General Security Concepts
What is PKI and what does it do?
Public key infrastructure; PKI exists to ensure trust across networks with the use of Certificate Authorities & public key encryption.
What is Shadow IT?
Shadow IT is when users use their own IT solutions that are not known or approved by their organization.
What is Iac (infrastructure as code)?
Use of code to deploy resources (typically in a cloud environment)
What is a SIEM & what does a SIEM do?
Security Information & Event Management. Aggregates security logs in a single location for analysis.
What is an AUP?
Acceptable Use Policy -- Defines what is acceptable use of systems within an organization.
What is the difference between symmetric & asymmetric encryption?
Symmetric uses 1 key -- asymmetric uses 2 keys (public & private). Symmetric allows for faster encryption while public is slower and typically used for secure key exchange & authentication.
What's the main security risk of SMS?
SMS is unencrypted & SMS is tied to your phone number, making SIM swapping attacks possible--which can allow MFA bypasses.
What's the difference between a jump server & a proxy server?
Jump servers are entry points used to access private/restricted networks securely from the external network. A proxy server simply sits between a user & the external network -- typically used to mask true IPs and filter/inspect web traffic.
What is the difference between BYOD and CYOD mobile device models?
BYOD (Bring your own device) allows personal devices to be used within an organizational setting, whereas CYOD (choose your own device) is where the organization gives options of organizational devices for the employees to choose from.
What is an SLA?
Service-level agreement -- lays out specific agreed upon expectations for a particular service.
A financial database was breached, revealing the names, birthdays, and credit card numbers of the customers within it. The database remained untampered & available. Which aspect of the CIA triad was violated?
Confidentiality
This type of malware is coded to only activate when a specific condition occurs.
Logic bomb
You come across the following data string and couldn't find evidence that it is reversible encryption -- what type of secure data string have you likely found?:
2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824
Hash
What is an IoT device & what risks do they pose for organizational security?
Internet of things device. They pose risks because they are typically not hardened or supported with security updates and can leave significant gaps in network security.
What type of reconnaissance is performing DNS lookups, conducting OSINT, WHOIS lookups, and researching publicly available resources on a target?
Passive Reconnaissance
What is partition-based encryption?
Encrypting partitions of drives instead of the full drive or other methods.
What is a HIPS & what does it do?
Host based intrusion prevention system; Prevents suspicious traffic from interacting with the host system.
What's considered the least intrusive option out of the following tests?: Simulation, Failover test, or tabletop exercise?
Tabletop exercise because they are purely discussion-based.
What is an ICS/SCADA system and what is a common method to secure them?
Industrial Control System / Supervisory Control and Data Acquisition. The best & most common way to secure them is by segmenting them from the rest of the network.
What is a RoE document?
Rules of engagement -- documentation that penetration testers use to set boundaries, rules, and expectation for penetration tests.
What is salting a hash, and what does it accomplish?
Salting is the process of adding a unique, random value to a password before hashing it. Prevents rainbow table attacks, hides password reuse, and forces attackers to crack each password individually. Primarily, it slows down attackers.
What is a hash collision attack and what security risk do they entail?
A hash collision attack is when an attacker deliberately finds two different inputs that produce the same hash value under a given hashing algorithm. If a system trusts hashes to verify that a file hasn’t changed, an attacker can substitute a malicious file that produces the same hash as the legitimate one.
What are main differences between load balancing and clustering?
Load balancing distributes traffic across servers, whereas clustering is multiple servers acting together as a single unified system.
What is the difference between CVE and CVSS?
CVE (Common Vulnerability Enumeration) is for indexing vulnerabilities, whereas CVSS (Common Vulnerability Scoring System) is for scoring vulnerabilities based on how severe a vulnerability is if exploited.
A healthcare company decides why patient data will be collected & controls what the data will be used for, then hires a third-party cloud vendor to perform the actual data storage & processing. What data role is the healthcare company & what data role is the third-party cloud vendor?
Healthcare company is the data controller & the cloud vendor is the data processor