WHOLE TEST answers and study guide
What is the best method to avoid getting spyware on a machine?
Install software only from trusted websites.
Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?
Open Authorization
What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network?
Place all IoT devices that have access to the Internet on an isolated network.
What is an example of the a Cyber Kill Chain?
a planned process of cyberattack
What tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack?
honeypot
Which two tools used for incident detection can be used to detect anomalous behavior, to detect command and control traffic, and to detect infected hosts? (Choose two.)
intrusion detection system and NetFlow
The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?
DDoS
What type of attack uses zombies?
DDoS
What are two objectives of ensuring data integrity? (Choose two.)
Data is unaltered during transit. and Data is not changed by unauthorized entities.
A medical office employee sends emails to patients about recent patient visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?
patient records
When describing malware, what is a difference between a virus and a worm?
A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
Which statement describes cybersecurity?
It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?
availability
A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?
confidentiality
What action will an IDS take upon detection of malicious traffic?
create a network alert and log the detection
For what purpose would a network administrator use the Nmap tool?
detection and identification of open ports
Which stage of the kill chain used by attackers focuses on the identification and selection of targets?
reconnaissance
What is one main function of the Cisco Security Incident Response Team?
to ensure company, system, and data preservation
What is the main purpose of cyberwarfare?
to gain advantage over adversaries
True or False? An employee does something as a company representative with the knowledge of that company and this action is deemed illegal. The company would be legally responsible for this action.
true
What are two security implementations that use biometrics? (Choose two.)
voice recognition and fingerprint