The flashcards below were created by user codyyoung37 on FreezingBlue Flashcards.

  1. 4 parts of PKI
    CA, RA, RSA, digital certificate
  2. CPS
    Certificate Practice Statement
  3. What is Retina
    Vulnerability Scanner
  4. What is Nessus
    Vulnerability scanner
  5. Black, White, and Grey box testing
    Black is no knowledge, white is full knowledge, grey partial
  6. What is 802.11i
  7. What is WTLS?
    Wireless Transport Layer Security
  8. WSP?
    Wireless Session Protocol
  9. WTP, what does it do?
    Wireless Transaction Protocol, provides services similar to TCP and UDP
  10. WDP and what does it do?
    Wireless Datagram Protocol, provides interface for devices
  11. LEAP, PEAP, and which is more secure?
    Lightweight/Protected Extensible Authentication protocol, PEAP more secure. LEAP was Cisco, PEAP is RSA/MS/Cisco
  12. What can an IV attack get?
    WEP key
  13. WTLS is part of what protocol stack?
  14. CPS
    Certificate Practice Statement
  15. CSP
    Cryptographic Service Provider
  16. OCSP and what used for
    Online Certificate Status Protocol, used to see if a digital certificate has been revoked
  17. 3 types of access
    1. know 2. have 3. are
  18. Which of the following PKI elements are placed in a browser's trusted root CA?
    Public key
  19. Label-based management is also called:
    Rules-based management
  20. Key range size in RC5?
    0-2040 bits
  21. Does SFTP use TCP, UDP or both?
  22. In the key recovery process, which key must be recoverable?
    Previous key
  23. How big is a blowfish block cipher, and how many bits can a blowfish key length be?
    64 bit cipher, 448 bit key length
  24. What is snow.exe used for?
  25. Is RSA a stream or bock cipher?
  26. Which IDS uses algorithms to analyze traffic?
  27. What is Netstumbler used for?
    Finding wireless networks
  28. What is kismet used for?
    Breaking into wireless networks
  29. What is Absinthe used for?
    SQL injection
  30. What is THC scan used for?
    War dialing
  31. What is the encryption strength of NTLM v2 passwords?
    128 bit
  32. What is the strength of NTLM v1 passowords?
    56 bit
  33. WML?
    Wireless Markup Language
  34. Twofish key block cipher size and max key size
    128 bit cipher, up to 256 bit key
  35. Which asymmetric encryption algorithm does not authenticate and is susceptible to man in the middle attacks?
    Diffie Helman
  36. DLP?
    Data Loss Prevention
  37. Is RC4 block or stream cipher?
  38. Biba Model
    No write up, no read down
  39. Bella La-Padula Model
    No read up, no write down
  40. Noninterference model
    higher security options can't interfere with lower security
  41. Clark-Wilson Model
    Data can't be accessed directly
  42. Bridge, mesh trust models
    Bridge: a p2p network exists between root CAs, intermediate only trusts above and below it.
  43. SSH uses which 3 encryption algorithms?
    Blowfish, DES, IDEA
  44. ASR
    Attack surface reduction
  45. Q: What is the size of the initialization vector (IV) that WEP uses for encryption?
    24 bit
  46. Difference between digital certs and sigs
    Sigs are hashes used to verify integrity. Certs are bindings of public keys to verify non-repud
  47. Q: Which term refers to the ability to manage individual resources in the CA network?
  48. What is known as a message digest?
    Hash function
  49. By comparing attack signatures and audit trails, a ____ determines whether an attack is occurring
    MS-IDS, misuse detection IDS
  50. BIA
    Business Impact Anaylsis
Card Set
Security exam
Show Answers