FBLA Cyber Security Questions

A user receives an unsolicited message in a social network chat window, What type of attack does this indicate?

Spim

An outgoing message is encrypted before transmission using asymmetric cryptography. What does the recipient need to decrypt the message?

The recipient's private key

You are tasked with determining the best use of client-side and server-side validation for a new web-based application. What is the potential risk of client-side validation?

It is easily bypassed

An organization hires temporary users to assist with end-quarter and end-year resources. All of the temps need access to the same domain resources when accessing the network. You need to ensure that user accounts used by temps can only be used during the specific end-of-quarter and end-of-year periods. You need to ensure that the accounts are not available at other times. The solution should require minimal administrative effort to maintain. What should you do?

Set expiration dates for the temp user accounts

A company has an office on the fifth floor of a building in a city that is prone to earthquakes. Earthquakes have been identified as the most important risk to mitigate. Which risk mitigation controls would be important to ensuring employee safety?

Emergency Lighting

Drills

Escape Plans

A remote collection server is managed through command-line commands. Until recently, you have been using Telnet to connect to the server, but you suspect that one or more passwords have been compromised. You are going to disable Telnet connectivity on the server. You need to use a more secure method for logging in and executing commands. What should you use?

SSH (Secure Shell)

A denial service attack has occurred. Which questions should be answered during the incident identification phase?

What servers have been compromised?

What is the impact to the business?

You receive a security bulletin that a patch is available for an application running on all network client computers. The application is a mission-critical application. You download the patch to a directory on a directory on a network server. What should you do next?

Test the patch on selected isolated computers

You are configuring the firewall between the Internet and your perimeter network. There are two servers on the perimeter network. Both servers host a Web application that uses TLS. Which port should you configure to allow incoming and outgoing traffic?

TCP 443 (HTTPS)

You are designing security for network servers. The design requirements call for the servers to be kept in a locked room with limited physical access. You want to ensure that physical access is controlled as tightly as possible and prevent unauthorized access. What should you use?

Secure the room with a biometric-based lock

You need to encrypt to contents of a USB flash drive using the strongest possible encryption. Which type of encryption should you use?

AES (Advanced Encryption Standard)

You are setting up a Wi-Fi infrastructure for a hotel. The hotel wants the Wi-Fi configured to redirect guests to a web page that provides usage instructions and prompts them for authentication information before they are granted Internet access. What should you do?

Configure a captive portal

Remote users who work from home are allowed to log onto the network only during normal business hours. The system administrator has configures remote access portals to enforce this. This is an example of what type of access control?

Rule-based access control

You want to create a document that describes what types of things employees are permitted to do regarding e-mail and Web usage. What should you create?

Acceptable use policy

Your application development plan calls for fuzzing. What is fuzzing used to test for?

Application flaws relating to data input

How does NAT server help protect your network?

By masking the IP addresses of internal computers from the Internet

Your organization has recently seen an increase in thefts of laptops and other electronic equipment. You want to keep equipment accessible as possible while trying to prevent equipment theft. User actions needed to keep the equipment secure need to be kept to a minimum. What should you do?

Secure equipment with cable locks

What protocol provides access to directory server services?

LDAP (Lightweight Directory Access Protocol)

What is the impact of enabling sign-on in an enterprise network?

A user logs on once and can access multiple applications and services

A security system validates whether or not a user has permission to complete an action. This is an example of what?

Authorization

Your deploying a new website. You need to request a SSL certificate from a public CA. What should you do first?

Generate a public and private key pair for the server

You deploy a two-factor authentication system for your network computers using a smart card and pin. Despite this, unauthorized personnel are gaining access to the network. What should you do to help prevent this in the future?

Improve user education and awareness training

You are hiring a consultant to provide to social media presence for your organization. The consultant will use her own computer. What are two potential security implication that should be covered by a legally binding policy documents?

Data ownership for content created

Unauthorized data sharing

A company has implemented a BYOD policy that applies only to members of the Sale department. The company has also performed information classification. Only members of management can access information that is classified as High. Members of the Human Resources department have access to the PII for the company employees. Other employees have access to only information that is classified as Medium or Low. For each type of security training, indicate whether it should be organization-wide or rule-based. (Personal Device Policy, Data Handling Policy, Tailgating Policy, Proper Data Disposal)

Personal Device Policy- Role-based

Data Handling Policy- Role-based

Tailgating Policy- Organization-Wide

Proper Data Disposal- Role-based

What situation describes an organization that is looking for an Internet-based solution. Any employee with Internet access should have access to the resources described. When would it be most appropriate to use a hybrid cloud?

An organization hosts its own applications and data, but occasionally needs additional overflow storage

A server application is currently under development. It has been discovered that some errors, such as divide by zero error, can leave the application running in an unstable condition. The application needs to respond more appropriately to errors and generate an error message when they occur. What should you implement?

Exception Handling

Which component of PKI is necessary for a CA to know whether to accept or reject certificates from another CA?

RA (Registration Authority)

CRL (Certificate Revocation List)

All computers in your organization come with TPM installed. What type of data encryption most often uses keys generated from the TPM?

Full Disk Encryption

Which protocol provides compatible applications with a directory services look up service?

LDAP (Lightweight Directory Access Protocol)

Network users whose computers are running Windows 7 complain that the extra windows that appear when they browse the Internet are becoming a nuisance. The user is able to close the windows and they do not prevent the user from browsing the Internet. You need to prevent these windows from appearing. What should you do?

Configure the browsers popup locker

What best describes a digital signature?

A message hash encrypted with the senders private key

You are installing wireless access points on a company network that is separated from the Internet by a firewall. Which two steps can you take to mitigate the risk of eavesdropping by outsiders?

Reduce the transmission power

Adjust the antenna placement

What is risk mitigation?

The process of minimizing the impact of identical risks

An applications executable is digitally signed using a software developer's private key. What does this ensure?

Integrity

War chalking is used for what purpose?

To publicize an unprotected or poorly protected access point

You need to identify the source of malformed network packets flooding your network. What should you use?

Protocol Analyzer

Packet Filtering or Packet Purity

Analyzed against a set of filters. That make it through the filters are sent to the requesting system and other are discarded

Proxy

Firewalls in this case assume the role of a recipient and in turn sends it to the node that requested the information

Stateful Inspection

Compares certain key parts of the packet to a database of trusted information

IP Addresses

Blocks certain IP addresses or a range of IP addresses

Protocols

Decided which of the systems can allow or have access

Ports

Blocking or disabling ports of servers that are connected. Maintain the kind of data flow you want to see and close down possible entry points for hackers

Keywords

will block any website that has to deal with certain predetermined words

IP

Internet Protocol. The main delivery system for information over the Internet

TCP

a protocol developed for the internet to get data from one network device to another

HTTP

Hyper-Text Transfer Protocol. Used for websites.

FTP

File Transfer Protocol. Used to upload or download files

UDP

User Datagram Protocol. Used for information that requires no response. For example streaming video or audio

ICMP

Internet Control Message Protocol. Used by a router to exchange information with other routers

SMTP

Simple Mail Transport Protocol. Used to send text based information like email

SNMP

Simple Network Management Protocol. Used to collect system information from a remote computer

Telnet

Used to preform commands on a remote computer

Remote Log-in

When someone connects to a computer via the Internet

Application backdoor

Hidden access that provides some level of control to a program

SMTP Session Hijacking

By gaining access to a list of e-mail addresses a person can send spam to thousands of users

Operating System Bugs

Operating system backdoors

E-mail bombs

Large quantity of bulk e-mail that overwhelms an e-mail server preventing user access

Macros

tools that allow a user to program repetitive tasks into the computer's memory so that they can be quickly accomplished with the touch of a couple of keys that the user has selected

Spam

unwanted e-mail (usually of a commercial nature sent out in bulk)

Redirect bombs

Hackers can use ICMP to change the path information take by sending it to a different router

Source Routing

Technique in which the originator of a packet can attempt to partially or completely control the path through the network to the destination

Proxy Server

A server that all computers on the local network have to go through before accessing information on the Internet

Trojan Horses

A program advertised as performing one activity but actually doing something else

Worms

Infectious malware spreading without user interaction

Malware

Software that is harmful or destructive, such as a viruses and worms

Grayware

encompasses spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs apart from viruses that are designed to harms the performance of computers on your network

Fast Flux

DNS technique used by botnets to hide phising and malware delivery sites behind an ever-changing network of comprised hosts acting as proxies

Null Route (Blackhole Route)

Is a network route (routing table entry) that goes nowhere (computer networking)

FDE

Full Disk Encryption. Automatically converts data on a hard drive into a form that cannot be understood by anyone who does not have the decryption key (hardware level)

What is the BEST way to configure a router against a denial of service attack?

Configure your router to use WPA encryption

Botnets

Networks of virus-infected computers

UAC

User Account Control. Informs you when a program makes a change that requires administrator-level permission, also adjusts the permission level of your user accounts

Firewall Analyzer

Helps network security administrators and IT Managers for bandwidth monitoring, and Firewall Internet security events monitoring efficiently

Authenticating

process of determining whether someone or something is who or what they declare to be, usually done by passwords

SmartScreen Filtering

Helps detect phising websites and can protect you from downloading or installing malware

Which of the following provides secure methods for IP multihoming and mobile computing?

Host Identity Protocol (HIP)

Asymmetric Key

Algorithms are used to create a mathematically related key pair: a secret private key and a published public key

Cryptographic Keys

Used in encrypting and decrypting information, there are private keys and public keys

Authorization

Process of giving someone permission to do or have something, this occurs after Authentication

What is the maximum lifetime for a user 10 ticket?

10 hours

What is the usual max tolerance for computer clock synchronization?

5 minutes

User Certificate

A credential issued by the Authentication Service that supplies valid authentication credentials. Whenever the client requires access to a new network resource, it must prevent its TGT to the Key Distribution Center

Data Recovery

Process of salvaging data from damaged, failed, corrupted, or inaccessible secondary storage media when it cannot be accessed normally

What is a set of policies and procedures for reacting to and recovering from an IT-disabling disaster?

Business Continuity Strategy

Non-Continuous Data Protection

Refers to backup of computer data by automatically saving a copy of every change made to that data

Cryptography

The science of writing on a secret code and is an ancient art

Hash Function

Uses one key for encryption and another for decrypting

When the sender and the recipient can transmit data to each other over an unsecured or monitored link by encrypting messages without worrying that their communications are being monitored, it is called:

Confidentiality

Networks that allow access to some database materials and e-mail are called:

Semi-Trusted Networks

You need to identify the source of malformed packets flooding your network. What should you use?

Protocol Analyzer

Your network supports a DAC (Discretionary Access Control) system to manage file access permissions. How is this information maintained on the network?

As ACLs (Access Control List)

On a network that uses Kerberos, what does the client computer present as authentication to the server that contains a resource?

Session Ticket

An application needs to use a two-factor authentication based on a username and password plus a one-time password generated from a shared secret key and time stamp. What algorithm can provide the one-time password?

TOTP (Time-based One-time Password Algorithm)

You set up a VM (virtual machine) for testing different versions of an application. You want to be able to return to the baseline state as quickly as possible between each test. What should you do?

Create a snapshot of the VM

RDP

Remote Desktop Protocol

Port: 3389

You are designing security for a financial application. You need to ensure that all tasks relating to the transfer of money require actions by more then one user through a series of checks and balances. All activity must be audited and logged. Which access control method should you design your security model?

Separation of duties

A company has an Ethernet network with four switches, as well as two wireless APs. All devices that connect to either network must be authenticated using EAP (Extensible Authentication Protocol). What should you use?

802.1X

You install a Web application on three identical servers. You need to mitigate the risk that users will be unable to access the Web application if one of the servers fail. It should also mitigate the risk of malware infection. What should you use?

UTM (Unified Threat Management) appliance

You would need to include a RADIUS authentication server when implementing what in you network configuration?

WPA2- Enterprise

802.1X Network Access Control

You are configuring TLS (Transport Layer Security) using a block cipher algorithm for transport encryption. You are using a key exchange that supports forward security. What is the advantage of using forward security?

The session key is not comprised even if a private key used in generating it is compromised