Chapter 1 Show
Cybersecurity – A World of Experts and Criminals: Chapter 2 Chapter 3 Cybersecurity Threats, Vulnerabilities, and Attacks: Chapter 4 The Art of Protecting Secrets: Chapter 5 The Art of Ensuring Integrity: Chapter 6 Chapter 7 Protecting a Cybersecurity Domain: Chapter 8 Becoming a Cybersecurity Specialist: Chapter 1: Cybersecurity – A World of Experts and CriminalsChapter 1 Quiz:Question 1What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?
Explanation: Algorithm attacks can force computers to use memory or overwork the CPU. Answer: algorithm Question 2What is an example of an Internet data domain?
Explanation: A data domain is a repository for data. Answer: Linkedin Question 3What type of attack uses many systems to flood the resources of a target, thus making the target unavailable?
Explanation: DDoS is is an attack that involves multiple systems. DoS involves only a single attack system. Answer: DDoS Question 4What does the term vulnerability mean?
Explanation: A vulnerability is not a threat, but it is a weakness that makes the PC or the software a target for attacks. Answer: a weakness that makes a target susceptible to an attack Question 5What does the term BYOD represent?
Explanation: The term bring-your-own-device is used to describe mobile devices such as iPhones, smartphones, tablets, and other devices, Answer: bring your own device Question 6What name is given to hackers who hack for a cause?
Explanation: The term is used to describe gray hackers who rally and protect for a cause. Answer: hactivist Question 7What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?
Explanation: The “Analyze” category of the workforce framework includes specialty areas responsible for highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness. Answer: Analyze Question 8Pick three types of records that cyber criminals would be interested in stealing from organizations. (Choose three.)
Explanation: Employment, medical, and education records are important to protect because they contain personal information. Answer: employment, education, medical Question 9What name is given to a amateur hacker?
Explanation: Script kiddies is a term used to describe inexperienced hackers. Answer: script kiddie Question 10What does the acronym IoE represent?
Explanation: Internet of Everything is the term used for Internet-connected devices Answer: Internet of Everything Question 11Thwarting cyber criminals includes which of the following? (Choose two.)
Explanation: Organization can join efforts to thwart cyber crime by establishing early warning systems and sharing cyber intelligence. Answer: establishing early warning systems, sharing cyber Intelligence information Chapter 2: The Cybersecurity CubeChapter 2 Quiz:Question 1What are three types of sensitive information? (Choose three.)
Explanation: Sensitive information is information that would otherwise cause harm to a company or individual if publicly disclosed. Answer: business, classified, PII Question 2What are two methods that ensure confidentiality? (Choose two.)
Explanation: Confidentiality means viewing of information only for those who need to know. This can be accomplished by encrypting data and authenticating users who request access. Answer: authentication, encryption Question 3What name is given to a storage device connected to a network?
Explanation: NAS refers to a storage device connected to a network that allows storage and retrieval of data from a centralized location by authorized network users. Answer: NAS Question 4What is identified by the first dimension of the cybersecurity cube?
Explanation: The first dimension of the cybersecurity sorcery cube identifies the goals or security principles required to protect the cyber world. Answer: goal Question 5What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?
Explanation: Modification involves changes to the original data and not complete deletion of the data. Answer: modification Question 6What are the three states of data? (Choose three.)
Explanation: The protection of the cyber world requires cybersecurity professionals to account for the safeguarding of data in-transit, in-cloud, and at rest. Answer:
Question 7What principle prevents the disclosure of information to unauthorized people, resources, and processes?
Explanation: The security principle of confidentiality refers to the prevention of the disclosure of information to unauthorized people, resources, and processes. Answer: confidentiality Question 8What two methods help to ensure system availability? (Choose two.)
Answer:
Question 9What three tasks are accomplished by a comprehensive security policy? (Choose three.)
Explanation: Policy sets the establishment of rules and guidelines for the business. Answer:
Question 10Which two methods help to ensure data integrity? (Choose two.)
Explanation: Data integrity systems include one of the two data integrity methods. Answer:
Question 11What are three access control security services? (Choose three.)
Explanation: This question refers to AAA authentication, authorization, and accountability. Answer:
Question 12What are the three foundational principles of the cybersecurity domain? (Choose three.)
Explanation: Three foundational security principles are confidentiality, integrity and availability. Answer:
Question 13What is a method of sending information from one device to another using removable media?
Explanation: Sneaker net refers to hand delivering the removable data. Answer: sneaker net Question 14What mechanism can organizations use to prevent accidental changes by authorized users?
Explanation: Version control ensures that two users cannot update the same object. Answer: version control Question 15What is a secure virtual network called that uses the public network?
Explanation: The term VPN describes a virtual network that uses encryption to protect data when traveling across Internet media. Answer: VPN Question 16For the purpose of authentication, what three methods are used to verify identity? (Choose three.)
Explanation: The forms of authentication are something you know, have, or are. Answer:
Question 17What three design principles help to ensure high availability? (Choose three.)
Explanation: High availability systems typically include these three design principles. Answer:
Question 18What type of cybersecurity laws protect you from an organization that might want to share your sensitive data?
Explanation: Privacy laws control appropriate use of data and access to data. Answer: privacy Question 19What service determines which resources a user can access along with the operations that a user can perform?
Explanation: Authorization determines whether a user has certain access privileges. Answer: authorization Question 20What are two common hash functions? (Choose two.)
Explanation: SHA and MD5 use complex mathematical algorithms to compute hash values. Answer: SHA, MD5 Chapter 3: Cybersecurity Threats, Vulnerabilities, and AttacksChapter 3 Quiz:Question 1What is the name given to a program or program code that bypasses normal authentication?
Explanation: A backdoor is a program or program code implemented by a criminal to bypass the normal authentication that is used to access a system. Answer: backdoor Question 2What does a rootkit modify?
Explanation: A rootkit commonly modifies an operating system to create a backdoor to bypass normal authentication mechanisms. Answer: operating system Question 3What is the name for the type of software that generates revenue by generating annoying pop-ups?
Explanation: Adware is a type of malware that displays pop-ups on a computer to generate revenue for the creator of the malware. Answer: adware Question 4A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?
Explanation: Ransomware commonly encrypts data on a computer and makes the data unavailable until the computer user pays a specific sum of money. Answer: a type of ransomware Question 5Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?
Explanation: Smishing is also known as SMS phishing and is used to send deceptive text messages to trick a user into calling a phone number or visiting a specific website. Answer: smishing Question 6What are two common indicators of spam mail? (Choose two.)
Explanation: Spam is a common method of advertising through the use of unsolicited email and may contain malware. Answer:
Question 7What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose two.)
Explanation: Answer: intimidation, urgency Question 8An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?
Explanation: Bluesnarfing is the copying of user information through unauthorized Bluetooth transmissions. Answer: bluesnarfing Question 9What is the term used to describe an email that is targeting a specific person employed at a financial institution?
Explanation: Spear phishing is a phishing attack customized to reach a specific person or target. Answer: spear phishing Question 10What occurs on a computer when data goes beyond the limits of a buffer?
Explanation: A buffer overflow occurs by changing data beyond the boundaries of a buffer and can lead to a system crash, data compromise, or cause escalation of privileges. Answer: a buffer overflow Question 11What are two ways to protect a computer from malware? (Choose two.)
Explanation: At a minimum, a computer should use antivirus software and have all software up to date to defend against malware. Answer:
Question 12What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
Explanation: Phishing is used by malicious parties who create fraudulent messages that attempt to trick a user into either sharing sensitive information or installing malware. Answer: phishing Question 13What is the meaning of the term logic bomb?
Explanation: A logic bomb remains inactive until a trigger event occurs. Once activated, a logic bomb runs malicious code that causes harm to a computer. Answer: a malicious program that uses a trigger to awaken the malicious code Question 14A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?
Explanation: Spyware is software that tracks the activity of a user and obtains information about that user. Answer: spyware Question 15What is the difference between a virus and a worm?
Explanation: Worms are able to self-replicate and exploit vulnerabilities on computer networks without user participation. Answer: Worms self-replicate but viruses do not. Question 16Which two reasons describe why WEP is a weak protocol? (Choose two.)
Explanation: Answer:
Question 17What type of attack targets an SQL database using the input field of a user?
Explanation: A criminal can insert a malicious SQL statement in an entry field on a website where the system does not filter the user input correctly. Answer: SQL injection Question 18What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?
Explanation: Cross-site scripting (XSS) allows criminals to inject scripts that contain malicious code into web applications. Answer: Cross-site scripting Chapter 4: The Art of Protecting SecretsChapter 4 Quiz:Question 1What encryption algorithm uses one key to encrypt data and a different key to decrypt data?
Explanation: Asymmetric encryption uses one key to encrypt data and a different key to decrypt data. Answer: asymmetric Question 2Which asymmetric algorithm provides an electronic key exchange method to share the secret key?
Explanation: Diffie-Hellman provides an electronic exchange method to share a secret key and is used by multiple secure protocols. Answer: Diffie-Hellman Question 3Match the description with the correct term. (Not all targets are used.)
Other Incorrect Match Options: replacing sensitive information in a file with nonsensitive information Answer:
Question 4Match the type of multifactor authentication with the description.
Explanation: Multi-factor authentication uses a minimum of two methods of verification and can include the following: Answer:
Question 5Which two terms are used to describe cipher keys? (Choose two.)
Answer: key space, key length Question 6A warning banner that lists the negative outcomes of breaking company policy is displayed each time a computer user logs in to the machine. What type of access control is implemented?
Explanation: Deterrents are implemented to discourage or mitigate an action or the behavior of a malicious person. Answer: deterrent Question 7Which three protocols use asymmetric key algorithms? (Choose three.)
Explanation: Answer:
Question 8What are three examples of administrative access controls? (Choose three.)
Explanation: Answer:
Question 9What term is used to describe concealing data in another file such as a graphic, audio, or other text file?
Explanation: Steganography conceals data in a file such as a graphic, audio, or other text file and is used to prevent extra attention to the encrypted data because the data is not easily viewed. Answer: steganography Question 10Which three processes are examples of logical access controls? (Choose three.)
Explanation: Answer:
Question 11What is the term used to describe the science of making and breaking secret codes?
Explanation: Cryptology is the science of making and breaking codes to make sure that cyber criminals cannot easily compromise protected information. Answer: cryptology Question 12What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?
Explanation: Elliptic curve cryptography (ECC) uses elliptic curves as part of the algorithm for digital signature generation and key exchange. Answer: ECC Question 13What type of cipher encrypts plaintext one byte or one bit at a time?
Explanation: Stream ciphers encrypt plaintext one byte or one bit at a time, and can be much faster than block ciphers. Answer: stream Question 14What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?
Explanation: Symmetric encryption algorithms use the same pre-shared key to encrypt and decrypt data. Answer: symmetric Question 15Which type of cipher is able to encrypt a fixed-length block of plaintext into a 128-bit block of ciphertext at any one time?
Explanation: Block ciphers transform a fixed-length block of plaintext into a block of ciphertext. To decrypt the ciphertext, the same secret key to encrypt is used in reverse. Answer: block Question 16What term is used to describe the technology that replaces sensitive information with a nonsensitive version?
Explanation: Data masking replaces sensitive information with nonsensitive information. After replacement, the nonsensitive version looks and acts like the original. Answer: masking Question 17Which three devices represent examples of physical access controls? (Choose three.)
Explanation: Answer:
Question 18Which term describes the technology that protects software from unauthorized access or modification?
Explanation: Software watermarking inserts a secret message into the program as proof of ownership and protects software from unauthorized access or modification. Answer: watermarking Question 19Which 128-bit block cipher encryption algorithm does the US government use to protect classified information?
Explanation: The Advanced Encryption Standard (AES) is used to protect classified information by the U.S. government and is a strong algorithm that uses longer key lengths. Answer: AES Question 20What is the name of the method in which letters are rearranged to create the ciphertext?
Explanation: Answer: transposition Chapter 5: The Art of Ensuring IntegrityChapter 5 Quiz:Question 1What is the step by step process for creating a digital signature?
Explanation: Answer: Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document. Question 2Alice and Bob use the same password to login into the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?
Explanation: A password is stored as a combination of both a hash and a salt. Answer: salting Question 3What are three NIST-approved digital signature algorithms? (Choose three.)
Explanation: NIST chooses approved algorithms based on public key techniques and ECC. The digital signature algorithms approved are DSA, RSA, and ECDSA. Answer:
Question 4A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every table must have a primary key and that the column or columns chosen to be the primary key must be unique and not null. Which integrity requirement is the user implementing?
Explanation: There are three major database integrity requirements: entity, referential, and domain integrity. Answer: entity integrity Question 5
Explanation: Salting needs to be unique and not reused. Doing the opposite will cause passwords to be cracked easily. Answer:
Question 6What is the standard for a public key infrastructure to manage digital certificates?
Explanation: The x.509 standard is for a PKI infrastructure and x.500 if for directory structures. Answer: x.509 Question 7Identify three situations in which the hashing function can be applied. (Choose three.)
Explanation: Answer:
Question 8A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger in proceeding with this transaction?
Explanation: The lock in the browser window ensures a secure connection is being established and is not blocked by browser add-ons. Answer: The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear. Question 9What are three validation criteria used for a validation rule? (Choose three.)
Explanation: Criteria used in a validation rule include format, consistency, range, and check digit. Answer:
Question 10A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?
Explanation: The ability to pass malformed data through a website is a form of poor input validation. Answer: poor input validation Question 11A recent email sent throughout the company stated that there would be a change in security policy. The security officer who was presumed to have sent the message stated the message was not sent from the security office and the company may be a victim of a spoofed email. What could have been added to the message to ensure the message actually came from the person?
Explanation: Digital signatures ensures non-repudiation or the ability not to deny that a specific person sent a message. Answer: digital signature Question 12A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?
Explanation: Hashing is a method to ensure integrity and ensures that the data is not changed. Answer: Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded. Question 13What is the purpose of CSPRNG?
Explanation: Salting prevents someone from using a dictionary attack to guess a password. Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) is one way (and the best way) to generate salt. Answer: to generate salt Question 14A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?
Explanation: Code signing is a method of verifying code integrity Answer: digital signature Question 15A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?
Explanation: HMAC provides the additional feature of a secret key to ensure integrity and authentication. Answer: HMAC Question 16What are three type of attacks that are preventable through the use of salting? (Choose three.)
Explanation: Salting makes precomputed tables ineffective because of the random string that is used. Answer:
Question 17An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?
Explanation: A hash function ensures the integrity of a program, file, or device. Answer: The data in the image is an exact copy and nothing has been altered by the process. Question 18Which method tries all possible passwords until a match is found?
Explanation: Two common methods of cracking hashes are dictionary and brute force. Given time, the brute force method will always crack a password. Answer: brute force Question 19A user is instructed by a boss to find a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?
Explanation: HMAC implementation is a secret key added to a hash. Answer: secret key and message digest Question 20What is a strength of using a hashing function?
Explanation: Understanding the properties of a hash function shows its applicability such as one-way function, arbitrary input length, and fixed output. Answer: It is a one-way function and not reversible. Chapter 6: The Five Nines ConceptChapter 6 Quiz:Question 1The CEO of a company is concerned that if a data breach should occur and customer data is exposed, the company could be sued. The CEO makes the decision to buy insurance for the company. What type of risk mitigation is the CEO implementing?
Explanation: Buying insurance transfers the risk to a third party. Answer: transference Question 2A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
Explanation: Using different defenses at various points of the network creates a layered approach. Answer: layered Question 3A user was hired as the new security officer. One of the first projects was to take inventory of the company assets and create a comprehensive database. Which three pieces of information would the user want to capture in an asset database? (Choose three.)
Explanation: Assets include all hardware devices and their operating systems. Answer:
Question 4A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offer a better solution to provide fault tolerance during a drive failure. Which solution is best?
Explanation: Fault tolerance is addressing a single point of failure, in this case the hard drives. Answer: RAID Question 5A user is asked to evaluate the security posture of a company. The user looks at past attempts to break into the company and evaluates the threats and exposures to create a report. Which type of risk analysis could the user perform?
Explanation: Two approaches to risk analysis are quantitative and qualitative. Qualitative analysis is based on opinions and scenarios. Answer: qualitative Question 6A user is a consultant who is hired to prepare a report to Congress as to which industries should be required to maintain five nine availability. Which three industries should the user include in a report? (Choose three.)
Explanation: Industries that are critical to everyday life like financial, healthcare, and public safety should have systems that are available 99.999% of the time (the five nines principle). Answer:
Question 7A company is concerned with traffic that flows through the network. There is a concern that there may be malware that exists that is not being blocked or eradicated by antivirus. What technology can be put in place to detect potential malware traffic on the network?
Explanation: A passive system that can analyze traffic is needed to detect malware on the network and send alerts. Answer: IDS Question 8A user is asked to evaluate the data center to improve availability for customers. The user notices that there is only one ISP connection, some of the equipment is out of warranty, there are no spare parts, and no one was monitoring the UPS which was tripped twice in one month. Which three deficiencies in high availability has the user identified? (Choose three.)
Explanation: A data center needs to be designed from the outset for high availability with no single points of failure. Answer:
Question 9A user needs to add redundancy to the routers in a company. What are the three options the user can use? (Choose three.)
Explanation: Three protocols that provide default gateway redundancy include VRRP, GLBP, and HSRP. Answer:
Question 10A user has completed a six month project to identify all data locations and catalog the location. The next step is to classify the data and produce some criteria on data sensitivity. Which two steps can the user take to classify the data? (Choose two.)
Explanation: Categorizing data is a process of determining first who owns the data then determining the sensitivity of the data. Answer:
Question 11A user is evaluating the network infrastructure of a company. The user noted many redundant systems and devices in place, but no overall evaluation of the network. In a report, the user emphasized the methods and configurations needed as a whole to make the network fault tolerant. What is the type of design the user is stressing?
Explanation: In order to deploy a resilient design, it is critical to understand the needs of a business and then incorporate redundancy to address those needs. Answer: resilient Question 12A user is asked to perform a risk analysis of a company. The user asks for the company asset database that contains a list of all equipment.The user uses this information as part of a risk analysis. Which type of risk analysis could be performed?
Explanation: Physical items can be assigned a value for quantitative analysis. Answer: quantitative Question 13A team has been asked to create an incident response plan for security incidents. In what phase of an incident response plan does the team get management approval of the plan?
Explanation: When creating an incident plan for an organization, the team will require management buy-in of the plan during the initial planning phase. Answer: preparation Question 14A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?
Explanation: One of the key aspects of an incident response plan is to look at how monitoring can be improved and management can help minimize the impact on business. This usually occurs after the incident has been handled. Answer: post-incident Question 15A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network?
Explanation: Loops and duplicate frames cause poor performance in a switched network. The Spanning Tree Protocol (STP) provides a loop-free path through the switch network. Answer: Spanning Tree Protocol Question 16A user is asked to create a disaster recovery plan for a company. The user needs to have a few questions answered by management to proceed. Which three questions should the user ask management as part of the process of creating the plan? (Choose three.)
Explanation: Disaster recovery plans are made based on the criticality of a service or process. Answers to questions of who, what, where, and why are necessary for a plan to be successful. Answer:
Question 17A user is purchasing a new server for the company data center. The user wants disk striping with parity on three disks. Which RAID level should the user implement?
Explanation: RAID 5 striping with parity would be the best choice. Answer: 5 Chapter 7: Protecting a Cybersecurity DomainChapter 7 Quiz:Question 1After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)
Explanation: Best practices entail giving the user only what is needed to do the job. Any additional privileges should be tracked and audited. Answer:
Question 2The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?
Explanation: Audit logs can track user authentication attempts on workstations and can reveal if any attempts at break-in were made. Answer: audit Question 3An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?
Explanation: Local policies are not group policies and only work on the local machine. Local policies can, however, be overridden if the machine is part of a Windows domain. Answer: secpol.msc Question 4A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?
Explanation: Man-in-the-middle attacks are a threat that results in lost credentials and data. These type of attacks can occur for different reasons including traffic sniffing. Answer: rogue access point Question 5Why should WEP not be used in wireless networks today?
Explanation: Despite improvements, WEP is still vulnerable to various security issues including the ability to be cracked. Answer: easily crackable Question 6The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?
Explanation: When a VPN is used, a user can be at any remote location such as home or a hotel. The VPN solution is flexible in that public lines can be used to securely connect to a company. Answer: VPN Question 7A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?
Explanation: When hardening an operating system, patching and antivirus are part of the process. Many extra components are added by the manufacturer that are not necessarily needed. Answer: Remove unnecessary programs and services. Question 8What are three types of power issues that a technician should be concerned about? (Choose three.)
Explanation: Answer:
Question 9What is the difference between an HIDS and a firewall?
Explanation: In order to monitor local activity an HIDS should be implemented. Network activity monitors are concerned with traffic and not operating system activity. Answer: An HIDS monitors operating systems on host computers and processes file system activity. Firewalls allow or deny traffic between the computer and other systems. Question 10A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities?
Explanation: A baseline allows a user to perform a comparison of how a system is performing. The user can then compare the result to baseline expectations. This process allows the user to identify potential vulnerabilities. Answer: a baseline Question 11The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.)
Explanation: Disk cloning can be an efficient way to maintain a baseline for workstations and servers. It is not a cost cutting method. Answer:
Question 12A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)
Explanation: A patch management service can provide greater control over the update process by an administrator. It eliminates the need for user intervention. Answer:
Question 13The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution? (Choose two.)
Explanation: Windows provides a method to encrypt files, folders, or entire hard drives depending on need. However, certain BIOS settings and configurations are necessary to implement encryption on an entire hard disk. Answer:
Question 14Which three items are malware? (Choose three.)
Explanation: Email could be used to deliver malware, but email by itself is not malware. Apt is used to install or remove software within a Linux operating system. Attachments could contain malware, but not always. Answer:
Question 15Which service will resolve a specific web address into an IP address of the destination web server?
Explanation: DNS resolves a website address to the actual IP address of that destination. Answer: DNS Question 16An administrator of a small data center wants a flexible, secure method of remotely connecting to servers. Which protocol would be best to use?
Explanation: Because hackers sniffing traffic can read clear text passwords, any connection needs to be encrypted. Additionally, a solution should not be operating system-dependent. Answer: Secure Shell Question 17A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?
Explanation: There are two types of errors that biometrics can have: false acceptance and false rejection. False acceptance is a Type II error. The two types can intersect at a point called the crossover error rate. Answer: Type II Question 18Why is WPA2 better than WPA?
Explanation: A good way to remember wireless security standards is to consider how they evolved from WEP to WPA, then to WPA2. Each evolution increased security measures. Answer: mandatory use of AES algorithms Question 19Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible?
Explanation: Operation centers support different areas of the operation including the network and security. Each one focuses on particular parts of the IT structure. The center that supports security would be the SOC. Answer: NOC Question 20A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem?
Explanation: When troubleshooting a user problem, look for some common issues that would prevent a user from performing a function. Answer: computer firewall Question 21A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)
Explanation: Answer:
Chapter 8: Becoming a Cybersecurity SpecialistChapter 8 Quiz:Question 1Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)
Explanation: Answer:
Question 2What are three disclosure exemptions that pertain to the FOIA? (Choose three.)
Explanation: – National security and foreign policy information Answer:
Question 3A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)
Explanation: Users may be unaware of their actions if not educated in the reasons why their actions can cause a problem with the computer. By implementing several technical and nontechnical practices, the threat can be reduced. Answer:
Question 4If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?
Explanation: The Computer Fraud and Abuse Act (CFAA) provides the foundation for US laws criminalizing unauthorized access to computer systems. Answer: CFAA Question 5What are two potential threats to applications? (Choose two.)
Explanation: – Unauthorized access to data
centers, computer rooms, and wiring closets Answer:
Question 6What are the three broad categories for information security positions? (Choose three.)
Explanation: Information security positions can be categorized as: definers,builders,monitors Answer:
Question 7A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?
Explanation: The Family Education Records and Privacy Act (FERPA) prohibits the improper disclosure of personal education records. Answer: FERPA Question 8An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)
Explanation: – Disable ping, probing, and port scanning. Answer:
Question 9A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?
Explanation: Software as a service (SaaS) provides access to software that is centrally hosted and accessed by users via a web browser on the cloud. Answer: SaaS Question 10Why is Kali Linux a popular choice in testing the network security of an organization?
Explanation: Kali is an open source Linux security distribution that is commonly used by IT professionals to test the security of networks. Answer: It is an open source Linux security distribution and contains over 300 tools. Question 11A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?
Explanation: The Payment Card Industry Data Security Standard (PCI DSS) governs how to protect credit card data as merchants and banks exchange transactions. Answer: PCI DSS Question 12What can be used to rate threats by an impact score to emphasize important vulnerabilities?
Explanation: The National Vulnerability Database (NVD) is used to assess the impact of vulnerabilities and can assist an organization in ranking the severity of vulnerabilities found within a network. Answer: NVD Question 13What are two items that can be found on the Internet Storm Center website? (Choose two.)
Explanation: The Internet Storm Center website has a daily InfoSec blog, InfoSec tools, and news among other InfoSec information. Answer:
Question 14What three services does CERT provide? (Choose three.)
Explanation: – helps to resolve software vulnerabilities Answer:
Question 15A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)
Explanation: Workstations can be hardened by removing unnecessary permissions, automating processes, and turning on security features. Answer:
Question 16A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?
Explanation: Answer: vulnerability scanner Question 17As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?
Explanation: Ethics in the security profession are extremely important because of the sensitivity of the data and assets. Compliance to government and state requirements is needed in order to make good judgments. Answer: laws governing the data Question 18As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?
Explanation: The Gramm-Leach-Bliley Act (GLBA) includes privacy provisions for individuals and provides opt-out methods to restrict information sharing with third-party firms. Answer: GLBA Question 19An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)
Explanation: The LAN can have many endpoint devices connected. Analyzing both the network devices and the endpoints connected is important in determining threats. Answer:
Which term describes the sending of a short deceptive SMS message to treat a target into visiting site?Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website? Explanation: Smishing is also known as SMS phishing and is used to send deceptive text messages to trick a user into calling a phone number or visiting a specific website.
What are two of the tactics used by a social engineer to obtain personal Informationfrom an unsuspecting target?Social engineering is a term that encompasses a broad spectrum of malicious activity. For the purposes of this article, let's focus on the five most common attack types that social engineers use to target their victims. These are phishing, pretexting, baiting, quid pro quo, and tailgating.
What is the vulnerability that allows criminals to inject scripts into Web pages viewed by users?Cross-site Scripting (XSS) Cross-site Scripting (XSS) is a client-side code injection attack. The attacker aims to execute malicious scripts in a web browser of the victim by including malicious code in a legitimate web page or web application.
What is the name of the method in which letters are rearranged to create the ciphertext?In cryptography, a substitution cipher is a method of encrypting in which units of plaintext are replaced with the ciphertext, in a defined manner, with the help of a key; the "units" may be single letters (the most common), pairs of letters, triplets of letters, mixtures of the above, and so forth.
|