Cyber 1011 final review
Security manager
After Bella earned her security certification, she was offered a promotion. As she reviewed the job responsibilities, she saw that in this position she will report to the CISO and will be a supervisor over a group of security technicians. Which of these generally recognized security positions has she been offered?
availabilty
Akira is explaining to his team members the security constraints that have made it a challenge for protecting a new embedded system. Which of the following would Akira NOT include as a constraint?
blocking ransomware
Gabriel's sister called him about a message that suddenly appeared on her screen that says her software license has expired and she must immediately pay $500 to have it renewed before control of the computer will be returned to her. What type of malware has infected her computer?
They would have to stay overnight to perform the test.
Lykke's supervisor is evaluating whether to use internal security employees to conduct a penetration test. Lykke does not consider this a good idea and has created a memo with several reasons they should not be used. Which of the following would NOT be part of that memo?
Cryptomalware can encrypt all files on any network that is connected to the employee's computer.
Marius's team leader has just texted him that an employee, who violated company policy by bringing in a file on her USB flash drive, has just reported that her computer is suddenly locked up with cryptomalware. Why would Marius consider this a dangerous situation?
Scope
Tilde is working on a contract with the external penetration testing consultants. She does not want any executives to receive spear-phishing emails. Which rule of engagement would cover this limitation?
SSAE SOC 2 Type II
Tuva's supervisor wants to share a recent audit outside the organization. Tuva warns him that this type of audit can only be read by those within the organization. What audit does Tuva's supervisor want to distribute?
Mobile device management (MDM)
What allows a device to be managed remotely?
Requests for comments (RFCs)
What are documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas?
Privacy and speed
What are the two concerns about using public information sharing centers?
Trusted Automated Exchange of Intelligence Information (TAXII)
Which of the following is an application protocol for exchanging cyberthreat intelligence over HTTPS?
Professionals who hold the Security+ certification earn about the same or slightly less than security professionals who have not achieved this certification.
Which of the following is false about the CompTIA Security+ certification?
Worm
Which of the following is known as a network virus?
No compelling reason for any updates
Which of the following is not a reason why a legacy platform has not been updated?
On-prem
Which of the following is not a recognized attack vector?
Whitelist
Which of these is a list of preapproved applications?
Arduino
Agape has been asked to experiment with different hardware to create a controller for a new device on the factory floor. She needs a credit-card-sized motherboard that has a microcontroller instead of a microprocessor. Which would be the best solution?
KRI
An IOC occurs when what metric exceeds its normal bounds?
Wireless carriers are reluctant to provide firmware OTA updates because of the bandwidth the updates consume on their wireless networks.
Aoi has been asked to provide research regarding adding a new class of Android smartphones to a list of approved devices. One of the considerations is how frequently the smartphones receive firmware OTA updates. Which of the following reasons would Aoi NOT list in her report as a factor in the frequency of Android firmware OTA updates?
Rooting
Banko's sister has just downloaded and installed an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called?
through products, people, and procedures on the devices that store, manipulate, and transmit the information
Complete this definition of information security: That which protects the integrity, confidentiality, and availability of information _____.
Planning
Ebba has received a new initiative for her security team to perform an in-house penetration test. What is the first step that Ebba should undertake?
USB OTG is only available for connecting Android devices to a subnotebook.
Enki received a request by a technician for a new subnotebook computer. The technician noted that he wanted USB OTG support and asked Enki's advice regarding its. Which of the following would Enki NOT tell him?
unified endpoint management (UEM)
Hakaku needs a tool with a single management interface that provides capabilities for managing and securing mobile devices, applications, and content. Which tool would be the best solution?
Apple uses file-based encryption to offer a higher level of security.
Hisoka is creating a summary document for new employees about their options for different mobile devices. One part of his report covers encryption. What would Hisoka NOT include in his document?
Those settings that provide the means by which the user can immediately begin to use the product.
How do vendors decide which should be the default settings on a system?
CYOD
In her job interview, Xiu asks about the company policy regarding smartphones. She is told that employees may choose from a limited list of approved devices but that she must pay for the device herself; however, the company will provide her with a monthly stipend. Which type of enterprise deployment model does this company support?
LOLBins
Josh is researching the different types of attacks that can be generated through a botnet. Which of the following would NOT be something distributed by a botnet?
Red Team
Linnea has requested to be placed on the penetration testing team that scans for vulnerabilities to exploit them. Which team does she want to be placed on?
Dark web search engines are identical to regular search engines.
Luka has been asked by his supervisor to monitor the dark web for any IOCs concerning their organization. The next week, Luca reports back that he was unable to find anything due to how looking for information on the dark web is different from using the regular web. Which of the following is not different about looking for information on the dark web?
Fame
Luna is reading a book about the history of cybercrime. She read that the very first cyberattacks that occurred were mainly for what purpose?
Automated Indicator Sharing (AIS)
Oskar has been receiving emails about critical threat intelligence information from a public information sharing center. His team leader has asked him to look into how the process can be automated so that the information can feed directly into their technology security. What technology will Oskar recommend?
PUP
Randall's roommate is complaining to him about all of the software that came pre-installed on his new computer. He doesn't want the software because it slows down the computer. What type of software is this?
Access to data and participation
What are the two limitations of private information sharing centers?
Limits access to the registry
What does Windows 10 Tamper Protection do?
It separates personal data from corporate data.
What does containerization do?
Geofencing
What enforces the location in which an app can function by tracking the location of the mobile device?
To spy on citizens
What is an objective of state-sponsored attackers?
Active reconnaissance
What is another name for footprinting?
Buffer overflow attack
Which type of memory vulnerability attack manipulates the "return address" of the memory location of a software program?
It is sent to the server over HTTPS
What is the advantage of a secure cookie?
Brokers
What is the category of threat actors that sell their knowledge of vulnerabilities to other attackers or governments?
A RAT gives the attacker unauthorized remote access to the victim's computer.
What is the difference between a Trojan and a RAT?
Geolocation
What is the process of identifying the geographical location of a mobile device?
System integration
What is the term used to describe the connectivity between an organization and a third party?
Black box
What penetration testing level name is given to testers who have no knowledge of the network and no special privileges?
Screen lock
What prevents a mobile device from being used until the user enters the correct passcode?
Time of check/time of use race condition
What race condition can result in a NULL pointer/object dereference?
Refactoring
What term refers to changing the design of existing code?
Dynamic Analysis
What type of analysis is heuristic monitoring based on?
Endpoint
What word is used today to refer to network-connected hardware devices?
Lateral movement
When researching how an attack recently took place, Nova discovered that the threat actor, after penetrating the system, started looking to move through the network with their elevated position. What is the name of this technique?
ISO 31000
Which ISO contains controls for managing and controlling risk?
Measured boot
Which boot security mode sends information on the boot process to a remote server?
The Cloud Security Alliance (CSA)
Which group is responsible for the Cloud Controls Matrix?
Reporting
Which is the final rule of engagement that would be conducted in a pen test?
Waterfall model
Which model uses a sequential design process?
Regulations
Which of the following are developed by established professional organizations or government agencies using the expertise of seasoned security professionals?
cross-site scripting (XSS) attack
Which of the following attacks is based on a website accepting user input without sanitizing it?
cross-site request forgery (CSRF)
Which of the following attacks is based on the principle that when a user is currently authenticated on a website and then loads another webpage, the new page inherits the identity and privileges of the first website?
Dynamic-link library (DLL) injection attack
Which of the following attacks targets the external software component that is a repository of both code and data?
SOAR
Which of the following can automate an incident response?
Confidentiality
Which of the following ensures that only authorized parties can view protected information?
Script kiddies
Which of the following groups have the lowest level of technical knowledge?
State Actors
Which of the following groups use Advanced Persistent Threats?
It holds a suspicious application until the user gives approval.
Which of the following is FALSE about a quarantine process?
Automated
Which of the following is NOT a characteristic of a penetration test?
Diffusion
Which of the following is NOT a characteristic of malware?
Trusted contacts
Which of the following is NOT a context-aware authentication?
Which of the following is NOT a general information source that can provide valuable in-depth information on cybersecurity?
They can be difficult to visualize
Which of the following is NOT a limitation of a threat map?
Which of the following is NOT a means by which a bot communicates with a C&C device?
Less expensive
Which of the following is NOT an advantage of crowdsourced penetration testing?
Users can disable or circumvent updates just as they can if their computer is configured to use the vendor's online update service.
Which of the following is NOT an advantage to an automated patch update service?
Restricting patch management
Which of the following is NOT an important OS security configuration?
Payment Card Industry Data Security Standard (PCI DSS)
Which of the following is a standard for the handling of customer card information?
Support of USB 3.0
Which of the following is not an improvement of UEFI over BIOS?
Patches address zero-day vulnerabilities
Which of the following is not an issue with patching?
Incident response
Which of the following is not something that a SIEM can perform?
Security is a war that must be won at all costs.
Which of the following is not true regarding security?
Malicious agent
Which of the following is not used to describe those who attack computer systems?
Artificial Intelligence (AI)
Which of the following is technology that imitates human abilities?
Security and convenience are inversely proportional.
Which of the following is true regarding the relationship between security and convenience?
server-side request forgery (SSRF)
Which of the following manipulates the trusting relationship between web servers?
Integrity
Which of the following of the CIA Triad ensures that the information is correct, and no unauthorized person has altered it?
Rich communication services (RCS)
Which of the following technologies can convert a texting app into a live chat platform?
host intrusion prevention system (HIPS)
Which of the following tries to detect and stop an attack?
Last known good configuration
Which of these is NOT a security feature for locating a lost or stolen mobile device?
Password
Which of these is considered the strongest type of passcode to use on a mobile device?
Push notification services
Which of these is used to send SMS text messages to selected users or groups of users?
Send an email to Rowan's inbox each Monday morning with the agenda of that week's department meeting.
Which of these would NOT be considered the result of a logic bomb?
Threat actors have already infiltrated our network.
Which premise is the foundation of threat hunting?
TLP
Which privacy protection uses four colors to indicate the expected sharing limitations that are to be applied by recipients of the information?
Staging stage
Which stage conducts a test that will verify the code functions as intended?
Software keyloggers are generally easy to detect.
Which statement regarding a keylogger is NOT true?
Advanced Persistent Threat (APT)
Which tool is most commonly associated with state actors?
Mobile application management (MAM)
Which tool manages the distribution and control of apps?
real-time operating system (RTOS)
Which type of OS is typically found on an embedded system?
White hat hackers
Which type of hacker will probe a system for weaknesses and then privately provide that information back to the organization?
Fileless virus
Which type of malware relies on LOLBins?
