT (SANS Investigative Forensics Toolkit) P2 eXplorer CAINE (Computer Aided INvestigative Environment.) Course of Action Matrix - > maps the controls available to each type of function to adversary tools and tactics. Computer security division - > Division of NIST responsible for issuing Federal Processing Standards. Netflow - > protocol tool used on Cisco proprietary net work to collect and distribute IP traffic statistics Special Publications 800 - 53 - > defacto standard for IT Security Guidance is NIST.. NIST issues Federal Information Processing Standards and advisory guides that are called Celebrite - > forensics tool is particularly suited to analysis of data on mobile devices Trend Analysis - > type of analysis assesses threat levels with regard to historical information?

FIPS 200 and NIST Special Pub 800 - 53 - > approves cryptographic modules three common SDLC Lifecycles - > 1. Waterfall

  1. Agile
  2. Maturity Model SMART objective - > Specific, Measurable, Agreed Upon, Realistic, Timely Specify IP Range Specify Target IP - > how a scan scope is most likely to be configured in most network analysis tools.
  3. update heuristics baselines
  4. remove non-appicable - > What you can do to reduce a high number of false positives when performing vulnerability scanning File format Protocol Application user interface - > Three main types of fuzzer Nexpose - > Vulnerability Scanner whose principal advantage is close integration with Metasploit, allowing for active testing of active discovered vulnerabilities FIPS 200 and NIST Special Pub 800 - 53 - > Security controls are defined by Lipcap on Linux Wincap on Windows - > API that facilitates packet capture on Linux and Widows Padded cell - > Honey pot that has been protected so that it can be easily compromised. Honey Net - > network set up with intentional vulnerabilities; its purpose is to invite attack, so that an attacker's activities and methods can be studied Air Gap - > type of system isolation ensures that the host is physically disconnected from any network

Service Level Agreement - > may specify maximum downtime periods or the minimum uptime guarantees generally for a service such as IaaS Virtual Machines Social media profiling - > A hacker could use Facebook to exploit a company or its customers, employees or followers. What is this method of hacking called? Azure - > Microsoft tool for enforcing Data Execution Protection and other anti-malware CPU features Blackhole VS. Sinkhole - > a blackhole simply drops traffic while a sinkhole routes traffic to a different network Blackhole - > Drops traffic Sinkhole - > routes traffic to a different network Dictionary attack - > attempt to match the hash to a common dictionary word Compile word lists from data known about the target Password dumps show that millions of users choose the same unsecure words or phrases (123456) Rainbow tables speed this up by precomputing hashes Schneir's Law - > A system architect is not necessarily best placed to assert the robustness of the security system they designed. Penetration is a different skillset and area of expertise to design so scrutiny that is independent of the architecture team is usually advisable. How do you run a specific Nmap script or category of scripts? - > --script argument with the script name or path or category name Dranzer - > tool that enables uses to examine effective techiques for fuzz testing ActiveX controls https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=

  1. SECaaS cloud provider 2..Contracting a managed security service provider.
  2. Using individual consults - > the three general levels of security outsourcing

Packet Injection - > Using software to write packets directly to the network stream, often to spoof or disrupt legitimate traffic. Wise Betetch Device - > High-end workstation required to process image files. Connectivity for different drive adapter types plus associated cables High capacity disk or SAN for evidence storage Sanitized removable media Hardened security configuration (no or highly restricted Internet access) Image acquisition appliances. Best means of protecting session cookies - > 1. Use encrypted HTTPS only

  1. Restrict the use of cookies i the application path. Radius Server and LDAP - > Types of service that should be enabled to alow remote access and the ability to authenticate with a central server that is unix based that can provide AAA capabilities. Likelihood and Impact - > Principal factors in calculating risk according to Comptia 6 phases of the Kill Chain - > 1. Planning,
  2. reconnaissance
  3. Weaponization/ Exploitation
  4. Lateral Movement. / discovery
  5. Data exfiltration
  6. re treat? PKI (public Key Infrastructure encryption - > issuing hosts and signing executable code with digital certificates Snort and Bro - > two widely used open source NIDS Jump Box - > A host between two firewalls a computer that serves as a jumping off point for external users to access parts of a network.

ARP spooling , ARP cache poising routing, or ARP poison routing. - > is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. ... ARP spoofing may allow an attacker to intercept data frames on a network, modify the traffic, or stop all traffic. What is the principal challenge in scanning UDP ports for vulnerabilities. - > UDP does not send ACK messages so the scan must use timeouts to interpret the port state. This makes scanning a wide range of UDP ports a lengthy process Snort - > Your company is looking for a tool that could be used for network intrusion detection. Which of the following tools is used for that purpose? Armitage - > helps security professions better understand hacking and help them realize the power and potential of Metasploit. Rooting - > the process of gaining "root access" to a device. This is generally performed on Android devices, but rooting can also occur on other devices based on Linux, such as Nokia's now-retired Symbian operating system. Horozontal brute force attack - > Selecting obvious password and attempting to crack them using multiple usernames 5 scope of impact factors governing incident prioritization - > 1. Recovery Time

  1. Data integrity
  2. Downtime
  3. web search
  4. website ripping
  5. email harvesting.
  6. Social media harvesing
  7. DNS harvesting. - > Tools to perform environmental reconnaissance Framework Profile - > Part of the NIST cyber security Framework used to provide a statement of current cybersecurity outcomes

Three parts of the NIST Cybersecurity Framework - > 1.Frame work profiles

  1. Implemation Tiers
  2. Framework Profiles Microsoft Baseline security Analyzer identifies? - > 1. Configuration errors.
  3. Patch status.
  4. Administrative vulnerabilities. Palo Alto Next Gen Firewall - > uses intelligence to find and attach to threat feeds. helps to mitigate the vulnerabilities of zero day attacks. Data retention policay - > type of policy governs management of backup and archiving
  • Configuration Errors
  • Patch Status
  • Administrative Vulnerabilities - > types of concerns identified by the Microsoft Baseline Security Analyzer. Beaconing - > a periodical outbound connection between a compromised computer and an external controller. detected by periodicity and destination. Lateral movement - > the process by which attackers compromise additional hosts within a network after havein established a foothold in one. generation, duration, use - > main elements in most password policies Controls - > Put in to place to reduce the risk an organization faces. Three main flavors: administrative, technical and physical. Adminitrative Controls - > Security mechanisms implemented by Information Technology Infrastructure Libary - > de facto standard of best practices of IT service management

Cyber Security Framework (CSF) EO 13636 - > calls for the development of a voluntary cybersecurity framework for organizations that are a part of the critical infrastructure. composed of :

  1. Framework Core
  2. Implementation Tiers
  3. Framework Profile. - > Cyber Security Framework (CSF) EO 13636 composed of vulnerability scanners - > QualysGuard Nessus OpenVAS Nexpose Nikto Microsoft Baseline Security Analyzer DevSecOps - > Decribes the intergration of security, operations, and software development functional areas. A mindset that "everyone is responsible for security" with the goal of safely distributing security decisions at speed and scale to those who hold the highest level of context without sacrificing the safety required. TCP streaming of data: - > data is read as a byte stream, no distinguishing indications are transmitted to signal message (segment) boundaries. TCP streams - > allows reconstruction of TCP conversation between two hosts. and sequence of events Fingerprinting - > used in tools such as nmap to determine which type of os is running on the target system. scan requirements - > The first thing you should identify when designing a vulnerability management program.

site: - > this operator will restrict the search results to the specific domain or site for your target network or organization. Trusted foundry - > a hardware manufacturer that produces trusted hardware that is not considered conterfeit or has not been tampered with. Next Generation Firewall - > includes not only feature of other firewalls, but also advanced features such as AD integration, IDS/IPS functions, proxy server functions, whitelisting, and many other features. heuristic analysis - > looks at how a piece of code behaves in its environment to determine whether or not it is malicious SCAP - > the standardized format for vulnerabilities, exposures, compliance, and other security-related data. a low and slow approach - > used to ex filtrate data during periods of high bandwidth usage. TCP PORT 514 - > check to see if this is open on the firewall if you are having problems colecting logs using sysdogd. ISO/IEC 27002:2013 - > Provides guidelines for organizational information, security standards, and information security management practices, including the selection, implementation, and management of controls, taking into consideration the organization's information security risk environment. Authenticated scan - > requires credentials. you must be authenticated to a host in order for the scan to properly work.

  1. Loss of revenue.
  2. Loss of availability.
  3. Loss of integrity.
  4. Loss of confidentiality.
  5. Loss of an asset. - > factors that contribute to the scope of impact.

ISO/IEC 27001 - > addresses vulnerability management under control number A.12.6. permit tcp any host 10.1.1.5 host 172.16.1.5 eq ssh - > acl entry that allows traffic from 10.1.1.5 to 172.16.1.5 on port 22 a federal statute requireing that data be protected to a certain level. - > an example of the regulatory environment affecting any information security management program.

  1. Typing patterns.
  2. Time.
  3. Location data. - > examples of context-based authentication SCAP 3 - > method of using open standards, called components, to identify software flaws and configuration issues. SCAP - > A method with automated vulnerability management, measurement, and policy compliance evaluation tools Risk Appetite - > The degree of uncertainty an entity is willing to take on, in anticipation of a reward. Nikto - > web server vulnerability scanner with only a command-line interface. When prioritizing the remediation of vulnerabilities, consider : - > 1. Criticality.
  4. Difficulty of implementation.
  5. Common Vulnerability Scoring System (CVSS). Two primary components of risk analysis? - > 1. Criticality.
  6. Probability. Live-fire exercise (LFX) - > participants are defending real or simulated information systems against real (through