Microsoft Cyber Security

For cyberattacks, what are the 3 threat landscapes?

1) the areas that are vulnerable to attacks 2) The people liable to make an attack 3) The type of attacks used

Which of the following password traits would increase the risk of an attacker gaining access to multiple accounts from the same user? Select all that apply. A:Using the same email address and password across all accounts. B:Using a mix of letters, numbers, and special characters. C:Following a pattern for all passwords, like the name of a favorite vacation destination.

A (Correct! If an attacker obtains the email address and password combination from one account, it is likely that they will apply it elsewhere.) and C (Correct! People frequently use patterns or personal information in their patterns, a trend that attackers are aware of and will exploit.)

With the increased number of people working from home, which practices create more points for potential attackers to enter a business' internal network? Select all that apply. A: Employees accessing the network with remote access tools. B: Businesses use different security tools for employees working from home. C: Employees accessing the network with their personal devices, under the practice of bring your own device (BYOD).

A (Correct! More employees entering the network from outside means that the firewall must deal with more traffic.) and C (Correct! Personal devices typically are not as secure as company-provided devices.)

Question 3 Which of the following are cybercrime exploits? Select all that apply. A:Denial of Service B:Software C:Trojan

A (Correct! This is a type of malware that bombards your application with requests to disrupt service.) and C (Correct! This involves sneaking some malicious code past a firewall.)

What is Batch Operating Systems

A BOS allows multiple users to work in together by categorizing each user's actions and only allowing one user control at any given time. Users cannot communicate with one another and when the task is complete, control is passed to the next user. Very helpful for allowing multiple users to work on the same project and makes loading the data faster

What is Time-Sharing Operating Systems

A Multitasking System as it enables the execution of many different tasks.

What are Botnet Attacks the 3rd most common

A bot that is basically a online software whos task is automatic and repetitive to give organizations denial of services by overloading the system with to many request for information and services from Internet of Thing (IoT) that has an IP address

What are ransomware attacks? The 2nd most common form of trojan attacks

A cybercrime to disrupt services by gaining access to systems and lock out the owner until a demand is met.

What is a driver?

A driver is a software component that lets the operating system and a device communicate

What is On-premises computing

A in-house IT department on site at the workplace to oversee the networks and troubleshoot hardware or software issues, operating systems and application.

What is a quantum and what does it do for Time sharing Operating Systems

A quantum is a unit of time designated for a task and gives CPU time to complete one task before executing the next.

What is the client-server model

A server that provides a service to a client

How can using segregation as a defensive measure better protect your assets? A. Segregation means that even if a hacker breaches the network, the scope for damage is limited. B. Segregation creates more endpoints and confuses a would-be hacker. C. It divides the hacker's attacks, and so reduces their impact.

A. Segregation means that even if a hacker breaches the network, the scope for damage is limited.

Which component should you add to increase your computer's processing power? A: Add more CPUs B: Add more RAM C: Add more power

Add more CPU (Adding more CPUs will increase the processing you can perform by adding additional cores.) Ram only increases memory

Which of the following statements are true about an Operating System? Select all that apply. A: An operating system controls hardware access. B: An operating system controls how you browse the internet. C: An operating system provides a user interface.

An operating system provides a user interface. & An operating system controls hardware access.

How many copies of the data is advisable in the four-step practical data-saving strategy? A: Three B: Two C: Four D: One

Answer is: Three Correct! The four-step strategy recommends making three copies of your data—two copies on-premises, preferably in two different formats, and one off-site.

Which one of these server types can host web-based applications? A: File server B: Application server C: Computing server

Application server

The 3-2-1 storage strategy involves maintaining __copies of data on __different types of media, with at least ___ copy stored off-site. A: Two, three, one B: Three, two, one C: Three, one, two

B: Three, two, one (Correct! The 3-2-1 storage strategy involves maintaining three copies of data on two different types of media, with at least one copy stored off-site.)

Which of the following are instances of Operating Systems? Select all that apply. A: Time-sharing operating system B: Organic operating system C: Batch operating system

Batch operating system (allows multiple users to work on a system at the same time )& Time-sharing operating system (multitasking system

Which sentence best describes what the threat landscape is? A:The threat landscape relates to all the dangerous exploits that can be performed on an application. B:The threat landscape relates to the application that is vulnerable to an attack. C:The threat landscape relates to all potential vulnerabilities of an application, the attackers that may be targeting this area, and the attacks that are used.

C (Correct. It is an encompassing term that relates to the attack, area under attack and the attackers.)

Which computing environment would you expect to have the highest start-up costs? A. Cloud computing B. Personal computing C. Traditional commercial computing

C. Traditional commercial computing

Which one of the following definitions accurately defines scalability? A: Scalability means that a company can diversify its production to meet different challenges. B: Scalability means that a business continually grows with the infrastructure it has in place. C: Scalability is having the appropriate infrastructure to grow or shrink depending on the business needs.

C: Scalability is having the appropriate infrastructure to grow or shrink depending on the business needs. (Correct! Sometimes the business need for computation or storage is less than other times; being able to grow or shrink depending on need is what is meant by scalability.)

What are pros of Open source software

Collaboration and team work to help users adapt to software and address integration issues (combining/merging elements or ideas) and no cost so very efficient.

Which of the following is a means of directly interacting with the Operating System? Select all that apply: Application programming interface (API) Graphic user interface (GUI) Command line interface (CLI)

Command line interface (CLI) (Correct. A CLI is one way a user might communicate with the OS.) Graphic user interface (GUI) (Correct Graphic user interface (GUI)

What does HTTPS do?

Connects you to the internet

What is corrective maintenance

Corrective maintenance is a necessary repair for a system to prolong the life span of a system and avoids force repairs or unneeded down time

What is the difference between cloud computing and on-premise computing

Cost. Purchasing hardware can be expensive, including power maintenance, licenses for on-premise computing While cloud computing one pays by the units of use like an electricity bill but you dependent on others to maintain the cloud computing server. But a drawback is if you lose internet access or power you cannot access the cloud. Another difference is the travel speed of data as on-premise is more secure since it goes to one location but cloud computing can go to multiple locations and that can lead to hackers entering from those multiple locations. Last is Scaling, which is growing and shrinking to accommodate demands.

What is Distributed Operating Systems

DOS connects several dispersed CPUs to execute tasks. Allowing internet connections to improve.

Which type of cyber attacks that an organizations internal network may be vulnerable to without firewall protection? A: Denial of service B:Malware C: Breaking and entering D:Ransomware select all that apply

Denial of service, Ransomware, Malware

Which of the following are examples of endpoints? Select all that apply. (Think about the endpoint of a communication line) A. Desktops B. Windows operating system. C. Mobile devices

Desktops Mobile Devices

What is tightly-coupled

Devices use a shared network and demonstrate high interactivity with each other.

What is direct storage

Direct storage is data that is physically connected to a computer that can store data such as a USB or flopy disk

Which of the following items facilitates communication between a device and software? A:Solid State Drive B: Bus C: Driver

Driver (A device driver allows a device to communicate with software.)

Filter driver:

Drivers that do auxiliary/additional help in processing are called filter drivers.

What are the 4 trojan attacks

Exploit Trojan Downloader Trojan Ransom Trojan Backdoor Trojan

True or False: The 3-2-1 backup strategy makes your organization less prone to hacking.

False Correct! the 3-2-1 backup is a good policy to ensure you can recover more quickly from a breach. It makes your organization more resilient against ransomware, but it does not make your system less hackable.

What metric is used to measure the clock speed of a computer? 1 / 1 point A: Gigabytes B: Watts C: Gigahertz

Gigahertz (Clock speed is measured in gigahertz and reflects the speed that a computer can function at.)

What is CPU

Handles all processing power for a computer, the control unit

What is the difference between Hardware and Software.

Hardware is physical and makes the device operate while Software gives instructions for the hardware to do functions

What are pros to Priority Software

Has a longer wait time to resolve issues and errors but has accountability when a bug occurs and you can address that issue to the product owner. Also made by professionals.

Complete the following sentence. A patch that is applied without the need to reboot your computer is known as a ________? A. Hot patch B. Cold patch C. Security patch

Hot patch Correct! A hot patch is implemented without the need for a system reboot.

What is the 4 basic steps for computer to process actions

Input: Information is taken in and stored in short term memory Processed: Information is processed by CPU to perform actions Result: Comes to a conclusion on what to do Output: Taken is completed and displayed outwards like on the screen.

What is Just-In-Time (JIT)

JIT means that having accessed a given area but only for a limited time. You will only retain your access for a limited period of time before you are automatically ejected or asked to re-enter some authorization code

How to prevent Ransomware

Limit the amount of people who has access to your systems. Use strong passwords Keep systems up to date with security patches Only allows authorization for certain people to use the system.

What is Cyber Hygiene

Maintain healthy security of a systems by updating software regularly and scanning for malware and unwanted elements, if not can lead to malware attacks

How do malware attacks occur and what do they lead to

Malware occurs when it gains a users legitimate access in their system to trigger codes within the system in unintended ways via a hyper link or attachment document with directions.

What is Network Operating Systems

Network Operating Systems runs on a network and allows for the sharing of users, groups, securities, and applications

What is non-volatile memory

Non-volatile memory is permeant for computer/hard drive if power is being used or not.

What is Proprietary software (PS) software licensing

PS license must be purchased, and restrictions are placed on how the software is used. And alterations/changes made improve it overall for the user These restrictions include how source code cannot be altered or how it is distributed/sold and accountability can be held.

What is predictive maintenance.

Prediction of upcoming failures for a system. It the practice of applying maintenance due to a signal that failure is going to happen

What are Pros/Cons of On-premise computing

Pros: Full control of hardware/software/data Pros: less vulnerable to cyber attacks Cons: Higher cost Cons: Less scaling/flexibility Cons: Requires more planning than cloud

What are the pros/cons for cloud computing

Pros: lower cost/pay what you need Pros: Easier scalability/flexibility Cons: Risk of hackers Cons: Must have a constant internet connection Cons: Bound to laws of data storage location sites around the world.

Question 3 Which of the following types of memory is classified as volatile memory? A: Random Access Memory (RAM) B: Solid Disk Drives (SDD) C: Hard Disk Drives (HDD)

Ram (RAM is the volatile memory of a computer which means it is temporary and saves data only while the computer is used.)

What is Ram

Random Access Memory. Immediate storage that holds files currently in use. Internal memory in the computer used during immediate processing and accessibly

What is the advantages for each of digitals cloud computing vs traditional on-premise computing.

Recent computer developments have led to a gradual shift from traditional on-premises computing to digital cloud computing. This is largely because cloud computing offers greater flexibility and cost savings over on-premises models. However, this does not automatically make it the best solution for everyone, as the traditional on-premises approach does retain advantages, such as more control over one's data.

Where does a Windows OS store the application settings? A: Preferences B: Registry C: CPU

Registry

What is routine maintenance

Routine maintenance is preventive care by taking a device offline to examine any issues similar to car maintenance

What is Segregation access and which formation is it used for.

Segregation access is used for traditional and cloud-based businesses systems. Its function is access to one area only gives you a pass to some parts of a business, not all of it

What is the definition of proprietary software? A: Freely available software that can be distributed without licensing issues. B: Software that has been tailored for a specific purpose. C: Software developed commercially which requires a license for use or distribution.

Software developed commercially which requires a license for use or distribution.

Question 4 What type of software regulates how a system runs? A: Open-source software B: System software C: Application software

System Software (Correct! System software relates to running the actual hardware itself.)

What are the advantages of Network Operating Systems

The advantage of this approach is that users can remotely log on, enabling easy upgrading as new devices and technology can be added to the existing network. It can however be costly to maintain and requires a centralized location for performing operations

What is Zero Standing Access

The concept that access to the production environment must be kept to a minimum and cannot be persisted over time. This means you must validate that you are authorized whenever you wish to access production-related areas. Even then, your access will only allow you to make changes sufficient to the area you have been authorized to access

Because RAM is volatile what will happen to the data if power is lost

The information/date will be lost

Which component connects various important computer hardware components? A:The CPU B:The motherboard C: The bus

The motherboard (The motherboard is a central circuit that connects various hardware elements and helps them function efficiently.)

Function driver

The one driver in the stack that communicates directly with the device is called the function driver. The driver that communicates directly with the device is called the function driver.

What is Vendor Lock in

This is when a company's IT infrastructure becomes overly reliant on one vendor, and the cost of altering the infrastructure is prohibitive, forcing a company's dependency on a given vendor. We don't want vendor lock in

What is the task for penetration tests

To test a systems security by conducting a real-world simulated attack on your system

Which of these computing environments is most likely to have the most hardware? A. Commercial cloud-based computing B. Traditional commercial computing C. Personal computing

Traditional commercial computing

Open source software (OSS) allows users to modify source content without consulting the original owners of the software. True or False

True

Outdated software can build up to risk of viruses and leave firewalls vulnerable True or False

True

True or False: The OS is responsible for directing hardware.

True

True or False: The volatile nature of RAM means that it would not be considered a stable source for storing data.

True

Question 2 True or False: Ransomware can involve locking someone out of their system? A:True :B False

True (Correct. Ransomware prevents an owner from accessing their application or data.)

What is Adware

Type of software that frequently shows ads to user and is installed without their consent.

What is force repair?

Unplanned occurrences that occurs depending on the situations where the system is shut down for a period of time

What is Brute force attack in Poor password Protections

Using a list of common passwords in effort to gain access to a system

What is volatile memory

Volatile memory is not permeant

What is the threat order for Virus attacks in Vulnerability, Risk and Attack

Vulnerability: Outdated software Risk: Virus Attack: Exploiting software bug

What is the threat order for Malware attacks in Vulnerability, Risk & Attack

Vulnerability: Poor Cyber Hygiene Risk: Trojans Attack: Malware

What is the threat order for Poor Password Protection in Vulnerability, Risk & Attack

Vulnerability: Poor password Risk: Brute Force Attack: Ransomware

Why do we want our networks tight and close together?

When a network is dispersed there is greater robustness to failure, so we want our networks to be tight with each other.

Define computing server

a computer connected to a network that will perform some CPU-based tasks and return the results

what does Microsoft's Assume Breach philosophy mean?

a defense measure from the mindset that the hacker has already breached the system. Red team starts the attack and blue team tries to defend against it.

Define print server

await requests to make printouts

What is a application server

can host on web browsers that have embedded applications and deliver it to a user for a form of communication For example, these apps can run a piece of JavaScript code or perform some valuable function for that network on a web browser.

What is Open-source software (OSS) software licensing

includes permissions for content to be freely distributed and modified for appropriate use such as an owners software without asking them. However, this leads to rapid fixing of bugs

What is the 3-2-1 recovery plan,

involves keeping three copies of every data in 2 formats, and 1 copy off-site as a backup strategy

What is Network scanning

involves pinging all devices on a network and identifying if some open ports or services can act as potential gateways for cybercriminals to access.

What are the benefits of computing server

is that the computer will not become slow or unresponsive when making computations

What is Just-Enough-Access (JEA)

limitations on the changes you can make while in the system but enough for you to complete a task.

What is Cloud computing

newer practice of hosting the data, software platforms, applications, operating systems, and all associated infrastructure online

Define file server

provides a common location to store files and folders

What is a Operating System (OS)

term for software that oversees the interaction between hardware and software operations and provides a means through which a human can interact with the system

What is a near-zero-downtime policy for maintenance

to reduce downtime during data or system transfers Resulting in any disruptions to services are kept to a minimum

What is Real-time Operating Systems

type of OS for applications that need real-time computations and prioritizes task base on importance to complete them as soon as possible.

What is trojan attacks most common for?

user accidently introduces malicious code and is activated behind the defensive fire wall via clinking links or unidentified documents

Define mail server

will route communication

Why is Gateway security is the top recommendation for cybersecurity?

you can prevent any external unauthorized entity from accessing your system, you can ensure that your assets are protected by using a firewall which is gateway security.