Cybersecurity Pre Course Assessment
A means to allow remote users to have secure access to the internal IT environment.
VPN
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi's account?
Privileged
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done. What is the problem with this?
Anything either of them do will be attributed to Trina
Which of the following will have the most impact on determining the duration of log retention?
Applicable laws
Which of the following roles does not typically require privileged account access?
Data entry professional
A human guard monitoring a hidden camera could be considered a ______ control.
Detective
Visitors to a secure facility need to be controlled. Controls useful for managing visitors include all of the following except:
Fence
A device that filters network traffic in order to enhance overall security/performance.
Firewall
A device that is commonly useful to have on the perimeter between two networks.
Firewall
Hashing is often used to provide _______.
Integrity
For which of the following systems would the security concept of availability probably be most important?
Medical systems that monitor patient condition in an intensive care unit
Cyril wants to ensure all the devices on his company's internal IT environment are properly synchronized. Which of the following protocols would aid in this effort?
NTP (Network Time Protocol)
A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing
Non-repudiation
Gary is an attacker. Gary is able to get access to the communication wire between Dauphine's machine and Linda's machine and can then surveil the traffic between the two when they're communicating. What kind of attack is this?
On-path
A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point. Bollards are an example of ______ controls.
Physical
An IoT (Internet of Things) device is typified by its effect on or use of the _____ environment.
Physical
Druna is a security practitioner tasked with ensuring that laptops are not stolen from the organization's offices. Which sort of security control would probably be best for this purpose?
Physical
The senior leadership of Triffid Corporation decides that the best way to minimize liability for the company is to demonstrate the company's commitment to adopting best practices recognized throughout the industry. Triffid management issues a document that explains that Triffid will follow the best practices published by SANS, an industry body that addresses computer and information security. The Triffid document is a ______, and the SANS documents are ________.
Policy, standard
What is the goal of an incident response effort?
Reduce the impact of incidents on operations
Data _____ is data left behind on systems/media after normal deletion procedures have been attempted.
Remanence
Trina is a security practitioner at Triffid, Inc. Trina has been tasked with selecting a new product to serve as a security control in the environment. After doing some research, Trina selects a particular product. Before that product can be purchased, a manager must review Trina's selection and determine whether to approve the purchase. This is a description of:
Segregation of duties
Who approves the incident response policy?
Senior management
Who dictates policy?
Senior management
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers' personal data. This set of rules is a _____.
Standard
______ is used to ensure that configuration management activities are effective and enforced.
Verification and audit
If two people want to use symmetric encryption to conduct a confidential conversation, how many keys do they need?
1
Glen is an (ISC)² member. Glen receives an email from a company offering a set of answers for an (ISC)² certification exam. What should Glen do?
Inform (ISC)²
Sophia is visiting Las Vegas and decides to put a bet on a particular number on a roulette wheel. This is an example of _________.
Acceptance
A tool that inspects outbound traffic to reduce potential threats.
DLP (data loss prevention)
A VLAN is a _____ method of segmenting networks.
Logical
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need?
4
Which of the following is probably most useful at the perimeter of a property?
A fence
Which of the following probably poses the most risk?
A high-likelihood, high-impact event
Of the following, which would probably not be considered a threat?
A laptop with sensitive data on it
Which of these is an example of a physical access control mechanism?
A lock on a door
Which of the following is an example of a "something you are" authentication factor?
A photograph of your face
Preenka works at an airport. There are red lines painted on the ground next to the runway; Preenka has been instructed that nobody can step or drive across a red line unless they request, and get specific permission from, the control tower. This is an example of a(n)______ control.
Administrative
Triffid Corporation has a rule that all employees working with sensitive hardcopy documents must put the documents into a safe at the end of the workday, where they are locked up until the following workday. What kind of control is the process of putting the documents into the safe?
Administrative
Which of these is the most important reason to conduct security instruction for all employees.
An informed user is a more secure user
Logs should be reviewed ______.
Continually
When data has reached the end of the retention period, it should be _____.
Destroyed
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees?
DDOS (distributed denial of service)
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens.
Dual control
Zarma is an (ISC)² member and a security analyst for Triffid Corporation. One of Zarma's colleagues is interested in getting an (ISC)2 certification and asks Zarma what the test questions are like. What should Zarma do?
Explain the style and format of the questions, but no detail
All of the following are important ways to practice an organization disaster recovery (DR) effort; which one is the most important?
Facility evacuation drills
True or False? Business continuity planning is a reactive procedure that restores business operations after a disruption occurs.
False
Which of the following is not a typical benefit of cloud computing services?
Freedom from legal constraints
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why?
Gary's actions look like an attack
Triffid, Inc., has many remote workers who use their own IT devices to process Triffid's information. The Triffid security team wants to deploy some sort of sensor on user devices in order to recognize and identify potential security issues. Which of the following is probably most appropriate for this specific purpose?
HIDS (host-based intrusion-detection systems)
Aphrodite is a member of (ISC)² and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do?
Inform Triffid management
Which of the following statements is true?
It is best to use a blend of controls in order to provide optimum security
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: "Sensitive," "Proprietary" and "Public." This is an example of _____.
Labeling
The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail. What kind of rule is this?
Law
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a "classification." Every person in the agency is assigned a "clearance" level, which determines the classification of data each person can access. What is the access control model being implemented in Tekila's agency?
MAC (mandatory access control)
What is the overall objective of a disaster recovery (DR) effort?
Return to normal, full operations
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they'll need for their new positions, in the most efficient manner. Which method should Handel select?
Role-based access controls (RBAC)
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions. Which method should Handel select?
Role-based access controls (RBAC)
Prina is a database manager. Prina is allowed to add new users to the database, remove current users and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of:
Role-based access controls (RBAC)
Barry wants to upload a series of files to a web-based storage service, so that people Barry has granted authorization can retrieve these files. Which of the following would be Barry's preferred communication protocol if he wanted this activity to be efficient and secure?
SFTP (Secure File Transfer Protocol)
Tina is an (ISC)² member and is invited to join an online group of IT security enthusiasts. After attending a few online sessions, Tina learns that some participants in the group are sharing malware with each other, in order to use it against other organizations online. What should Tina do?
Stop participating in the group
Triffid, Inc., wants to host streaming video files for the company's remote users, but wants to ensure the data is protected while it's streaming. Which of the following methods are probably best for this purpose?
Symmetric encryption
A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device. This is a type of ________ control.
Technical
Jengi is setting up security for a home network. Jengi decides to configure MAC address filtering on the router, so that only specific devices will be allowed to join the network. This is an example of a(n)_______ control.
Technical
Triffid, Inc., has deployed anti-malware solutions across its internal IT environment. What is an additional task necessary to ensure this control will function properly?
Update the anti-malware solution regularly
What is the risk associated with resuming full normal operations too soon after a DR effort?
The danger posed by the disaster might still be present
For which of the following assets is integrity probably the most important security aspect?
The file that contains passwords used to authenticate users
What is the risk associated with delaying resumption of full normal operations after a disaster?
The impact of running alternate operations for extended periods
The output of any given hashing algorithm is always _____.
The same length
Security controls on log data should reflect ________.
The sensitivity of the source device
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation, what is Prachi?
The subject
Which of the following is one of the common ways potential attacks are often identified?
Users report unusual systems activity/response to Help Desk or the security office
Bert wants to add a flashlight capability to a smartphone. Bert searches the internet for a free flashlight app, and downloads it to the phone. The app allows Bert to use the phone as a flashlight, but also steals Bert's contacts list. What kind of app is this?
Trojan
Which type of fire-suppression system is typically the safest for humans?
Water
Garfield is a security analyst at Triffid, Inc. Garfield notices that a particular application in the production environment is being copied very quickly, across systems and devices utilized by many users. What kind of attack could this be?
Worm
A tool that aggregates log data from multiple sources, and typically analyzes it and reports potential threats.
SIEM
