Exam (elaborations)
GSEC EXAM WITH COMPLETE SOLUTIONS LATEST UPDATE 100% CORRECT
- Course
- Institution
GSEC EXAM WITH COMPLETE SOLUTIONS LATEST UPDATE 100% CORRECT...
[Show more]
Content preview
GSEC EXAM WITH COMPLETE SOLUTIONS LATESTUPDATE 100% CORRECT
session cookie - RESPOND only to current session; in memory; close browser, gone
SSL/TLS - RESPOND port 443 | encryption provides confidentiality and integrity, server
id verification | client/server negotiate best encryption; symmetric keys used;
RSA/Diffie; different key on each request
Secure Coding - ANSWER set up variables; input validation; error handling; principle of
least priv; notify when vulnerabilities found; review 3rd party code for weaknesses; do
not hard code secrets in code; do not run as admin for server, db use | performance,
load testing
HTTP authN - ANSWER through headers; basic: base 64 encode
digest: MD5
Form-Based Authentication - ANSWER cleartext if no SSL in use; authentication errors
minimal amount of info; account lockouts
password - ANSWER Private combination of characters associated with a user name
that enables access to some computer resources.
Certificate-Based Authentication - ANSWER A method of authentication that utilizes a
certificate as opposed to a password for the purpose of verifying an entity's identity.
token-based authentication - ANSWER security procedures where a computer user is
obliged to be in possession of a device referred to as a token.
,one time password - ANSWER Password generated by a security token and that expires
immediately it is used.
footprinting (authN) - ANSWER IP, software / signature / system config to ascertain id of
user or device requesting access
Signature Analysis - ANSWER most common method of identifying EOI on network uses
a series of rules and pattern matching to detect and alert
Anomaly analysis-based IDS- ANSWER Anomaly analysis-based IDS seeks deviations
from normal traffic patterns by using the inclusive type of analysis, whereby the vendor
identifies and determines anomalous behavior through
Biometric authentication- ANSWER A system of verifying authentication of system users
by matching a person's distinctive traits, such as fingerprints, face or retinal image, to a
previously stored profile set of those characteristics.
Directory Traversal - ANSWER An attack that takes advantage of a vulnerability in either
the Web application program or the Web server software such that a user can move
from the root directory to other restricted directories.
session ID - ANSWER makes stateful; includes: form element; URL; cookie
long and random
sign / hash IDs
new issued on authN
expire / timeout
ROI-ANSWER Return of investment or return on investment. A performance measure
that indicates the point at which an investment produces a positive benefit to the
investor. It is sometimes considered when evaluating the purchase of new security
controls.
ROI (%) = (gain - expenditure) / (expenditure) x 100
,Threat-ANSWER activities that represent danger to information or operations | agent of
risk
danger - ANSWER anything that can negatively impact to CIA of systems and services
vulnerability - ANSWER A flaw or weakness that enables a threat agent to bypass
security.
0-day - ANSWER exploit that is not publicly know or available
security controls (types) - ANSWER detective corrective and preventive
network mapping - ANSWER enumerating hosts responding on a network. NMAP
port scanning - ANSWER Using a program to remotely determine which ports on a
system are open, e.g., whether systems allow connections through those ports.
vulnerability scanning - ANSWER look for vulnerabilities associated with the discovered
systems ports and services
Red Team - ANSWER A group of people authorized and organized to emulate a potential
adversary's attack or exploitation capabilities against an enterprise's security posture.
The Red Team's objective is to improve enterprise Information Assurance by
demonstrating the impacts of successful attacks and by demonstrating what works for
the defenders, aka the Blue Team, in an operational environment.
Blue Team - ANSWER The network defenders in a blind or black box penetration test. Do
not know about the attack.
Penetration Testing - ANSWER active analysis of a system through simulated attacks
, and may involve exploit of live vulns | does not include maintaining access and covering
tracks
Penetration Testing Techniques - ANSWER war dialing war driving sniffing
eavesdropping dumpster diving social engineering
network security devices (3) - ANSWER firewalls prevention NIDS detection NIPS
prevention
Ingress Filtering - ANSWER sniffing incoming packets and discarding those with source
IP addresses outside a given range
Egress filtering - ANSWER firewall filters packets when they are leaving the network,
prevents replies to probe packets from leaving the network and prevents a firm's
infected hosts from attacking other firms
Tarpit - ANSWER A honeypot that answers connection requests in such a way that the
attacking computer is "stuck" for a period of time. Considered 'aggressive' defense
using TCP flow control to set window size low to 0 to keep conn open and consume
resources
Artillery - ANSWER Python-based cross platform tool for honeypot file system
monitoring threat intelligence mainly event warning
BearTrap - ANSWER Ruby-based tool that comes included with ADHD opens up ports in
order to trick attackers and actively block their IPs
Active Defense Harbinger Distribution - ANSWER Ubuntu-based Linux distro, targeted at
active defense and offensive countermeasures. Starts with many tools for deception
and attack-back
Honey Badger - ANSWER attack back tool determines physical location of system with
geolocation wifi and IP address
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Braxton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79223 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now