Intro To Cybersecurity Pre Course
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password. What may have occurred to cause this?
Suvid's password has expired
Jengi is setting up security for a home network. Jengi decides to configure MAC address filtering on the router, so that only specific devices will be allowed to join the network. This is an example of a(n) ______ control. (D1, L1.3.1)
Technical
The city of Grampon wants to know where all it's public vehicles are at all times, so the city has GPS transmitters installed in all the vehicles. What kind of control is this?
Technical
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that operational managers have the utmost personal choice in determining which employees get access to which systems/data. Which method should Handel select?
Discretionary access controls
Bert wants to add a flashlight capability to a smartphone. Bert searches the internet for a free flashlight app, and downloads it to the phone. The app allows Bert to use the phone as a flashlight, but also steals Bert's contacts list. What kind of app is this? (D4.2 L4.2.1)
Trojan
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly? (D4.2 L4.2.3)
Update the anti-malware solution regularly
Which of the following is one of the common ways potential attacks are often identified? (D4.2 L4.2.2)
Users report unusual systems activity/response to Help Desk or the security office
______ is used to ensure that configuration management activities are effective and enforced. (D5.2, L5.2.1)
Verification and audit
Which type of fire-suppression system is typically the safest for humans? (D4.3 L4.3.1)
Water
Data retention periods apply to ____ data. (D5.1, L5.1.1)
all
Logs should be reviewed ______. (D5.1, L5.1.2)
continually
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens. Which security concept is being applied in this situation?
dual control
All visitors to a secure facility should be _______. (D3, L3.2.1)
escorted
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do?
explain the style and format of the questions, but no detail
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except: (D3, L3.2.1)
fence
Network traffic originating from outside the organization might be admitted to the internal IT environment or blocked at the perimeter by a ________
firewall
Chad is a security practitioner tasked with ensuring that the information on the organization's public website is not changed by anyone outside the organization. This task is an example of ensuring ________ (D1, L1.1.1)
integrity
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: "Sensitive," "Proprietary" and "Public."
labeling
All of the following are typically perceived as drawbacks to biometric systems, except
lack of accuracy
Which of the following would be best placed in the DMZ of an IT environment? (D4.3 L4.3.3)
mail server
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing _______
non repudiation
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls. (D1, L1.3.1)
physical
An IoT (Internet of Things) device is typified by its effect on or use of the _____ environment. (D4.3 L4.3.3)
physical
Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don't collide with pedestrians. What is probably the most effective type of control for this task? (D1, L1.3.1)
physical
A vendor sells a particular operating system (OS). In order to deploy the OS securely on different platforms, the vendor publishes several sets of instructions on how to install it, depending on which platform the customer is using. This is an example of a ________. (D1, L1.4.2)
procedure
Which of the following is probably the main purpose of configuration management? (D5.2, L5.2.1)
Ensuring only authorized modifications are made to the IT environment
Which of the following is not a typical benefit of cloud computing services? (D4.3 L4.3.2)
Freedom from legal constraints
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why? (D3, L3.3.1)
Gary's actions look like an attack
Triffid, Inc., has many remote workers who use their own IT devices to process Triffid's information. The Triffid security team wants to deploy some sort of sensor on user devices in order to recognize and identify potential security issues. Which of the following is probably most appropriate for this specific purpose? (D4.2 L4.2.2)
HIDS (host-based intrusion-detection systems)
Cheryl is browsing the Web. Which of the following protocols is she probably using? (D4, L4.1.2)
HTTP (Hypertext Transfer Protocol)
If two people want to use symmetric encryption to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.3)
1, symmetric encryption uses one shared key between parties for confidential communication.
Preenka works at an airport. There are red lines painted on the ground next to the runway; Preenka has been instructed that nobody can step or drive across a red line unless they request, and get specific permission from, the control tower. This is an example of a(n)______ control.
Administrative
Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email. What kind of control is this instruction? (D1, L1.3.1)
Administrative
Which of the following is likely to be included in the business continuity plan?
Alternate work areas for personnel affected by a natural disaster
Which of these is the most important reason to conduct security instruction for all employees. (D5.4, L5.4.1)
An informed user is a more secure user
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done.
Anything either of them do will be attributed to Trina
In risk management concepts a(n) _____ is something a security practitioner might need to protect (D1, L1.2.1)
Asset
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees? (D4.2 L4.2.1)
DDOS (distributed denial of service)
The section of the IT environment that is closest to the external world; where we locate IT systems that communicate with the Internet. (D4.3 L4.3.3)
DMZ
Which of the following roles does not typically require privileged account access
Data entry professional
At Parvi's place of work, the perimeter of the property is surrounded by a fence; there is a gate with a guard at the entrance. All inner doors only admit personnel with badges, and cameras monitor the hallways. Sensitive data and media are kept in safes when not in use
Defense in depth
When data has reached the end of the retention period, it should be _____. (D5.1, L5.1.1)
Destroyed
Hoshi is an ISC2 member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement. Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall available. What should Hoshi do?
Disclose the relationship, but recommend the vendor/product
Which of the following probably poses the most risk?
High likelihood, high impact event
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need? (D5.1, L5.1.2)
In asymmetric encryption, each party needs their own key pair (a public key and a private key) to engage in confidential communication in asymmetric encryption, each party needs their own key pair for confidential communication.
Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do? (D1, L1.5.1)
Inform
Glen received an email from a company offering a set of answers for a ISC 2 certification exam. What should Glen do? (D1, L1.5.1)
Inform ISC 2
An attacker outside the organization attempts to gain access to the organization's internal files. This is an example of a(n) ______. (D2, L2.1.1)
Intrusion
What is the goal of Business Continuity efforts?
Keep critical business functions operational
The city of Grampian wants to ensure that all its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this? (D1. L1.4.1)
Law
For which of the following systems would the security concept of the availability probably be most important? (D1, L1.1.1)
Medical systems that monitor patient condition in an intensive care unit
Log data should be kept ______. (D5.1, L5.1.2)
On a device other than where it was captured
Gary is an attacker. Gary is able to get access to the communication wire between Dauphine's machine and Linda's machine and can then surveil the traffic between the two when they're communicating. What kind of attack is this? (D4.2 L4.2.1)
On path
Which type of fire-suppression system is typically the least expensive? (D4.3 L4.3.1)
Oxygen-depletion
The senior leadership of Triffid Corp decides the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security
Policy, standard
By far, the most crucial element of any security instruction program. (D5.4, L5.4.1)
Preserve health and human safety
Which common cloud deployment model typically features only a single customer's data/functionality stored on specific systems/hardware? (D4.3 L4.3.2)
Private
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi's account?
Privileged
What is the overall objective of a disaster recovery effort?
Return to normal, full operations
An organization must always be prepared to ______ when applying a patch. (D5.2, L5.2.1)
Rollback
All of the following are important ways to practice an organization disaster recovery effort; which one is the most important
Running the alternate operating site to determine if it could handle critical functions in times of emergency
Barry wants to upload a series of files to a web-based storage service, so that people Barry has granted authorization can retrieve these files. Which of the following would be Barry's preferred communication protocol if he wanted this activity to be efficient and secure? (D4, L4.1.2)
SFTP (Secure File Transfer Protocol)
A tool that aggregates log data from multiple sources, and typically analyzes it and reports potential threats. (D4.2 L4.2.2)
SIEM/SEM/SIM solutions are typically designed specifically for this purpose. D is the correct answer. A and C are incorrect; these are specific single sources of log data. B is incorrect; anti-malware does not typically gather log data from multiple sources.
A device typically accessed by multiple users, often intended for a single purpose, such as managing email or web pages. (D4.1 L4.1.1)
Server
(ISC)2 publishes a Common Body of Knowledge (CBK) that IT security practitioners should be familiar with; this is recognized through the industry as a set of material that is useful for practitioners to refer to. Certifications can be issued for demonstrating expertise in this Common Body of Knowledge. What kind of document is the Common Body of Knowledge? (D1, L1.4.1)
Standard
The Payment Card Industry (PCI) Council is committee made up of representatives from a major credit card providers. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers' personal data. This set of rules is a ________
Standard
What is the risk associated with resuming full normal operations too soon after the DR effort?
The danger posed by the disaster might still be present
The output of any given hashing algorithm is always _____. (D5.1, L5.1.3)
The same length
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina's selection and determine whether to approve the purchase. This is a description of: (D3, L3.1.1)
segregation of duties
Who approves the incident response policy
senior management
Guillermo logs onto a system and opens a document file. In this example, Guillermo is: (D3, L3.1.1)
subject
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has.
subject
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation what is the database?
the object
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be? (D4.2 L4.2.1)
worm