Answer Description

Forcing all users to renew their login credentials is commonly done if there was a recent breach in security.

Answer Description

A mantrap is a device designed to physically trap a person in an enclosed area. Typically, this is a set of doors that cannot be opened simultaneously. The idea is that this will help to prevent tailgating, as the intruder will be momentarily trapped inside the same room as the authorized user.

Wikipedia

A mantrap,security mantrap portal, airlock, sally port or access control vestibule is a physical security access control system comprising a small space with two sets of interlocking doors, such that the first set of doors must close before the second set opens. Airlocks have a very similar design, allowing free ingress and egress while also restricting airflow. In a manual mantrap, a guard locks and unlocks each door in sequence. An intercom and/or video camera are often used to allow the guard to control the trap from a remote location. In an automatic mantrap, identification may be required for each door, sometimes even different measures for each door. For example, a key may open the first door, but a personal identification number entered on a number pad opens the second. Other methods of opening doors include proximity cards or biometric devices such as fingerprint readers or iris recognition scans. Time of Flight sensors are used in high security environments. Metal detectors are often built in to prevent the entrance of people carrying weapons. This use is particularly frequent in banks and jewelry shops. Turnkey, installed systems are provided by some suppliers due to need for technically trained installers. Fire codes require that automatic mantraps allow exit from the intermediate space while denying access to a secure space such as a data center or research lab. A manually-operated mantrap may allow a guard to lock both doors, trapping a suspect between the doors for questioning or detainment.

Answer Description

Only File Transfer Protocol (FTP) and File Transfer Protocol SSL (FTPS) are used for transferring files, and of the two FTPS is the only secure, encrypted protocol.

Wikipedia

FTPS (also known FTP-SSL, and FTP Secure) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and, formerly, the Secure Sockets Layer (SSL, which is now prohibited by RFC7568) cryptographic protocols. FTPS should not be confused with the SSH File Transfer Protocol (SFTP), a secure file transfer subsystem for the Secure Shell (SSH) protocol with which it is not compatible. It is also different from FTP over SSH, which is the practice of tunneling FTP through an SSH connection.

Answer Description

Fuzzing, or Fuzz testing is a software testing technique where random input is generate and given to an application so the results can be studied. It is done to test security, and reliablity of an application.

Wikipedia

Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program The program is then monitored for exceptions such as crashes, failing built-in code assertions, or potential memory leaks Typically, fuzzers are used to test programs that take structured inputs This structure is specified, eg, in a file format or protocol and distinguishes valid from invalid input An effective fuzzer generates semi-valid inputs that are "valid enough" in that they are not directly rejected by the parser, but do create unexpected behaviors deeper in the program and are "invalid enough" to expose corner cases that have not been properly dealt with

Answer Description

Public/Private key encryption is asymmetric, meaning anything encrypted with one key must be decrypted using the opposite key. If the data was encrypted with the public key, only the private key can decrypt it.

Wikipedia

Public-key cryptography, or asymmetric cryptography, is a cryptographic system that uses pairs of keys. Each pair consists of a public key (which may be known to others) and a private key (which may not be known by anyone except the owner). The generation of such key pairs depends on cryptographic algorithms which are based on mathematical problems termed one-way functions. Effective security requires keeping the private key private; the public key can be openly distributed without compromising security.In such a system, any person can encrypt a message using the intended receiver's public key, but that encrypted message can only be decrypted with the receiver's private key. This allows, for instance, a server program to generate a cryptographic key intended for a suitable symmetric-key cryptography, then to use a client's openly-shared public key to encrypt that newly generated symmetric key. The server can then send this encrypted symmetric key over an insecure channel to the client; only the client can decrypt it using the client's private key (which pairs with the public key used by the server to encrypt the message). With the client and server both having the same symmetric key, they can safely use symmetric key encryption (likely much faster) to communicate over otherwise-insecure channels. This scheme has the advantage of not having to manually pre-share symmetric keys (a fundamentally difficult problem) while gaining the higher data throughput advantage of symmetric-key cryptography. With public-key cryptography, robust authentication is also possible. A sender can combine a message with a private

Answer Description

Penetration testing is an active test, in which some one attempts to penetrate a network solely for security reasons. Any security holes will be addressed afterwords.

Wikipedia

A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed. The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal. A penetration test target may be a white box (about which background and system information are provided in advance to the tester) or a black box (about which only basic information—if any—other than the company name is provided). A gray box penetration test is a combination of the two (where limited knowledge of the target is shared with the auditor). A penetration test can help identify a system's vulnerabilities to attack and estimate how vulnerable it is.Security issues that the penetration test uncovers should be reported to the system owner. Penetration test reports may also assess potential impacts to the organization and suggest countermeasures to reduce the risk.The UK National Cyber Security Center describes penetration testing as: "A method for gaining assurance in the security of an IT system by attempting to breach some or all of that system's security, using the same tools and techniques as an adversary might."The

Answer Description

SQL injection is a code injection technique where a user input is actually given a SQL code, used to display or insert information into a database. Validating and sanitizing user input will prevent this type of attack.

Wikipedia

SQL injection is a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker). SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database. SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. In a 2012 study, it was observed that the average web application received four attack campaigns per month, and retailers received twice as many attacks as other industries.

Answer Description

Voice phishing (Vishing) is the act of using social engineering over a telephone system.

Wikipedia

Voice phishing, or vishing, is the use of telephony (often Voice over IP telephony) to conduct phishing attacks. Landline telephone services have traditionally been trustworthy; terminated in physical locations known to the telephone company, and associated with a bill-payer. Now however, vishing fraudsters often use modern Voice over IP (VoIP) features such as caller ID spoofing and automated systems (IVR) to impede detection by law enforcement agencies. Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals. Usually, voice phishing attacks are conducted using automated text-to-speech systems that direct a victim to call a number controlled by the attacker, however some use live callers. Posing as an employee of a legitimate body such as the bank, police, telephone or internet provider, the fraudster attempts to obtain personal details and financial information regarding credit card, bank accounts (e.g. the PIN), as well as personal information of the victim. With the received information, the fraudster might be able to access and empty the account or commit identity fraud. Some fraudsters may also try to persuade the victim to transfer money to another bank account or withdraw cash to be given to them directly. Callers also often pose as law enforcement or as an Internal Revenue Service employee. Scammers often target immigrants and the elderly, who are coerced to wire hundreds to thousands of dollars in response to threats of arrest or deportation.Bank account data is not the only sensitive information being targeted. Fraudsters sometimes

Answer Description

A system administrator will generate a Certificate Signing Request (CSR) which will contain a public key. The CSR will be sent to a Certificate Authority (CA) which will issue a certificate for the administrator to use.

Wikipedia

In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 or EMV standard. One particularly common use for certificate authorities is to sign certificates used in HTTPS, the secure browsing protocol for the World Wide Web. Another common use is in issuing identity cards by national governments for use in electronically signing documents.

Answer Description

Because of it's specialization in spyware, an Anti-spyware software is needed in this situation. Notice the question specifically asks about a TRACKING cookie.

Wikipedia

Spyware (a portmanteau for spying software) is software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user—for example, by violating their privacy or endangering their device's security. This behavior may be present in malware as well as in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected. Spyware is frequently associated with advertising and involves many of the same issues. Because these behaviors are so common, and can have non-harmful uses, providing a precise definition of spyware is a difficult task.

Answer Description

This web based injection is targeting the LDAP server. Specifically, the admin account and its password.

Answer Description

Hyper Text Transfer Protocol - Secure (HTTPS) uses TCP 443 as it's default protocol/port. HTTP (non-secure) uses TCP 80.

Wikipedia

Hypertext Transfer Protocol Secure (HTTPS) is an extension of the Hypertext Transfer Protocol (HTTP). It is used for secure communication over a computer network, and is widely used on the Internet. In HTTPS, the communication protocol is encrypted using Transport Layer Security (TLS) or, formerly, Secure Sockets Layer (SSL). The protocol is therefore also referred to as HTTP over TLS, or HTTP over SSL. The principal motivations for HTTPS are authentication of the accessed website, and protection of the privacy and integrity of the exchanged data while in transit. It protects against man-in-the-middle attacks, and the bidirectional encryption of communications between a client and server protects the communications against eavesdropping and tampering. The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates. This was historically an expensive operation, which meant fully authenticated HTTPS connections were usually found only on secured payment transaction services and other secured corporate information systems on the World Wide Web. In 2016, a campaign by the Electronic Frontier Foundation with the support of web browser developers led to the protocol becoming more prevalent. HTTPS is now used more often by web users than the original non-secure HTTP, primarily to protect page authenticity on all types of websites; secure accounts; and to keep user communications, identity, and web browsing private.

Answer Description

Hardware and software encryptions do essentially the same thing, but a Hardware Security Module (HSM) will allow a server to function much faster, improving response time and allowing for stronger encryptions.

Wikipedia

A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.

Answer Description

Flood Guards defend against DoS, DDoS, SYN floods, and other flooding type network attacks.

Wikipedia

A SYN flood is a form of denial-of-service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic.The packet that the attacker sends is the SYN packet, a part of TCP's three-way handshake used to establish a connection.

Answer Description

Infrastructure as a Service (IaaS) is a model where a company outsources the equipment used to support operations to another company. In this case they will be using another company's infrastructure to operate their software applications.

Wikipedia

Software as a service (SaaS ) is a software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted. SaaS is also known as "on-demand software" and Web-based/Web-hosted software.SaaS is considered to be part of cloud computing, along with infrastructure as a service (IaaS), platform as a service (PaaS), desktop as a service (DaaS), managed software as a service (MSaaS), mobile backend as a service (MBaaS), data center as a service (DCaaS), integration platform as a service (iPaaS), and information technology management as a service (ITMaaS).SaaS apps are typically accessed by users using a thin client, e.g. via a web browser. SaaS became a common delivery model for many business applications, including office software, messaging software, payroll processing software, DBMS software, management software, CAD software, development software, gamification, virtualization, accounting, collaboration, customer relationship management (CRM), management information systems (MIS), enterprise resource planning (ERP), invoicing, field service management, human resource management (HRM), talent acquisition, learning management systems, content management (CM), geographic information systems (GIS), and service desk management.SaaS has been incorporated into the strategy of nearly all enterprise software companies.

Answer Description

A SYN Flood attack opens a large amount of SYN requests (the first step in the TCP 3 way handshake) in an attempt to overload a system's memory or network.

Wikipedia

A SYN flood is a form of denial-of-service attack in which an attacker rapidly initiates a connection to a server without finalizing the connection. The server has to spend resources waiting for half-opened connections, which can consume enough resources to make the system unresponsive to legitimate traffic.The packet that the attacker sends is the SYN packet, a part of TCP's three-way handshake used to establish a connection.

Answer Description

Redundancy is used to ensure if one device fails, a backup can take its place. Without redundancy, single points of failure can cause system wide outages.

Wikipedia

A single point of failure (SPOF) is a part of a system that, if it fails, will stop the entire system from working. SPOFs are undesirable in any system with a goal of high availability or reliability, be it a business practice, software application, or other industrial system.

Answer Description

Your supervisor is most likely describing SSH (Secure Socket Shell) which is protocol that allows secure access to servers. Functionally SSH is very similar to telnet but is encrypted for added security. SSH can also be used to encrypt any text based communication, for example SSH-FTP is FTP using SSH for encryption.

Wikipedia

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution. SSH applications are based on a client–server architecture, connecting an SSH client instance with an SSH server. SSH operates as a layered protocol suite comprising three principal hierarchical components: the transport layer provides server authentication, confidentiality, and integrity; the user authentication protocol validates the user to the server; and the connection protocol multiplexes the encrypted tunnel into multiple logical communication channels.SSH was designed on Unix-like operating systems, as a replacement for Telnet and for unsecured remote Unix shell protocols, such as the Berkeley Remote Shell (rsh) and the related rlogin and rexec protocols, which all use insecure, plaintext transmission of authentication tokens. SSH was first designed in 1995 by Finnish computer scientist Tatu Ylönen. Subsequent development of the protocol suite proceeded in several developer groups, producing several variants of implementation. The protocol specification distinguishes two major versions, referred to as SSH-1 and SSH-2. The most commonly implemented software stack is OpenSSH, released in 1999 as open-source software by the OpenBSD developers. Implementations are distributed for all types of operating systems in common use, including embedded systems.

Answer Description

Shoulder surfing is when an attacker watches a user enter a password or pin number. As a key punch door only requires a pin number which means anyone with the pin number has access and is susceptible to shoulder surfing. By replacing the key punch with a proximity reader shoulder surfing is not an issue as the proximity reader will require the attacker to also have a physical token to gain access. Tailgating is when an attacker enters an open door before it closes (after an authorized user opens). This can only be mitigated by user training and man traps.

Wikipedia

In computer security, shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulder. Unauthorized users watch the keystrokes inputted on a device or listen to sensitive information being spoken, which is also known as eavesdropping.

Answer Description

The change management process is the process of requesting, planning, evaluating, and implementing changes to a computer system.

Wikipedia

The change request management process in systems engineering is the process of requesting, determining attainability, planning, implementing, and evaluating of changes to a system. Its main goals are to support the processing and traceability of changes to an interconnected set of factors.