ibm cybersecurity

Which 3 of these are benefits you can realize from using a NAT (Network Address Translation) router

Allows statistic 1-to-1 mapping of local IP addresses to global IP Addresses Allows internal IP addresses to be hidden from outside observers Allows dynamic mapping of many local IP addresses to a smaller number of global IP address only when they are needed

A penetration tester involved in a "Black box" attack would be doing what

Attempting to penetrate a client's system as if she were an external hacker with no inside knowledge of the system

Trudy intercepts a plain text message sent by Alice to Bob but in no way interferes with its delivery. Which aspect of the CIA Triad was violated?

Availability

Which security concerns follow your workload even after it is successfully moved to the cloud

(Data security, Disaster Recovery/Business Continuity Planning, Identity and Access Management, Compliance) All Of The Above

in reviewing the security logs for a company's headquarters in New York city, which of these activities should not raise much of a security concern

An employee has started logging in from home for an hour or so during the last 2 weeks of each quarter

Which layer of the OSI model do packet sniffers operate on

Data Link

Which form of penetration testing allows the testers partial knowledge of the systems they are trying to penetrate in advance of their attack to streamline costs and focus efforts

Gray Box Testing

Fancy Bears and Anonymous are examples of what

Hacking organizations

Fancy Bears and Anonymous are examples of what?

Hacking organizations

Which form of Cloud computing combines both public and private clouds?

Hybrid cloud

If cost is the primary concern, which type of cloud should be considered first

Public cloud

Which 3 of the following are considered scripting languages

Python Perl ​

Which are properties of a highly available system

Redundancy, failover and monitoring

Which component of the Linux operating system interacts with your computer's hardware?

The kernel

which of these is the best definition of a security risk

the likelihood of a threat source exploiting a vulnerability

Trying to break an encryption key by trying every possible combination of characters is called what

A brute force attack

Poor user input sanitation and unsafe execution of OS commands leaves a system vulnerable to which form of attack

OS command injection

An email message that is encrypted, uses a digital signature and carries a hash value would address which aspects of CIA Triad

Confidentiality and integrity

True or False. The larg majority of stolen credit cards are used quickly by the thief or a member of his/her family

False

A Coordinating incident response team model is characterized by which of the following

Multiple incident response teams within an organization but one with authority to assure consistent policies and practices are followed across all teams

Which 3 of these statements about the TCP protocol are true

TCP packets are reassembled by the receiving system in order in which they are sent TCP is connection-oriented TCP is more reliable than UDP

The encryption and protocols used to prevent unauthorized access to data are examples of which type of access control

Technical

Which country had the highest average cost per breach in 2018 at $8.19 M

United States

ITIL is best described as what

A collection of IT Service Management best practices

what is the largest number that will be printed during the execution of this python while loop

9

Which of the following practices helps assure the best results when implementing encryption

Chose a reliable and proven published algorithm

which 2 forms of discovery must be conducted online

Packet sniffing Port scanning

Your bank just implemented 2-factor authentication. Before you can access your account. Which two (2) pairs of factors would satisfy the "2-factor" criteria? (Select 2)

Your password and fingerprint scan Your bank's ATM card and a PIN number

Windows 10 stores 64-bit applications in which directory?

\Program Files

Trudy intercepts a romantic plain-text message from Alice to her boyfriend Sam. The message upsets Trudy so she forwards it to Bob, making it look like Alice intended it for Bob from the beginning. Which aspect of the CIA Triad has Trudy violated?

All of the above

According to the IRIS Framework, during which stage of an attack would the attacker attempt to escalate their privileges, move laterally and conduct internal reconnaissance

Continue the attack, expand network access

Which one of the OWASP top 10 application security risks would be occur when there are no safe against a user being allowed to execute HTML, or Javascript in the user's browser that can hijack sessions

Cross-site scripting

What do QRadar flow collectors do with the flows they collect

Flows are bundled into related flow packs and forwarded to the flow processor

Problem Management, Change Management, and Incident Management are all key processes of which framework?

ITIL

Why is symmetric key encryption the most common choice of methods to encryptic data at rest

It is much faster than asymmetric key encryption

Very provocative articles that come up in the news feeds or Google searches are sometimes called click-bait these articles often tempt you to link to other sites that can be infected with malware what attack vector is used by these click-bait sites go to get you to go to the really bad site

Malicious links

activities performed as part of security intelligence can be divided into pre-exploit and post-exploit activities. which 2 of these are post- exploit activities

Perform forensic investigation Gather full situational awareness through advanced security analysis

Security standards do not have the force of the law, but Security regulations do. Which one of these is a security regulations

Sarbanes-Oxley Act (SOX)

Which 2 of the following attack types target endpoints

Spear Phishing Ad Network

A company wants to prevent employees from wasting time on social media sites. to accomplish this, a document forbidding use of these sites while at work is written and circulated and then the firewalls are updated to block access to Facebook, Twitter and other popular sites. which 2 types of security controls has the company just implemented

Technical Administrative

A windows 10 user has 10 files exactly the same name. Which statement must be true for these files

The Files must be in different directories

Which of these methods ensures the authentication, non-repudiation and integrity of a digital communication

Use of Hashing

implement a filter to remove flooded packets before they reach the host is a countermeasure to which form of attack

a denial of service (DoS) attack

You are the CEO of a tech company and just received an angry email that looks like it came a big customer it says your overbilling and ask to examine the invoice. you do but it's blank and ask for details. you never hear back but a week later your security team tells you your credentials were used to access financial data. what type of attack was it

a whale attack

The Windows Security App available in Windows 10 provides uses with which of the following protections

(Virus and threat protection, Firewall and network protection, Family options - parental controls) All Of The Above

Signature-based detection and statistical anomaly detection are found on what type of device

An intrusion Prevention System

which of the following defines a security threat

Any potential danger capable of exploiting a weaknesses in a system

Which 3 of these are Solution Building Blocks (SBB)

Application Firewall Spam Filter Virus Protection

SIEM license costs are typically calculated based upon which 2 factors

Events per second (EPS) Flows per minute (FPM)

Which three (3) of the following are Physical Access Controls? (Select 3)

Fences Security guards Door locks

which of these devices collects the most information on network activity

Intrusion detection system

You are looking very hard on the web for the lowest mortgage interest load You can find and you come across a rate that is so low it could not be possibly be true. You check out the site to see that the terms are are and quickly find you are the victim of a Ransomeware attack. What was the likely attack vector used by the bad actors

Malicious links

Which type of access control is based upon the subjects clearance level and the objects classification

Mandatory Access Control (MAC)

Which 2 of these python libraries provides useful statistical functions

Number Matplotlib

Which of the following is a self-regulating standard set up by the credit card industry in the US

PCI-DSS

which 3 of these are PCI-DSS requirements for any company handling, processing or transmitting credit card data

Restrict access to cardholder data by business need-to-know Restrict physical access to cardholder data Assign a unique ID to each person with computer access

If you have to rely upon Metadata to work with the data at hand, you are probably working with which type of data

Structured data

Which component of the Linux operating system interacts with your computers hardware

The kernel

If a computer needs to send a message to a system that is not part of the local network, where does it send the message

The networks default gateway address

In cybersecurity, Authenticity is defined as what

The property of being genuine and verifiable

In cybersecurity, Authenticity is defined as what?

The property of being genuine and verifiable

Alice sends a message to Bob that is intercepted by Trudy. Which scenario describes an integrity violation

Trudy changes the message and then forwards it on

Alice sends a message to Bob that is intercepted by Trudy. Which scenario describes an integrity violation?

Trudy changes the message and then forwards it on

Which of the following would be considered an incident precursor

An alert from your anti-virus software indicating it had detected malware on your system

A weakness in a system is a/an ____. The potential danger associated with this is a/an ____ that becomes a/an ____ when attacked by a bad actor.

vulnerability, threat, exploit

Which 3 roles are typically found in an information Security organization

Penetration Tester Chief information Security Officer (CISO) Vulnerability Assessor

Port numbers 1024 through 49151 are known as what

Registered Ports

If an endpoint Detection and Response (EDR) system detects that an endpoint does not have a required patch installed, which statement best characterizes the actions it is able to take automatically

The endpoint can be quarantined from all network resources except those that allow it to download and install the missing patch

There is a value brought by each of the IBM in EIA use cases. Which one of these provides immediate alerting on brand compromises and fraud on the dark web.

Threat Discovery

True or False. Cloud-based storage or hosting providers are among the top sources of third-party breaches

True

True or False. Thorough reconnaissance is an important step in developing an effective cyber kill chain.

True

Which statement best describes configuring a NAT router to use dynamic mapping

Unregistered IP addresses are mapped to registered IP addresses as they are needed

which incident response team describes a team that runs all incident response activities for a company

Central

Symmetric key encryption by itself ensures which of the following

Confidentiality only

Which 3 of the following are key ITIL processes

Problem Management Incident Management Change Management

Which position conducts information security investigations for organizations to identify threats that could compromise the organization?

Information Security Analyst

Which position is in charge of testing the security and effectiveness of computer information systems?

Information Security Auditor

Granting access to a user account only those privileges necessary to perform its intended functions is known as what

The principle of least privileges

True or False. internal attacks from trusted employees represent every bit as significant a threat as external attacks from professional cyber criminals

True

A penetration tester that gains access to a system without permission and then exploits it for a personal gain is said to wear what color hat

black

What scripting concept is widely used across different languages that checks if a condition is true, and if so, takes action, and if false, a different action

if-then