Cyber Security Jeopardy
Which of the following are commonly used port scanning applications? (Select two correct answers)
Zenmap Nmap
what is the first stage of a penetration test
conducting active or passive reconnaissance
A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?
confidentiality
When describing malware, what is a difference between a virus and a worm?
A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability?
Access control problems
Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what?
Advanced persistent threat
An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?
Availability
What names are given to a database where all cryptocurrency transactions are recorded? (Select two correct answers)
Blockchain Ledger
What of the following are examples of cracking an encrypted password? (Choose four correct answers)
Brute force attack Rainbow tables Spraying Dictionary attack
What vulnerability occurs when data is written beyond the memory areas allocated to an application?
Buffer overflow
Which two tool are used to detect infected proxy servers?
IDS Netflow
Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government?
CompTIA Security+
You are configuring access settings to require employees in your organization to authenticate first before accessing certain web pages. Which requirement of information security is addressed through this configuration?
Confidentiality
What type of attack uses zombies?
DDoS
What are the objectives of ensuring data integrity? (Choose two correct answers)
Data is unaltered during transit Data is not changed by unauthorized entities
what is NMAP for
Detection of open ports.
What tool is used to lure an attacker so that an administrator can capture, log and analyze the behavior of the attack?
Honeypot
Which of the following firewalls filters ports and system service calls on a single computer operating system?
Host-based firewall
Which term describes the private browser mode for Google Chrome?
Incognito
What is the best way to avoid getting spyware on a machine?
Install software only from trusted websites
Which of the following are examples of on-path attacks? (Choose two correct answers)
Man-in-the-Mobile Man-in-the-Middle
Which of the following firewalls hides or masquerades the private addresses of network hosts?
Network address translation firewall
Which of the following firewalls filters traffic based on source and destination IP addresses?
Network layer firewall
What type of infiltration method allows attackers to quietly capture two-step verification SMS messages sent to users in a Man-in-the-Mobile (MITMO) attack?
On-Path attack
Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?
Open authorization
Which of the following firewalls filters web content requests such as URLs and domain names?
Proxy server
What vulnerability occurs when the output of an event depends on ordered or timed outputs?
Race conditions
Which of the following firewalls are placed in front of web services to protect, hide, offload and distribute access to web servers?
Reverse proxy server
What do you call the vulnerabilities discovered by Google security researchers that affect almost all CPUs released since 1995? (Select two correct answers)
Spectre Meltdown
What is the main function of the Cisco Security Incident Response Team?
To ensure company, system and data preservation
What is the main purpose of cyberwarfare?
To gain advantage over adversaries
Which of the following firewalls filters traffic based on source and destination data ports and filtering based on connection states?
Transport layer firewall
What is an example of cyber kill chain
planned process of cyber attacks
Which stage of the kill chain used by attackers focuses on the identification and selection of targets?
reconnaissance