SANS 410 CERTIFICATION SCRIPT
2026 QUESTIONS WITH SOLUTIONS
GRADED A+
◍ -n 2 flag.
Answer: tells ping tool to send out 2 ICMP ECHO REQUESTS type 8 then
stop
◍ Conceptual Design.
Answer: Overview of the system, does not include how hardware or
software are configured but lays out systems we need to achieve our goal
and understand criticality
◍ Logical Design.
Answer: A description of the functional requirements of a system. puts the
compenents of a conceptual design on paper using a network diagram.
◍ Physical Design.
Answer: The specification of the characteristics of the system components
necessary to put the logical design into action. like OS versions, patch
levels, hardening configurations... physical security can betray logical
security controls
◍ communication flow.
Answer: who accesses data, when it's accessed, how much is accessed
◍ switch.
Answer: A computer networking device that connects systems to form a
network
◍ XSRF.
Answer: Cross-Site Request Forgery-An attack that causes users to perform
, actions on websites without their knowledge. In some cases, attackers use
header manipulation to steal cookies and harvest passwords.
◍ 3DES.
Answer: Triple Digital Encryption Standard. A symmetric algorithm used to
encrypt data and provide confidentiality. It was originally designed as a
replacement for DES. It uses multiple keys and multiple passes and is not as
efficient as AES, but is still used in some applications, such as when
hardware doesn't support AES.
◍ AAA.
Answer: AAA stands for authentication, authorization, and accounting.
AAA is a framework for intelligently controlling access to computer
resources, enforcing policies, auditing usage, and providing the information
necessary to bill for services.
◍ ABAC.
Answer: Attribute-based access control. An access control model that grants
access to resources based on attributes assigned to subjects and objects.
◍ Router.
Answer: connects networks to networks
◍ ACL.
Answer: Access Control List-An access control list (ACL) is a list of rules
that specifies which users or systems are granted or denied access to a
particular object or system resource. Access control lists are also installed in
routers or switches, where they act as filters, managing which traffic can
access the network.
◍ AD.
Answer: Active Directory (AD) is a database and set of services that connect
users with the network resources they need to get their work done. The
database (or directory) contains critical information about your environment,
including what users and computers there are and who's allowed to do what.
◍ tactics.
, Answer: high level descriptions of a method an adversary might use to
formulate an attack
◍ AES.
Answer: Advanced Encryption Standard, a symmetric 128-bit block data
encryption technique
◍ AES256.
Answer: Advanced Encryption Standard 256 bit. AES sometimes includes
the number of bits used in the encryption keys and AES256 uses 256-bit
encryption keys.
◍ techniques.
Answer: a specific instance of the tactic being attempted
◍ AH.
Answer: Authentication Header-The Authentication Header (AH) protocol
provides data origin authentication, data integrity, and replay protection.
However, AH does not provide data confidentiality, which means that all of
your data is sent in the clear.
◍ AI.
Answer: Artificial intelligence (AI) is a wide-ranging branch of computer
science concerned with building smart machines capable of performing
tasks that typically require human intelligence.
◍ procedure.
Answer: detailed explanation how the technique works to implement that
tactic of an attack
◍ AIS.
Answer: Automated Indicator Sharing (AIS) is a service the Cybersecurity
and Infrastructure Security Agency (CISA) provides to enable real-time
exchange of machine-readable cyber threat indicators and defensive
measures between public and private-sector organizations.
◍ ALE.
, Answer: Annual Loss Expectancy (ALE), which is the total loss we can
expect from a risk in a one-year timeframe and is calculated by multiplying
SLE by ARO.
◍ threat agents.
Answer: individuals, org, or group that is capable and motivated to carry out
an attack of one sort or another
◍ AP.
Answer: Access Point-An access point is a device that creates a wireless
local area network, or WLAN, usually in an office or large building. An
access point connects to a wired router, switch, or hub via an Ethernet cable,
and projects a WiFi signal to a designated area.
◍ API.
Answer: Application Programming Interface, which is a set of definitions
and protocols for building and integrating application software.
◍ APT.
Answer: Advanced Persistent Threat-The advanced persistent threat pursues
its objectives repeatedly over an extended period; adapts to defenders'
efforts to resist it; and is determined to maintain the level of interaction
needed to execute its objectives.
◍ ARO.
Answer: Annualized Rate of Occurrence-refers to the expected frequency
with which a risk or a threat is expected to occur.
◍ ARP.
Answer: Address Resolution Protocol. Resolves IP addresses to MAC
addresses. ARP poisoning attacks can redirect traffic through an attacker's
system by sending false MAC address updates. VLAN segregation helps
prevent the scope of ARP poisoning attacks within a network.
◍ Threat Agents types.
Answer: opportunistic, organized cyber crime, and APT
2026 QUESTIONS WITH SOLUTIONS
GRADED A+
◍ -n 2 flag.
Answer: tells ping tool to send out 2 ICMP ECHO REQUESTS type 8 then
stop
◍ Conceptual Design.
Answer: Overview of the system, does not include how hardware or
software are configured but lays out systems we need to achieve our goal
and understand criticality
◍ Logical Design.
Answer: A description of the functional requirements of a system. puts the
compenents of a conceptual design on paper using a network diagram.
◍ Physical Design.
Answer: The specification of the characteristics of the system components
necessary to put the logical design into action. like OS versions, patch
levels, hardening configurations... physical security can betray logical
security controls
◍ communication flow.
Answer: who accesses data, when it's accessed, how much is accessed
◍ switch.
Answer: A computer networking device that connects systems to form a
network
◍ XSRF.
Answer: Cross-Site Request Forgery-An attack that causes users to perform
, actions on websites without their knowledge. In some cases, attackers use
header manipulation to steal cookies and harvest passwords.
◍ 3DES.
Answer: Triple Digital Encryption Standard. A symmetric algorithm used to
encrypt data and provide confidentiality. It was originally designed as a
replacement for DES. It uses multiple keys and multiple passes and is not as
efficient as AES, but is still used in some applications, such as when
hardware doesn't support AES.
◍ AAA.
Answer: AAA stands for authentication, authorization, and accounting.
AAA is a framework for intelligently controlling access to computer
resources, enforcing policies, auditing usage, and providing the information
necessary to bill for services.
◍ ABAC.
Answer: Attribute-based access control. An access control model that grants
access to resources based on attributes assigned to subjects and objects.
◍ Router.
Answer: connects networks to networks
◍ ACL.
Answer: Access Control List-An access control list (ACL) is a list of rules
that specifies which users or systems are granted or denied access to a
particular object or system resource. Access control lists are also installed in
routers or switches, where they act as filters, managing which traffic can
access the network.
◍ AD.
Answer: Active Directory (AD) is a database and set of services that connect
users with the network resources they need to get their work done. The
database (or directory) contains critical information about your environment,
including what users and computers there are and who's allowed to do what.
◍ tactics.
, Answer: high level descriptions of a method an adversary might use to
formulate an attack
◍ AES.
Answer: Advanced Encryption Standard, a symmetric 128-bit block data
encryption technique
◍ AES256.
Answer: Advanced Encryption Standard 256 bit. AES sometimes includes
the number of bits used in the encryption keys and AES256 uses 256-bit
encryption keys.
◍ techniques.
Answer: a specific instance of the tactic being attempted
◍ AH.
Answer: Authentication Header-The Authentication Header (AH) protocol
provides data origin authentication, data integrity, and replay protection.
However, AH does not provide data confidentiality, which means that all of
your data is sent in the clear.
◍ AI.
Answer: Artificial intelligence (AI) is a wide-ranging branch of computer
science concerned with building smart machines capable of performing
tasks that typically require human intelligence.
◍ procedure.
Answer: detailed explanation how the technique works to implement that
tactic of an attack
◍ AIS.
Answer: Automated Indicator Sharing (AIS) is a service the Cybersecurity
and Infrastructure Security Agency (CISA) provides to enable real-time
exchange of machine-readable cyber threat indicators and defensive
measures between public and private-sector organizations.
◍ ALE.
, Answer: Annual Loss Expectancy (ALE), which is the total loss we can
expect from a risk in a one-year timeframe and is calculated by multiplying
SLE by ARO.
◍ threat agents.
Answer: individuals, org, or group that is capable and motivated to carry out
an attack of one sort or another
◍ AP.
Answer: Access Point-An access point is a device that creates a wireless
local area network, or WLAN, usually in an office or large building. An
access point connects to a wired router, switch, or hub via an Ethernet cable,
and projects a WiFi signal to a designated area.
◍ API.
Answer: Application Programming Interface, which is a set of definitions
and protocols for building and integrating application software.
◍ APT.
Answer: Advanced Persistent Threat-The advanced persistent threat pursues
its objectives repeatedly over an extended period; adapts to defenders'
efforts to resist it; and is determined to maintain the level of interaction
needed to execute its objectives.
◍ ARO.
Answer: Annualized Rate of Occurrence-refers to the expected frequency
with which a risk or a threat is expected to occur.
◍ ARP.
Answer: Address Resolution Protocol. Resolves IP addresses to MAC
addresses. ARP poisoning attacks can redirect traffic through an attacker's
system by sending false MAC address updates. VLAN segregation helps
prevent the scope of ARP poisoning attacks within a network.
◍ Threat Agents types.
Answer: opportunistic, organized cyber crime, and APT
