Blueprint Flashcards Preview

CCNA Cyber Ops SECOPS > Blueprint > Flashcards

Flashcards in Blueprint Deck (60)
Loading flashcards...
1

CVSS Attack Vector

Attacker proximity.

Local, Adjacent, Network, Physical

2

CVSS Attack Complexity

Special skill needed or not

3

CVSS Privileges required

Permissions attacker needs (None, Low, High)

4

CVSS User Interaction

Whether user must participate for attack to succeed

5

CVSS Scope

Ability to go beyond authorization of vulnerability to other parts.

6

CVSS Rating Scale

0.0 None
.1-3.9 Low
4-6.0 Medium
7-8.9 High
9-10 Critical

7

CVSS Temporal Score

Time based - Vulnerability

8

CVSS Enviro score

Environmental specifics

9

FAT32 Max Size

2TB

10

NTFS supports

Disk Quota
Security & Encryption
Permissions

11

ADS

Alternative Data Streams
Files stored as attributes. $DATA.
Can hide malicious code

12

MACE

Modify, Access, Create, Entry modified attributes of NTFS

(Entry modified in MFT)

13

EFI (Extensible Firmware Interface)

When computer boots, EFI loads files store on the ESP to start OS and utilities.

14

ESP (part of EFI)

Needs to be formatted with a FAT file system. (Maintained by UEFI)

15

Timestamps on a filesystem

Time event is recorded on a computer (not the time of the event itself).

16

EXT4

Journaling file system for Linux

17

Journaling

Changes to file system recorded in a log

18

MBR

Partition list and boot loader

19

MAC (Message authentication code)

Confirms authenticity of a message (Integrity and authenticity)

(Could be talking about Mandatory access control. not clear)

20

Best evidence

Best available evidence

21

Corroborative evidence

Evidence that supports an assertion

22

Indirect evidence (Circumstantial)

Inference required to support conclusion

23

Altered disk image

Image with compromised integrity

24

Unaltered disk image

Image not tampered with and will provide same hash

25

Attribution

Enough evidence to assign a source

26

Assets priority

Critical, Important, Sensitive

27

Asset priority allows analyst to...

Prioritize responses

28

DM Adversary

Threat actor. (Likely not known)

29

DM Capability

Tools/Techniques used

30

DM Infrastructure

Physical/Logical comms structures used by adversary