Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

45 Cards in this Set

  • Front
  • Back

What is true of the current threatscape? Evolving? How complex?

The threatscape is constantly evolving. It is so complex that it is impossible to catalog in it's entirely.

What is the primary difference between a DoS and a DDoS attack?

The number of hosts from which they emanate.

What is the most common types of spoofing?

IP address spoofing.

In a reflection attack, how is spoofing used?

The attacker uses the IP address of the intended target as the source address of the packets it transmits.

Which variations of phishing rely on email as a medium?

Spear phishing, and whaling.

Which type of password attack is most likely to succeed?

Brute force attack.

In a reconnaissance attack, which type of activity typically follows a ping sweep?

Port scan.

How can man-in-the-middle attacks be implemented?

In many different scenarios. Intercept public key, financial sites, intercept login credentials.

Which type of malware is known to create back doors to give malicious users access to a system?

Trojan horses.

Which option lowered the threshold of experience that is required for a novice attacker to perform sophisticated attacks?


Which two capabilities does an NGFW (next gen firewall) have that a traditional firewall does not have?

Ability to provide actionable indications of compromise to identify malware activity, and comprehensive network visibility.

Which type of traffic inspection uses pattern matching?

Signature-based inspection

Which VPN requirement is satisfied by encryption?


When are antivirus and antispyware software products to be updated, and what is their purpose?

They are to be updated frequently and they can remove malicious software.

What is important about logging and log-monitoring?

It is important for troubleshooting purposes, and policy-compliance auditing.

What three important services aim to manage risk in network security.

Confidentiality, Availability, and Integrity.

Can you name examples of preventative network security?

Firewalls, physical locks, and security policies.

Can you name examples of detective network security?

Log monitoring and correlation, intrusion prevention systems, and surveillance cameras.

Can you name examples of corrective network security?

Virus cleaning procedues or IPS signature updates after a worm update.

Can you name examples of deterrent network security?

Signage, or the mere presence of controls such as surveillance cameras.

Log monitoring and correlation, intrusion prevention systems and surveillance cameras are examples of what type of countermeasure?


What two types of risk analysis are of interest in information security?

Qualitative, and quantitative.

Which security term refers to a person, property, or data of value to a company?


A comprehensive security policy does not take in to account what type of component?


Name examples of technical or end-user policy?

Email, network, and application policy.

What compliance regulation affects only organizations that are in the health industry?

HIPAA (Health Insurance Portability and Accountability Act)

Which two algorithms in a VPN provide the confidentiality?

AES (Advanced Encryption Standard) and 3DES (Triple Data Encryption Standard)

What type of cipher is invulnerable to frequency analysis?


What type of cipher retains the letter frequency of their original message?


What type of cipher rearranges letters, instead of replacing them?


What type of cipher would apply the exclusive OR (XOR) operation to plaintext with a key?

One-time pad.

What is a significant difference that HMAC provides as compared to existing hash functions?

HMACs add a secret key as input to the hash function.

How can a publicly available and well-known cipher be used to securely encrypt data between two endpoints of a VPN tunnel?

PKI (Public key infrastructure)

What encryption ciphers are symmetrical?

AES and 3DES

What is the primary difference between a hash and an HMAC (hashed message authentication code)

The keys

What is true of asymmetric encryption algorithms?

They key that is used for encryption is different from the key that is used for decryption. Asymmetric algorithms are substantially slower than symmetric algorithms.

Describe confidentiality,

Ensuring that only authorized parties can read the message.

Why is data integrity important?

Ensures that changes to data will be detected and rejected,

Why is origin authentication important?

Ensures that messages received were actually sent from the perceived origin.

What is non-repudiation?

Ensures that the original source of a secured message cannot deny having produced the message.

Why is the public key in a typical public-private pair referred to as public?

Because it is shared publicly.

What standard format is used to request a digital certificate from a certification authority (CA)?

PKCS #10

True or false. The RSA algorithm is based on the fact that each entity has two keys, a public and a private key. The public key can be published and given away but the private key must be kept secret.


What might you find in a typical intentity certificte.

Validity period, public key, issuer ID, and hash algorithm.

What is a reflection attack?

Attacker sends a flood of protocol requests to various IP hosts. Attacker spoofs source IP so targets forward packets to single target, reflecting the attack.