SYO-601 Security+ Exam With Complete Solutions
Latest Update 100% Pass
OVAL - ANSWER A standard created to normalize the transfer of secure public
information across networks and the Internet utilizing any security tools and services
available
OVAL Language - ANSWER An XML schema used to define and describe the information
being created by OVAL to be shared among the various programs and tools
OVAL Interpreter - ANSWER A reference developed to ensure the information passed
around by these programs complies with the OVAL schemas and definitions used by the
OVAL language
Network Sniffing - ANSWER The process of finding and investigating other computers
on the network by analyzing the network traffic or capturing the packets being sent
Password Analysis - ANSWER A tool used to test the strength of your passwords to
ensure your password policies are being followed
dictionary attack - ANSWER Method where a program attempts to guess the password
by using a list of possible passwords
cryptanalysis attack - ANSWER Comparing a precomputed encrypted password to a
value in a lookup table
Rubber Hose Attack - ANSWER Attempt to crack a password by threatening or causing
a person physical harm in order to make them tell you the password
promiscuous mode - ANSWER Network adapter is able to capture all of the packets on
the network, regardless of the destination MAC address of the frames carrying them
,non-promiscuous mode - ANSWER Network adapter can capture only the packets
directly addressed to itself
Syslog - ANSWER A standardized format used for computer message logging that is
able to separate the software generating messages, the system storing them, and the
software reporting and analyzing the same messages.
SIEM: Security Information and Event Management-answer A solution that provides
real-time or near-real-time analysis of security alerts generated by network hardware
and applications.
Splunk - answer A leading big data information gathering and analysis tool that can
import machine generated data via a connector or visibility add-on
SOAR Security orchestration, automation, and response-Category of security solutions
that enables incident response, hunting, and security configuration management
through the orchestration of automated runbooks and providing data enrichment
Runbook An automated version of a playbook that leaves well-defined interaction points
for human analysis.
Stream Cipher Uses a keystream generator to encrypt data bit by bit using a
mathematical XOR function to create the ciphertext
Block Cipher - ANSWER Breaks the input into fixed-length blocks of data and performs
the encryption on each block
Symmetric Algorithm (Private Key) - ANSWER Encryption algorithm in which both the
sender and the receiver must know the same secret using a privately-held key
Asymmetric Encryption (Public Key) - ANSWER Encryption algorithm where different
, keys are used to encrypt and decrypt the data
Data Encryption Standard-ANSWER Encryption algorithm that breaks the input into
64-bit blocks and uses transposition and substitution to create ciphertext using an
effective key strength of only 56-bits
Triple DES (3DES)-ANSWER Encryption algorithm which uses three separate symmetric
keys to encrypt, decrypt, then encrypt the plaintext into ciphertext in order to increase
the strength of DES
Advanced Encryption Standard (AES) - ANSWER Symmetric block cipher that uses
128-bit, 192-bit, or 256-bit blocks and a matching encryption key size to encrypt
plaintext into ciphertext
Rivest Cipher 4 (RC4) - ANSWER Symmetric stream cipher using a variable key size
from 40-bits to 2048-bits that is used in SSL and WEP
Rivest Cipher 6 (RC6) - ANSWER Symmetric block cipher that was introduced as a
replacement for DES but AES was chosen instead
Digital Signature - ANSWER A hash digest of a message encrypted with the sender's
private key to let the recipient know the document was created and sent by the person
claiming to have sent it
Diffie-Hellman (DH) - ANSWER Used to conduct key exchanges and secure key
distribution across an unsecure network
RSA (Rivest, Shamir, Adleman) - ANSWER Asymmetric algorithm that relies on the
mathematical difficulty of factoring large prime numbers
Elliptic Curve Cryptography (ECC) - ANSWER Algorithm based on the algebraic
structure of elliptic curves over finite fields to define the keys
Latest Update 100% Pass
OVAL - ANSWER A standard created to normalize the transfer of secure public
information across networks and the Internet utilizing any security tools and services
available
OVAL Language - ANSWER An XML schema used to define and describe the information
being created by OVAL to be shared among the various programs and tools
OVAL Interpreter - ANSWER A reference developed to ensure the information passed
around by these programs complies with the OVAL schemas and definitions used by the
OVAL language
Network Sniffing - ANSWER The process of finding and investigating other computers
on the network by analyzing the network traffic or capturing the packets being sent
Password Analysis - ANSWER A tool used to test the strength of your passwords to
ensure your password policies are being followed
dictionary attack - ANSWER Method where a program attempts to guess the password
by using a list of possible passwords
cryptanalysis attack - ANSWER Comparing a precomputed encrypted password to a
value in a lookup table
Rubber Hose Attack - ANSWER Attempt to crack a password by threatening or causing
a person physical harm in order to make them tell you the password
promiscuous mode - ANSWER Network adapter is able to capture all of the packets on
the network, regardless of the destination MAC address of the frames carrying them
,non-promiscuous mode - ANSWER Network adapter can capture only the packets
directly addressed to itself
Syslog - ANSWER A standardized format used for computer message logging that is
able to separate the software generating messages, the system storing them, and the
software reporting and analyzing the same messages.
SIEM: Security Information and Event Management-answer A solution that provides
real-time or near-real-time analysis of security alerts generated by network hardware
and applications.
Splunk - answer A leading big data information gathering and analysis tool that can
import machine generated data via a connector or visibility add-on
SOAR Security orchestration, automation, and response-Category of security solutions
that enables incident response, hunting, and security configuration management
through the orchestration of automated runbooks and providing data enrichment
Runbook An automated version of a playbook that leaves well-defined interaction points
for human analysis.
Stream Cipher Uses a keystream generator to encrypt data bit by bit using a
mathematical XOR function to create the ciphertext
Block Cipher - ANSWER Breaks the input into fixed-length blocks of data and performs
the encryption on each block
Symmetric Algorithm (Private Key) - ANSWER Encryption algorithm in which both the
sender and the receiver must know the same secret using a privately-held key
Asymmetric Encryption (Public Key) - ANSWER Encryption algorithm where different
, keys are used to encrypt and decrypt the data
Data Encryption Standard-ANSWER Encryption algorithm that breaks the input into
64-bit blocks and uses transposition and substitution to create ciphertext using an
effective key strength of only 56-bits
Triple DES (3DES)-ANSWER Encryption algorithm which uses three separate symmetric
keys to encrypt, decrypt, then encrypt the plaintext into ciphertext in order to increase
the strength of DES
Advanced Encryption Standard (AES) - ANSWER Symmetric block cipher that uses
128-bit, 192-bit, or 256-bit blocks and a matching encryption key size to encrypt
plaintext into ciphertext
Rivest Cipher 4 (RC4) - ANSWER Symmetric stream cipher using a variable key size
from 40-bits to 2048-bits that is used in SSL and WEP
Rivest Cipher 6 (RC6) - ANSWER Symmetric block cipher that was introduced as a
replacement for DES but AES was chosen instead
Digital Signature - ANSWER A hash digest of a message encrypted with the sender's
private key to let the recipient know the document was created and sent by the person
claiming to have sent it
Diffie-Hellman (DH) - ANSWER Used to conduct key exchanges and secure key
distribution across an unsecure network
RSA (Rivest, Shamir, Adleman) - ANSWER Asymmetric algorithm that relies on the
mathematical difficulty of factoring large prime numbers
Elliptic Curve Cryptography (ECC) - ANSWER Algorithm based on the algebraic
structure of elliptic curves over finite fields to define the keys
