Defense in Depth
This principle ensures that users only have the minimum access required to perform their job.
What is Principle of Least Privilege?
Type of encryption algorithm in which the encryption key is the same as the decryption key
What is Symmetric encryption?
What severity level in syslog is classified as an emergency?
What is level 0?
The 3rd phase of the incident response?
What is containment?
This type of malware disguises itself as legitimate software to gain unauthorized access to a system.
What is a Trojan?
This type of security control detects and blocks malicious traffic before it enters the internal network.
What is an Intrusion Prevention System (IPS)?
This asymmetric encryption algorithm is widely used for secure data transmission online.
What is RSA?
A log analysis technique that detects anomalies based on predefined patterns.
What is Signature-Based Detection?
The principle that assumes a network is always at risk and requires continuous verification.
What is Zero-Trust?
This type of attack involves intercepting and altering communications between two parties.
What is Man In The Middle Attack?
This security mechanism isolates network segments to limit access between different areas.
What is Network Segmentation?
This hashing algorithm was deprecated due to vulnerabilities but was commonly used in older systems.
What is MD5?
This type of log records user access attempts, including successful and failed logins.
What is an Authentication Log?
More expensive to implement than symmetric algorithms.
What are Asymmetric Algorithms?
This type of attack targets the domain name system (DNS) to redirect traffic to malicious websites.
What is a DNS spoofing attack?
A security mechanism that isolates applications or processes to limit their impact if compromised.
What is Sandboxing?
A cryptographic attack where the attacker finds two different inputs that produce the same hash value.
What is a Collision Attack?
This method of threat detection identifies unusual patterns in system behavior rather than relying on known attack signatures.
This attack exploits the trust relationship between two systems, allowing attackers to send unauthorized requests or commands.
What is a cross-site request forgery (CSRF)?
This type of attack occurs when data overwrites adjacent memory, potentially allowing an attacker to execute arbitrary code.
What is a buffer overflow attack?
This security approach ensures that even if one layer of defense fails, additional controls are in place to mitigate the risk.
What is defense-in-depth?
A cryptographic protocol used to securely exchange keys over an insecure channel.
What is Diffie-Hellman?
This logging mechanism ensures that logs cannot be altered or deleted, preserving their integrity for forensic analysis.
What is WORM storage?
What is write-once, read-many (WORM) storage?
A security measure designed to help protect sensitive information by restricting access based on a user's role or need-to-know basis.
What is Role-Based Access Control (RBAC)?
A sophisticated attack where malicious software hides its presence by altering its code or behavior to avoid detection by antivirus software.
What is a polymorphic virus?