Computers & Pubs
Name all the major components of a client.
Motherboard, CPU, PSU, GPU, RAM, ROM, Storage
What are 2 advantages of virtualization?
Cost reduction, minimizes downtime, productivity increase, flexible, and scalable
What is the use of coding systems to encrypt and decrypt information?
Cryptography
What is the difference between Events and Incidents?
Events are observable occurrences. Incidents are occurrences that could potentially jeopardize the CIA triad.
Name one of the four computer ethics discussed in class.
Use Government Systems Responsibly, Protect Information, Respect Intellectual Property, be Professional Online
List at least three of the five parts of the physical structure of Active Directory.
Sites, Domain Controller, Global Catalog Server, Clients, and Servers
What are the two types of Hypervisors?
Bare Metal and Hosted
What are the two types of Network Access Control software?
Agent-based and Agentless
Explain the difference between the Cyber Incident Report and the Network Intelligence Report.
Name 2 ways to be safe when using the supply chain to purchase resources.
Check the Approved Product List, talk to resource advisor, BECO, contracting squadron, check 3rd part security policies.
What is the difference between DODI and DODM?
DODI establishes policy, DODM implements policy.
Name all the Active Directory Logical structure and identify which one encompasses everything.
Forest***, Tree, Domain, Organizational Unit, Objects
Name 3 threats from the STRIDE framework.
Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege
Name the 3 of the 4 members on the Computer Incident Response Team (CIRT).
Team leader, Technical Specialist, Documentation Specialist, Legal Advisor
What do you place in the DMZ?
Any servers from the private that need to be reached by the public.
What are the two types of CPU modes?
User and Kernel
How does the DHCP server communicate to the client?
Discover, Offer, Request, Acknowledge
Name the three types of firewalls. Which one can read packet contents?
Packet filtering, Stateful, Application-Layer/Next Gen
Next Gen
List at least 3 of the 5 steps in the Incident Analysis step.
1. Gather Information
2. Validate The Incident
3. Determine The Operational Impact
4. Coordinate
5. Determine Reporting Requirements
Name all 5 of the authentication factors. Give me an example of 1.
Something You Know, Something You Have, Something You Are, Somewhere You Are, Something You Do
List the order of the Boot Process. List the two steps that happen in any one of the steps.
1. BIOS (Run post and look for bootable device) 2. Boot Loader (put instructions from MBR into CPU, load them into RAM) 3. Kernel (Load Registry and Drivers, control is handed over)
Pick a part the sections that create www.facebook.com/profile and label them.
www - subdomain
facebook - domain name
.com - top-level domain
/profile - filepath
What are the two types of Intrusion controls? Where can the be based?
IDS and IPS
Host-Based or Network-Based
List at least 4 of the 6 steps in the Incident Handling Process.
1. detection and Reporting 2. Preliminary Analysis and ID 3. Preliminary Response Actions 4. Incident Analysis 5. Response and Recovery 6. Post-Incident Analysis
Name the 3 core disciplines of Information Protection.
Personnel Security, Industrial Security, Information Security