Cybersecurity Final Exam Review
Which statement describes a distributed denial of service attack
An attacker builds a botnet of comprised zombies
What are three types of sensitive information
business, classified, and PII
A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration
confidentiality
As data is being stored on a local hard disk, which method would secure the data from unauthorized access
data encryption
What are three states of data during which data is vulnerable
data in process, in transit, and stored
What three tasks are accomplished by a comprehensive security policy
defines legal consequences of violations, sets rules for expected behavior, and gives security staff the backing of management
What three design principles help to ensure high availability
detect failures as they occur, provide for a reliable crossover, and eliminate single points of failure
What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website
digital ceritificate
What is identified by the first dimension of the cybersecurity cube
goals
What tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack
honeypot
Which technology removes direct equipment and maintenance costs from the user for data backups
if the laptop requires user authentication for file and media sharing
What are the two most effective ways to defend against malware
install and update anitvirus software and update the operating system and other application software
What is the best method to avoid getting spyware on a machine
install software only from trusted websites
What is a reason that internal security threats might cause greater damage to an organization than external security threats
internal users have direct access to the infrastructure devices
What are three access control security services
Accounting, authorization, and authentication
Which three processes are examples of logical access controls
IDS to watch for suspicious network activity, firewalls to monitor traffic, and biometrics to validate physical characteristics
Historically it has been observed that computer processing speeds tend to double every two years. This is known as
Moore's Law
Which tool is used to provide a list of open ports on network devices
Nmap
An organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted
VPN
Which technology removes direct equipment and maintenance costs from the user for data backups
a cloud service
An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement
administrative
What is the best method to prevent Bluetooth from being exploited
always disable bluetooth when it is not actively used
An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended
asset classification
Passwords, passphrases, and PINs are examples of which security term
authentication
What are two methods that ensure confidentiality
authentication and encryption
A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan
availability
An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this
bluesnarfing
What describes the protection provided by a fence that is 1 meter in height
it deters casual trespasses only
Which method is used by steganography to hide text in an image file
least significant bit
What term is used to describe the technology that replaces sensitive information with a nonsensitive version
masking
Why do IoT devices pose a greater risk than other computing devices on a network
most IoT devices do not receive frequent firmware updates
Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website
open authorization
How can users working on a shared computer keep their personal browsing history hidden from other workers that may use this computer
operate the web browswer in private browsing mode
what does a rootkit modify
operating system
Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?
packet forgery
The digital divide is about how
people's access to computing and the Internet differs based on socioeconomic or geographic characteristics
What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network
place all IoT devices that have access to the internet on an isolated network
What are three examples of administrative access controls
policies and procedures, background checks, and hiring practices
What type of cybersecurity laws protect you from an organization that might want to share your sensitive data
privacy
Which of the following is the most accurate statement about using search trends as predictors of future events
search trends are imperfect predictors of future events that may not fully represent society at large
Thwarting cyber criminals includes which of the following
sharing cyber intelligence information and establishing early warning systems
What is an impersonation attack that takes advantage of a trusted relationship between two systems
spoofing
What term is used to describe concealing data in another file such as a graphic, audio, or other text file
steganography
A consumer would like to print photographs stored on a cloud storage account using a third party online printing service. After successfully logging into the cloud account, the customer is automatically given access to the third party online printing service. What allowed this automatic authentication to occur
the cloud storage service is an approved application for the online printing service
When a computer scientist uses the term "Big Data" what do they typically mean
there is enough data that traditional data processing applications are inadequate
What is the main purpose of cyberwarfare
to gain advantage over adversaries
What is the name of the method in which letters are rearranged to create the ciphertext
transposition
What two methods help to ensure system availability
up-to-date operating systems and equipment maintenance
What are two ways to protect a computer from malware
use antivirus software, and keep software up to date
What are three methods that can be used to ensure confidentiality of information
username ID and password, 2 factor authentication, and data encryption
Which term describes the technology that protects software from unauthorized access or modification
watermarking
Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus
wireless networks
Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network
worm