Cybersecurity Fundamentals - Practice Test

In practical applications:

Asymmetric key encryption is used to securely obtain symmetric keys

Business continuity plans (BCPs) associated with organizational information systems should be developed primarily on the basis of:

Business Needs

Maintaining a high degree of confidence regarding the integrity of evidence requires a(n):

Chain of Custody

Outsourcing poses the greatest risk to an organization when it involves:

Core Business Functions

During which phase of the six-phase incident response model is the root cause determined?

Eradication

Which cybersecurity principle is most important when attempting to trace the source of malicious activity?

Nonrepudiation

The attack mechanism directed against a system is commonly called a(n):

Payload

A cybersecurity architecture designed around the concept of a perimeter is said to be:

System-Centric

Who has the greatest influence over access security in a password authentication environment?

Users

Where should an organization's network terminate virtual private network (VPN) tunnels?

At the perimeter, to allow for effective internal monitoring

A segmented network:

Consists of two or more security zones

A business continuity plan (BCP) is not complete unless it includes:

Detailed Procedures

An interoperability error is what type of vulnerability?

Emergent

What kind of anti-malware program evaluates system processes based on their observed behaviors?

Heuristic

Updates in cloud-computing environments can be rolled out quickly because the environment is:

Homogenous

Virtual systems should be managed using a dedicated virtual local area network (VLAN) because:

Insecure protocols could result in a compromise of privileged user credentials

Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following?

Malicious Code

Risk assessments should be performed:

On a regular basis

Securing Supervisory Control and Data Acquisition (SCADA) systems can be challenging because they:

Operate in specialized environments and often have non-standard design elements

A passive network hub operates at which layer of the OSI model?

Physical

During which phase of the system development lifecycle (SDLC) should security first be considered?

Planning

Which of the following interpret requirements and apply them to specific situations?

Standards

A firewall that tracks open connection-oriented protocol sessions is said to be:

Stateful

Which two factors are used to calculate the likelihood of an event?

Threat and Vulnerability

Which of the following offers the strongest protection for wireless network traffic?

Wireless Protected Access 2 (WPA2)