Modules 1 - 4 : IAS

What is the purpose of entering the netsh command on a Windows PC? a.to create user accounts b.to test the hardware devices on the PC c.to change the computer name for the PC d.to configure networking parameters for the PC

d.to configure networking parameters for the PC

Which organization is an international nonprofit organization that offers the CISSP certification? CompTIA (ISC)2 IEEE GIAC

(ISC)2

What is the well-known port address number used by DNS to serve requests? 25 53 110 60

53

In a smart home, an owner has connected many home devices to the Internet, such as the refrigerator and the coffee maker. The owner is concerned that these devices will make the wireless network vulnerable to attacks. What action could be taken to address this issue? -Configure mixed mode wireless operation. -Install the latest firmware versions for the devices. -Assign static IP addresses to the wireless devices. -Disable the SSID broadcas

Install the latest firmware versions for the devices.

Which statement describes cyberwarfare? -It is Internet-based conflict that involves the penetration of information systems of other nations. -It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario. -Cyberwarfare is an attack carried out by a group of script kiddies. -It is a series of personal protective equipment developed for soldiers involved in nuclear war

It is Internet-based conflict that involves the penetration of information systems of other nations.

Why is Kali Linux a popular choice in testing the network security of an organization? -It is a network scanning tool that prioritizes security risks. -It is an open source Linux security distribution containing many penetration tools. -It can be used to test weaknesses by using only malicious software. -It can be used to intercept and log network traffic.

It is an open source Linux security distribution containing many penetration tools.

What is the dark web? -It is a website that reports the most recent activities of cybercriminals all over the world. -It is a website that sells stolen credit cards. -It is part of the internet where a person can obtain personally identifiable information from anyone for free -It is part of the internet that can only be accessed with special software.

It is part of the internet that can only be accessed with special software.

Which statement describes the function of the Server Message Block (SMB) protocol? -It is used to stream media contents. -It is used to manage remote PCs. -It is used to compress files stored on a disk. -It is used to share network resources.

It is used to share network resources.

Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain? PowerShell Windows Defender Windows Firewall Local Security Policy

Local Security Policy

Why do IoT devices pose a greater risk than other computing devices on a network? -Most IoT devices do not receive frequent firmware updates. -Most IoT devices do not require an Internet connection and are unable to receive new updates. -IoT devices cannot function on an isolated network with only an Internet connection. -IoT devices require unencrypted wireless connections.

Most IoT devices do not receive frequent firmware updates.

What are two advantages of the NTFS file system compared with FAT32? (Choose two.) NTFS allows faster access to external peripherals such as a USB drive. NTFS supports larger files. NTFS provides more security features. NTFS allows faster formatting of drives. NTFS is easier to configure. NTFS allows the automatic detection of bad sectors.

NTFS supports larger files. NTFS provides more security features.

What are two advantages of the NTFS file system compared with FAT32? (Choose two.) -NTFS is easier to configure. -NTFS supports larger files. -NTFS allows faster formatting of drives. -NTFS allows the automatic detection of bad sectors. -NTFS allows faster access to external peripherals such as a USB drive. -NTFS provides more security features.

NTFS supports larger files. NTFS provides more security features.

A worker in the records department of a hospital accidentally sends a medical record of a patient to a printer in another department. When the worker arrives at the printer, the patient record printout is missing. What breach of confidentiality does this situation describe? EMR PII PSI PHI

PHI

A user creates a file with .ps1 extension in Windows. What type of file is it? PowerShell documentation PowerShell cmdlet PowerShell script PowerShell function

PowerShell script

A user creates a file with .ps1 extension in Windows. What type of file is it? PowerShell function PowerShell cmdlet PowerShell documentation PowerShell script

PowerShell script

A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment? a.file viewer b.system viewer c.terminal emulator d.package management tool

c.terminal emulator

Which type of Windows PowerShell command performs an action and returns an output or object to the next command that will be executed? cmdlets functions routines scripts

cmdlets

A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application? a.Right-click the application and choose Run as root . b.Right-click the application and choose Run as Priviledge . c.Right-click the application and choose Run as Superuser . d.Right-click the application and choose Run as Administrator

d.Right-click the application and choose Run as Administrator .

Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)? a.It is easier to use than other operating systems. b.It is more secure than other server operating systems. c.More network applications are created for this environment. d.The administrator has more control over the operating system

d.The administrator has more control over the operating system

An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task? a.Computer Management b.DMZ c.Local Security Policy d.Windows Defender Firewall with Advanced Security

d.Windows Defender Firewall with Advanced Security

What are two benefits of using an ext4 partition instead of ext3? (Choose two.) a.compatibility with CDFS b.compatibility with NTFS c.decreased load time d.improved performance e.an increase in the number of supported devices f.increase in the size of supported files

d.improved performance f.increase in the size of supported files

Which two methods can be used to harden a computing device? (Choose two.) a.Allow USB auto-detection. b.Ensure physical security. c.Enforce the password history mechanism. d.Allow default services to remain enabled. d.Update patches on a strict annual basis irrespective of release date.

b.Ensure physical security. c.Enforce the password history mechanism.

Which type of Windows PowerShell command performs an action and returns an output or object to the next command that will be executed? a.scripts b.cmdlets c.routines d.functions

b.cmdlets

Which Linux command can be used to display the name of the current working directory? a.ps b.pwd c.chmod d.sudo

b.pwd

Which user can override file permissions on a Linux computer? a.any user that has 'group' permission to the file b.root user c.any user that has 'other' permission to the file d.only the creator of the file

b.root user

In the Linux shell, which character is used between two commands to instruct the shell to combine and execute these two commands in sequence? a.$ b.| c.# d.%

b.|

A group of users on the same network are all complaining about their computers running slowly. After investigating, the technician determines that these computers are part of a zombie network. Which type of malware is used to control these computers? botnet spyware virus rootkit

botnet

How does a security information and event management system (SIEM) in a SOC help the personnel fight against security threats? -by analyzing logging data in real time -by combining data from multiple technologies -by integrating all security devices and appliances in an organization -by dynamically implementing firewall rules

by combining data from multiple technologies

What is the well-known port address number used by DNS to serve requests? a.25 b.110 c.53 d.60

c.53

A technician has installed a third party utility that is used to manage a Windows 7 computer. However, the utility does not automatically start whenever the computer is started. What can the technician do to resolve this problem? a.Uninstall the program and then choose Add New Programs in the Add or Remove Programs utility to install the application. b.Use the Add or Remove Programs utility to set program access and defaults. c.Change the startup type for the utility to Automatic in Services . d.Set the application registry key value to one. e.Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads

c.Change the startup type for the utility to Automatic in Services .

Which statement describes the function of the Server Message Block (SMB) protocol? a.It is used to manage remote PCs. b.It is used to stream media contents. c.It is used to share network resources. d.It is used to compress files stored on a disk

c.It is used to share network resources.

What is the outcome when a Linux administrator enters the man man command? a.The man man command configures the network interface with a manual address b.The man man command provides a list of commands available at the current prompt c.The man man command provides documentation about the man command d.The man man command opens the most recent log file

c.The man man command provides documentation about the man command

A PC user issues the netstat command without any options. What is displayed as the result of this command? a.a local routing table b.a network connection and usage report c.a list of all established active TCP connections d.a historical list of successful pings that have been sent

c.a list of all established active TCP connections

Why is Linux considered to be better protected against malware than other operating systems? a.customizable penetration and protection tools b.fewer deployments c.file system structure, file permissions, and user account restrictions d.integrated firewall

c.file system structure, file permissions, and user account restrictions

Which type of tool allows administrators to observe and understand every detail of a network transaction? a.log manager b.ticketing system c.packet capture software d.malware analysis tool

c.packet capture software

What job would require verification that an alert represents a true security incident or a false positive? Alert Analyst Threat Hunter SOC Manager Incident Reporter

Alert Analyst

Which example illustrates how malware might be concealed? -A hacker uses techniques to improve the ranking of a website so that users are redirected to a malicious site. -An attack is launched against the public website of an online retailer with the objective of blocking its response to visitors. -A botnet of zombies carry personal information back to the hacker. -An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.

An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware.

. A technician has installed a third party utility that is used to manage a Windows 7 computer. However, the utility does not automatically start whenever the computer is started. What can the technician do to resolve this problem? -Set the application registry key value to one. -Use the Add or Remove Programs utility to set program access and defaults. -Change the startup type for the utility to Automatic in Services . -Uninstall the program and then choose Add New Programs in the Add or Remove Programs utility to install the application.

Change the startup type for the utility to Automatic in Services .

Which regulatory law regulates the identification, storage, and transmission of patient personal healthcare information? FISMA HIPAA PCI-DSS GLBA

HIPAA

Which cyber attack involves a coordinated attack from a botnet of zombie computers? DDoS MITM address spoofing ICMP redirect

DDoS

Which two methods can be used to harden a computing device? (Choose two.) -Allow default services to remain enabled. -Allow USB auto-detection. -Enforce the password history mechanism. -Update patches on a strict annual basis irrespective of release date. -Ensure physical security.

Enforce the password history mechanism. Ensure physical security.

A user logs in to Windows with a regular user account and attempts to use an application that requires administrative privileges. What can the user do to successfully use the application? -Right-click the application and choose Run as Priviledge . -Right-click the application and choose Run as Superuser . -Right-click the application and choose Run as Administrator . -Right-click the application and choose Run as root .

Right-click the application and choose Run as Administrator .

What is a benefit to an organization of using SOAR as part of the SIEM system? -SOAR was designed to address critical security events and high-end investigation. -SOAR would benefit smaller organizations because it requires no cybersecurity analyst involvement once installed. -SOAR automates incident investigation and responds to workflows based on playbooks. -SOAR automation guarantees an uptime factor of "5 nines".

SOAR automates incident investigation and responds to workflows based on playbooks.

Why would a network administrator choose Linux as an operating system in the Security Operations Center (SOC)? -It is easier to use than other operating systems. -More network applications are created for this environment. -It is more secure than other server operating systems. -The administrator has more control over the operating system.

The administrator has more control over the operating system.

What is the outcome when a Linux administrator enters the man man command? -The man man command configures the network interface with a manual address -The man man command opens the most recent log file -The man man command provides a list of commands available at the current prompt -The man man command provides documentation about the man command

The man man command provides documentation about the man command

An SOC is searching for a professional to fill a job opening. The employee must have expert-level skills in networking, endpoint, threat intelligence, and malware reverse engineering in order to search for cyber threats hidden within the network. Which job within an SOC requires a professional with those skills? Incident Responder Alert Analyst SOC Manager Threat Hunter

Threat Hunter

1. Which personnel in a SOC is assigned the task of verifying whether an alert triggered by monitoring software represents a true security incident? Tier 1 personnel Tier 2 personnel Tier 3 personnel SOC Manager

Tier 1 personnel

The term cyber operations analyst refers to which group of personnel in a SOC? Tier 1 personnel Tier 3 personnel Tier 2 personnel SOC managers

Tier 1 personnel

Which personnel in a SOC are assigned the task of hunting for potential threats and implementing threat detection tools? Tier 3 SME Tier 2 Incident Reporter Tier 1 Analyst SOC Manager

Tier 3 SME

Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the network? MITR Time to Control MITC MTTD

Time to Control

What technology was created to replace the BIOS program on modern personal computer motherboards? UEFI MBR CMOS RAM

UEFI

What technology was created to replace the BIOS program on modern personal computer motherboards? UEFI RAM CMOS MBR

UEFI

An IT technician wants to create a rule on two Windows 10 computers to prevent an installed application from accessing the public Internet. Which tool would the technician use to accomplish this task? -Local Security Policy -Computer Management -Windows Defender Firewall with Advanced Security -DMZ

Windows Defender Firewall with Advanced Security

A PC user issues the netstat command without any options. What is displayed as the result of this command? -a historical list of successful pings that have been sent -a list of all established active TCP connections -a network connection and usage report -a local routing table

a list of all established active TCP connections

Why is Kali Linux a popular choice in testing the network security of an organization? a.It is an open source Linux security distribution containing many penetration tools. b.It can be used to intercept and log network traffic. c.It can be used to test weaknesses by using only malicious software. d.It is a network scanning tool that prioritizes security risks

a.It is an open source Linux security distribution containing many penetration tools.

Which Windows tool can be used by a cybersecurity administrator to secure stand-alone computers that are not part of an active directory domain? a.Local Security Policy b.Windows Defender c.Windows Firewall d.PowerShel

a.Local Security Policy

A user creates a file with .ps1 extension in Windows. What type of file is it? a.PowerShell script b.PowerShell cmdlet c.PowerShell function d.PowerShell documentation

a.PowerShell script

Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.) a.nslookup cisco.com b.net cisco.com c.ping cisco.com d.nbtstat cisco.com e.ipconfig /flushdns

a.nslookup cisco.com c.ping cisco.com

Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file? ls -l analyst.txt -rwxrw-r-- sales staff 1028 May 28 15:50 analyst.txt a.read, write, execute b.read only c.read, write d.write only

a.read, write, execute

Which user account should be used only to perform system management and not as the account for regular use? guest power user standard user administrator

administrator

A company has just had a cybersecurity incident. The threat actor appeared to have a goal of network disruption and appeared to use a common security hack tool that overwhelmed a particular server with a large amount of traffic. This traffic rendered the server inoperable. How would a certified cybersecurity analyst classify this type of threat actor? terrorist hacktivist state-sponsored amateur

amateur

What is the purpose of using the net accounts command in Windows? a.to start a network service b.to display information about shared network resources c.to show a list of computers and network devices on the network d.to review the settings of password and logon requirements for users

d.to review the settings of password and logon requirements for users

Which two services are provided by security operations centers? (Choose two.) -responding to data center physical break-ins -monitoring network security threats managing comprehensive threat solutions -ensuring secure routing packet exchanges -providing secure Internet connections

ensuring secure routing packet exchanges providing secure Internet connections

Why is Linux considered to be better protected against malware than other operating systems? -customizable penetration and protection tools -fewer deployments -file system structure, file permissions, and user account restrictions -integrated firewall

file system structure, file permissions, and user account restrictions

What are two benefits of using an ext4 partition instead of ext3? (Choose two.) -an increase in the number of supported devices -improved performance compatibility with NTFS -increase in the size of supported files -decreased load time -compatibility with CDFS

improved performance increase in the size of supported files

Which two commands could be used to check if DNS name resolution is working properly on a Windows PC? (Choose two.) -nslookup cisco.com -net cisco.com -ipconfig /flushdns -nbtstat cisco.com -ping cisco.com

nslookup cisco.com ping cisco.com

Which type of tool allows administrators to observe and understand every detail of a network transaction? log manager malware analysis tool ticketing system packet capture software

packet capture software

Which Linux command can be used to display the name of the current working directory? sudo ps pwd chmod

pwd

When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user files have been locked. In order to get the files unencrypted, the user is supposed to send an email and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins as payment for the file decryption. After inspecting the message, the technician suspects a security breach occurred. What type of malware could be responsible? Trojan spyware adware ransomware

ransomware

Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file? read, write, execute write only read only read, write

read, write, execute

Consider the result of the ls -l command in the Linux output below. What are the file permissions assigned to the sales user for the analyst.txt file? write only read, write read only read, write, execute

read, write, execute

A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation? rogue access point password policy weak password user error user laptop

rogue access point

An employee connects wirelessly to the company network using a cell phone. The employee then configures the cell phone to act as a wireless access point that will allow new employees to connect to the company network. Which type of security threat best describes this situation? rogue access point cracking spoofing denial of service

rogue access point

Which user can override file permissions on a Linux computer? -any user that has 'group' permission to the file -only the creator of the file -any user that has 'other' permission to the file -root user

root user

Which three technologies should be included in a SOC security information and event management system? (Choose three.) -security monitoring -threat intelligence -proxy service -firewall appliance -intrusion prevention -log management

security monitoring threat intelligence log management

What are two examples of personally identifiable information (PII)? (Choose two.) -first name -IP address -language preference -street address -credit card number

street address credit card number

Which three are major categories of elements in a security operations center? (Choose three.) -technologies -Internet connection -processes -data center -people -database engine

technologies processes people

A Linux system boots into the GUI by default, so which application can a network administrator use in order to access the CLI environment? system viewer file viewer package management tool terminal emulator

terminal emulator

After a security incident is verified in a SOC, an incident responder reviews the incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident ticket be escalated? -the SOC manager to ask for other personnel to be assigned -an alert analyst for further analysis -a cyberoperations analyst for help -a SME for further investigation

the SOC manager to ask for other personnel to be assigned

What is the purpose of entering the netsh command on a Windows PC? -to configure networking parameters for the PC -to change the computer name for the PC -to create user accounts -to test the hardware devices on the PC

to configure networking parameters for the PC

What is the main purpose of cyberwarfare? -to protect cloud-based data centers -to develop advanced network devices -to gain advantage over adversaries -to simulate possible war scenarios among nations

to gain advantage over adversaries

What is the purpose of using the net accounts command in Windows? -to display information about shared network resources -to show a list of computers and network devices on the network -to start a network service -to review the settings of password and logon requirements for users

to review the settings of password and logon requirements for users

What websites should a user avoid when connecting to a free and open wireless hotspot? -websites to check account fees -websites to check product details -websites to check stock prices -websites to make purchases

websites to make purchases

When a user makes changes to the settings of a Windows system, where are these changes stored? win.ini Control Panel boot.ini Registry

win.ini

What type of cyberwarfare weapon was Stuxnet? botnet virus worm ransomware

worm

In the Linux shell, which character is used between two commands to instruct the shell to combine and execute these two commands in sequence? $ # % |

|