CASP+
Which technology allows the crafting of components on-demand, and potentially eliminates the need to share designs or plans that may lead to intellectual property theft?
3D printing
Which risk response is also included when risk mitigation is performed?
Acceptance
Using other branch locations to manage a disaster response is referred to as:
Alternate Operating Facilities
This describes the amount of loss during a one-year timespan.
Annualized Loss Expectancy (ALE)
What data obfuscation method is designed to protect personally identifiable information so that data can be shared?
Anonymization
Which control is designed to prevent a computer from being hijacked by a malicious OS?
Answers may vary but secure boot, measured boot, or attestation services all apply.
Identify how Bluetooth can be used for physical reconnaissance.
Answers may vary. Bluetooth devices are discoverable using freely available tools, meaning an attacker can locate out-of-sight devices and also collect information about the hardware and vendor.
Identify some reasons why DoH poses a security threat in an enterprise setting.
Answers may vary. DoH, if approved, must be configured to use a trusted provider. DoH encapsulates DNS traffic within https traffic making it harder to identify. DoH can bypass external DNS query restrictions configured on firewalls.
Identify some ways a VPN might help an adversary avoid detection.
Answers will vary but should include a description of hiding data/activities and geographic location.
Describe some of the critical elements included in data management.
Answers will vary but should include descriptions of data inventory, data mapping, backups, quality assurance, and integrity controls.
Which type of virtualization allows the client to either access an application hosted on a server or stream the application from the server to the client for local processing?
Application Virtualization
Which access control model is a modern, fine-grained type of access control that uses a type of markup language call XACML?
Attribute-Based Access Control (ABAC)
___________________ reality emulates a real-life environment through computer-generated sights and sounds.
Augmented/Virtual
What name is given to the practice of splitting encrypted data outputs into multiple parts which are subsequently stored in disparate storage locations?
Bit Splitting or Cryptographic Splitting
Which type of storage model supports large amounts of unstructured data and is commonly used to store archives and backup sets?
Blob Storage
Which technology uses a ledger distributed across a peer-to-peer (P2P) network?
Blockchain
Identify some practical DLP example use-cases.
Blocking use of external media, print blocking, Remote Desktop Protocol (RDP) blocking, clipboard privacy controls, restricted virtual desktop infrastructure (VDI) implementation, data classification blocking.
Which type of device attack allows complete control of a device without the target device being paired with the attacker?
BlueBorne
NIST defines this as "An analysis of an information system's requirements, functions, and interdependencies used to characterize system contingency requirements and priorities in the event of a significant disruption."
Business Impact Analysis
A set of cybersecurity standards developed by the United States Department of Defense (DoD) and designed to help fortify the DoD supply chain.
CMMC
Which U.S. federal law is designed to protect the privacy of children?
COPPA
Which process is designed to provide assurance that information systems are compliant with federal standards?
Certification and Accreditation
Which type of DR site has lowest operating expense and complexity?
Cold Site
Which type of virtualization platform supports microservices and server-less architecture?
Containerization
A ______________________________________ leverages the global footprint of cloud platforms by distributing and replicating the components of a service to improve performance to all the key service areas needing access to the content.
Content Delivery Network (CDN)
This phase of the risk management life cycle identifies effective means by which identified risks can be reduced.
Control
What are the two main components of a VPN?
Creating a tunnel and protecting data via encryption
Which data destruction method is focused on the sanitization of the key used to perform decryption of data?
Crypto erase
This term describes when cloud service offerings are used for DR capabilities.
DRaaS, DR as a Service
Which concept identifies that the laws governing the country in which data is stored have control over the data?
Data sovereignty
This term describes computer-generated images or video of a person that appear to be real but are instead completely synthetic and artificially generated.
Deep Fake
This function of the NIST CSF defines capabilities needed for the timely discovery of security incidents.
Detect
What concept is often linked to the "prudent man rule"?
Due care
Which type of application testing is frequently performed using scanning tools such as OWASP's Zed Attack Proxy (ZAP)?
Dynamic Application Security Testing (DAST)
Which type of host protection should provide capabilities that directly align to the NIST Cybersecurity Framework Core?
Endpoint Protection and Response
This describes middleware software designed to enable integration and communication between a wide variety of applications throughout an enterprise.
Enterprise Service Bus (ESB)
True or False. BCDR is a technical capability and so senior leadership involvement is not required.
False
True or False. BCDR plans should not be tested as doing so may break production systems.
False
True or False. Incident response should only involve the information technology department.
False
True or False. Operating System instances running in the cloud are patched automatically by the cloud provider.
False
True or False. Operating in a public cloud removes the need for BCDR plans due to the fact that cloud platforms are so reliable.
False
True or False. The use of cloud service providers always reduces risk.
False
True or False. Traditional software development models incorporate security requirements throughout all phases.
False
What is the term used to describe when credentials created and stored at an external provider are trusted for identification and authentication?
Federation
When performing this type of test, issues and/or mistakes could cause a true DR situation:
Full Interruption
What regulation enforces rules for organizations that offer services to entities in the European Union (EU) or that collect and/or analyze data on subjects located there?
GDPR
Which type of environment is characterized by having hosts and networks available for use by visitors, such as the public or vendors?
Guest
What design strategy often conflicts with information technology management approaches that look to consolidate platforms and reduce product portfolios?
Heterogeneity/Diversity
This type of site is one that can be activated and used within minutes.
Hot Site
Which type of testing verifies that individual components of a system are tested together to ensure that they interact as expected?
Integration Testing
Which type of data describes intangible products of human thought and ingenuity?
Intellectual Property (IP)
Which types of attacks on the Android OS can bypass the protections of mandatory access control?
Inter-app communication attacks
This describes a specially configured, highly hardened, and closely monitored system used to perform administrative tasks.
Jump Box
This describes the identification of applicable laws depending on the location of the organization, data, or customer/subject.
Jurisdiction
A formal mechanism designed to measure performance of a program against desired goals.
Key Performance Indicator (KPI)
What is a critical component dictating the implementation of logging capabilities in the cloud?
Legal and regulatory compliance
This describes when an organization's legal team receives notification instructing them to preserve electronically stored information.
Legal hold
This describes the probability of a threat being realized.
Likelihood
What is the last step in a business continuity plan?
Maintenance
What type of agreement is often described as an "umbrella" contract that establishes the agreement between two entities to conduct business?
Master Services Agreement (MSA)
_____________________________ is assigned to cloud resources through the use of tags and is frequently exploited to expose configuration parameters which may reveal misconfigured settings.
Metadata
This type of network segmentation differs from a traditional network segmentation approach as it provides much higher levels of security, granularity, and flexibility.
Microsegmentation
What is the primary source of data breach in the cloud?
Misconfiguration
Which type of cloud service model can be described as virtual machines and software running on a shared platform to save costs and provide the highest level of flexibility?
Multi-tenant
A non-regulatory agency in the United States that establishes standards and best-practices across the entire science and technology field is known as:
NIST
Describe a solution designed to validate the health of an endpoint prior to allowing access.
Network Access Control (NAC)
This non-profit organization provides guidance and best practices on the development and protection of web applications.
OWASP
Which type of assessment seeks to identify specific types of sensitive data so that its use and handling can be properly disclosed?
Privacy Impact Assessment
A _________________ should include detailed descriptions of the necessary steps required to successfully complete a task.
Process
Which type of data can be used to identify an individual and includes information about past, present, or future health?
Protected Health Information (PHI)
What are two ways to measure risk?
Quantitative and Qualitative
______________ computers use information represented by spin properties, momentum, or even location of matter as opposed to the bits of a traditional computer.
Quantum
This generally defines the amount of data that can be lost without irreparable harm to the operation of the business.
Recovery Point Objective
Identify some reasons why EOL software and hardware are concerning.
Responses will vary but should include a description regarding the lack of vendor support and vendor-supplied security patches.
Storing passwords using this method should be disabled as it provides marginal improvements in protection compared to simply storing passwords in plaintext.
Reversible Encryption
This implementation creates a software-defined network by utilizing existing physical network equipment.
SDN Overlay
Which cloud service type represents the lowest amount of responsibility for the customer?
SaaS
This describes improving performance by adding additional resources to an individual system, such as adding processors, memory, and storage to an existing server.
Scaling vertically
What development model incorporates Security as Code (SaC) and Infrastructure as Code (IaC)?
SecDevOps
Which cloud computing practice eliminates the use of traditional virtual machines to deliver cloud services?
Serverless Computing
Which agreement governs services that are both measurable and repeatable and also generally include enforcement mechanisms that result in financial penalties for non-compliance?
Service Level Agreement (SLA)
What are some of the functions that can be performed via a Container API?
Some examples include list logs generated by an instance; issue commands to the running container; create, update, and delete containers; and list capabilities.
This describes when a copy of vendor-developed source code is provided to a trusted third party, in case of disaster.
Source code escrow
What authentication protocol is comparable to RADIUS and associated with Cisco devices?
TACACS+
Which type of simulation test is used to determine whether all parties involved in the response know what to do and how to work together to complete the exercise?
Tabletop Exercise
This is a passive technology used to provide visibility into network traffic within a switch.
Test Access Port or TAP
What environment is used to merge code from multiple developers to a single master copy and subject it to unit and functional tests?
Test or Integration Environment
After powering-up a virtual machine after performing maintenance, the virtual machine is no longer accessible by applications previously configured to connect to it. What is a possible cause of this issue?
The IP address was reassigned to another instance.
This describes all of the suppliers, vendors, and partners needed to deliver a final product.
The Supply Chain
What authentication scheme uses an HMAC built from a shared secret plus a value derived from a device and server's local timestamps?
Time-Based One Time Password (TOTP)
What is the name of the data obfuscation method that replaces sensitive data with an irreversible value?
Tokenization
Identify two types of certificates commonly used to implement access controls for mobile devices.
Trust (device) and user certificates
Which type of software testing ensures that a particular block of code performs the exact action intended and provides the exact output expected?
Unit Testing
In which stage of the data life cycle is data shared using various mechanisms, such as email, network folders, websites, or cloud storage?
Use
This describes when a customer is completely dependent on a vendor for products or services.
Vendor lock-in
What version of SNMP should be used whenever possible?
Version 3
Which standard is associated with the Simultaneous Authentication of Equals (SAE)?
WPA3 (Wi-Fi 6)
Which type of simulation test includes a meeting to review the plans and analyze their effectiveness against various BCDR scenarios?
Walk-through
What development model includes phases that cascade with each phase starting only when all tasks identified in the previous phase are complete?
Waterfall
What type of architecture adopts the approach of "never trust, always verify"?
Zero Trust Architecture
