Midterm PCCSA QUESTIONS
Some important characteristics and capabilities ofadvanced malware include:
-Multi-functionality -Distributed, fault-tolerant architecture -Hiding techniques such as obfuscation -Hiding techniques such as polymorphism and metamorphism
Select the appropriate slash notation for an IPV4 class C address.
/24
An IPv6 address is made up of how many bits?
128
Select the appropriate 1st octet associated with anIPV4 Class B address.
172
Which subnet is 172.168.33.20/20 on?
172.168.32.0
Identify the broadcast address from the following.
192.168.12.127/25
Which subnetwork is 192.168.25.50/28 on?
192.168.25.48
Select the subnet mask for a class A address.
255.0.0.0
Which OSI layer determines the route a packet takes from sender to receiver?
3
At which OSI layer does the PDU contain sequence and acknowledgement numbers?
4
Which OSI layer is responsible for setting up, maintaining, and ending ongoing information exchanges across a network?
5
Which option is an important characteristic or capability of advanced malware?
All of the above
What is not a Zero Trust design principle?
Allow internal users to access network services through remote access
Platform as a Service -PaaS -is best described as:
An online space where customers can develop, run, and manage applications without the complexity of building and maintaining the infrastructure typically associated with developing and launching an app.
HTTP interacts with which OSI layer?
Application
Match the following security conceptsALWC:
Authentication: Biometrics Least Privilege: Zero Trust WEP: Weak IV Cloud: Virtual Environment
What type of malware allows an attacker to bypass authentication to gain access to a compromised system?
Backdoor
Which three basic storage technologies are commonly used in local and remote storage?
Block, File, and Object
What is an easy way to make your WiFi security stronger and make it more difficult for hackersto discover your wireless network?
Change the Service Set Identifier (SSID)
The first phase of implementing security in virtualized data centers consists of:
Consolidating servers within trust levels
This layer of the hierarchical networking model isresponsible for high-speed routing and switching. Routers and switches at this layer are designed for high-speed packet routing and forwarding.
Core
Which of the following are typical mobile device management software capabilities? Select all that apply.
Data Loss Prevention Policy Enforcement
Which term refers to stripping header information as a PDU is passed from one layer to a higher layer?
Deencapsulation
Which cloud computing service model is not defined by NIST?
Desktop as a Service (DaaS)
Which of the following are examples of an 'endpoint'?
Desktop, Mobile Phone, Point of Sale (Terminal)
What type of attack is intended to rapidly cause damage to the victim's network and system infrastructure, as well as their business and reputation?
Distributed Denial of Service (DDoS)
Intra-VM traffic is also known as:
East-West
A 'rootkit' is usually associated with which of the following:
Escalation of Privilege
An attacker only needs to successfully execute one step of the Cyber Kill Chain® to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack.
False
Attacks that result in a Data Breach are most likely performed by internal threat actors (employees).
False
HTTPS is an application protocol used to transfer clear text data between web servers and web browsers.
False
New exploits can be crafted from any number or more than a thousand core exploit techniques.
False
The OSI Application Layer manages encryption and formatting.
False
True or False. A decline in the number of Faceliker malware instances was the primary reason why the number ofransomware attacks declined by 81% from Q4 2017 to Q1 2018.
False
True or False. A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software.
False
True or False. An attacker only needs to successfully execute one step of the Cyber Kill Chain® to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack.
False
True or False. An effective security strategy is to deployPerimeter-Based Network defenses, where countermeasures are defined at a handful of well-defined ingress/egress points to the network. You can then assume that everything on the internal network can be trusted.
False
True or False. Most cyberattacks today are perpetrated by internal threat actors, such as malicious employees engaging in corporate espionage.
False
True or False. Someone with limited hacking and/or programming skills that uses malicious programs (malware) written by others to attack a computer or network is known as a newbie.
False
True or False. The Lockheed Martin Cyber Kill Chain® framework is a five-step process that an attacker goes through in order to attack a network.
False
True or False. Wired Equivalent Privacy (WEP) is the most effective protocol for securing wireless networks.
False
Variable length subnet masking (VLSM) aggregates multiple continuous smaller networks into a larger network to enable more efficient internet routing.
False
The ability to withstand a catastrophic series of events is commonly known as:
Fault Tolerance
Which consideration is not associated with secure virtualization?
Hypervisor Sprawl
Which option is an example of a logical address?
IP Address
Which of the following is not a phase of implementing security in virtualized data centers:
Implementing a static and flat computing fabric
Characteristics of application firewalls include all of the following except:
Is extremely fast and has no impact on network performance
What is the name of the international cybercrime group that delivered the 2014 Sony hack and the 2017 HaoBao campaign?
Lazarus
A Zero Trust network security model is based on which of the following security principles?
Least privilege
Which protocol requires every router to calculate and maintain a complete map, or routing table, of the entire network.
Link State
What type of malware is triggered by a specific condition, such as a specific date or a particular user account being disabled?
Logic Bomb
At which Data Link sublayer does the physical address reside?
Logical Link Control (LLC)
Malicious software or code that typically damages,takes control of, or collects information from an infected endpoint is known as:
Malware
Data that moves in and out of the virtualized environment from the host network or a corresponding traditional data center is also known as:
North-South
Which type of advanced malware uses common techniques to hide certain binary strings that are characteristically used in malware and therefore are easily detected by anti-malware signatures, or to hide an entire malware program.
Obfuscation
PCI DSS is mandated and administered by the:
PCI Security Standards Council (SSC)
Select the three pillars of security orchestration.
People, Process, Technology
Match the following security conceptsPMTC:
Phishing: Social Engineering Monitoring: IDS Trojan: Masquerade Confidentiality: AES
At which layer are network problems that are restricted to one workstation most likely to occur?
Physical
Which layer of the OSI model does Project 802 divide into two sublayers?
Physical
Which of the following are examples of an 'endpoint'?
Point of Sale (Terminal) Mobile Phone Desktop
Which of the following are examples of an endpoint?
Point-Of-Sale (POS) Terminal Desktop Smartphone
Which of the following techniques and tools are used by an attacker to hide attack communications traffic?
Port Hopping and Dynamic DNS Secure Socket Layer (SSL) Encryption Process and Remote Access Tools (RATs)
Which TCP/IP layer conflicts are related to changes in encryption keys or updates to service architectures that are not supported by different client devices?
Presentation
Which cloud computing deployment model is used exclusively by a single organization?
Private
Match the following security conceptsPARI:
Proxy: Firewall Anti-malware: Heuristics/Signatures Reconnaissance: Vulnerability Detection IPSec: L2TP VPN
Which type of network separates the control and management processes from the underlying networking hardware, making them available as software that can be easily configured and deployed.
SD-WAN
Which DNS record type specifies authoritative information about a DNS zone such as a primary name server, email address of the domain administrator,and domain serial number?
SOA (Start for Authority)
Which VPN technology is currently considered the preferred method for securely connecting a remote endpoint device back to an enterprise network?
Secure Socket Layer (SSL)
Which of the following problems can occur at the Physical layer?
Signal errors caused by noise
The cloud computing service model in which a provider's applications run on a cloud infrastructure and the consumer does not manage or control the underlying infrastructure is known as:
Softwareas a Service (SAAS)
Which problem-solving approach requires a solid understanding of how networks work?
Step by step with the OSI model
Which of the following is not found in the output of a successful ping reply?
The sequence number
Which OSI layer handles flow control, data segmentation, and reliability?
Transport
A cloud access security broker (CASB) is software that monitors activity and enforces security policies on traffic between an organization's users and cloud-based applications and services.
True
A default gateway is a network device, such as a router or switch, to which an endpoint sends network traffic when a specific destination IP address is not specified by an application or service, or when the endpoint does not know how to reach a specified destination.
True
A directory service is a database that contains information about users, resources, and services in a network.
True
A domain name registrar is an organization that is accredited by a top-level domain (TLD) registry to manage domain name registrations.
True
A vulnerability is a small piece of software code, part of a malformed data file, or a sequence (string) of commands created by an attacker to cause unintended or unanticipated behavior in a system or software.
True
An autonomous system (AS) is a group of contiguous IPaddress ranges under the control of a single internet entity. Individual autonomous systems are assigned a 16-bit or 32-bit AS number (ASN) that uniquely identifies the network on the internet. ASNs are assigned by the Internet Assigned Numbers Authority (IANA).
True
Botnets are commonly designed to be managed by a CnC -Command and Control -server.
True
Development and Operations teams meet regularly, share analytics, and co-own projects from beginning to end.
True
In the serverless model, applications rely on managed services that abstract away the need to manage, patch, and secure infrastructure and virtual machines.
True
Inodes are data structures that store information about files and directories in a file-based storage system, but not the filenames or data content itself.
True
The internet of things (IoT) refers to the network of physical smart, connected objects that are embedded with electronics, software, sensors, and network connectivity.
True
True or False. Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks including data mining, event processing, and predictive analytics.
True
True or False. It is possible for an organization to be compliant with all applicable security and privacy regulations for its industry, yet still not be secure.
True
True or False. Most Botnets are designed to withstand the loss of a command and control (CnC) server, meaning that the entire Botnet infrastructure must be disabled almost simultaneously.
True
True or False. Packet-Filtering Firewalls operate at Layer 3 (network layer) of the Open Systems Interconnection (OSI) reference model.
True
True or False. The benefit of moving toward a cloud computing model is that it improves operational efficiencies and lowers capital expenditures.
True
True or False. The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use, than enterprise IT solutions is known as consumerization.
True
Characteristics of unified threat management (UTM) include all of the following except:
UTM fully integrates all of the security functions installed on the device.
This type of extranet will allow businesses within an industry to share information or integrate shared business processes.
Value Add Network (VAN)
Which of the following techniques is NOT used to break the command and control (CnC) phase of the Cyber Kill Chain®?
Vulnerability and Patch Management
Which type of attack is specifically directed at senior executives or other high-profile targets within an organization through email that typically purports to be a legal subpoena, customer complaint, or other serious matter?
Whaling
Which of the following WLAN standards is the LEAST secure? Pick two.
WiFi Protected Setup ( WPS) Wired Equivalent Privacy (WEP)
What type of malware typically targets a computer network by replicating itself in order to spread rapidly?
Worm
Which of the following are dynamic routing protocols? (Choose 4)
c. Routing Information Protocol (RIP) d. Open Shortest Path First (OSPF) e. EIGRP f. Border Gateway Protocol (BGP)
What would be the best description of 'polymorphism and metamorphism' ?
hiding techniques
The terms 'ingress/egress' best match the following descriptions:
incoming / outgoing
