Penetration Testing (Pen Testing) have very clear rules of engagement defined in a SOW (Statement Of Work). Which IP ranges, time frame, tools, POC, how to test, what to test.

RSA is asymmetric. 3DES, RC6 and Twofish are all symmetric forms of encryption.

Behavioral is a subset of human, and no a recognized category.

Buffer overflow (buffer overrun): An anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory locations, happen from improper coding when a programmer fails to perform bounds checking. Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs, if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, if an anomalous transaction produces more data it could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes. By sending in data designed to cause a buffer overflow, it is possible to write into areas known to hold executable code, and replace it with malicious code.

TACACS (The Terminal Access Controller Access Control System): Centralized access control system requiring users to send an ID and reusable (vulnerable) passwords for authentication, because of this it is no longer considered secure. Uses TCP/UDP port 49. TACACS has generally been replaced by TACACS+ and RADIUS.

Packet switching - Cheap, but no capacity guarantee, very widely used today. Data is sent in packets, but take multiple different paths to the destination. The packets are reassembled at the destination.

The most secure cable is fiber cables, it is slightly more expensive than copper, since we need both we would use fiber cables. Wireless is .. well not a cable.

A fire does not require light to burn. Fire suppression is done by removing one of the 3 requirements a fire has. A fire needs Oxygen, Heat and Fuel to burn. Removing any of the 3 will put the fire out. Removing Oxygen is done by replacing the oxygen in the room with something else, or covering the fire so the burning material doesn’t have oxygen access (Halon, FM200, Argon). Removing Heat is done by adding chemicals or water to the fire, cooling it down. Removing Fuel is rarely done since the fuel is our equipment.

Tailoring is customizing a standard to your organization. This could be we will apply this standard, but we use a stronger encryption (AES 256bit).

Social engineering uses people skills to bypass security controls. Authority (someone you trust or are afraid of) - Look and sound like an authority figure, be in charge, this can be in a uniform or a suit. Most effective with impersonation, whaling, and vishing attacks.