20-23
Which statement describes the use of certificate classes in the PKI?
A class 5 certificate is more trustworthy than a class 4 certificate
Two symmetric encryption algorithms
AES 3DES
Which service is offered by the U.S. Department of Homeland Security (DHS) that enables real-time exchange of cyberthreat indicators between the U.S. Federal Government and the private sector?
AIS
What technology supports asymmetric key encryption used in IPsec VPNs?
IKE
What threat intelligence group provides blogs and podcasts to help network security professionals remain effective and up-to-date?
TALOS
Which protocol is an IETF standard that defines the PKI digital certificate format?
X.509
What is the primary function of (ISC2)?
to provide neutral education products and career services
In Windows Firewall, when is the Domain profile applied?
when the host is connected to a trusted netowrk such as internal bussiness network
Which algorithm can ensure data confidentiality?
AES
Which HIDS is an open-source based product?
OSSEC
What is the primary function of SANS?
To maintain the Internet Storm Center
What does the MITRE Corporation create and maintain?
CVE
Which threat intelligence sharing open standard specifies, captures, characterizes, and communicates events and properties of network operations?
CybOX
In which way does the use of HTTPS increase the security monitoring challenges within enterprise networks?
HTTPS traffic enables end to end encryption
What is the Common Vulnerabilities and Exposures (CVE) used by the MITRE Corporation?
It is a dictionary of CVE identifers for publically known cybersecurity vulnerabilites
Which statement describes the term attack surface?
It is the total sum of vulnerabilities in a system that is accessible to an attacker.
Which statement describes the Software-Optimized Encryption Algorithm (SEAL)?
SEAL is a stream cipher
Which statement is a feature of HMAC?
Seceret key adding authentication
What role does an RA play in PKI?
Subordinate CA
Which device in a LAN infrastructure is susceptible to MAC address-table overflow and spoofing attacks?
Switch
Which statement describes agentless antivirus protection?
antivirus scans are performed on hosts from a centralized system
Which security management function is concerned with the implementation of systems that track the location and configuration of networked devices and software across an enterprise?
asset managment
Which security endpoint setting would be used by a security analyst to determine if a computer has been configured to prevent a particular application from running?
block listing
Which technology might increase the security challenge to the implementation of IoT in an enterprise environment?
cloud computing
Which service is provided by the Cisco Talos Group?
collecting information about active,existing, and emerging threats
Which security management function is concerned with the inventory and control of hardware and software configurations of systems?
configuration managment
What technology allows users to verify the identity of a website and to trust code that is downloaded from the Internet?
digital signature
Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?
discover
What are the steps in the vulnerability management life cycle?
discover prioritize assests report remidiate
Which class of metric in the CVSS Base Metric Group defines the features of the exploit such as the vector, complexity, and user interaction required by the exploit?
explopitability
As described by the SANS Institute, which attack surface includes the use of social engineering?
human attack surface
What are the core functions of the NIST Cybersecurity Framework?
identifiy protect detect respond recover
Which metric class in the CVSS Basic Metric Group identifies the impacts on confidentiality, integrity, and availability?
impact
Which requirement of secure communications is ensured by the implementation of MD5 or SHA hash generating algorithms?
integrity
What is the purpose of code signing?
integrity of source .EXE files
What is a host-based intrusion detection system (HIDS)?
it combines the functionalities of antimalware applications with firewall protection
Which statement describes the threat-vulnerability (T-V) pairing?
it is the identification of threats and vulnerabilites and the matching of threats with vulnerabilites
As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?
network attack surface
In addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?
risk reduction
In profiling a server, what defines what an application is allowed to do or run on a server?
service accounts
When establishing a server profile for an organization, which element describes the type of service that an application is allowed to run on the server?
service accounts
When a network baseline is being established for an organization, which network profile element indicates the time between the establishment of a data flow and its termination?
session duration
Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?
signature based
In most host-based security suites, which function provides robust logging of security-related events and sends logs to a central location?
telementary
What is the primary purpose of the Forum of Incident Response and Security Teams (FIRST)?
to enable a variety of computer security incident response teams to collaborate,cooperate,and cordinate
Why do several network organizations, professionals, and intelligence agencies use shared open standards for threat intelligence?
to enable the exchange of CTI in an automated consistent and machine readable format