Quiz 1 - 3 CS Course

¡Supera tus tareas y exámenes ahora con Quizwiz!

Data in transit

A VPN service can be used for secure? (1.3.3.3: Securing Data in Transit)

To filter network traffic.

What is the primary purpose of a firewall? (1.3.4.5: Firewalls)

Kali

Which Linux distribution is specifically packaged for information security tasks such as security research or penetration testing?

Drivers

Which of the following is a Linux kernel-mode component? Sessions, Drivers, GNU Core Utilities (CLI), tty

Unpatched vulnerabilities

Which of the following is a common threat vector that occurs when software flaws are not addressed?

Active Directory (AD)

Which of the following terms provides a means to manage users and centralize network resource access management in Windows Environment? (1.5.2.2: Active Directory)

Nmap

Which tool can be used to scan and map computers on a network? (1.7.4.11: Tools of the Pentester)

Which state of data represents data that are actively being used?

Data in use

Reputation loss, financial impact, legal liability

How do breaches affect an organization? (1.1.4.4: How Breaches Affect an Organization)

Malicious activity aiming to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

How does the National Institute of Standards and Technology (NIST) define an 'attack' in the context of cybersecurity?

Select

In the risk management framework ,which phase of the framework involves determining the applicable controls needed to reduce business risk to an acceptable level?

Persistence

The Installation Phase related to Cyber Kill Chain, in most cases, represents? (1.7.3.1: Phases of the Cyber Kill Chain)

What is a common security issue in Linux systems?

Weak passwords, excessive superuser privileges, and vulnerabilities like unintended flaws that can be exploited.

Certification

What achievement is proof of technical knowledge backed by an industry-standard provider such as Microsoft or CompTIA?

Financial loss due to theft or destruction of data, Damage to reputation and loss of customer trust, Legal and regulatory penalties for non-compliance

What are some potential impacts of a cybersecurity breach? (1.1.4.6: Scale & Impact of a Breach)

Monitoring and filtering network traffic

What can be accomplished using a firewall?

Requiring more than one method of verification to access an account.

What does Multi-Factor Authentication (MFA) involve?

Preventing the unauthorized disclosure of sensitive information to protect sensitive data

What does confidentiality in cybersecurity specifically aim to protect?

Availability

What does the "A" in the CIA triad stand for? (1.2.3.0: Confidentiality, Integrity & Availability)

A set of rules and practices to manage user permissions and actions in a web application

What is Access Control as defined in the OWASP Top 10?

It offers robust functionality by closely with the operating system

What is a defining characteristic of a desktop application?

All of the above

What is a key driver for business investment in cybersecurity? Protection of company financial assets against cyber threats and potential breaches Assurance of operational continuity to prevent disruptions from cyber incidents Fulfillment of regulatory and compliance obligations related to information security

It has a folder-based file system.

What is a true statement about the Windows Operating System?

Software designed to help accomplish a task on a computer

What is an application in computing?

Password cracking

What is not considered a social engineering tactic? (1.7.4.1: Social Engineering Tactics)

Windows Defender ATP proactively seeks out misconfigured endpoints

What is one of the key functionalities of Windows Defender Advanced Threat Protection (ATP)?

A community-driven organization focused on application security

What is the Open Web Application Security Project (OWASP)?

Determine server purpose and requirements.

What is the first step to take when hardening a Linux system?

Creating new content from existing data

What is the primary focus of generative AI? (1.2.7.4: Generative AI)

Providing various IT solutions and services for business operations and customer support.

What is the primary function of Microsoft's Enterprise features, products, and services?

To separate internal networks from untrusted external traffic

What is the purpose of a demilitarized zone (DMZ)?

To verify network connectivity between hosts.

What is the purpose of the ping command? (1.3.1.6: Networking Command Examples)

Business continuity

What organizational plan is developed to deal with disasters and other difficult situations such as cyberattacks, outages, or supply chain failures? Correct answer:

Ethical hacker

What type of professional do organizations hire to legally hack into their networks and identify weak entry points?

On-path attack

Which attack allows an attacker sitting in between two stations to intercept information and sometimes to even change that information? (1.7.4.5: Well-Known Attacks)

ipconfig

Which command is used in Windows operating systems to display all current network configuration values, including IP addresses?

mkdir

Which command is used to create a new directory in the Linux operating system? (1.4.1.9: Linux Core Command Examples)

Segmentation

Which concept is used to divide a network into multiple zones? (1.3.4.1: Network Segmentation)

iptables

Which control enables the creation of rules that allow or block traffic?

Poor patch management

Which is a likely cause of the continued issues related to the EternalBlue vulnerability?

LAN Local Area Network

Which network infrastructure type connects users and end devices located in a small area such as an office building?

A hacker operates for moral and legal purposes.

Which of the following approaches would be considered as an ethical hacker? (1.2.4.9: Hacker Classifications)

Reviewing the LinkedIn profiles of target organizations' employees.

Which of the following definitions does not describe an active attack? (1.3.2.5: Passive vs. Active Attacks)

Market Share

Which of the following is NOT a standard term in cybersecurity terminology? Asset, Threat, Risk, Market Share

Convenience

Which of the following is NOT considered a factor of risk? Threat, Convenience, Cost, Mitigation

Data under investigation

Which of the following is not one of the three states of data? (1.3.3.0: Three States of Data)

Asset + vulnerability + threat = risk

Which of the following is the correct equation for risk? (1.2.2.0: Risk? What Is It?)

DoS

Which of the following options best describes an attack that renders a machine inaccessible to its intended users by flooding the target with traffic or sending it information that triggers a crash? (1.7.4.12: Well-Known Attacks)

Command and control (C2)

Which of the following options best describes the Lockheed Martin Cyber Kill Chain phase whereby the attacker opens and maintains a communication channel between the target and the attacker? (1.7.3.1: Phases of the Cyber Kill Chain)

Hardening

Which term best describes actions taken to increase infrastructure security?


Conjuntos de estudio relacionados

Module 4 - Macro. Unemployment, Inflation...

View Set

2020-21 HCS 6th Grade Unit 4C: Latin American Revolutions

View Set