CySA Chapter 2
A. Susan's best option is to use an automated testing sandbox that analyzes the applications for malicious or questionable behavior.
Susan needs to test thousands of submitted binaries, She needs to ensure that the applications do not contain malicious code. What technique is best suited to this need? A. Sandboxing B. Implementing a honeypot C. Decompiling and analyzing the application code D. Fagan testing
B.
What purpose does a honeypot system serve when placed on a network as shown in the following diagram? A. Prevents attackers from targeting production servers B. Provides info about the techniques attackers are using C. Slows down attackers like sticky honey D. Provides real-time input to IDSs and IPSs
C. Trusted foundries are part of the DoD's program that ensures hardware components are trustworthy and have not been compromised.
What supplier should one seek out if one is required to ensure that the chips and other hardware level components do not include malware or other potential attack vectors, as part of a government acquisitions program for the US department of defense? A. A TPM B. An OEM provider C. A trusted foundry D. A gray-market provider
C. Tarpits are a form of active defense that decoy or bait attackers. Passive defenses include cryptography, security architecture, and similar options.
A tarpit, or a system that looks vulnerable but actually is intended to slow down attackers, is an example of what type of technique? A. A passive defense B. A sticky defense C. An active defense D. A reaction-based defense
C. Manesh knows that the file she downloaded and computed a checksum for does not match the MD5 checksum that was calculated by the providers of the software
Manesh downloads a new security tool and checks its MD5. What does she know about the software she downloaded if she receives the following message: root@demo:# md5sum -c demo.md5 demo.txt: FAILED md5sum: WARNING: 1 computed checksum did NOT match A. The file has been corrupted. B. Attackers have modified the file. C. The files do not match. D. The test failed and provided no answer.
