CyberOps Associate Modules 1 + 2 Test

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which organization is an international nonprofit organization that offers the CISSP certification? CompTIA (ISC)2 IEEE GIAC

(ISC)2

What job would require verification that an alert represents a true security incident or a false positive? Alert Analyst Threat Hunter SOC Manager Incident Reporter

Alert Analyst

Which example illustrates how malware might be concealed? A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site. An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors. A botnet of zombies carry personal information back to the hacker. An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.

An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.

Which organization offers the Security+ certification? CompTIA (ISC)2 IEEE GIAC

CompTIA

Which cyber attack involves a coordinated attack from a botnet of zombie computers? DDos MITM ICMP redirect address spoofing

DDos

Which regulatory law regulates the identification, storage, and transmission of patient personal healthcare information? FISMA HIPAA PCI-DSS GLBA

HIPAA

In a smart home, an owner has connected many home devices to the Internet, such as the refrigerator and the coffee maker. The owner is concerned that these devices will make the wireless network vulnerable to attacks. What action could be taken to address this issue? Configure mixed mode wireless operation. Install the latest firmware versions for the devices. Assign static IP addresses to the wireless devices. Disable the SSID broadcast.

Install the latest firmware versions for the devices.

Which statement describes cyberwarfare? It is Internet-based conflict that involves the penetration of information systems of other nations. It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario. Cyberwarfare is an attack carried out by a group of script kiddies. It is a series of personal protective equipment developed for soldiers involved in nuclear war

It is Internet-based conflict that involves the penetration of information systems of other nations.

What is the dark web? It is a website that reports the most recent activities of cybercriminals all over the world. It is a website that sells stolen credit cards. It is part of the internet where a person can obtain personally identifiable information from anyone for free It is part of the internet that can only be accessed with special software.

It is part of the internet that can only be accessed with special software.

Which KPI metric does SOAR use to measure the average time that it takes to stop and remediate a security incident? MTTD MTTR MTTC Time to Control

MTTC

Which KPI metric does SOAR use to measure the time required to stop the incident from causing further damage to systems or data MTTD MTTR MTTC Time to Control

MTTC

Why do IoT devices pose a greater risk than other computing devices on a network? Most IoT devices do not require an internet connection and are unable to receive new updates IoT devices require unencrypted wireless connections IoT devices cannot function on an isolated network with only an internet connection Most IoT devices do not receive frequent firmware updates

Most IoT devices do not receive frequent firmware updates

A worker in the records department of a hospital accidentally sends a medical record of a patient to a printer in another department. When the worker arrives at the printer, the patient record printout is missing. What breach of confidentiality does this situation describe? EMR PII PSI PHI

PHI

An employee connects wirelessly to the company network using a cell phone. The employee then configures the cell phone to act as a wireless point that will allow new employees to connect to the company network. Which type of security threat best describes this situation?

Rogue Access Point

What is a benefit to an organization of using SOAR as part of the SIEM System SOAR would benefit smaller organizations because it requires no cybersecurity analyst involvement once installed SOAR was designed to address critical security events and high-end investigation. SOAR automates incident investigation and responds to workflows based on playbooks. SOAR automation guarantees an uptime factor of "5 nines".

SOAR automates incident investigation and responds to workflows based on playbooks.

An SOC is searching for a professional to fill a job opening. The employee must have expert-level skills in networking, endpoint, threat intelligence, and malware reverse engineering in order to search for cyber threats hidden within the network. Which job within an SOC requires a professional with those skills? Incident Responder Alert Analyst SOC Manager Threat Hunter

Threat Hunter

The term cyber operations analyst refers to which group of personnel in a SOC? Tier 1 personnel Tier 3 personnel Tier 2 personnel SOC managers

Tier 1 personnel

Which personnel in a SOC are assigned the task of hunting for potential threats and implementing threat detection tools? Tier 3 SME Tier 2 Incident Reporter Tier 1 Analyst SOC Manager

Tier 3 SME

Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the network? MITR Time to Control MITC MTTD

Time to Control

A company has just had a cybersecurity incident. The threat actor appeared to have a goal of network disruption and appeared to use a common security hack tool that overwhelmed a particular server with a large amount of traffic. This traffic rendered the server inoperable. How would a certified cybersecurity analyst classify this type of threat actor? terrorist hacktivist state-sponsored amateur

amateur

A group of users on the same network are all complaining about their computers running slowly. After investigating, the technician determines that these computers are part of a zombie network. Which type of malware is used to control these computers? botnet spyware virus rootkit

botnet

How does a security information and event management system (SIEM) in a SOC help the personnel fight against security threats? by analyzing logging data in real time by combining data from multiple technologies by integrating all security devices and appliances in an organization by dynamically implementing firewall rules

by combining data from multiple technologies

When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user files have been locked. In order to get the files unencrypted, the user is supposed to send an email and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins as payment for the file decryption. After inspecting the message, the technician suspects a security breach occurred. What type of malware could be responsible? trojan spyware adware ransomware

ransomware

A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation? rogue access point password policy weak password user error user laptop

rogue access point

What is the main purpose of cyberwarfare? to protect cloud-based data centers to develop advanced network devices to gain advantage over adversaries to simulate possible war scenarios among nations

to gain advantage over adversaries

What websites should a user avoid when connecting to a free and open wireless hotspot?

websites to make purchases

What type of cyberwarfare weapon was Stuxnet? botnet virus worm ransomware

worm


Conjuntos de estudio relacionados

Nursing Care of Children Online Practice 2019 A

View Set

CoursePoint Chapter 1: The Nurse's Role in Health Assessment

View Set

Chapter 06: Values, Ethics, and Advocacy

View Set

Chapter 4: The Nursing Process in Drug Therapy and Patient Safety

View Set

321 Practice Questions - Documenting, Reporting, Conferring, and Using Informatics

View Set