Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Security+ 007-18 SBOLC Questions and Answers, Exams of Advanced Education

Southern University System (SUS)Advanced Education

A comprehensive set of questions and answers related to various security concepts and technologies, including encryption methods, authentication types, network protocols, and security systems. It covers a wide range of topics such as substitution ciphers, transportation ciphers, advanced encryption standard (aes), cryptographic hashing, defense in depth, annual loss expectancy, annual rate of occurrence, block ciphers, stream ciphers, dynamic host configuration protocol (dhcp), false reject rate, false accept rate, fuzzing, federated identity management, osi model layers, mirroring ports, perfect forward secrecy, risk assessment, sandboxing, penetration testing, steganography, and more. The document serves as a valuable resource for individuals studying for security-related certifications or seeking to deepen their understanding of security principles and practices.

Typology: Exams

2023/2024

Available from 08/24/2024

Examproff
Examproff 🇺🇸

1

(1)

6K documents

1 / 5

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Security + 007-18 SBOLC Questions and Answers
A method of encrypting by which units of plain text are replaced with cipher text,
according to a fixed system - ANSWER-Substitution ciphers
A method of encryption by which the positions held by units of plain text. - ANSWER-
transportation cipher
AES - ANSWER-Advance Encryption Standard Rindold is the cipher make it work.
Symmetric type of encryption
Authentication Types - ANSWER-1. Something you know
2. Something you have
3. Something you are
4.Something you do
5. Somewhere you are
Cryptographic hashing - ANSWER-Converts data into a hash, or unique signature
Defense in Depth - ANSWER-1.Data
2.Application
3. Hosts
4.Internal Network
5.Perimeter network
6.Physical facility
7.Users and Organizations
Definition: ALE - ANSWER-Annual Loss expectancy is the cost per year you can expect
from the threat, or the SLE*ARO
Definition: ARO - ANSWER-Annual rate of occurrence is how many times you expect a
given type of loss to occur a year
Definition: Block Cipher - ANSWER-Encrypts fixed size chunks of data at a time at 64 to
128 bits
Definition: Object (LSO) - ANSWER-Pieces of data stored on local computers by flash
applications
Definition: OCSP (Online Certificate Status Protocol) - ANSWER-Online Certificate
Status Protocol: Entity that sends the status of all certs
Definition: Stream Cipher - ANSWER-Bit to Bit encryption, plain text mixed with a key
stream controlled by a key
DHCP (Dynamic Host Configuration Protocol) 4 steps: - ANSWER-1. Discover
pf3
pf4
pf5

Partial preview of the text

Download Security+ 007-18 SBOLC Questions and Answers and more Exams Advanced Education in PDF only on Docsity!

Security + 007-18 SBOLC Questions and Answers

A method of encrypting by which units of plain text are replaced with cipher text, according to a fixed system - ANSWER-Substitution ciphers A method of encryption by which the positions held by units of plain text. - ANSWER- transportation cipher AES - ANSWER-Advance Encryption Standard Rindold is the cipher make it work. Symmetric type of encryption Authentication Types - ANSWER-1. Something you know

  1. Something you have
  2. Something you are 4.Something you do
  3. Somewhere you are Cryptographic hashing - ANSWER-Converts data into a hash, or unique signature Defense in Depth - ANSWER-1.Data 2.Application
  4. Hosts 4.Internal Network 5.Perimeter network 6.Physical facility 7.Users and Organizations Definition: ALE - ANSWER-Annual Loss expectancy is the cost per year you can expect from the threat, or the SLE*ARO Definition: ARO - ANSWER-Annual rate of occurrence is how many times you expect a given type of loss to occur a year Definition: Block Cipher - ANSWER-Encrypts fixed size chunks of data at a time at 64 to 128 bits Definition: Object (LSO) - ANSWER-Pieces of data stored on local computers by flash applications Definition: OCSP (Online Certificate Status Protocol) - ANSWER-Online Certificate Status Protocol: Entity that sends the status of all certs Definition: Stream Cipher - ANSWER-Bit to Bit encryption, plain text mixed with a key stream controlled by a key DHCP (Dynamic Host Configuration Protocol) 4 steps: - ANSWER-1. Discover
  1. Offers an address
  2. Requests to use an address
  3. Acknowledges an address Error Type 1:False Reject Rate - ANSWER-Authorized users are rejceted Error Type 2: False Accept Rate - ANSWER-Unauthorized person or imposers are accepted as authentic Fuzzing - ANSWER-Using an automated program to send random data and random data sizes to an application IDP (Federated Identity Management) - ANSWER-Means of linking a user's identity with their privileges in a manner that can be used ac cross boundaries. Layer 1 OSI - ANSWER-Physical: Converts bits into voltage Layer 2 OSI - ANSWER-Data-Link: Transmits frames over a single network connection Layer 3 OSI - ANSWER-Network: Packets, end-to-end communication across one or more sub-networks Layer 4 OSI - ANSWER-Transport: Segments, Handles error recovery and flow control Layer 5 OSI - ANSWER-Session: No Security, Connection establishment between applications Layer 6 OSI - ANSWER-Presentation: Puts into a format all computers can understand, Encryption, translation, and compression occur here Layer 7 OSI - ANSWER-Application: main interface between network and application Mirroring Port Definition: - ANSWER-Allows network monitoring across a switch by copying the frames to the mirrored port of the network switch. PFS (Perfect Forward Secrecy) - ANSWER-Ephemeral key is short lived and what this uses. RC4 encryption protocol - ANSWER-Stream Cipher Risk Assessment - ANSWER-1. Identify assets potentially at risk 2.Conduct a threat assessment for each asset 3.Analyze business impact for each threat 4.Determine the likelihood of a given threat doing damage 5.Prioritize risks by weighing likelyhood

What encryption method uses Public and Private Key? - ANSWER-Asymetric What is 802.1 X? - ANSWER-IEEE, Port Security What is a CRL - ANSWER-Certificate Revocation List: List of all revoked certs What is a CSR(Certificate Signing Request) - ANSWER-It's a formal request for a certificate What is a False Negative (IDS & IPS) - ANSWER-IDS failed to detect malicious network activity and did not report anything Zero-Day attacks Outdated or poorly written signatures Patient, stealthy attacks (low and slow scanning) What is a False Positive (IDS & IPS) - ANSWER-The event was benign, but the analysis mistook it for a problem. False Alarms What is a IDS: - ANSWER-Intrusion Detective System: What is a in-band connection - ANSWER-Where the key is transferred and received along the same connection What is a ISP - ANSWER-Internet Service Provider: AT&T, Comcast What is a out-of band connection - ANSWER-Where the the connection is transferred on separate connections What is a True Negative (IDS & IPS) - ANSWER-Event was occurred, and no alerts where sent. What is a True Positive (IDS & IPS) - ANSWER-A problem occurred, and the analysis recognized it and was correct What is a VM escape - ANSWER-Exploit buffer overflows, they escape the virtual machine and effect the physical hardware. What is AAA? - ANSWER-Authentication: proof that the subject is who they truly are. Authorization: specifying which objects the subject can interact with. Accounting: tracking subject and object interactions. What is CIA? - ANSWER--Confidentiality -Integrity -Avaliability What is IPS: - ANSWER-Intrusion Preventive System:

What is NOP? - ANSWER-Non-operational Data: feeding data that is worthless into the buffer to overflow it. Buffer Overflow is the goal. What is OTP (One Time Pad)? - ANSWER-A pad of random bits are XOR'ed with plain text to create the cipher text What is PKCS? - ANSWER-Uses a paired public and private key (or asymmetric key) algorithm What is PKE? - ANSWER-Where only a single private key can encrypt and decrypt a message What is PKI (Public Key Infrastructure)? - ANSWER-Uses two keys, one private and one public. Public is distributed, whereas private key is never shared What is SLE? - ANSWER-Single Loss Expectancy What type of Encryption is Single Key? - ANSWER-Symmetric encryption When is IGMP used? - ANSWER-Used as the transport for several related multicast protocols