RFI Flashcards Preview

CCNA Cyber Ops SECOPS > RFI > Flashcards

Flashcards in RFI Deck (36)
Loading flashcards...
1

DREAD

Quantifying risk by threat

2

Integrity protection encompasses...

more than just data. Also OS, apps, HW

3

DREAD + STRIDE

Threat modeling techniques

4

Categories of security investigations (3)

Public, Private, Individual

5

Linux file system that supports journaling

EXT4

6

Journaling file system consequence

Burns out hard drive easier

7

Each process starts with...

Single threat that can create more threads

8

A Windows job is...

A group of processes

9

Is a Signature ID an artifact of IPS/IDS events?

Yes

10

Netflow templates provide

backward compatibility on netflow supporting systems

11

IPFIX uses which protocol

SCTP

12

SILK, ELK, Graylog

Can be used for Netflow analysis

13

Netflow cache types (3)

Normal, Immediate, permanent

14

IPFIX based on which version of netflow

9

15

Incident Prioritization part of which phase of IR process

Detection + Analysis

16

Cisco ATA

MSSP

17

PSIRT

Vendor CIRT

18

E-PHI

Electronic PHI

19

Deterministic analysis

You know and obtain facts about an incident

20

Activity attack graph useful for...

Highlighting attackers preferences and alternative attack paths

21

First step in a forensic exercise

Collect and secure evidence

22

Syslog port

UDP 514

23

VERIS stands for

Vocabulary for Event Recording and Information Sharing

24

How many people should know about a cyber crime investigation?

As few people as possible

25

Resident Data

Data for very small files stored in the MFT.

26

Cisco Adaptive Security Device Manager (ASDM)

Rule based firewall management

27

DNScapy and DNSCAT2

DNS tunneling tools

28

Goal of security awareness program

Provide understanding of risk and exposure

29

What systems must be scanned for PCI DSS compliance?

All systems on isolated PCI network.

30

Journaling Filesystems

EXT3/EXT4
NTFS