12 ) EX. 11 | COMPLETE | 暗記メーカー

The R.S.S.H Delivery Company · 90問 · 6ヶ月前

通報

問題一覧

( F.T.P. ) - File Transfer Protocol

- Port 21

( S.F.T.P. ) - Secure Shell / F.T.P over S.S.H.

- Port 22

( TELNET ) - Telnet an unsecure remote administration interface

- Port 23

( S.M.T.P. ) - Simple Mail Transfer Protocol

- Port 25

( D.N.S. ) - Domain Name System uses TCP for zone transfers:

- Port 53

( H.T.T.P. ) - HyperText Transfer Protocol:

- Port 80

( P.O.P.3 ) - Post Office Protocol is a legacy mailbox access protocol

- Port 110

( R.P.C.B.I.N.D. ) - Maps Remote Procedure Call ( R.P.C. ) services to port numbers in a UNIX-like environment:

- Port 111

( M.S.R.P.C. ) - Advertises what RPC services are available in a Windows environment

- Port 135

( NETBIOS - S.S.N. ) - NetBIOS Session Service supports Windows File Sharing with pre-Windows 2000 version hosts

- Port 139

( I.M.A.P. ) - Internet Mail Access Protocol:

- Port 143

( H.T.T.P.S. ) - HyperText Transfer Protocol Secure

- Port 443

( MICROSOFT - D.S. ) - Supports Windows File Sharing (Server Message Block over T.C.P / I.P. ) on current Windows networks.

- Port 445

( I.M.A.P.S. ) - Internet Mail Access Protocol Secure

- Port 993

( P.O.P.3.S. ) - Post Office Protocol Secure

- Port 995

( P.P.T.P. ) - Point-to-Point Tunneling Protocol is a legacy VPN protocol with weak security implementation

- Port 1723

( My S.Q.L. ) - My S.Q.L. database connection

- Port 3306

( R.D.P. ) - Remote Desktop Protocol

- Port 3389

( V.N.C. ) - Virtual Network Computing remote access service where security is implementation dependent and V.N.C. may use other ports

- Port 5900

( H.T.T.P. - PROXY ) - H.T.T.P. Proxy Service or alternate port for H.T.T.P.

- Port 8080

( D.N.S. ) - Domain Name System uses U.D.P. for D.N.S. queries.

- Port 53

( D.H.C.P.S.) - Server port for the Dynamic Host Configuration Protocol (. D.H.C.P. )

- Port 67

( D.H.C.P.C ) - Client port for the Dynamic Host Configuration Protocol ( D.H.C.P. )

- Port 68

( T.F.T.P. ) - Trivial File Transfer Protocol

- Port 69

( N.T.P. ) - Network Time Protocol

- Port 123

( M.S.R.P.C. ) - Advertises what RPC services are available in a Windows environment

- Port 135

( NetBIOS - N.S. ) - NetBIOS Name Service supports Windows File Sharing with pre-Windows 2000 version hosts

- Port 137

( NetBIOS - D.G.M. ) - NetBIOS Datagram Service supports Windows File Sharing with pre-Windows 2000 version hosts

- Port 138

( NetBIOS - S.S.N. ) - NetBIOS Session Service supports Windows File Sharing with pre-Windows 2000 version hosts

- Port 139

( S.N.M.P. ) - Agent port for Simple Network Management Protocol

- Port 161

( S.N.M.P. ) - Management station port for receiving S.N.M.P. trap messages

- Port 162

( MICROSOFT - D.S. ) - Supports Windows File Sharing (Server Message Block over T.C.P. / I.P. ) on current Windows networks

- Port 445

( I.S.A.K.M.P. ) - Internet Security Association and Key Management Protocol that is used to set up I.P.Sec tunnels

- Port 500

( SYSLOG ) - Server port for a syslog daemon

- Port 514

( R.I.P. ) - Routing Information Protocol

- Port 520

( I.P.P. ) - Internet Printing Protocol

- Port 631

( M.S. - S.Q.L. ) - Microsoft SQL Server

- Port 1434

( U.P.N.P. ) - Universal Plug and Play is used for autoconfiguration of port forwarding by games consoles and other smart appliances

- Port 1900

( NAT - T - I.K.E. ) - Used to set up IPsec traversal through a Network Address Translation ( N.A.T. ) gateway

- Port 4500

SYSLOG LEVELS: (From 0)

- Level 0, - Emergency, - Level 1, - Alert, - Level 2, - Critical, - Level 3, - Error, - Level 4, - Warning, - Level 5, - Notice, - Level 6, - Informational, - Level 7, - Debug

Which analysis framework is essentially a repository of known I.O.Cs with ties to known specific threats?

- OpenIOC

This provides additional details about detection and mitigation.

- MITRE ATT&CK framework

This provides a generalized concept for how an attacker might approach a network but does not deal with individual I.O.Cs' specifics.

- Lockheed Martin cyber kill chain

This is an analytic framework for describing an attacker's work.

- Diamond Model of Intrusion Analysis

Your organization is a financial services company. You have a team of security analysts who are responsible for gathering and analyzing intelligence about potential threats to your organization. The analysts recently published a report that identifies a new threat actor who is targeting financial services companies. The report includes information about the threat actor's tactics, techniques, and procedures (TTPs). In which phase of the security intelligence cycle will this information be provided to those who need to act on it?

- Dissemination

This phase focuses on converting collected data into useful information or actionable intelligence.

- Analysis

This utilizes both intelligence producers and intelligence consumers' input. This phase aims to improve the implementation of the requirements, collection, analysis, and dissemination phases as the life cycle is developed.

- Feedback

This phase is usually implemented by administrators using various software suites, such as security information and event management ( S.I.E.M. ).

- Collection

As a cybersecurity professional, you're reviewing a Python script used in your organization's automation process. You notice the following line of code: os.system('rm -rf /') What potential security concern does this line of code represent?

- Command Injection

This attacks target application users by injecting malicious scripts into trusted websites. This scenario doesn't involve web applications or user input.

- Cross-Site Scripting (XSS)

This occurs when a program attempts to write data to a buffer (a contiguous block of memory allocated for storing data) but writes more data than the buffer is designed to hold. This "overflow" of data then spills over into adjacent memory locations, overwriting whatever data was previously stored there.

- Buffer Overflow

This involves inserting malicious SQL statements into an entry field for execution, but this scenario doesn't involve any SQL operations.

- SQL Injection

Which protocol is paired with OAuth2 to provide authentication of users in a federated identity management solution?

- OpenID Connect

This is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. This is an XML-based markup language for security assertions.

- Security Assertion Markup Language (SAML)

This is a computer network authentication protocol that works based on tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

- Kerberos

This is a software component developed by Microsoft that can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries.

- Active Directory Federation Services (ADFS)

Which term is used in software development to refer to the method in which app and platform updates are committed to a production environment rapidly?

- Continuous deployment

This is a software development method in which code updates are tested and committed to development or build server/code repositories rapidly.

- Continuous integration

This is the technique of constantly evaluating an environment for changes so that new risks may be more quickly detected and business operations improved upon.

- Continuous monitoring

This is a software development method in which app and platform requirements are frequently tested and validated for immediate availability.

- Continuous delivery

Which of the following vulnerabilities was the MOST critical due to its potential impact and exploitability?

- EternalBlue

This was a significant security bug disclosed in April 2016 that affected both Microsoft Windows and Samba servers. Samba is an open-source software suite that provides file and print services to SMB/CIFS clients, enabling Linux/Unix systems to interact with Windows environments.

- Badlock

Short for Decrypting R.S.A with Obsolete and Weakened eNcryption) is a serious cross-protocol security flaw discovered in March 2016. It allows attackers to decrypt sensitive communications, even those protected by modern TLS (Transport Layer Security) protocols, by leveraging support for the outdated and insecure SSLv2 protocol.

- DROWN

Refers to a security flaw found in the Apache Struts web application framework. Apache Struts is an open-source framework widely used by developers to create Java web applications, particularly those following the Model-View-Controller (MVC) architecture.

- Apache Struts

What SCAP component could be used to create a checklist to be used by different security teams within an organization and then report results in a standardized fashion?

- XCCDF (extensible configuration checklist description format )

This is a standardized method of describing and identifying classes of applications, operating systems, and hardware devices present among an enterprise's computing assets.

- Common Platform Enumeration ( C.P.E. )

This system provides a reference-method for publicly known information-security vulnerabilities and exposures.

- Common Vulnerabilities and Exposures ( C.V.E. )

This provides unique identifiers to system configuration issues to facilitate fast and accurate correlation of configuration data across multiple information sources and tools.

- Common Configuration Enumeration ( C.C.E. )

Syed is developing a vulnerability scanner program for a large network of sensors used to monitor his company's transcontinental oil pipeline. What type of network is this?

- SCADA ( supervisory control and data acquisition )

This uses serial communication buses to connect electronic control units and other subsystems in cars and unmanned aerial vehicles ( U.A.V. ).

- CAN ( controller area network )

This is a design where all these processors, controllers, and devices are provided on a single processor die or chip.

- SoC ( System-on-chip )

These are for offices and data centers ("smart buildings") can include physical access control systems, but also heating, ventilation, and air conditioning (HVAC), fire control, power and lighting, and elevators and escalators.

- BAS ( building automation system )

Which of the following is not considered a component that belongs to the category of identity management infrastructure?

- Human resource system

This is responsible for coordinating the creation of user accounts, email authorizations in the form of rules and roles, and other tasks such as provisioning of physical resources associated with enabling new users.

- Provisioning engine

These servers, provisioning engines, and auditing systems are all part of identity management infrastructures. Most organizations rely on an LDAP Directory to store users, groups, roles, and relationships between those entities.

- LDAP

This system is responsible for verifying the identities present in the organization's systems are valid and correct.

- Auditing system

Which of the following is a senior role with the ultimate responsibility for maintaining confidentiality, integrity, and availability in a system?

- Data owner

This person is responsible for oversight of any P.I.I. / S.P.I. / P.H.I. assets managed by the company.

- Privacy officer

This person is primarily responsible for data quality. This involves ensuring data are labeled and identified with appropriate metadata. That data is collected and stored in a format and with values that comply with applicable laws and regulations.

- Data steward

This person is the role that handles managing the system on which the data assets are stored. This includes responsibility for enforcing access control, encryption, and backup/recovery measures.

- Data custodian

You have been hired as a cybersecurity analyst for a privately-owned bank. Which of the following regulations would have the greatest impact on your bank's cybersecurity program?

- Gramm-Leach-Bliley Act (GLBA)

This is a U.S. law designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals, and other health care providers.

- Health Insurance Portability and Accountability Act (HIPPA)

This is a United States federal law that set new or expanded requirements for all US public company boards, management, and public accounting firms.

- Sarbanes-Oxley (SOX)

The Act of 1974 is a United States federal law that governs the access to educational information and records by public entities such as potential employers, publicly funded educational institutions, and foreign governments.

- Family Educational Rights and Privacy Act (FERPA)

THE P.T: 1 CHRONICLE: ( ex.9 )

THE P.T: 1 CHRONICLE: ( ex.9 )

90問 • 6ヶ月前

The R.S.S.H Delivery Company · 88問 · 6ヶ月前

THE P.T: 2 CHRONICLE: ( ex.10 )

THE P.T: 2 CHRONICLE: ( ex.10 )

88問 • 6ヶ月前

The R.S.S.H Delivery Company · 89問 · 6ヶ月前

THE P.T. 3: CHRONICLE: ( ex.12 )

THE P.T. 3: CHRONICLE: ( ex.12 )

89問 • 6ヶ月前

The R.S.S.H Delivery Company · 52問 · 6ヶ月前

THE P.T. 4: CHRONICLE: ( ex.11 )

THE P.T. 4: CHRONICLE: ( ex.11 )

52問 • 6ヶ月前

The R.S.S.H Delivery Company · 92問 · 6ヶ月前

THE P.T. 5: CHRONICLE: ( ex.13 )

THE P.T. 5: CHRONICLE: ( ex.13 )

92問 • 6ヶ月前

The R.S.S.H Delivery Company · 90問 · 6ヶ月前

THE P.T. 6: CHRONICLE: ( ex.14 )

THE P.T. 6: CHRONICLE: ( ex.14 )

90問 • 6ヶ月前

The R.S.S.H Delivery Company · 48問 · 6ヶ月前

THE P.T. 7: ( ex.15 )

THE P.T. 7: ( ex.15 )

48問 • 6ヶ月前

EXAM #1 |

EXAM #1 |

The R.S.S.H Delivery Company · 5問 · 9ヶ月前

1 ) Identify Security Control Types

1 ) Identify Security Control Types

5問 • 9ヶ月前

The R.S.S.H Delivery Company · 8問 · 9ヶ月前

2 ) Threat Intelligence

2 ) Threat Intelligence

8問 • 9ヶ月前

EXAM #2 |

EXAM #2 |

The R.S.S.H Delivery Company · 17問 · 9ヶ月前

3 ) Classifying Threats

3 ) Classifying Threats

17問 • 9ヶ月前

EXAM # 3 |

EXAM # 3 |

The R.S.S.H Delivery Company · 16問 · 9ヶ月前

4 ) Threat Hunting

4 ) Threat Hunting

16問 • 9ヶ月前

EXAM # 4 |

EXAM # 4 |

The R.S.S.H Delivery Company · 9問 · 9ヶ月前

5 ) Network Forensics

5 ) Network Forensics

9問 • 9ヶ月前

EXAM # 5 |

EXAM # 5 |