Download D483- CySA Exam Questions and Complete Solutions Graded A+ and more Exams Business Management and Analysis in PDF only on Docsity!
D483- CySA Exam Questions and
Complete Solutions Graded A+
NAC (Network Access Control) - Answer: Prevents people from gaining access until they have gone through a specific authentication method IDOR (Insecure Direct Object Reference) - Answer: cybersecurity issue that occurs when web app developers uses an identifier for direct access to an internal implementation. Ex. Google.com/userID- Google.com/userID- Base 64 - Answer: Most common format attackers use to obfuscate their malicious code, EX.273218e98bd Cyber Kill Chain - Answer: A systematic outline of the steps of a cyberattack, introduced at Lockheed Martin in 2011. MITRE ATT&CK Framework - Answer: A knowledge base maintained by the MITRE Corporation for listing and explaining specific adversary tactics, techniques, and common knowledge or procedures (TTP). Passive Scanning - Answer: Type of scanning describes indirect methods of assessment such as inspecting flow of traffic and protocols. ScoutSuite - Answer: A cloud security auditing tool that can work across commonly used cloud environments.
OWASP (Open Web Application Security Project) - Answer: Is an online community dedicated to web application security. This community works to create freely-available articles, methodologies, documentation, tools, and technologies that include web application flaws and a way to address and correct them. JSON - Answer: JSON is better than XML it is able to process large data sets. OSSTMM (Open Source Security Testing Methodology Manual) - Answer: provides comprehensive framework for testing the security of software systems. It includes identifying system-assets, threat models, vulnerability assessment. ZAP - Answer: widely used open source web application. Diamond Model of Intrusion Analysis - Answer: A framework for analyzing cybersecurity incidents and intrusions by exploring the relationships between four core features: adversary, capability, infrastructure, and victim Output encoding - Answer: primary defensive techniques against cross site scripting (XSS). By ensuring that user input displayed on a web page is treated as data rather than executable code, output encoding prevents the executions of malicious steps Fuzzing - Answer: Injection of randomized data into a software program in an attempt to find system failures, memory leaks, error handling issues, and improper input validation Single Glass of Pane - Answer: A central point of access for all the information, tools, and systems. Data Enrichment - Answer: The process of incorporating new updates and information to an organization's existing database to improve accuracy.
Blinding Attack - Answer: A condition that occurs when a firewall is under-resourced and cannot log data fast enough, therefore some data is missed Screened Subnet - Answer: a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted network like the Internet Firewalking - Answer: Reconnaissance technique to enumerate firewall configuration and attempt to probe hosts behind it. Egress filtering - Answer: Applies ACL rules to outgoing traffic to prevent malware from communicating to C2 servers Dark Nets - Answer: Unused physical network ports or unused IP address space within a local network often used by attackers Forward Proxy - Answer: A server that mediates the communications between a client and another server, can filter or modify communications, and provides caching services to improve performance Snort (snort.org) - Answer: An open-source software available for Windows and selected Linux distributions that can operate as an IDS or IPS mode Zeek (zeek.org) - Answer: An open-source IDS for UNIX/Linux platforms that contains a scripting engine which can be used to act on significant events (notices) by generating an alert or implementing some sort of shunning mechanism Security Onion (securityonion.net) - Answer: An open-source Linux-based platform for security monitoring, incident response, and threat hunting that It bundles Snort, Suricata, Zeek, Wireshark, and NetworkMiner with log management and incident management tools
Port Security - Answer: the blocking of unauthorized application service ports on hosts and firewalls, or the physical and remote access ports used to allow a host to communicate on the local network Sender Policy Framework (SPF) - Answer: DNS record identifying hosts authorized to send mail for the domain. DomainKeys Identified Mail (DKIM) - Answer: Provides a cryptographic authentication mechanism for mail utilizing a public key published as a DNS record Domain-based Message Authentication, Reporting and Conformance (DMARC) - Answer: A framework for ensuring proper application of SPF and DKIM utilizing a policy published as a DNS Record. Secure Multipurpose Internet Mail Extensions (S/MIME) - Answer: An email encryption standard that adds digital signature and public key cryptography to traditional MIME communications Common Vulnerability Scoring System (CVSS) - Answer: A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information. Server-Side Forgery Request - Answer: Is a security vulnerability where an attacker tricks a web application into sending malicious http requests to an internal or external network resource that trust the web application. Cross-Site Scripting (XSS) - Answer: A web application vulnerability. Attackers embed malicious HTML or JavaScript code into a web site's code, which executes when a user visits the site.
