Cyber Security Test 10
False
A hash collision occurs when cryptographic hash function produces two different digests for the same data input. True False
ACL - Access Control List in cybersecurity. It is a mechanism used to define and manage permissions and access rights for resources in a network or computing environment. ACLs are employed to control which users or systems can access specific resources and what actions they are permitted to perform.
A rule-based access control mechanism implemented on routers, switches, and firewalls is referred to as: MAC AUP DAC ACL
Spraying Attack - often referred to as a Password Spraying Attack, is a type of brute-force attack where the attacker attempts to gain unauthorized access to a system by systematically trying a small set of commonly used passwords across many user accounts. Unlike a traditional brute-force attack that targets a single account with many passwords, a password spraying attack targets many accounts with a few passwords.
A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of: Replay attack Dictionary attack Spraying attack Birthday attack
Downgrade attack - is a type of attack where an attacker forces a system or communication protocol to revert to a less secure version or weaker encryption method than the one originally intended. This can compromise the confidentiality, integrity, and security of data being transmitted or processed.
A type of cryptographic attack that forces a network protocol to revert to its older, less secure version is known as: Downgrade attack Replay attack Deauthentication attack Spraying attack
IoC - Indicators of Compromise (IoCs) are pieces of evidence or data that suggest that a system or network has been breached or is being targeted by malicious activity. IoCs are used by security professionals to detect, analyze, and respond to security incidents.
A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called: CVE IoC AIS OSINT
Password brute-forcing attempt - is a type of attack where an attacker systematically tries a large number of possible passwords in order to gain unauthorized access to a system, account, or encrypted data. This method relies on the principle of trying all possible combinations until the correct one is found.
An account lockout might indicate which type of malicious activity? Attempt to deliver malicious content DoS attack Account compromise Password brute-forcing attempt
Brute-force attack - is a method used to gain unauthorized access to a system or account by systematically trying all possible combinations of passwords or encryption keys until the correct one is found. It is a fundamental and straightforward approach to attacking security but can be highly resource-intensive and time-consuming.
An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is called: Replay attack Brute-force attack Dictionary attack Birthday attack
True
One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline. True False
True
The term "Out-of-cycle logging" refers to instances where systems or applications produce logs outside their regular intervals or in abnormal volumes, potentially signaling malicious activity. True False
VLSM - Variable Length Subnet Masking. It's a technique used in IP networking to optimize the allocation of IP addresses by allowing subnets to be of different sizes. While VLSM is not a security technology per se, it is important in network design and management, which has implications for cybersecurity.
What is the name of a solution that increases the efficiency of IP address space management by allowing network administrators to divide networks into subnets of different sizes? DNAT VLSM MPLS VLAN
Birthday - refers to the Birthday Paradox or Birthday Attack, which is related to the probability theory used to demonstrate how collisions can occur in hash functions.
Which cryptographic attack relies on the concepts of probability theory? Brute-force KPA Dictionary Birthday
DLP - Data Loss Prevention. It refers to a set of technologies, policies, and procedures designed to prevent the unauthorized access, use, transmission, or disclosure of sensitive data. DLP solutions are used to protect data from being lost, stolen, or misused, whether the data is at rest (stored), in transit (being transmitted), or in use (actively being processed).
Which of the answers listed below does not refer to the concept of network isolation? VLANs Subnetting DLP Firewalls DMZs NAC SDN Air gaps Zero Trust network architecture
FACL - File Access Control List. It is a type of Access Control List (ACL) specifically used to manage permissions and access rights for files and directories within a file system. FACLs provide a way to specify which users or groups can access specific files and what actions they are allowed to perform on those files.
Which of the answers listed below refers to a rule-based access control mechanism associated with files and/or directories? EFS FACL FIM NTFS
SDN - Software-Defined Networking. It's a networking architecture approach that separates the control plane (network management) from the data plane (traffic forwarding), enabling more flexible, programmable, and efficient network management. While SDN itself is not a cybersecurity technology, it has significant implications for network security and management.
Which of the answers listed below refers to a solution that allows for easier management and control of network segmentation policies through software applications? VDI SDN VPC EDR
Any of the above
Which of the following URLs is a potential indicator of a directory traversal attack? http://www.example.com/var/../etc/passwd http://www.example.com/var/www/../../etc/passwd http://www.example.com/var/www/files/../../../etc/passwd http://www.example.com/var/www/files/images/../../../../etc/passwd Any of the above
ACL - Access Control List. In cybersecurity, an ACL is a set of rules or permissions that define which users or systems have access to certain resources within a network or system and what actions they are allowed to perform. ACLs are a fundamental component of access control mechanisms used to protect sensitive information and resources.
Which of the following acronyms refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object? ACL MFA NAC AUP
Data encryption
Which of the following answers does not refer to the concept of system/application isolation? Virtualization Containerization Sandboxing Data encryption
Implicit deny policy - fundamental concept in cybersecurity and access control that refers to the default behavior of denying access to resources unless explicitly allowed by a defined policy or rule. It is based on the principle that any access that is not specifically permitted should be denied. This approach helps to enhance security by ensuring that access to resources is tightly controlled and only granted when explicitly authorized.
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL? Fair access policy Implicit deny policy Transitive trust Context-aware authentication
IAM - Identity and Access Management in cybersecurity. IAM is a framework of policies and technologies designed to ensure that the right individuals have the appropriate access to technology resources within an organization. It involves managing digital identities and controlling user access to various systems, applications, and data.
Which of the following provides granular control over user access to specific network segments and resources based on their assigned roles and permissions? EDR IAM AAA IPS
Blocked Content - refers to data, resources, or communications that are intentionally restricted or prevented from being accessed or transmitted. This blocking is typically done to protect systems, networks, and users from malicious activities, unauthorized access, or other security threats.
Which of the following terms refers to a malicious activity indicator in a situation where a firewall or other security measure prevents an attempt to deliver malicious payload or perform an unauthorized action? DoS attack Resource inaccessibility Blocked content Excessive system resource consumption
Missing logs - refers to the absence or loss of log data that should be recorded and retained for security monitoring, incident investigation, and compliance purposes. Logs are crucial for understanding the activities within a system, detecting anomalies, and responding to security incidents. Missing logs can hinder the ability to investigate and address security issues effectively.
Which of the following would indicate an attempt to hide evidence of malicious activity? Account lockout Resource inaccessibility Missing logs Concurrent session usage
Concurrent session usage - refers to the ability of a user to have multiple active sessions or connections to a system, application, or network simultaneously. This concept is important for managing and securing user access, and it can have implications for both security and usability.
Which of the terms listed below most accurately describes a situation wherein a single account is being used from multiple locations/devices at the same time? Spraying attack Concurrent session usage Single Sign-On
Impossible travel - refers to a type of security alert or anomaly detection related to user activity that indicates an account may be compromised. Specifically, it pertains to the scenario where a user is detected logging in or accessing resources from geographically distant locations within an unrealistically short time frame. This suggests that the user's account may have been compromised or that the access is not legitimate.
Which of the terms listed below most accurately describes a situation wherein an account is accessed from a location that is physically impossible for the user to be in? Login time restrictions Impossible travel Concurrent session usage Out-of-cycle logging
VLAN - Virtual Local Area Network. A VLAN is a network configuration that allows network administrators to segment a single physical network into multiple logical networks. Each VLAN acts as an independent network, even though all VLANs share the same physical hardware. This segmentation helps improve network management, security, and performance.
Which of the terms listed below refers to a logical grouping of computers that allow computer hosts to function as if they were attached to the same broadcast domain regardless of their physical location? VLAN DMZ SNMP community VPN
Spraying attack - often referred to as a Password Spraying Attack, is a type of brute-force attack where the attacker attempts to gain unauthorized access to a system by systematically trying a small set of commonly used passwords across many user accounts. Unlike a traditional brute-force attack that targets a single account with many passwords, a password spraying attack targets many accounts with a few passwords.
Which password attack bypasses account-lockout policies? Birthday attack Replay attack Spraying attack Dictionary attack
