


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
SECURITY PLUS STUDY MATERIAL SBOLC 18-006
Typology: Exams
1 / 4
This page cannot be seen from the preview
Don't miss anything!



Telnet - Answers- TCP PORT 23 SNMP (Simple Network Management Protocol) - Answers- UDP PORT 161, NetBIOS (Network Basic Input/Output System) - Answers- TCP/UDP PORT137, 139 SMB (Server Message Block) - Answers- TCP PORT 445 SLOGIN - Answers- TCP PORT 22 IPSec (Internet Protocol Security) - Answers- TCP/UDP PORT 500 TLS (Transport Layer Security) - Answers- TCP PORT 443 TACACS+ (Terminal Access Controller Access Control System) - Answers- TCP PORT 389,49,636, What are 4 security controls - Answers- Administrative Technical Operational Physical Some security controls are categorized by when they act. Four of them are - Answers- Preventative Detective Corrective Deterrent Steganography - Answers- Hiding secret information within an ordinary message Quantitative Risk Assesment - Answers- Uses actual numbers and figures to evaluate risk Qualitative Risk Assesment - Answers- Uses no concrete values, is judgement based, utilizes tables to access risk SLE (Single loss expectancy) - Answers- cost of any single loss SLE=Asset ValueExposure Facture ARO (Annualized Rate of Occurrence) - Answers- expected number of times the given loss may occur per year ALE (Annual Loss Expectancy) - Answers- ALE=SLEARO credentialed vulnerability scan - Answers- Special permission to do scans from inside as a user
victim's spoofed source IP are broadcast to a computer network using an IP broadcast address. Rainbow Tables - Answers- Pre-compiled Hash List Man-in-the-middle (MITM) attack - Answers- Attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other Evil Twin - Answers- Rogue access point used for Man in the Middle Attacks Asymmetric (2keys) - Answers- Diffie-Helman EL GAMAL E.C.C RSA Symmetric (1Key) - Answers- Cast 3DES 2FISH BlowFish RC4/5/ AES Idea DES Serpent XOR function - Answers- If same 0 If different 1 Stream Cipher - Answers- Symmetric, faster than block cipher (RC4) AH (Authentic Header) - Answers- Provides data integrity and source authentication ESP (Encapsulation Security Payload) - Answers- Provides integrity and confidentiality The two modes of IPsec operation - Answers- Tunneling and Transport DMZ - Answers- A security Boundary Fuzzing (Fuzz Testing) - Answers- Stress testing a system to see how it will respond by providing invalid, unexpected, or random data Time of Check to Time of Use/Race condition - Answers- A race condition or race hazard is the behavior of an electronics, software, or other system where the output is dependent on the sequence or timing of other uncontrollable events.