CyberSec Midterm
Which of the following is an example of an authorization control?
Access control list
Jackson is a cybercriminal. He is attempting to keep groups of a company's high-level users from accessing their work network using false passwords. What security method is he taking advantage of?
Account lockout policies
Brian notices an attack taking place on his network. When he digs deeper, he realizes that the attacker has a physical presence on the local network and is forging Media Access Control (MAC) addresses. Which type of attack is most likely taking place?
Address resolution protocol (ARP) poisoning
Which of the following enables businesses to transform themselves into an Internet of Things (IoT) service offering?
Anything as a Service (AaaS) delivery model
Carl recently joined a new organization. He noticed that the firewall technology used by the firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
Application proxying
When examining data in Wireshark, the presence of ______ in the Packet List pane indicates that the data comes from a wireless network.
Beacon frames
In OpenVAS, the _______ measures how reliable a vulnerability's severity score is.
CVSS
What compliance regulation is similar to the European Union (EU) General Data Protection Regulation (GDPR) of 2016 and focuses on individual privacy and rights of data owners?
California Consumer Privacy Act (CCPA) of 2018
Rodrigo is a security professional. He is creating a policy that gives his organization control over mobile devices used by employees while giving them some options as to the type of device they will use. Which approach to mobile devices is Rodrigo focusing on in the policy?
Choose Your Own Device (CYOD)
You should enumerate recommended mitigations or next steps in this section of a formal Penetration Test Report.
Conclusion section
What term describes data that has been stripped of personally identifiable information for privacy reasons?
De-identified
Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to find a match?
Dictionary attack
The Active Directory database is hosted on a specialized Windows Server system referred to as a ______, which functions as the central authority within the network of user accounts and computers that comprise the ______.
Domain Controller; domain
Lincoln is a network security specialist. He is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do?
Enables a 30-day password change policy
Which security control is most helpful in protecting against eavesdropping on wide area network (WAN) transmissions?
Encrypting transmissions with virtual private networks (VPNs)
Which of the following is not a defining aspect of using TCP as a connection-oriented protocol?
Encryption of a packet payload
What is the first priority when responding to a disaster recovery effort?
Ensuring that everyone is safe
Barry discovers that an attacker is running an access point in a building adjacent to his company. The access point is broadcasting the security set identifier (SSID) of an open network owned by the coffee shop in his lobby. Which type of attack is likely taking place?
Evil twin
True or False: A dictionary password attack is a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resource.
False
True or False: A man-in-the-middle attack takes advantage of the multipath process used by many types of networks.
False
True or False: Another name for a border firewall is a demilitarized zone (DMZ) firewall.
False
True or False: Authorization controls include biometric devices.
False
True or False: Facility automation uses Internet of Things (IoT) to integrate automation into business functions to reduce reliance on machinery.
False
True or False: Hypertext Transfer Protocol (HTTP) encrypts data transfers between secure browsers and secure webpages.
False
True or False: Internet of Things (IoT) devices are typically physically secure.
False
True or False: Internet of Things (IoT) devices cannot share and communicate your IoT device data to other systems and applications without your authorization or knowledge.
False
True or False: Passphrases are less secure than passwords.
False
True or False: Regarding data-center alternatives for disaster recovery, a mobile site is the least expensive option but at the cost of the longest switchover time.
False
True or False? Bluejacking is an attack in which wireless traffic is sniffed between Bluetooth devices.
False
True or False? Physical access to network equipment is required to eavesdrop on a network connection.
False
True or False? Preventive controls merely attempt to suggest that a subject not take a specific action, whereas corrective controls do not allow the action to occur.
False
Arturo would like to connect a fibre channel storage device to systems over a standard data network. What protocol should he use?
Fibre Channel over Ethernet (FCoE)
Isabella is in charge of the disaster recovery plan (DRP) team. She needs to ensure that data center operations will transfer smoothly to an alternate site in the event of a major interruption. She plans to run a complete test that will interrupt the primary data center and transfer processing capability to a hot site. What option is described in this scenario?
Full-interruption test
Bob is the information security and compliance manager for a financial institution. Which regulation is most likely to directly apply to Bob's employer?
Gramm-Leach-Bliley Act (GLBA)
Which element of the security policy framework offers suggestions rather than mandatory actions?
Guideline
Which of the following would govern the use of Internet of Things (IoT) by health care providers, such as physicians and hospitals?
Health Insurance Portability and Accountability Act (HIPAA)
Which of the following is a command-line utility that is used to display the configuration values assigned to its network interface cards, including the MAC addresses, on a windows computer?
IPconfig
Keisha is a network administrator. She wants a cloud-based service that will allow her to load operating systems on virtual machines and manage them as if they were local servers. What service is Keisha looking for?
Infrastructure as a Service (IaaS)
The _____ make(s) a storage device available for remote users to use as a local disk drive.
NAS share
When adding a new Active Directory user through a PowerShell cmdlet, the ______ option specifies the name of the user object in Active Directory.
Name
What level of technology infrastructure should you expect to find in a cold site alternative data center facility?
No technology infrastructure
When a full tunnel is being used by a VPN client and server, you can expect the first hop in ______ to always be the gateway for the ______ network.
PUTTY; remote
What is an example of a logical access control?
Password
The Link Layer in the TCP/IP Model corresponds to the ______ and ______ Layers of the OSI Reference Model.
Physical; Data Link
An automatic teller machine (ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used?
Physically constrained user interfaces
A Nessus scan report identifies vulnerabilities by a ______.
Plugin ID
Which of the following is a security principle that prevents users from writing to the Data Link layer?
Principle of least privilege
Chris is writing a document that provides step-by-step instructions for end users seeking to update the security software on their computers. Performing these updates is mandatory. Which type of document is Chris writing?
Procedure
To capture ethernet-based frames addressed to any/all IP addresses on a LAN segment, you need to use Wireshark in_____.
Promiscuous
Which term describes the level of exposure to some event that has an effect on an asset, usually the likelihood that something bad will happen to an asset?
Risk
When creating a new Group in Active Directory, the Group ______ setting is used to define how and where a group can assign or be assigned permissions.
Scope
Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
Separation of duties
In which type of attack does the attacker attempt to take over an existing connection between two systems?
Session hijacking
Which element of the IT security policy framework provides detailed written definitions for hardware and software and how they are to be used?
Standard
Which of the following is not a security control that can be configured by the Group Policy Management Console (GPMC)?
Static routes
Which Layer 2 device does not count as a hop in traceroute output?
Switch
Which domain contains critical systems and applications that support and provide various services that perform core functions like authentication, authorization, and data management?
System/Application Domain
Which of the following is not an example of store-and-forward messaging?
Telephone call
True or False: A degausser creates a magnetic field that erases data from magnetic storage media.
True
True or False: A disaster recovery plan (DRP) is part of a business continuity plan (BCP) and is necessary to ensure the restoration of resources required by the BCP to an available state.
True
True or False: A network protocol governs how networking equipment interacts to deliver data across the network.
True
True or False: A smart card is an example of a logical access control.
True
True or False: A unified threat management (UTM) device can provide content inspection, where some or all network packet content is inspected to determine whether the packet should be allowed to pass.
True
True or False: Changes to external requirements, such as legislation, regulation, or industry standards, that require control changes can result in a security gap for an organization.
True
True or False: Hypertext Transfer Protocol (HTTP) is the communications protocol between web browsers and websites with data in cleartext.
True
True or False: If a company informs employees that email sent over the company's network is monitored, the employees can no longer claim to have an expectation of privacy.
True
True or False: Impact refers to the amount of risk or harm caused by a threat or vulnerability that is exploited by a perpetrator.
True
True or False: In a browser or uniform resource locator (URL) hijacking attack, users are directed to websites other than what they requested, usually to fake pages that attackers have created.
True
True or False: In a masquerade attack, one user or computer pretends to be another user or computer.
True
True or False: Internet of Things (IoT) upgrades can be difficult to distribute and deploy, leaving gaps in the remediation of IoT devices or endpoints.
True
True or False: Posting a comment on social media is an example of real-time communication.
True
True or False: Remote wiping is a device security control that allows an organization to remotely erase data or email in the event of loss or theft of the device.
True
True or False: Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of protocols that operates at both the Network and Transport layers of the Open Systems Interconnection (OSI) Reference Model.
True
True or False: Vendors or service providers that have remote access to an Internet of Things (IoT) device may be able to pull information or data from your device without your permission.
True
True or False: When servers need operating system upgrades or patches, administrators take them offline intentionally so they can perform the necessary work without risking malicious attacks.
True
True or False? A challenge created by the Internet of Things (IoT) is how to protect personal identity and private data from theft or unauthorized access.
True
True or False? Anti-malware programs and firewalls cannot detect most phishing scams because the scams do not contain suspect code.
True
True or False? Authentication by action is based on something you do, such as typing.
True
True or False? Authentication controls include passwords and personal identification numbers (PINs).
True
True or False? Common methods used to identify a user to a system include username, smart card, and biometrics.
True
True or False? Cryptography is the practice of making data unreadable.
True
True or False? Each layer of the Open Systems Interconnection (OSI) Reference Model needs to be able to talk to the layers above and below it.
True
True or False? Metadata of Internet of Things (IoT) devices is sometimes sold to companies seeking demographic marketing data about users and their spending habits.
True
True or False? Networks, routers, and equipment require continuous monitoring and management to keep wide area network (WAN) service available.
True
True or False? Not all risks are inherently bad; some risks can lead to positive results.
True
True or False? Single sign-on (SSO) can provide for greater security because with only one password to remember, users are generally willing to use stronger passwords.
True
True or False? Smart cities can monitor and report on real-time traffic conditions using Internet of Things (IoT) technology.
True
True or False? The ownership of Internet of Things (IoT) data, as well as the metadata of that data, is sometimes in question.
True
True or False? The recovery time objective (RTO) expresses the maximum allowable time in which to recover the function after a major interruption.
True
True or False? The term "risk management" describes the process of identifying, assessing, prioritizing, and addressing risks.
True
True or False? The tools for conducting a risk analysis can include the documents that define, categorize, and rank risks.
True
An attacker attempting to break into a facility pulls the fire alarm to distract the security guard manning an entry point. Which type of social engineering attack is the attacker using?
Urgency
In which domain of a typical IT infrastructure is the first layer of defense for a layered security strategy?
User Domain
Cloud Service Providers (CSPs) use the _______ to offer services to customers throughout the world.
WAN Domain
The Data Link Layer organizes bits into collections called ______, while the Network Layer encapsulates that information into units called ______.
frames; packets
Wireshark can be filtered to show ______ data by applying the ______ filter.
ping; ICMP
A ______ is used to identify the part of an Ethernet network where all hosts share the same host address.
subnet mask
On early Ethernet networks, all computers were connected to a single wire, forcing them to take turns on a local area network (LAN). Today, this situation is alleviated on larger networks because each computer has a dedicated wire connected to a _______ that controls a portion of the LAN.
switch
A ______ is limited to the scanning and enumeration phase of the cyber kill chain, while a ______ encompasses the full kill chain.
vulnerability assessment; penetration test
