TestOut Security Pro Semester 1 Review (Thorough version)
Impacts of Vulnerabilities (know 3)
-Data loss -Data breach -Data exfiltration -Identity theft -Availability loss
Network Vulnerabilities (know 3)
-Default accounts and passwords -Weak passwords -Privilege escalation -Backdoor -Cloud-based and third-party systems -Inherent vulnerabilities -Application flaws -Misconfigurations -Root account
Countermeasures (know 3)
-Provides a security solution to an identified problem. -Is not dependent on secrecy. -Is testable and verifiable. -Provides uniform or consistent protection for all assets and users. -Is independent of other safeguards. -Requires minimal human intervention. -Is tamper-proof. -Has overrides and fail-safe defaults.
Malware prevention (know 3)
-Use the latest version and patch level for your web browser. -Install the latest patches for the operating system. -Install antivirus, anti-spyware, anti-rootkit, and personal firewall software. -Keep definition files up-to-date. -Use a pop-up blocker to prevent adware. -Use software to control cookies on the system. -Perform regular scheduled scans to look for malware. -Choose anti-malware software from a reputable company. Don't let scareware fool you into purchasing a product that may not work.
Malware recovery (know 1)
-You may have to reinstall applications, features, or even the entire operating system from scratch. -If your organization uses imaging solutions, you can quickly re-image a machine if it is infected with malware. Re-imaging or installing from scratch is often faster and more effective than malware removal and cleanup. -Remediation is the process of correcting problems. Most antivirus software remediates problems automatically or semi-automatically by prompting you to identify the action to take. Possible actions in response to problems are: -Repair the infection. Repair is possible for true viruses that have attached themselves to valid files. During the repair, the virus is removed and the file is placed back in its original state, if possible. -Quarantine the file. Quarantine moves the infected file to a secure folder where it cannot open or run normally. You might quarantine an infected file that cannot be repaired to see if another tool or utility might be able to recover the file at another time. -Delete the file. You should delete malicious files such as worms, Trojan horse programs, spyware, or adware programs. -Periodically review the quarantine folder and delete any files you do not want to recover.
You want to close all ports associated with NetBIOS on your network's firewalls to prevent attacks directed against NetBIOS. Which ports should you close? 67, 68 135, 137-139 161, 162 389, 636
135, 137-139
To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now, you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.) 443 80 23 21 20
20 and 21
To increase security on your company's internal network, the administrator has disabled as many ports as possible. However, now you can browse the internet, but you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions? 23 21 69 80 443
443
What is the recommended humidity level for server rooms? 10% or lower 30% 50% 70% or higher
50%
Remote Access Trojan (RAT)
A _____ _____ _____ is a malware program that includes a back door that allows administrative control over the target computer.
Trusted Operating System (TOS)
A _____ _____ _____ is an operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation.
Trojan horse
A _____ _____ is a malicious program that is disguised as legitimate or desirable software.
Watering hole
A _____ _____ is a passive computer attack technique in which an attacker anticipates or observes the websites an organization uses often and infects them with malware.
Script kiddie
A _____ _____ is an individual who carries out an attack by using scripts or programs written by more advanced hackers.
Cold aisle
A _____ _____ is created by having the front of the equipment face toward the center of the aisle. Typically, cold aisles face air conditioner output ducts.
Logic bomb
A _____ _____ is designed to execute only under predefined conditions. It lies dormant until the predefined condition is met.
Nation state
A _____ _____ is the most organized, well-funded, and dangerous type of threat actor.
Demilitarized zone (DMZ)
A _____ _____ provides enhanced security by isolating your publicly accessible network from your privately accessible network.
technical approach
A _____ _____ to obtaining information includes using software or utilities to find vulnerabilities in a system.
Fileless virus
A _____ _____ uses legitimate programs to infect a computer.
Zombie
A _____ is a malware-infected computer that allows remote software updates and control by a command and control center called a _____ master.
Worm
A _____ is a self-replicating program.
Rootkit
A _____ is a set of programs that allows attackers to maintain permanent administrator-level, hidden access to a computer.
Breach
A _____ is the penetration of system defenses.
Botnet
A _____ refers to a group of zombie computers that are commanded from a central control infrastructure.
Competitor
A _____ threat actor carries out attacks on behalf of an organization and targets competing companies.
Double-entry door
A _____-_____ _____ has two doors that are locked from the outside but have crash bars on the inside that allow easy exit.
Turnstile
A barrier that permits entry in only one direction.
Hacker
A catch-all term used to describe any individual who uses technical knowledge to gain unauthorized access to an organization.
Service pack
A collection of patches, hotfixes, and system enhancements that have been tested by the manufacturer for wide deployment.
Milestone
A component of a manageable network plan that indicates an action or event.
Patch
A fix that is more thoroughly tested than a hotfix an designed for a wider deployment.
Administrative share
A folder that is available only to an administrative user.
Shared folder
A folder whose contents are available over the network.
Which of the following is the BEST definition of the term hacker? -Any individual whose attacks are politically motivated. -A threat actor whose main goal is financial gain. -The most organized, well-funded, and dangerous type of threat actor. -A general term used to describe any individual who uses their technical knowledge to gain unauthorized access to an organization. -A threat actor who lacks skills and sophistication but wants to impress their friends or garner attention.
A general term used to describe any individual who uses their technical knowledge to gain unauthorized access to an organization.
Which of the following describes a configuration baseline? -A list of common security settings that a group or all devices share -The minimum services required for a server to function -A set of performance statistics that identifies normal operating performance -A collection of security settings that can be automatically applied to a device
A list of common security settings that a group or all devices share
Access list
A list of personnel who are authorized to enter a secure facility
Which of the following is the strongest form of multi-factor authentication? -Two passwords -A password and a biometric scan -A password, a biometric scan, and a token device -Two-factor authentication
A password, a biometric scan, and a token device
Manageable network plan
A process created by the National Security Agency (NSA) to assist in making a network manageable, defensible, and secure.
Which of the following describes a logic bomb? -A type of malicious code similar to a virus whose primary purpose is to duplicate itself and spread while not necessarily intentionally damaging or destroying resources. -A program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found. -A program that performs a malicious activity at a specific time or after a triggering event. -A program that appears to be a legitimate application, utility, game, or screensaver that performs malicious activities surreptitiously.
A program that performs a malicious activity at a specific time or after a triggering event.
Hotfix
A quick fix for a specific software problem.
Layered security
A security approach that combines multiple security controls and defenses to create a cumulative effect.
Layered security model
A security approach that defines seven layers of security.
Air gap
A security method that physically isolates a portion of the network (such as a computer, a server, or a small network of computers) from the internet or any other unsecured networks.
Configuration baselines
A set of consistent requirements for a workstation or server. A security baseline is a component of the _____ _____ that ensures that all workstations and servers comply with the security goals of the organization.
White hat
A skilled hacker who uses knowledge and skills only for defensive purposes.
Mantrap
A specialized entrance with two locking doors that create a security buffer zone between two areas.
Elicitation
A technique used to extract information from a target without arousing suspicion.
Advanced Persistent Threat (APT)
A type of persistent threat carried out by a nation state. An APT has the goal of continually stealing information without being detected.
Which of the following is an example of an internal threat? A delivery man is able to walk into a controlled area and steal a laptop. A server backdoor allows an attacker on the internet to gain access to the intranet site. A user accidentally deletes the new product designs. A water pipe in the server room breaks.
A user accidentally deletes the new product designs.
Smart card
Access cards that have encrypted access information. _____ _____ can be contactless or require contact.
You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but he should not have any access to the Confidential.xls file. What should you do? -Configure NTFS permissions for Confidential.xls to allow read-only. -Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions. -Remove Mark Mangum from the Managers group. -Add Mark Mangum to the ACL for the Reports directory with Deny permissions.
Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions.
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems? -Add line conditioners in the server room. -Add a humidifier to the server room. -Add a separate A/C unit in the server room. -Add a de-humidifier to the server room.
Add a separate A/C unit in the server room.
A computer or small network that is not connected to the rest of the network or the internet is known as: -Vault -Air gap -DMZ -Faraday cage
Air gap
What does the netstat -a command show? -All listening and non-listening sockets -All connected hosts -All listening sockets -All network users
All listening and non-listening sockets
You have configured the following rules. What is the effect? sudo iptables -A INPUT -p tcp --dport 25 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPTsudo iptables -A OUTPUT -p tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT -Allow SSH traffic -Block SMTP traffic -Block SSH traffic -Allow SMTP traffic
Allow SMTP traffic
Organized Crime
An _____ _____ threat actor consists of a group of cybercriminals whose main goal is financial gain.
Insider
An _____ is any individual who has authorized access to an organization and either intentionally or unintentionally carries out an attack.
Exploit
An _____ takes advantage of known vulnerabilities in software and systems.
Exploit
An act, procedure, or piece of software that takes advantage of a vulnerability to carry out an attack.
Being a good listener
An attacker may approach a target and carefully listen to what the target has to say, validate any feelings the target expresses, and share similar experiences, which may be real or fabricated.
Compliments
An attacker may give a target a _____ about something the target did.
Vulnerability
An opening or weakness in the system.
Which of the following BEST describes an inside attacker? -A good guy who tries to help a company see their vulnerabilities. -An attacker with lots of resources and money at their disposal. -An unintentional threat actor. This is the most common threat. -An agent who uses their technical knowledge to bypass security.
An unintentional threat actor. This is the most common threat.
File Transfer Protocol (FTP)
Anonymous login allows unrestricted access to the _____ _____ _____ server.
Which of the following is the correct definition of a threat? Absence or weakness of a safeguard that could be exploited Any potential danger to the confidentiality, integrity, or availability of information or systems The likelihood of an attack taking advantage of a vulnerability Instance of exposure to losses from an attacker
Any potential danger to the confidentiality, integrity, or availability of information or systems
Threat
Anything that has the potential to cause the loss of an asset.
Feigning ignorance
Attackers might make a wrong statement and then admit to not knowing much about the subject.
Social media
Attackers use _____ _____ to scam users. These scams are designed to entice the user to click a link that brings up a malicious site the attacker controls.
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering? -Persuasive -Social validation -Commitment -Authority
Authority
Internal threat agents
Authorized individuals that carry out an attack by exploiting their inherent privileges. This category includes employees (both current and former), janitors, security guards, and even customers.
Sometimes, an attacker's goal is to prevent access to a system rather than to gain access. This form of attack is often called a denial-of-service attack and causes which impact? -Data exfiltration -Data loss -Identity theft -Availability loss
Availability loss
If a fingerprint or retina scan is required to open a secured door, which kind of physical security has been implemented? -Access list -Mantrap -Double-entry door -Biometric locks
Biometric locks
Which deviation in power is the longest in duration? -Blackout -Surge -Transient -Sag
Blackout
A collection of zombie computers have been set up to collect personal information. Which type of malware do the zombie computers represent? Logic bomb Spyware Trojan horse Botnet
Botnet
Penetrating system defenses to gain unauthorized access is known as...
Breaching
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Select two.) -Change default account passwords. -Implement separation of duties. -Remove any backdoors. -Conduct privilege escalation. -Apply all patches and updates.
Change default account passwords and apply all patches and updates.
Manage software
Check that all software has up-to-date licenses and install only needed software.
Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components? -Class A -Class B -Class C -Class D
Class C
In 2001, a worm exploited vulnerabilities in Microsoft Internet Information Services (IIS) to infect over 250,000 systems in under nine hours. What was this worm called? -Michelangelo -Melissa -Nimda -Code Red
Code Red
A user copies files from her desktop computer to a USB flash device and puts the device into her pocket. Which of the following security risks is most pressing? Integrity Availability Non-repudiation Confidentiality
Confidentiality
Which of the following are often identified as the three main goals of security? (Select three.) Non-repudiation Employees Assets Confidentiality Availability Integrity Policies
Confidentiality, availability, integrity
You have hired 10 new temporary workers who will be with the company for three months. You want to make sure that the user accounts cannot be used for login after that time period. What should you do? -Configure account lockout in Group Policy. -Configure account expiration in the user accounts. -Configure day/time restrictions in the user accounts. -Configure account policies in Group Policy.
Configure account expiration in the user accounts.
Which of the following do security templates allow you to do? (Select two.) -Apply new software patches -Configure consistent security settings between devices -Fix a specific software problem -Quickly apply settings to multiple computers -Block malicious websites
Configure consistent security settings between devices and quickly apply settings to multiple computers
Which of the following reduces the risk of a threat agent being able to exploit a vulnerability? Implementation of VLANs Countermeasures Secure data transmissions Manageable network plans
Countermeasures
You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the BEST way to accomplish this? -Create a distribution group for the managers. Add all users as members of the group. Add the group to the file's DACL. -Add one manager to the DACL that grants all permissions. Have this user add other managers as required. -Add each user account to the file's DACL. -Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
As you go through the process of making your network more manageable, you discover that employees in the sales department are on the same network segment as the human resources department. Which of the following steps can be used to isolate these departments? -Create a separate VLAN for each department. -Move the sales department into the DMZ. -Implement the principle of least privilege for the human resources department. -Identify the choke points on your network.
Create a separate VLAN for each department.
Backdoor
Creating a _____ is an alternative method of accessing an application or operating system for troubleshooting.
Which type of update should be prioritized even outside of a normal patching window? -Microsoft updates -Critical updates -Security updates -Monthly updates
Critical updates
Which of the following items would be implemented at the Data layer of the security model? Auditing Cryptography Authentication Group policies
Cryptography
Which special network area is used to provide added protection by isolating publicly accessible servers? -VLAN -Intranet -Internet -DMZ
DMZ
Jason is at home, attempting to access the website for his music store. When he goes to the website, it has a simple form asking for a name, email, and phone number. This is not the music store website. Jason is sure the website has been hacked. How did the attacker accomplish this hack? -Host file modification -DNS cache poisoning -Social networking -Feigning ignorance
DNS cache poisoning
When confidential or protected data is exposed, either intentionally or accidentally, it is considered to be which of the following? -Availability loss -Data loss -Data breach -Data exfiltration
Data breach
DNS tunneling is a common method that allows an attacker to accomplish which attack? -Data loss -Availability loss -Medical identity theft -Data exfiltration
Data exfiltration
Every ACME computer comes with the same account created at the factory. Which kind of vulnerability is this? -Backdoor -Default accounts and passwords -Misconfigurations -Weak passwords
Default accounts and passwords
Variety
Defensive layers should incorporate a variety of methods.
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry? -Install security cameras -Use key locks rather than electronic locks -Deploy a mantrap -Use weight scales
Deploy a mantrap
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, an administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in? -Development phase -Exploitation phase -Elicitation phase -Research phase
Development phase
Which of the following actions should you take to reduce the attack surface of a server? -Install anti-malware software. -Disable unused services. -Install a host-based IDS. -Install the latest patches and hotfixes.
Disable unused services.
Which of the following BEST describes a cyber terrorist? Desires some kind of financial reward or revenge Exploits internal vulnerabilities to steal information Disrupts network-dependent institutions Downloads and runs attacks available on the internet
Disrupts network-dependent institutions
Which of the following is a common social engineering attack? -Logging on with stolen credentials -Distributing hoax virus-information emails -Distributing false information about an organization's financial status -Using a sniffer to capture network traffic
Distributing hoax virus-information emails
Documenting procedures and processes are part of which milestone in the NSA's Manageable Network Plan? -Reach Your Network -Prepare to Document -Document Your Network -Control Your Network
Document Your Network
Which action would you use in a rule to disallow a connection silently? -Drop -Reject -Forward -Accept
Drop
Observation
During these interviews and interrogations, the hacker pays attention to every change the target displays.
What should you consider security baselines? -Dynamic -Suggestion -Unchangeable -Static
Dynamic
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files every day. What else should you do to protect your systems from malware? (Select two.) -Educate users about malware. -Enable chassis intrusion detection. -Disable UAC. -Enable account lockout. -Schedule regular full-system scans.
Educate users about malware AND schedule regular full-system scans
A Faraday cage is used to prevent what from leaving an area? -Network packets -Hackers -Electromagnetic emissions -Computers
Electromagnetic emissions
It is important to follow correct procedures when running electrical cables next to data cables in order to protect against which environmental concern? -Electromagnetic interference -Temperature -Airflow -Humidity
Electromagnetic interference
Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique? -Preloading -Elicitation -Impersonation -Interrogation
Elicitation
Hoax/Hoaxes
Email ____ are often easy to spot because of the bad spelling and terrible grammar.
Which of the following is the single greatest threat to network security? Employees Unsecure physical access to network resources Weak passwords Email phishing
Employees
The 3 types of threat agents
Employees, spies, and hackers.
Control Your Network (User Access)
Ensures network security, but restricts user access.
Map Your Network
Ensures that you are aware of all the components of the network and that you know where the physical devices are.
Configuring additional rights to do more than breach the system is known as...
Escalating privileges
Manage Your Network Part I (Patch Management)
Establishes an update-management process for all software on your network.
Prepare to Document
Establishing the process you will use to document your network.
Which option is a benefit of CCTV? -Increase security protection throughout an environment -Expand the area visible by security guards -Provide a corrective control -Reduce the need for locks and sensors on doors
Expand the area visible by security guards
Crashing systems is known as...
Exploitation
Stealing information is known as...
Exploitation
The _____ _____ _____ _____ provides a method for mutual authentication of devices within the SAN.
Fiber Channel Authentication Protocol (FCAP)
Host
Fifth layer of security. Log management, OS hardening, patch implementation, patch management, auditing, anti-malware, and password attack prevention on each workstation, laptop, and mobile device.
Which kind of virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions? Remote Access Trojan (RAT) Ransomware Fileless virus Worm
Fileless virus
Which of the following items would you secure in the Perimeter layer of the security model? VLANs Switches Routers Firewalls
Firewalls
Policies, procedures, and awareness
First layer of security. User education; manageable network plans; and employee onboarding and off-boarding procedures.
Network
Fourth layer of security. The installation and configuration of switches and routers; implementation of VLANs; penetration testing; and virtualization use.
Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? (Select two.) -Security Configuration and Analysis -Group Policy -Security Templates -WSUS
Group Policy and WSUS
Which of the following threat actors seeks to defame, shed light on, or cripple an organization or government? -Insider -Script kiddie -Competitor -Hacktivist -Nation state
Hacktivist
By definition, what is the process of reducing security exposure and tightening security controls? -Social engineering -Active scanning -Hardening -Passive reconnaissance
Hardening
Prepare to Document means establishing the process you will use to document your network. Which of the following makes this documentation more useful? -Identify who is responsible for each device. -Have a printed hard copy kept in a secure location. -Automate administration as much as possible. -Identify the choke points on the network.
Have a printed hard copy kept in a secure location.
Reach Your Network (Device Accessibility)
Helps to ensure that all of the devices on your network can be easily accessible while still maintaining the device's security. This includes physical access as well as remote access.
Most equipment is cooled by bringing cold air in the front and ducting the heat out of the back. What is the term for where the heat is sent in this type of scenario? -Hot aisle -Cold aisle -Front aisle -Back aisle
Hot aisle
You have recently been hired as the new network administrator for a startup company. The company's network was implemented prior to your arrival. One of the first tasks you need to complete in your new position is to develop a manageable network plan for the network. You have already completed the first and second milestones, in which documentation procedures were identified and the network was mapped. You are now working on the third milestone, which is identifying ways to protect the network. Which tasks should you complete as a part of this milestone? (Select two.) -Set account expiration dates. -Identify and document each user on the network. -Physically secure high-value systems. -Apply critical patches whenever they are released. -Create an approved application list for each network device.
Identify and document each user on the network and physically secure high-value systems.
Protect Your Network (Network Architecture)
Identify and document each user on the network and the information the user has access to.
Which impact of vulnerabilities occurs when an attacker uses information gained from a data breach to commit fraud by doing things like opening new accounts with the victim's information? -Data exfiltration -Data loss -Identity theft -Availability loss
Identity theft
Having a legitimate reason for approaching someone to ask for sensitive information is called what? -Impersonation -Footprinting -Pretexting -Preloading
Impersonation
You are an IT consultant. You are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. She informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media. You notice the organization's network switch is kept in the server closet. You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. The office manager informs you that her desktop system no longer boots and asks you to repair or replace it, recovering as much data as possible in the process. You take the workstation back to your office to work on it. Which security-related recommendations should you make to this client? -Implement a hardware checkout policy. -Replace the tape drive used for backups with external USB hard disks. -Keep the network infrastructure devices (switch and all-in-one device) in a locked room separate from network servers. -Upgrade the server closet lock to a biometric authentication system.
Implement a hardware checkout policy.
Spear phishing
In _____ _____, an attacker gathers information about the victim, such as the online bank.
SMS phishing (smishing)
In _____ _____, the attacker sends a text message with a supposedly urgent topic to trick the victim into taking immediate action.
Phishing
In a _____ attack, the social engineer masquerades as a trustworthy entity in an electronic communication.
Interview
In the _____ phase, the attacker lets the target do the talking while the attacker mostly listens.
Interrogation
In the _____ phase, the attacker talks about the target's statements.
External threat agents
Individuals or groups that attack a network from the outside and seek to gain unauthorized access to data.
Power, heating, ventilation, air conditioning systems (HVAC), and utilities are all components of which term? -Infrastructure -Hot aisle -Cold aisle -Network protection
Infrastructure
Infrastructure
Infrastructure refers to the systems that support the site. Infrastructure components include AC, power, heating, ventilation, air conditioning systems (HVAC), gas and water.
In healthcare, regulations often dictate that important systems remain unpatched to maintain compliance. Which kind of vulnerability does this introduce? -Weak passwords -Misconfigurations -Application flaws -Inherent vulnerabilities
Inherent vulnerabilities
In which of the iptables default chains would you configure a rule to allow an external device to access the HTTPS port on the Linux server? -Forward -Input -Output -Accept
Input
The IT manager in your organization proposes taking steps to deflect a potential threat actor. The proposal includes the following: --Create and follow onboarding and off-boarding procedures. --Employ the principal of least privilege. --Have appropriate physical security controls in place. Which type of threat actor do these steps guard against? -Insider -Competitor -Script kiddie -Hacktivist
Insider
Your computer system is a participant in an asymmetric cryptography system. You've created a message to send to another user. Before transmission, you hash the message and encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, which protection does the hashing activity provide? Confidentiality Non-repudiation Availability Integrity
Integrity
An employee stealing company data could be an example of which kind of threat actor? -Non-persistent threat -Internal threat -External threat -Persistent threat
Internal threat
Which of the following could an employee also be known as? Cybercriminal Internal threat Script kiddie Exploit
Internal threat
Which of the following best describes spyware? -It monitors user actions that denote personal preferences and then sends pop-ups and ads to the user that match their tastes. -It is a malicious program disguised as legitimate software. -It is a program that attempts to damage a computer system and replicate itself to other computer systems. -It monitors the actions you take on your machine and sends the information back to its originating source.
It monitors the actions you take on your machine and sends the information back to its originating source.
A script kiddie is a threat actor who lacks knowledge and sophistication. Script kiddie attacks often seek to exploit well-known vulnerabilities in systems. What is the BEST defense against script kiddie attacks? -Implement email filtering systems. -Build a comprehensive security approach that uses all aspects of threat prevention and protection. -Keep systems up to date and use standard security practices. -Have appropriate physical security controls in place. Properly secure and store data backups.
Keep systems up to date and use standard security practices.
Which of the following is the most important thing to do to prevent console access to the router? -Keep the router in a locked room. -Implement an access list to prevent console connections. -Set the console and enable secret passwords. -Disconnect the console cable when not in use.
Keep the router in a locked room.
Which of the following is a security approach that combines multiple security controls and defenses? Cumulative security Layered security Network security Countermeasure security Perimeter security
Layered security
Eliminating single points of failure is known as...
Layering
Implementing multiple security measures to protect the same asset is known as...
Layering
Control login
Limit privileges, especially administrative privileges.
Which of the following controls is an example of a physical access control method? -Smart cards -Hiring background checks -Passwords -Access control lists with permissions -Locks on doors
Locks on doors
Mnemonic for the worms
MICNK or MINCK: Monkeys Indeed Check New Kings, Mozart Inspects Newly Crowned King
You walk by the server room and notice that a fire has started. What should you do first? -Call the fire department. -Grab a fire extinguisher and try to put out the fire. -Turn on the overhead sprinklers. -Make sure everyone has cleared the area.
Make sure everyone has cleared the area.
In which milestone should you use a network scanner and then confirm the scan manually with a room-by-room walkthrough? -Prepare to Document -Protect Your Network -Map Your Network -Reach Your Network
Map Your Network
Worm names
Melissa, ILOVEYOU, Code Red, Nimda, and Klez
Which Microsoft tool can be used to review a system's security configuration against recommended settings? -Registry Editor -Windows Defender -Microsoft Internet Explorer -Microsoft Baseline Security Analyzer
Microsoft Baseline Security Analyzer
Which of the following is an example of a vulnerability? Virus infection Unauthorized access to confidential resources Misconfigured server Denial-of-service attack
Misconfigured server
Social engineers are master manipulators. Which of the following are tactics they might use? -Eavesdropping, ignorance, and threatening -Moral obligation, ignorance, and threatening -Shoulder surfing, eavesdropping, and keylogging -Keylogging, shoulder surfing, and moral obligation
Moral obligation, ignorance, and threatening
You have a file server named Srv3 that holds files used by the development department. You want to allow users to access the files over the network and control access to files accessed through the network or through a local logon. Which solution should you implement? -Share permissions and file screens -Share permissions and quotas -NTFS and share permissions -NTFS permissions and file screens
NTFS and share permissions
_____ _____ _____ is a standalone storage device or appliance that acts as a file server.
Network attached storage (NAS)
By definition, which security concept uses the ability to prove that a sender undeniably sent an encrypted message? Integrity Non-repudiation Privacy Authentication
Non-repudiation
You have placed a File Transfer Protocol (FTP) server in your DMZ behind your firewall. The FTP server is to be used to distribute software updates and demonstration versions of your products. However, users report that they are unable to access the FTP server. What should you do to enable access? -Move the FTP outside of the firewall. -Open ports 20 and 21 for inbound and outbound connections. -Install a VPN. -Define user accounts for all external visitors.
Open ports 20 and 21 for inbound and outbound connections.
A hacker scans hundreds of IP addresses randomly on the internet until they find an exploitable target. What kind of attack is this? -Insider attack -Opportunistic attack -Nation state attack -Targeted attack
Opportunistic attack
Which device is often employed by power companies to protect cabling infrastructure from having cables added or removed and to prevent emissions from being retrieved from the air? -USB data blocker -Faraday cage -PDS -Air gap
PDS
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose? -PTZ -Bullet -Dome -C-mount
PTZ
Mnemonic (memory tool) for layers of security: PPPNHAD
Papa's Pizzeria Party, No Ham All Day
Burning, pulping, and shredding are three ways to securely dispose of data in which form? -Cloud -Tape -Paper -Disk
Paper
When training your employees on how to identify various attacks, which of the following policies should you be sure to have and enforce? (Select two.) Password policies Clean desk policies Usage policies Encryption policies Group policies
Password policies, clean desk policies
Windows Server Update Services (WSUS) is used to accomplish which part of a manageable network? -Documentation -User access -Device accessibility -Patch management
Patch management
Which of the following items would be implemented at the Network layer of the security model? Penetration testing Network plans Firewalls using ACLs Wireless networks
Penetration testing
Which of the following is one of the MOST common attacks on employees? Remote attack DNS attack Password attack Phishing attack
Phishing attack
Which security control, if not applied, can allow an attacker to bypass other security controls? -Updating firmware or software -Physical access control -Changing default passwords -Principle of least privilege
Physical access control
Which of the following includes all hardware and software necessary to secure data, such as firewalls and antivirus software? Assets Physical security Policies Users and administrators
Physical security
Your networking closet contains your network routers, switches, bridges, and some servers. You want to make sure an attacker is not able to gain physical access to the equipment in the networking closet. You also want to prevent anyone from reconfiguring the network to set up remote access or backdoor access. Which of the following measures are the best ways to secure your networking equipment from unauthorized physical access? (Select two. Each measure is part of a complete solution.) -Place your networking equipment in a locked cage. -Place your networking equipment in a TEMPEST cage. -Place your networking equipment in a Faraday cage. -Place your networking equipment in a room that requires key card entry.
Place your networking equipment in a locked cage and place your networking equipment in a room that requires key card entry.
You maintain a network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting network availability. Which of the following should you implement? -Line conditioner -Negative pressure system -UPS -Backup generator -Positive pressure system
Positive pressure system
Giving groups only the access they need to do their job and nothing more.
Principle of least privilege
Giving users only the access they need to do their job and nothing more is known as...
Principle of least privilege
A user is able to access privileged administrative features with an account that is not granted administrator rights. Which type of vulnerability is this? -Backdoor account -Stealing administrator credentials -Weak passwords -Privilege escalation
Privilege escalation
Manage Your Network Part II (Baseline Management)
Provides rules for establishing a baseline for all systems.
_____ limit the amount of data that can be saved within a folder.
Quotas
Which type of packet would the sender receive if they sent a connection request to TCP port 25 on a server with the following command applied? sudo iptables -A OUTPUT -p tcp --dport 25 -j REJECT -SYN -ICMP Unreachable Port -RST -ACK
RST
The constant change in personal habits and passwords to prevent anticipated events and exploitation is known as...
Randomness
A type of malware that prevents the system from being used until the victim pays the attacker money is known as what? -Ransomware -Denial-of-service attack (DoS attack) -Fileless virus -Remote Access Trojan (RAT)
Ransomware
If Mark has a read-write permission to the share \\fileserver\securefiles and a read-only permission to the file coolstuff.docx on the NTFS file system shared by the file share, he is able to perform which action? -Read the file. -Delete the file. -Change the contents of the file. -Rename the file.
Read the file.
Gathering system hardware information is known as...
Reconnaissance
In which phase of an attack does the attacker gather information about the target? Escalating privileges Exploit the system Reconnaissance Breach the system
Reconnaissance
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring? -Recovery -Detection -Data breach -Prevention
Recovery
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor? -Trojan horse -Remote Access Trojan (RAT) -Crypto-malware -Potentially Unwanted Program (PUP)
Remote Access Trojan (RAT)
Which of the following are solutions that address physical security? (Select two.) -Disable guest accounts on computers -Require identification and name badges for all employees -Implement complex passwords -Escort visitors at all times -Scan all floppy disks before use
Require identification and name badges for all employees and escort visitors at all times.
Which of the following are characteristics of a rootkit? (Select two.) -Uses cookies saved on the hard drive to track user preferences. -Monitors user actions and opens pop-ups based on user preferences. -Resides below regular antivirus software detection. -Collects various types of personal information. -Requires administrator-level privileges for installation
Resides below regular antivirus software detection AND requires administrator-level privileges for installation
Which of the following file transfer protocols use SSH to provide confidentiality during the transfer? (Select two.) SCP SFTP FTP HTTPS FTPS
SCP and SFTP
Mnemonic for the viruses
SMC: Saturday Morning Chocolate (Stoned, Michelangelo, Chernobyl)
For Milestone 4 (Reach Your Network), which of the following would be considered a secure protocol to use to reach your network? -HTTP -FTP -Telnet -SSH
SSH
FTPS uses which mechanism to provide security for authentication and data transfer? -Multi-factor authentication -Token devices -IPsec -SSL
SSL
Physical
Second layer of security. Fences, door locks, mantraps, turnstiles, device locks, server cages, cameras, motion detectors, and environmental controls.
Data
Seventh layer of security. Storing data properly, destroying data, classifying data, cryptography, and data transmission security.
Which of the following are examples of social engineering attacks? (Select three.) -Shoulder surfing -War dialing -Keylogging -Impersonation -Port scanning
Shoulder surfing, keylogging, and impersonation
Application
Sixth layer of security. Authentication and authorization, user management, group policies, and web application security.
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access? -Proximity card -Keypad locks -Biometric locks -Smart card
Smart card
Any attack involving human interaction of some kind is referred to as what? -Social engineering -An opportunistic attack -Attacker manipulation -A white hat hacker
Social engineering
Keyloggers
Social engineers often employ _____ to capture usernames and passwords.
Spyware
Software that is installed without the user's consent or knowledge.
Asset
Something that has value to an individual or an organization.
Preparing a computer to perform additional tasks in the attack is known as...
Staging
Virus names
Stoned, Michelangelo, and CIH/Chernobyl
A _____ _____ _____ is a special network composed of high-speed storage that is shared by multiple servers.
Storage area network (SAN)
The root account has all privileges and no barriers. Which of the following is another name for the root account? -Default account -Superuser account -Backdoor account -User account
Superuser account
Which of the following is defined as an operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation (CC)? -Windows -UNIX -TOS -OS X
TOS
You have recently experienced a security incident with one of your servers. After some research, you determine that a new hotfix has recently been released, which would have protected the server. Which of the following recommendations should you follow when applying the hotfix? -Test the hotfix and then apply it to the server that had the problem. -Apply the hotfix immediately to all servers. -Test the hotfix and then apply it to all servers. -Apply the hotfix immediately to the server. Apply the hotfix to other devices only as the security threat manifests itself.
Test the hotfix and then apply it to all servers.
Principle of least privilege
The _____ _____ _____ _____ states that users or groups are given only the access they need to do their jobs and nothing more.
Gray hat
The _____ _____ may cross the line of what is ethical, but usually has good intentions and isn't malicious like a black hat hacker.
Environment
The _____ the attacker chooses for conducting an interview and interrogation is essential to setting the mood.
Misinformation
The attacker makes a statement with the wrong details.
Social proof
The attacker uses social pressure to convince the target that it's okay to share or do something.
Security
The degree of protection against danger, damage, loss, and criminal activity.
Persistent threats
The goal of _____ _____ is to gain access to a network and retain access undetected. With this type of threat, attackers go to great lengths to hide their tracks and presence in the network.
Non-persistent threats
The goal of _____-_____ _____ is to get into a system and steal information. The attack is usually a one-time event. The attacker typically doesn't care if the attack is noticed.
Threat agent
The person or entity that attempt or carries out a threat.
Hardening
The process of securing devices and software by reducing the security exposure and tightening security controls.
Document Your Network
The step in which you create the documentation for your network.
Perimeter
Third layer of security. Firewalls using ACLs and securing the wireless network.
Standard Operating Environment (SOE)
This disk image is used when deploying new computers to the network.
Black hat
This hacker is also very skilled, but uses knowledge and skills for illegal or malicious purposes.
Escalate privileges
To _____ _____ is a primary objective of an attacker.
Stage
To _____ a computer is to prepare it to perform additional tasks in the attack, such as installing software designed to attack other systems.
Urgency
To create a sense of _____, an attacker fabricates a scenario of distress to convince an individual that action is immediately necessary.
Which of the following is a program that appears to be a legitimate application, utility, game, or screensaver, but performs malicious activities surreptitiously? -ActiveX control -Worm -Outlook Express -Trojan horse
Trojan horse
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? (Select two.) -Turnstile -Bollard -Double-entry door -PTZ CCTV -Mantrap
Turnstile and double-entry door
Which device is used to allow a USB device to charge but blocks the data transfer capabilities of the device? -Air gap -Faraday cage -Bollard -USB data blocker
USB data blocker
Which device is used to ensure power to a server or network device during short power outages? -Uninterruptible power supply -Line conditioner -Surge protector -Backup generator
Uninterruptible power supply
Your company has five salesmen who work out of the office and frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection implementation to address your concerns? -Use cable locks to chain the laptops to the desks. -Require strong passwords in the Local Security Policy. -Implement screen saver passwords. -Encrypt all company data on hard drives.
Use cable locks to chain the laptops to the desks.
Patch recommendations (know all 3)
Use patch management activities, Use patch management software, Test patches
The Policies, Procedures, and Awareness layer of the security model includes which of the following? (Select two.) Motion detectors User education Server cages Environmental controls Employee onboarding
User education, employee onboarding
Diversifying layers of defense is known as...
Variety
CIH/Chernobyl: virus or worm?
Virus
Michelangelo: virus or worm?
Virus
Stoned: virus or worm?
Virus
Which of the following is the BEST example of the principle of least privilege? -Lenny has been given access to files that he does not need for his job. -Jill has been given access to all of the files on one server. -Mary has been given access to all of the file servers. -Wanda has been given access to the files that she needs for her job.
Wanda has been given access to the files that she needs for her job.
A wireless access point configured to use Wired Equivalent Privacy (WEP) is an example of which kind of vulnerability? -Default settings -Unpatched software -Zero-day exploit -Weak security configurations
Weak security configurations
The Application layer of the security model includes which of the following? (Select two.) Log management User management Environmental controls Web application security User education
Web application security, user education
Spam
When using _____, the attacker sends an email or banner ad embedded with a compromised URL that entices a user to click it.
Code Red: virus or worm?
Worm
ILOVEYOU: virus or worm?
Worm
Klez: virus or worm?
Worm
Melissa: virus or worm?
Worm
Nimda: virus or worm?
Worm
Secure FTP
_____ _ _ _ tunnels FTP traffic through an SSH tunnel.
Secure Shell File Transfer Protocol (SFTP)
_____ _____ _____ _____ _____ is a file transfer protocol that uses Secure Shell version 2 (SSH2) to secure data transfers.
Trivial File Transfer Protocol (TFTP)
_____ _____ _____ _____ provides no authentication, encryption, or error detection.
Users and administrators
_____ _____ _____ are the people who use the software and the people who manage the software, respectively.
Weak Artificial Intelligence
_____ _____ _____ is usually designed to perform one particular job.
Strong Artificial Intelligence
_____ _____ _____ systems are systems that carry out human-like tasks, which are typically complex.
Secure Copy Protocol (SCP)
_____ _____ _____ uses secure Shell version 1 (SSH1) to secure file transfers and login credentials.
Common ground and shared interest
_____ _____ and _____ _____ work because sharing a hobby, life experience, or problem instantly builds a connection and starts forming trust between two parties.
Faraday cage
_____ _____ are designed to block all electromagnetic emissions.
Hybrid warfare
_____ _____ employs political warfare and blends conventional warfare with cyberwarfare. Its goal is to influence others with things such as fake news, diplomacy, lawfare, and foreign electoral intervention.
Hot aisle
_____ _____ have the back of the equipment face the aisle. Typically hot aisles face air conditioner return ducts.
Physical security
_____ _____ includes all hardware and software necessary to secure data, such as firewalls and antivirus software.
Biometric Locks
_____ _____ increase security by using fingerprints or iris scans. They reduce the threat from lost keys or cards.
Shoulder surfing
_____ _____ involves looking over someone's shoulder while that person works on a computer or reviews documents.
Risk management
_____ _____ is the process of identifying security issues and deciding which countermeasures to take in reducing risk to an acceptable level.
Social engineering
_____ _____ is the process of manipulating others into providing sensitive information.
Physical security
_____ _____ is the protection of corporate assets from threats such as unauthorized entry, theft or damage.
Typo squatting
_____ _____, also called URL hijacking, relies on mistakes, such as typos made by users inputting a website address into a web browser.
Credential harvesting
_____ _____, also known as password harvesting, is the process of gathering the usernames, passwords, email addresses, and other information through breaches and other activities.
Proximity card
_____ _____, also known as radio frequency identification (RFID) cards, are a subset of smart cards that use the 125 kHz frequency to communicate with proximity readers.
Scarcity
_____ appeals to the target's greed. If something is in short supply and will not be available, the target is more likely to fall for it.
Bollard
_____ are short, sturdy posts used to prevent a vehicle from crashing into a secure area.
Policies
_____ are the rules an organization implements
Ransomware
_____ denies access to a computer system until the user pays a ransom.
Availability
_____ ensures that a system is up so that data is available when needed.
Confidentiality
_____ ensures that data is not disclosed to unintended persons.
Integrity
_____ ensures that data is not modified or tampered with.
Randomness
_____ in security is the constant change in personal habits and passwords to prevent predictable behavior.
Layering
_____ involves implementing multiple security strategies to protect the same asset.
Pharming
_____ involves the attacker executing malicious programs on the target's computer so that any URL traffic redirects to the attacker's malicious website.
Scareware
_____ is a scam to fool users into thinking they have some form of malware on their system.
Eavesdropping
_____ is an unauthorized person listening to private conversations between employees or other authorized personnel when sensitive topics are being discussed.
Whaling
_____ is another form of phishing. It targets senior executives and high-profile victims.
Pretexting
_____ is conducting research and information gathering to create convincing identities, stories, and scenarios to be used on selected targets.
Crimeware
_____ is designed to perpetrate identity theft to allow access to online accounts at financial services, such as banks and online retailers.
Detection
_____ is identifying that a security breach has happened or is happening.
Vishing
_____ is like phishing, but instead of an email, the attacker uses Voice over IP (VoIP) to gain sensitive information.
Impersonation
_____ is pretending to be trustworthy and having a legitimate reason for approaching the target to ask for sensitive information or access to protected systems.
Potentially unwanted program (PUP)
_____ is software that contains adware, installs toolbars, or has other unclear objectives.
Prevention
_____ is taking the steps necessary to avert unauthorized access, theft, damage, or other type of security breach.
Reconnaissance
_____ is the process of gathering information about an organization.
Recovery
_____ is the process of returning a system to a functional state and repairing any damage.
Preloading
_____ is used to set up a target by influencing the target's thoughts, opinions, and emotions.
Spim
_____ is when the malicious link is sent to the target using instant messaging instead of email.
Authority and fear
_____ techniques rely on power to get a target to comply without questioning the attacker.
Likeability
_____ works well because humans tend to do more to please a person they like as opposed to a person they don't like.
Closed-Circuit Television System (CCTV)
_____-_____ _____ _____ can be used as both a preventative tool (when monitoring live events) or as an investigative tool (when events are recorded for later playback).
Electro-magnetic interference (EMI)
_____-_____ _____ is caused by noise between the hot wire and the ground or neutral wires in a circuit. This burst of energy is known as an electromagnetic pulse (EMP.) It can disrupt the signal in a data cable.
Open-source intelligence (OSINT)
_____-_____ _____ is information that is readily available to the public and doesn't require any type of malicious activity to obtain.
Crypto-malware
_____-_____ is ransomware that encrypts files until a ransom is paid.
Non-Repudiation
_____-_____ provides the validation of a message's origin.
By default, the root of every drive is an _____ _____.
administrative share
Many organizations must store extremely large amounts of data, referred to as _____ _____.
big data
Which command should you use to display both listening and non-listening sockets on your Linux system? (Tip: enter the command as if in Command Prompt.)
netstat -a
You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports? nmap nslookup netstat traceroute
nmap
Which command should you use to scan for open TCP ports on your Linux system? (Tip: enter the command as if in Command Prompt.)
nmap -sT
Which command would you use to list all of the currently defined iptables rules? sudo iptables -A INPUT -j DROP sudo iptables -F sudo /sbin/iptables-save sudo iptables -L
sudo iptables -L
You want to make sure no unneeded software packages are running on your Linux server. Select the command from the drop-down list that you can use to see all installed RPM packages. yum list packages yum list rpm packages yum list installed yum list rpm installed
yum list installed
