Cyber Security Jeopardy

Which of the following are commonly used port scanning applications? (Select two correct answers)

Zenmap Nmap

what is the first stage of a penetration test

conducting active or passive reconnaissance

A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?

confidentiality

When describing malware, what is a difference between a virus and a worm?

A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.

Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability?

Access control problems

Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what?

Advanced persistent threat

An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

Availability

What names are given to a database where all cryptocurrency transactions are recorded? (Select two correct answers)

Blockchain Ledger

What of the following are examples of cracking an encrypted password? (Choose four correct answers)

Brute force attack Rainbow tables Spraying Dictionary attack

What vulnerability occurs when data is written beyond the memory areas allocated to an application?

Buffer overflow

Which two tool are used to detect infected proxy servers?

IDS Netflow

Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government?

CompTIA Security+

You are configuring access settings to require employees in your organization to authenticate first before accessing certain web pages. Which requirement of information security is addressed through this configuration?

Confidentiality

What type of attack uses zombies?

DDoS

What are the objectives of ensuring data integrity? (Choose two correct answers)

Data is unaltered during transit Data is not changed by unauthorized entities

what is NMAP for

Detection of open ports.

What tool is used to lure an attacker so that an administrator can capture, log and analyze the behavior of the attack?

Honeypot

Which of the following firewalls filters ports and system service calls on a single computer operating system?

Host-based firewall

Which term describes the private browser mode for Google Chrome?

Incognito

What is the best way to avoid getting spyware on a machine?

Install software only from trusted websites

Which of the following are examples of on-path attacks? (Choose two correct answers)

Man-in-the-Mobile Man-in-the-Middle

Which of the following firewalls hides or masquerades the private addresses of network hosts?

Network address translation firewall

Which of the following firewalls filters traffic based on source and destination IP addresses?

Network layer firewall

What type of infiltration method allows attackers to quietly capture two-step verification SMS messages sent to users in a Man-in-the-Mobile (MITMO) attack?

On-Path attack

Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?

Open authorization

Which of the following firewalls filters web content requests such as URLs and domain names?

Proxy server

What vulnerability occurs when the output of an event depends on ordered or timed outputs?

Race conditions

Which of the following firewalls are placed in front of web services to protect, hide, offload and distribute access to web servers?

Reverse proxy server

What do you call the vulnerabilities discovered by Google security researchers that affect almost all CPUs released since 1995? (Select two correct answers)

Spectre Meltdown

What is the main function of the Cisco Security Incident Response Team?

To ensure company, system and data preservation

What is the main purpose of cyberwarfare?

To gain advantage over adversaries

Which of the following firewalls filters traffic based on source and destination data ports and filtering based on connection states?

Transport layer firewall

What is an example of cyber kill chain

planned process of cyber attacks

Which stage of the kill chain used by attackers focuses on the identification and selection of targets?

reconnaissance