GSEC 401.2 Defense-In-Depth Written Exam Questions & Answers.
0 view 0 purchase
Course
GSEC
Institution
GSEC
GSEC 401.2 Defense-In-Depth Written Exam Questions & Answers.
What are 5 layers of Defense-in-depth security? - CORRECT ANSWER Perimeter
Network
Host
Application
Data
What is risk? - CORRECT ANSWER Risk is the probability of a threat crossing or touching a vulnerability
Formula for ris...
GSEC 401.2 Defense-In-Depth Written
Exam Questions & Answers.
What are 5 layers of Defense-in-depth security? - CORRECT ANSWER Perimeter
Network
Host
Application
Data
What is risk? - CORRECT ANSWER Risk is the probability of a threat crossing or touching a vulnerability
Formula for risk - CORRECT ANSWER Threats x Vulnerabilities = Risk
CIA triad - CORRECT ANSWER Confidentiality, Integrity, Availability
What is the foundation of defense-in-depth? - CORRECT ANSWER filtering
Name 4 network filtering technologies - CORRECT ANSWER Firewalls
Anti-DDoS
Proxy servers
Mail relays
Name 2 host-based filtering technologies - CORRECT ANSWER Anti-malware software
Application control
What does a stateless firewall look at? - CORRECT ANSWER Only look at the source and destination IP
address of a network packet
,What does a stateful firewall look at? - CORRECT ANSWER Not only inspect the connection state of
traffic but are also inspecting the contents of the packets and will drop packets that do not conform with
the security policy of the environment
Proxy definition - CORRECT ANSWER Intermediate systems that handle requests to resources on behalf
of other systems
Give 3 examples of proxys - CORRECT ANSWER Mail relays
Web application firewalls
API gateways
What are the 4 approaches to defense-in-depth? - CORRECT ANSWER Uniform protection
Protected enclaves
Information-centric
Vector-oriented
Describe protected enclaves - CORRECT ANSWER Assets that require additional protection are
segmented from the rest of the internal organization, and access to it is restricted.
2 techniques to create a protected enclave - CORRECT ANSWER VLANs
(N)ACLs
Describe vector-oriented defense-in-depth - CORRECT ANSWER Involves identifying the various vectors
that are employed by threats and providing security mechanisms to shut down those vectors.
Name 2 factors that Zero-trust is based on. - CORRECT ANSWER Authentication and encryption
Name the 3 basic principles of zero-trust. - CORRECT ANSWER Internal/External threats will always exist
Every user/device/network connection must be proven
Log and inspect all network traffic
, Define variable trust - CORRECT ANSWER Enables you to dynamically change access for good or bad
based on conditions.
Name 4 conditions that can be used to change access in a variable trust environment - CORRECT
ANSWER Type of user access
Geolocation
Device compliancy
Type of application
Name 8 security components in an on-premise network - CORRECT ANSWER Stateful firewall
Web App Firewall
IPS/IDS
E-mail protection
VPN
IAM
Centralized logging
Container security
What is the main strategy for fixing an infected system? - CORRECT ANSWER Rebuild the system from
scratch
Define configuration - CORRECT ANSWER The discipline of establishing a known baseline condition and
then managing that condition
What 2 things do you need to manage your configuration? - CORRECT ANSWER An accurate baseline
document
A way to detect when a change occurs to that baseline
Define Digital identity - CORRECT ANSWER The online persona of a subject. Can have multiple.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Nursewendo. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.29. You're not tied to anything after your purchase.
