Cybersec precourse assessment
Standard
(ISC)² publishes a Common Body of Knowledge (CBK) that IT security practitioners should be familiar with; this is recognized throughout the industry as a set of material that is useful for practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body of Knowledge. What kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Log
A _____ is a record of something that has occurred. (D3, L3.2.1)
Physical
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1, L1.3.1)
Server
A device typically accessed by multiple users, often intended for a single purpose, such as managing email or web pages. (D4.1 L4.1.1)
Detective
A human guard monitoring a hidden camera could be considered a ______ control. (D3, L3.2.1
VPN
A means to allow remote users to have secure access to the internal IT environment. (D4.3 L4.3.3)
SIEM
A tool that aggregates log data from multiple sources, and typically analyzes it and reports potential threats. (D4.2 L4.2.2)
Firewall
A tool that filters inbound traffic to reduce potential threats. (D4.2 L4.2.3)
DLP (data loss prevention)
A tool that inspects outbound traffic to reduce potential threats. (D4.2 L4.2.3)
Procedure
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different platforms, the vendor publishes several sets of instructions on how to install it, depending on which platform the customer is using. This is an example of a ________. (D1, L1.4.2)
Lack of accuracy
All of the following are typically perceived as drawbacks to biometric systems, except: (D3, L3.2.1)
Escorted
All visitors to a secure facility should be _______. (D3, L3.2.1)
Intrusion
An attacker outside the organization attempts to gain access to the organization's internal files. This is an example of a(n) ______. (D2, L2.1.1)
Data is not needed for regular work purposes
Archiving is typically done when _________. (D5.1, L5.1.1)
Trojan
Bert wants to add a flashlight capability to a smartphone. Bert searches the internet for a free flashlight app, and downloads it to the phone. The app allows Bert to use the phone as a flashlight, but also steals Bert's contacts list. What kind of app is this? (D4.2 L4.2.1)
Symmetric encryption
Bluga works for Triffid, Inc. as a security analyst. Bluga wants to send a message to several people and wants the recipients to know that the message definitely came from Bluga. What type of encryption should Bluga use? (D5.1, L5.1.3)
DAC (discretionary access control)
Bruce is the branch manager of a bank. Bruce wants to determine which personnel at the branch can get access to systems, and under which conditions they can get access. Which access control methodology would allow Bruce to make this determination? (D3, L3.3.1)
Preserve health and human safety
By far, the most crucial element of any security instruction program. (D5.4, L5.4.1)
80
Carol is browsing the Web. Which of the following ports is she probably using? (D4, L4.1.2)
HTTP (Hypertext Transfer Protocol)
Cheryl is browsing the Web. Which of the following protocols is she probably using? (D4, L4.1.2)
All
Data retention periods apply to ____ data. (D5.1, L5.1.1)
Hashing
Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not been modified in transit. What technique/tool could Dieter use to assist in this effort? (D5.1, L5.1.3)
Physical
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the organization's offices. Which sort of security control would probably be best for this purpose? (D1, L1.3.1)
Labeling
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: "Sensitive," "Proprietary" and "Public."
The file that contains passwords used to authenticate users
For which of the following assets is integrity probably the most important security aspect? (D1, L1.1.1
Worm
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be? (D4.2 L4.2.1)
Gary's actions look like an attack
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (D3, L3.3.1)
Inform (ISC)²
Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do? (D1, L1.5.1)
Law, procedure
Grampon municipal code requires that all companies that operate within city limits will have a set of processes to ensure employees are safe while working with hazardous materials. Triffid Corporation creates a checklist of activities employees must follow while working with hazardous materials inside Grampon city limits. The municipal code is a ______, and the Triffid checklist is a ________. (D1, L1.4.2
The subject
Guillermo logs onto a system and opens a document file. In this example, Guillermo is: (D3, L3.1.1)
Discretionary access controls (DAC)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that operational managers have the utmost personal choice in determining which employees get access to which systems/data. Which method should Handel select? (D3, L3.3.1)
D) disclose the relationship, but recommend the vendor/product
Hoshi is an (ISC)2 member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement. Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall available. What should Hoshi do? (D1, L1.5.1)
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.2)
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.2)
Firewall
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed. Which security solution can often identify and potentially counter this risk? (D4.2 L4.2.2)
Dual control
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens. Which security concept is being applied in this situation? (D3, L3.1.1)
On a device other than where it was captured
Log data should be kept ______. (D5.1, L5.1.2)
A laptop with sensitive data on it
Of the following, which would probably not be considered a threat? (D1, L1.2.1)
Scalable
One of the benefits of computer-based training (CBT): (D5.4, L5.4.1)
risk tolerance
Phrenal is selling a used laptop in an online auction. Phrenal has estimated the value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is prepared to take less for it if nobody bids that amount. This is an example of ___________. (D1, L1.2.2)
The subject
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation, what is Prachi? (D3, L3.1.1)
The rule
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation, what is the ACL? (D3, L3.1.1)
Administrative
Preenka works at an airport. There are red lines painted on the ground next to the runway; Preenka has been instructed that nobody can step or drive across a red line unless they request, and get specific permission from, the control tower. This is an example of a(n)______ control. (D1, L1.3.1)
Role-based access controls (RBAC)
Prina is a database manager. Prina is allowed to add new users to the database, remove current users and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of: (D3, L3.3.1)
Pay the parking ticket
Siobhan is an (ISC)² member who works for Triffid Corporation as a security analyst. Yesterday, Siobhan got a parking ticket while shopping after work. What should Siobhan do? (D1, L1.5.1)
MAC (mandatory access control)
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a "classification." Every person in the agency is assigned a "clearance" level, which determines the classification of data each person can access. What is the access control model being implemented in Tekila's agency? (D3, L3.3.1)
The General Data Protection Regulation
The European Union (EU) law that grants legal protections to individual human privacy. (D1, L1.1.1)
Procedure
The Triffid Corporation publishes a policy that states all personnel will act in a manner that protects health and human safety. The security office is tasked with writing a detailed set of processes on how employees should wear protective gear such as hardhats and gloves when in hazardous areas. This detailed set of processes is a _________. (D1, L1.4.1)
law
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1, L1.4.1
HVAC
The common term for systems that ensure proper temperature and humidity in the data center. (D4.3 L4.3.1)
Defense in depth
The concept that the deployment of multiple types of controls provides better security than using a single type of control. (D4.3 L4.3.3)
The user who signed it
The organization should keep a copy of every signed Acceptable Use Policy (AUP) on file, and issue a copy to _______. (D5.3, L5.3.1)
Policy, standard
The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security. The Triffid document is a ______, and the SANS documents are ________. (D1, L1.4.2)
Redundancy
To adequately ensure availability for a data center, it is best to plan for both resilience and _______ of the elements in the facility. (D4.3 L4.3.1)
Administrative
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? (D1, L1.3.1)
Segregation of duties
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina's selection and determine whether to approve the purchase. This is a description of: (D3, L3.1.1)
Keep critical business functions operational
What is the goal of Business Continuity efforts? (D2, L2.2.1)
Reduce the impact of incidents on operations
What is the goal of an incident response effort? (D2, L2.1.1)
Return to normal, full operations
What is the overall objective of a disaster recovery (DR) effort? (D2, L2.3.1)
The impact of running alternate operations for extended periods
What is the risk associated with delaying resumption of full normal operations after a disaster? (D2, L2.3.1)
The danger posed by the disaster might still be present
What is the risk associated with resuming full normal operations too soon after a DR effort? (D2, L2.3.1)
Destroyed
When data has reached the end of the retention period, it should be _____. (D5.1, L5.1.1)
Updating and patching systems
Which of the following activities is usually part of the configuration management process, but is also extremely helpful in countering potential attacks? (D4.2 L4.2.3)
A door locked by a voiceprint identifier
Which of the following is a biometric access control mechanism? (D3, L3.2.1)
A photograph of your face
Which of the following is an example of a "something you are" authentication factor? (D1, L1.1.1)
Freedom from legal constraints
Which of the following is not a typical benefit of cloud computing services? (D4.3 L4.3.2)
Security deposit
Which of the following is not an appropriate control to add to privileged accounts? (D3, L3.1.1)
A fence
Which of the following is probably most useful at the perimeter of a property? (D3, L3.2.1)
Ensuring only authorized modifications are made to the IT environment
Which of the following is probably the main purpose of configuration management? (D5.2, L5.2.1)
Mail server
Which of the following would be best placed in the DMZ of an IT environment? (D4.3 L4.3.3)
Water
Which type of fire-suppression system is typically the safest for humans? (D4.3 L4.3.1)
Senior management
Who approves the incident response policy? (D2, L2.1.1)
Senior management
Who dictates policy? (D5.3, L5.3.1)
Anyone
Within the organization, who can identify risk? (D1, L1.2.2)
Explain the style and format of the questions, but no detail
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do? (D1, L1.5.1)
