GSEC EXAM STUDY QUESTIONS AND ANSWERS GRADED A 2024
2 views 0 purchase
Course
GSEC .
Institution
GSEC .
conceptual design -Correct Answer high level design that includes core components of network architecture | 'black box' I/O | legal, environmental safety | customer experience | multidisciplinary
logical design -Correct Answer depicts how data flows across different devices in network | detailed...
GSEC EXAM STUDY QUESTIONS AND
ANSWERS GRADED A 2024
conceptual design -Correct Answer ✔high level design that includes core components
of network architecture | 'black box' I/O | legal, environmental safety | customer
experience | multidisciplinary
logical design -Correct Answer ✔depicts how data flows across different devices in
network | detailed, rather than abstract network diagram | services, application names |
for developers and security architects | shows servers workstations routers firewalls...
physical design -Correct Answer ✔last before implementation | all known details |
physical components and connections | OS versions
communications flow -Correct Answer ✔dictated by logical design, shows how data
flows in and out of the network | informs threat model; attack surface and vectors;
estimate impact; determines defense
intellectual property (IP) -Correct Answer ✔dictated by logical architecture | key is
reduce number or locations where present; subject to copyright
router -Correct Answer ✔device that connects different networks together internal and
external | forwards data packets between computer networks | operates at OSI L3,
handles packets
switch -Correct Answer ✔networking device that connects computers together to form
physical and virtual networks | handles frames at OSI L2
Kismet -Correct Answer ✔Linux WLAN sniffer completely passive used for vulnerability
assessment and intrusion detection
threat enumeration -Correct Answer ✔list threat agents | list attack methods | list
system-level objectives
threat agents (3) -Correct Answer ✔human or not | organized crime | espionage |
hactivist
Advanced Persistent Threat (APT) -Correct Answer ✔An organized group of attackers
who are highly motivated, skilled, and patient. They are often sponsored by a
government, are focused on a specific target, and will continue attacking for a very long
time until they achieve their goal.
GSEC EXAM
,GSEC EXAM
DoS -Correct Answer ✔An availability attack, to consume resources to the point of
exhaustion; Denial of Service; flood of ICMP requests targets router takes down server
DDoS -Correct Answer ✔Denial of service attack committed using many computers,
usually zombies on a botnet.
packet sniffing -Correct Answer ✔capture network traffic for analysis | no longer
requires physical access to network due to prevalence of wifi
packet misroute -Correct Answer ✔malware on router sends traffic to evil location or
causes routing loops DoS or network congestion
XSS -Correct Answer ✔Cross-site scripting. Attacker redirects users to malicious
websites, steal cookies. E-mail can include an embedded HTML image object or a
JavaScript image tag as part of a malicious cross-site scripting attack. Prevent with
input validation.
CSRF -Correct Answer ✔Cross-Site Request Forgery--Third-party redirect of static
content within the security context of a trusted site.
SYN flood -Correct Answer ✔A type of DoS where an attacker sends a large amount of
SYN request packets to a server in an attempt to deny service.
TCP reset -Correct Answer ✔attacker sniffs target traffic the spoofs packet with RST
flag set to end session
routing table poisoning -Correct Answer ✔routers exchange data to build tables;
attacker injects bad data
CDP -Correct Answer ✔Cisco Discovery Protocol; transmits in the clear; manipulation
attack; disable this protocol
MAC flood -Correct Answer ✔An attack that sends numerous packets to the switch,
each of which has a different source MAC address, in an attempt to use up the memory
on the switch and switch can downgrade to hub
DHCP spoofing attack -Correct Answer ✔MitM attack listens for DHCP traffic then
sends attacker IP address as default gateway
STP -Correct Answer ✔Spanning Tree Protocol. Protocol enabled on most switches that
protects against switching loops. A switching loop can be caused if two ports of a switch
are connected together, such as those caused when two ports of a switch are
connected together.
GSEC EXAM
,GSEC EXAM
VLAN hop -Correct Answer ✔spoof 802.1Q tags, attacker can frames to diff VLAN w/o
router
physical topology -Correct Answer ✔how a network is wired together; includes wifi
ethernet -Correct Answer ✔a system for connecting a number of computer systems to
form a local area network, with protocols to control the passing of information and to
avoid simultaneous transmission by two or more systems.
full duplex -Correct Answer ✔simultaneous send / receive for two nodes; Any device
that can send and receive data simultaneously.
CSMA / CD -Correct Answer ✔Carrier Sense Multiple Access with Collision Detection. It
is the method for multiple hosts to communicate on a Ethernet.
subnet -Correct Answer ✔A logical subset of a larger network, created by an
administrator to improve network performance or to provide security.
Principle of Least Privilege -Correct Answer ✔A security discipline that requires that a
particular user, system, or application be given no more privilege than necessary to
perform its function or job.
protected enclave -Correct Answer ✔segment of internal network defined by common
security policies
SDN -Correct Answer ✔Software Defined Network | split network into subnets with
software | allows for micro-segmentation and traffic analysis between two endpoints
public internet -Correct Answer ✔publicly accessible system of networks that connects
computers around the world
semi-public internet -Correct Answer ✔reachable from internet; may have internet
access
middleware -Correct Answer ✔separate private DMZ from private network
private internet -Correct Answer ✔used exclusively within an organization is called an
DMZ -Correct Answer ✔A network between the internal network and the Internet with a
firewall on both sides.
border router -Correct Answer ✔between ISP and org firewall; prefilters traffic before
org firewall and uses and ACL; aka edge router
GSEC EXAM
, GSEC EXAM
application-level virtual machine -Correct Answer ✔run an app on its own VM so if
compromised cannot compromise other systems
OS virtual machine -Correct Answer ✔multiple operating systems run independently on
the same hardware
virtualization -Correct Answer ✔emulation software for virtualization| allows a single
computing device to run multiple operating systems through hardware emulation |
accesses virtualized hardware, not physical
hypervisor -Correct Answer ✔emulation software for virtualization; allows a single
computing device to run multiple operating systems through hardware emulation
VM escapes -Correct Answer ✔attack to escape guest OS compromise hypervisor
virtual machine introspection -Correct Answer ✔monitor hypervisor and all VMs
virtual sprawl -Correct Answer ✔number of VMs / guest systems too big to manage
air gap -Correct Answer ✔physical separation of hardware (servers)
DMA -Correct Answer ✔Direct memory access (DMA) is a feature which allows for the
accessing of memory and controllers (video and network cards), without utilizing the
CPU such
hyperjacking -Correct Answer ✔compromise the hypervisor to gain access to the VMs
and their data typically launched against type 2 hypervisors that run over a host OS
hyperjumping -Correct Answer ✔attacker compromises one guest OS and jumps to
another | lateral compromise
blue pill -Correct Answer ✔logical exploit; create false hypervisor with root access
type 1 hypervisor -Correct Answer ✔bare metal hypervisor it is a software program that
acts as an operating system and also provides the ability to perform virtualization of
other operating systems using the same computer (e.g. Hyper V)
type 2 hypervisor -Correct Answer ✔Software to manage virtual machines that is
installed as an application in an operating system. (e.g. Virtual Box)
content discovery -Correct Answer ✔monitor data for restricted info
GSEC EXAM
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller PossibleA. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.49. You're not tied to anything after your purchase.