ProfessorgMessorgSecurityg+gpracticegtes
t
performancegbasegquestionsg
6. Confirmgtheghardwaregongagremotegdeviceg→gattestation
7. Agdocumentgisghiddengwithingangimagegfileg→gobfuscation
8. Passwordsgaregsecurelygstoredgingagdatabaseg→ghashing
9. AngalertgshowsgwindowsgmalwaregrunninggongagLinuxgserverg→gfalsegpositive
10. Agdoorglockgisgjammedgingagdatagcentergrackg→gphysical
11. Webgsessionsgaregusinggangoutdatedgencryptiongprotocolg→gcryptographic
12. AgsystemgunexpectedlygrestartsgeverygWednesdaygatgnoong→glogicgbomb
13. Agcryptocurrencygmininggprogramgincludesgagremotegdesktopgserviceg→gtrojanghorse
14. agtechniciangfromgthegwangproviderghasgarrivedgwithoutgagtroublegticketg-->gimpersonation
15. malwareginstalledgingagbootgsectorgloadsgwithgthegoperatinggsystemg-->grootkits
16. aglargegamountgofgnetworkgtrafficghasgdisabledgagwebgservice--->gddos
17. agsecuregconnectionghasgbeengdowngradedgtoganginsecuregprotocolg-->gsslgstripping
18. encryptgallgVoIPgphonegcallgaudio →gSRTP
19. sendgfilesgfromgaguser'sgworkstationgtogagserverg→gTFPS
20. automaticallygsetgthegtimegandgdatagongaglaptopg→ NTPSEC
21. securelygauthenticategusersgtogagnetworkgresource →gLDAP
22. fromgthegwindowsgcommandgline,gdisplaygaglistgofgallgnextghopsgknowngtogthegdevice.g-->>groute
23. authenticategtogagthird-partygwebsitegusingggooglegcredentialsg-->gfederation
24. increasegcapacitygduringgbusygtimesgofgthegdayg-->gelasticity
25. uniquegapplicationgfunctionsgaregmanagedgseparatelyg-->gmicroservices
26. agpasswordgconsistsgofgrandomgcharacters.g-->gentropy
27. administergagremoteglinuxgservergconsoleg-->gssh
28. lookupgthegipgaddressgofgagservergbasedgongthegFQDNg-->gdnssec
29. transfergdailygtransactiongfilesgfromgonegservergtoganotherg-->gsftp
30. synchronizegthegdategandgtimegacrossgdevicesg-->gntpsec
31. visitorsgtogagknowngmaliciousgsitegaregredirectedgtogagsafegserverg-->gsinkhole
Pgagggeg g 1g |g 98
,ProfessorgMessorgSecurityg+gpracticegtes
t
32. agcreditgcardgnumbergisgreplacedgwithgagsinglegusegnumberg-->gtokenization
33. creategagcloudgmodelgfromganygitgfunctiong-->gXass
34. anganti-malwaregscangdidgnotgidentifygagtrojanghorseg-->gfalsegnegative
35. securelygsetgthegtimegandgdatagongthegnetworkgdevices -->gntpsec
36. querygdirectorygservicesgovergangencryptedgchannelg-->gLDAPs
37. encryptgallgtrafficgsentgovergagvoipgtelephonegcall -->gSRTP
38. creategangencryptedgtunnelgforgremotegaccessg-->gipsec:ginternetgprotocolgsecurity
a. creategangencryptedgtunnelgforgremotegaccess -->giPsec
b. buildgagsecuregtunnelgbetweengtwogremoteglocationsg-->gipsec
39. agusergdigitallygsignsgallgemailsgsentgtoganotherguserg-->gs/MIMe
a. agusergdigitallygsignsgallgemailsgsentgtoganotherguser -->gS/MIME
40. agcreditgcardgnumbergisgcopiedgduringgagtranscation -->gskimmnig
41. angonlinegbrutegforcegidentifiesgagpassword -->gspraying
42. angunauthorizedgpersongisginsidegagsecuregarea -->gtailgating
43. Retrievegtheghmlgofgww.google.comgfromgthegcommandgline. -->gcurl
44. blockgprivateginformationgfromgtraversinggthegnetwork -->gDLP
45. performgwebgservergquestionsgongbehalfgofgagclient -->gproxygserver
46. Creategperformancegstatisticsgfromgagnetworkglink -->gsensor
47. Blockgallgunwantedgapplicationgtrafficgflows -->gNGFW
48. identifygknowngvulnerabilitiesgongagserver -->gvulnerabilitygscanner
49. storegencryptiongkeysgingagsecuregappliance -->ghsm
50. Accessgagsecuregnetworkgzonegfromganginsecuregnetworkg-->gjumpgserver
Pgagggeg g 2g |g 98
,ProfessorgMessorgSecurityg+gpracticegtes
t
performancegbasegquestion:
1. datagingtransit
a. angonlinegwebgconferencegisgsentgingrealgtimegtogattendeesg-->gdatagingtransit
b. authenticationgattemptsgaregsentgtoganginghourgaaagserverg-->gdatagingtransit
c. databasegqueriesgaregtransmittedgovergangIPsecgvpng-->gdatagingtransit
d. AgbroadbandgEthernetglinkgcontainsgencryptedgvpngdatag–->gdatagingtransit
e. Livegvideogisgbroadcastgtogmultiplegstreaminggservicesgsimultaneously
2. dataginguse
a. agbrowsergpagegsortsgdatagingascendinggorgdescendinggorderg-->gdataginguse
b. agquizgappgshowsgtheganswergaftergeachgquestiongattemptg-->gdataginguse
c. angemailgeditorgputsgredgwavyglinesgundergallgmisspelledgwordsg→gdataginguse
d. agvideogeditinggapplicationgrendersgaudiogingrealgtimeg→gdataginguse
3. datagatgrest
a. agcompany'sginvoicesgaregstoredgongagingpdfgformatg-->gdatagatgrest
b. Networkglogsgaregarchivedgtogopticalgdrivesg→gdatagatgrest
c. Allgemployeegrecordsgaregstoredgingangencryptedgdatabaseg→gdatagatgrest
providegthegappropriategmulti-factorgcharacteristicsgforgeachgdescription
1. Somethinggyougknow
• angemailgisgdigitallygsignedgbygthegwriter -->gsomethinggyougknow
• allgcorporategpasswordsgmustgbegatgleastg8gcharactersglong -->gsomethinggyougknow
• thegatmgrequiresgagpingforgallgtransactiong->gsomethinggyougknow
• agusergtypesgagpasswordgandginsertsgtheirgidgbadgegtogunlockgtheirgcomputergandglogin.g--
>gsomethinggyougknow,gandgsomethinggyoughave
2. Somethinggyoughave
• agmobilegappgprovidesgagpseudo-randomglogingcode -->somethinggyoughave
• pluggingagidgcardgduringgtheglogginggprocess -->gsomethinggyoughave
• agpackagegdeliverygrequiresgphotogidentificationg-->gsomethinggyoughave
• Aglaptopgincludegagagslotgforgagsmartgcardg→gsomethinggyoughave
3. Somethinggyougare
• Agusergtravelinggtoganothergcountrygisgnotgablegtoglogin -->gsomethinggyougare
• agfingerprintgisgrequiredgtogaccessgthegdatagcenter -->gsomethinggyougare
Pgagggeg g 3g |g 98
, ProfessorgMessorgSecurityg+gpracticegtes
t
• agsystemgadministratorgunlocksgtheirgmobilegphonegusinggtheirgfaceg-->gsomethinggyougare
• connectinggtogagbankgwebsitegrequiresgagpseudo-randomgping-->gsomethinggyoughave
Attributes
4. Somewheregyougare
• Angauthenticationgloggshowsgaglogingattemptgfromgfloridag→gsomewheregyougare
5. Somethinggyougcangdo
• agusergwritesgagcheckgtogpurchasegagnewglaptop -->gsomethinggyougcangdo
• Agbankgtellergverifiesgthegsignaturegongagcheckg→gsomethinggyougcangdo
6. Somethinggyougexhibit
• aguser'sguniquegtypinggstyle -->gsomethinggyougexhibit
7. Someonegyougknow
d. agcertificategisgsignedgbygthegcio -->gsomeonegyougknow
e. Aguser’sgcertificategincludesgthegdigitalgsignaturegofgthegceog→gsomeonegyougknow
1. 1gwhichgofgthegfollowinggwouldgbegthegbestgwaygtogsendgdatagtogagspecificgremotegpart?
a. netcat
b. route
c. grep
gdig
2. Whichgofgthesegwouldgbegthegbestgwaygtogdeterminegthegversiongofgagwebgservergrunninggongagremotegdevice?
a. Bannerggrabber *
b. ping
c. netstat
d. Honeypot
Pgagggeg g 4g |g 98
t
performancegbasegquestionsg
6. Confirmgtheghardwaregongagremotegdeviceg→gattestation
7. Agdocumentgisghiddengwithingangimagegfileg→gobfuscation
8. Passwordsgaregsecurelygstoredgingagdatabaseg→ghashing
9. AngalertgshowsgwindowsgmalwaregrunninggongagLinuxgserverg→gfalsegpositive
10. Agdoorglockgisgjammedgingagdatagcentergrackg→gphysical
11. Webgsessionsgaregusinggangoutdatedgencryptiongprotocolg→gcryptographic
12. AgsystemgunexpectedlygrestartsgeverygWednesdaygatgnoong→glogicgbomb
13. Agcryptocurrencygmininggprogramgincludesgagremotegdesktopgserviceg→gtrojanghorse
14. agtechniciangfromgthegwangproviderghasgarrivedgwithoutgagtroublegticketg-->gimpersonation
15. malwareginstalledgingagbootgsectorgloadsgwithgthegoperatinggsystemg-->grootkits
16. aglargegamountgofgnetworkgtrafficghasgdisabledgagwebgservice--->gddos
17. agsecuregconnectionghasgbeengdowngradedgtoganginsecuregprotocolg-->gsslgstripping
18. encryptgallgVoIPgphonegcallgaudio →gSRTP
19. sendgfilesgfromgaguser'sgworkstationgtogagserverg→gTFPS
20. automaticallygsetgthegtimegandgdatagongaglaptopg→ NTPSEC
21. securelygauthenticategusersgtogagnetworkgresource →gLDAP
22. fromgthegwindowsgcommandgline,gdisplaygaglistgofgallgnextghopsgknowngtogthegdevice.g-->>groute
23. authenticategtogagthird-partygwebsitegusingggooglegcredentialsg-->gfederation
24. increasegcapacitygduringgbusygtimesgofgthegdayg-->gelasticity
25. uniquegapplicationgfunctionsgaregmanagedgseparatelyg-->gmicroservices
26. agpasswordgconsistsgofgrandomgcharacters.g-->gentropy
27. administergagremoteglinuxgservergconsoleg-->gssh
28. lookupgthegipgaddressgofgagservergbasedgongthegFQDNg-->gdnssec
29. transfergdailygtransactiongfilesgfromgonegservergtoganotherg-->gsftp
30. synchronizegthegdategandgtimegacrossgdevicesg-->gntpsec
31. visitorsgtogagknowngmaliciousgsitegaregredirectedgtogagsafegserverg-->gsinkhole
Pgagggeg g 1g |g 98
,ProfessorgMessorgSecurityg+gpracticegtes
t
32. agcreditgcardgnumbergisgreplacedgwithgagsinglegusegnumberg-->gtokenization
33. creategagcloudgmodelgfromganygitgfunctiong-->gXass
34. anganti-malwaregscangdidgnotgidentifygagtrojanghorseg-->gfalsegnegative
35. securelygsetgthegtimegandgdatagongthegnetworkgdevices -->gntpsec
36. querygdirectorygservicesgovergangencryptedgchannelg-->gLDAPs
37. encryptgallgtrafficgsentgovergagvoipgtelephonegcall -->gSRTP
38. creategangencryptedgtunnelgforgremotegaccessg-->gipsec:ginternetgprotocolgsecurity
a. creategangencryptedgtunnelgforgremotegaccess -->giPsec
b. buildgagsecuregtunnelgbetweengtwogremoteglocationsg-->gipsec
39. agusergdigitallygsignsgallgemailsgsentgtoganotherguserg-->gs/MIMe
a. agusergdigitallygsignsgallgemailsgsentgtoganotherguser -->gS/MIME
40. agcreditgcardgnumbergisgcopiedgduringgagtranscation -->gskimmnig
41. angonlinegbrutegforcegidentifiesgagpassword -->gspraying
42. angunauthorizedgpersongisginsidegagsecuregarea -->gtailgating
43. Retrievegtheghmlgofgww.google.comgfromgthegcommandgline. -->gcurl
44. blockgprivateginformationgfromgtraversinggthegnetwork -->gDLP
45. performgwebgservergquestionsgongbehalfgofgagclient -->gproxygserver
46. Creategperformancegstatisticsgfromgagnetworkglink -->gsensor
47. Blockgallgunwantedgapplicationgtrafficgflows -->gNGFW
48. identifygknowngvulnerabilitiesgongagserver -->gvulnerabilitygscanner
49. storegencryptiongkeysgingagsecuregappliance -->ghsm
50. Accessgagsecuregnetworkgzonegfromganginsecuregnetworkg-->gjumpgserver
Pgagggeg g 2g |g 98
,ProfessorgMessorgSecurityg+gpracticegtes
t
performancegbasegquestion:
1. datagingtransit
a. angonlinegwebgconferencegisgsentgingrealgtimegtogattendeesg-->gdatagingtransit
b. authenticationgattemptsgaregsentgtoganginghourgaaagserverg-->gdatagingtransit
c. databasegqueriesgaregtransmittedgovergangIPsecgvpng-->gdatagingtransit
d. AgbroadbandgEthernetglinkgcontainsgencryptedgvpngdatag–->gdatagingtransit
e. Livegvideogisgbroadcastgtogmultiplegstreaminggservicesgsimultaneously
2. dataginguse
a. agbrowsergpagegsortsgdatagingascendinggorgdescendinggorderg-->gdataginguse
b. agquizgappgshowsgtheganswergaftergeachgquestiongattemptg-->gdataginguse
c. angemailgeditorgputsgredgwavyglinesgundergallgmisspelledgwordsg→gdataginguse
d. agvideogeditinggapplicationgrendersgaudiogingrealgtimeg→gdataginguse
3. datagatgrest
a. agcompany'sginvoicesgaregstoredgongagingpdfgformatg-->gdatagatgrest
b. Networkglogsgaregarchivedgtogopticalgdrivesg→gdatagatgrest
c. Allgemployeegrecordsgaregstoredgingangencryptedgdatabaseg→gdatagatgrest
providegthegappropriategmulti-factorgcharacteristicsgforgeachgdescription
1. Somethinggyougknow
• angemailgisgdigitallygsignedgbygthegwriter -->gsomethinggyougknow
• allgcorporategpasswordsgmustgbegatgleastg8gcharactersglong -->gsomethinggyougknow
• thegatmgrequiresgagpingforgallgtransactiong->gsomethinggyougknow
• agusergtypesgagpasswordgandginsertsgtheirgidgbadgegtogunlockgtheirgcomputergandglogin.g--
>gsomethinggyougknow,gandgsomethinggyoughave
2. Somethinggyoughave
• agmobilegappgprovidesgagpseudo-randomglogingcode -->somethinggyoughave
• pluggingagidgcardgduringgtheglogginggprocess -->gsomethinggyoughave
• agpackagegdeliverygrequiresgphotogidentificationg-->gsomethinggyoughave
• Aglaptopgincludegagagslotgforgagsmartgcardg→gsomethinggyoughave
3. Somethinggyougare
• Agusergtravelinggtoganothergcountrygisgnotgablegtoglogin -->gsomethinggyougare
• agfingerprintgisgrequiredgtogaccessgthegdatagcenter -->gsomethinggyougare
Pgagggeg g 3g |g 98
, ProfessorgMessorgSecurityg+gpracticegtes
t
• agsystemgadministratorgunlocksgtheirgmobilegphonegusinggtheirgfaceg-->gsomethinggyougare
• connectinggtogagbankgwebsitegrequiresgagpseudo-randomgping-->gsomethinggyoughave
Attributes
4. Somewheregyougare
• Angauthenticationgloggshowsgaglogingattemptgfromgfloridag→gsomewheregyougare
5. Somethinggyougcangdo
• agusergwritesgagcheckgtogpurchasegagnewglaptop -->gsomethinggyougcangdo
• Agbankgtellergverifiesgthegsignaturegongagcheckg→gsomethinggyougcangdo
6. Somethinggyougexhibit
• aguser'sguniquegtypinggstyle -->gsomethinggyougexhibit
7. Someonegyougknow
d. agcertificategisgsignedgbygthegcio -->gsomeonegyougknow
e. Aguser’sgcertificategincludesgthegdigitalgsignaturegofgthegceog→gsomeonegyougknow
1. 1gwhichgofgthegfollowinggwouldgbegthegbestgwaygtogsendgdatagtogagspecificgremotegpart?
a. netcat
b. route
c. grep
gdig
2. Whichgofgthesegwouldgbegthegbestgwaygtogdeterminegthegversiongofgagwebgservergrunninggongagremotegdevice?
a. Bannerggrabber *
b. ping
c. netstat
d. Honeypot
Pgagggeg g 4g |g 98
