SQL queries that execute on the server side instead of the client application
duplicate MAC (Media Access Control) address
indicates MAC spoofing or ARP (Address Resolution Protocol) poisoning
FAR (False Acceptance Rate)
the likelihood that an unauthorized user will be accepted.
FRR (False Rejection Rate)
the likelihood that an authorized user will be rejected
scans are not credentialed
common for vulnerability scans to show vulnerabilities thatdon’t actually exist
RTOS (Real-Time Operating System)
instantly react to input without any significant delays or queuing in the operating system
Certificate pinning
prevent the use of this proxy examination in the future
Switch log
analysis of switch interface activity would be able to identify any new devices and their MAC addresses including rogue access points
recovery phase
phase that removes malware, fixes vulnerabilities and rcovers damaged systems
default, firewalls
will deny all trafic, requires creating rules for
honeypot
As attackers attempt to exploit, their techniques and methods are logged. With these logs, administrators can gain additional insights into the attacks and processes used by the attackers.
service account
Web servers, database servers, and other local servers use
runbook
set of steps required to complete a task.
In-use
in the memory of a system and is accessible to an application.
At-rest
data resides in stroage device
in transit
data in process of moving across the network
SRTP (Secure Real-Time Transport Protocol)
encrypt telephone communications over corporate network
TLS
used for encrypting communication to a web server
S/MIME
emcryptnig contents of a email message and for mail
Change management
process of making any type of change
transitive trust
if Domain A trusts Domain B, and Domain B trusts Domain C, then Domain A trusts Domain C.
port scan will send network traffic to a server
Active footprinting
DES and WEP
signs of weak encryption
ESP (Encapsulation Security Payload)
used to encrypt data in IP packets when used during zvpn
the IP header isnot encrypted and is used for routing
for IPsec, because it is not tunneling like a VPN
ECB
a block cipher mode where each block is encrypted with the same key.
legal hold
a legal technique to preserve relevant information. This process will ensure the data remains accessible for any legal preparation that occurs prior to litigation
Heuristic IPS technology
uses artificial intelligence to identify attacks that have no prior signituare
can detect zero-day attacks.
local ARP cache
contains a lookup table containing IP addresses and their associated MAC (Media Access Control) address.If an engineer pings a device on the local network and then views the ARP cache, they will see the MAC address that was resolved during the ARP process
Nmap
a network scanner used to locate open ports and identify services running on a remote device
netstat
can view inbound and outbound statistics for all connections to a device
Which of the following would be the MOST effective use of asymmetric encryption?
Securely derive a session key
Diffie-Hellman
asymmetric encryption, can combine public and private keys to derive the same session key on both sides of a conversation without sending that session key across the network.
Which of the following would be the MOST significant security concern when protecting against criminal syndicates?
Maintain reliable backup data Organized crime is often after data, and can sometimes encrypt or delete data on a service. A good set of backups can often resolve these issues quickly and without any ransomware payments to an organized crime entity
Implement a secure configuration of the web service
to protect an application from attacks
Enable WPA3 encryption
with shared key to prevent unatuhtroized attacks when MAC filtering does not work because MAc address can be spoofed
domain hijacking
modify the primary DNS (Domain Name System) settings for a domain and will allow an attacker to direct users to any IP address.
containerization
keeps the enterprise apps and data separated from the user’s apps and data. During the offboarding process, only the company information is deleted and the user’s personal data is retained.