Cyber

A security professional is responsible for ensuring that company servers are configured to securely store, maintain, and retain SPII. These responsibilities belong to what security domain? Asset security Software development security Security and risk management Communication and network security

Asset security

Physical attacks fall under what domain

Asset security

Spear phishing

(Phishing) A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.

Business Email Compromise (BEC)

(Phishing) A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.

Vishing

(Phishing) The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.

Watering hole attack

(Social Engineering) A threat actor attacks a website frequently visited by a specific group of users.

Social media phishing

(Social Engineering) A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.

Physical social engineering

(Social Engineering) A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.

USB baiting

(Social Engineering) A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.

IEEE 802.1 (WiFi)

A set of standards that define communication for wireless LANs

Fill in the blank: Security _____ and event management (SIEM) tools enable security professionals to identify and analyze threats, risks, and vulnerabilities. intelligence information improvement identity

information

Security posture

is an organization's ability to manage its defense of critical assets and data and react to change. A strong security posture leads to lower risk for the organization

Network security

is the practice of keeping an organization's network infrastructure secure from unauthorized access. This includes data, services, systems, and devices that are stored in an organization's network.

Fill in the blank: Privacy protection means safeguarding _____ from unauthorized use. documentation compliance processes business networks personal information

personal information

Fill in the blank: Examples of security _____ include security and risk management and security architecture and engineering. assets domains data networks

domains

Fill in the blank: A security _____ is a set of guidelines used for building plans to help mitigate risk and threats to data and privacy. lifecycle framework regulation control

framework

Phishing

iIs the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Fill in the blank: The _____ domain is focused on access and authorization to keep data secure by making sure that users follow established policies to control and manage assets. communication and network security asset security identity and access management security operations

identity and access management

What tool is designed to capture and analyze data traffic within a network? Structured Query Language (SQL) playbook network protocol analyzer (packet sniffer) security information and event management (SIEM)

network protocol analyzer (packet sniffer)

Question 4 Fill in the blank: Identity theft is the act of stealing _____ to commit fraud while impersonating a victim. hardware trade secrets business records personal information

personal information

Fill in the blank: A _____ is a manual that provides details about operational actions. directory case history checklist playbook

playbook

Security Framework

provide a structured approach to implementing a security lifecycle

What are the primary responsibilities of an entry-level security analyst? Select three answers. Search for weaknesses Monitor systems Create compliance laws Protect information

Search for weaknesses Monitor systems Protect Information

Fill in the blank: Performing _____ enables security professionals to review an organization's security records, activities, and related documents. penetration tests security audits software developments ethical hacking

Security Audits

Social engineering attacks fall under what security domain

Security and Risk Management

Which protocol allows two or more devices to form a connection and stream data? Transmission Control Protocol (TCP) Hypertext Transfer Protocol Secure (HTTPS) Address Resolution Protocol (ARP) Domain Name System (DNS)

Transmission Control Protocol (TCP)

Security teams use the NIST Cybersecurity Framework (CSF) as a baseline to manage short and long-term risk. True False

True

Adversarial artificial intelligence

a technique that manipulates artificial intelligence and machine learning technology to conduct attacks more efficiently.

Cryptographic attack

affects secure forms of communication between a sender and intended recipient

What is telnet?

an old service used for remote management of other hosts on the network

Fill in the blank: A key aspect of the CIA triad is ensuring that data is correct, _____, and reliable. public updated authentic centralized

authentic

Fill in the blank: A computer virus is malicious _____ that interferes with computer operations and causes damage. formatting code hardware sequencing

code

Security Lifestyle

constantly evolving set of policies and standards

What is a foundational model that informs how organizations consider risk when setting up systems and security policies? Cybersecurity Framework (CSF) Sensitive personally identifiable information (SPII) Confidentiality, integrity, and availability (CIA) triad General Data Protection Regulation law (GDPR)

Confidentiality, integrity, and availability (CIA) triad

What is regulatory compliance? Threats and risks from employees and external vendors Laws and guidelines that require implementation of security standards Sites and services that require complex passwords to access Expenses and fines associated with vulnerabilities

Laws and guidelines that require implementation of security standards

What were the key impacts of the Equifax breach? Select two answers. Millions of customers' PII was stolen. The significant financial consequences of a breach became more apparent. Phishing became illegal due to significant public outcry. Developers were able to track illegal copies of software and prevent pirated licenses.

Millions of customers' PII was stolen. The significant financial consequences of a breach became more apparent.

What are the four layers of the TCP/IP model?

Network access layer Internet layer Transport layer Application layer

What is the name of the most common tool for finding open ports on a target?

Nmap

What tool do we use to test our connection to the target with an ICMP echo request?

Ping

What are the phases of an incident response playbook?

Preparation Detection and Analysis Containment Eradication and recovery Post incident activity Coordination

Which ethical principle describes safeguarding personal information from unauthorized use? Honesty Incident investigation Privacy protection Non-bias

Privacy protection

An employee trained to handle PII and SPII leaves confidential patient information unlocked in a public area. Which ethical principles does this violate? Select all that apply. Privacy protections Laws Remaining unbiased Confidentiality

Privacy protections Laws Confidentiality

What are some of the primary purposes of security frameworks? Select three answers. Protecting PII data Aligning security with business goals Safeguarding specific individuals Managing organizational risks

Protecting PII data Aligning security with business goals

In what ways do security teams bring value to an organization? Select two answers. Increasing operational expenses Protecting against external and internal threats Reducing business productivity Achieving regulatory compliance

Protecting against external and internal threats Achieving regulatory compliance

Which of the following tasks are typically responsibilities of entry-level security analysts? Select all that apply. Protecting computer and network systems Installing prevention software Examining in-house security issues Creating organizational policies

Protecting computer and network systems Installing prevention software Examining in-house security issues

You receive a text message on your personal device from your manager stating that they cannot access the company's secured online database. They're updating the company's monthly party schedule and need another employee's birth date right away. Your organization's policies and procedures state that employee information should never be accessed or shared through personal communication channels. What should you do? Request identification from your manager to ensure the text message is authentic; then, provide the birth date. Give your manager the employee's birth date; a party is a friendly gesture. Respectfully decline, then remind your manager of the organization's guidelines. Ask your manager to provide proof of their inability to access the database.

Respectfully decline, then remind your manager of the organization's guidelines.

Adversarial artificial intelligence falls under what domain

Both Communication and Network Security & Identity and Access Management

What VPN comes preinstalled in most instances of Linux?

Openvpn

SSH Port

TCP Port 22

Fill in the blank: A security professional has been tasked with implementing strict password policies on workstations to reduce the risk of password theft. This is an example of _____. security controls hardware changes security teams networking regulations

security controls

Fill in the blank: The _____ domain concerns conducting investigations and implementing preventive measures. security operations software development security asset security communications and networking engineering

security operations

What is Nmap?

used to discover hosts and services on a computer network by sending packets and analyzing the responses

Security frameworks

Are guidelines used for building plans to help mitigate risks and threats to data and privacy

What username is able to log into the target over telnet with a blank password?

Root

What type of tool uses dashboards to organize data into categories and allows analysts to identify potential security incidents as they happen? Linux Python network protocol analyzers (packet sniffers) SIEM

SIEM

Ransomware

(Malware) A malicious attack where threat actors encrypt an organization's data and demand payment to restore access.

Viruses

(Malware) Malicious code written to interfere with computer operations and cause damage to data, software, and hardware. A virus attaches itself to programs or documents, on a computer. It then spreads and infects one or more computers in a network.

Worms

(Malware) Malware that can duplicate and spread itself across systems on its own.

Spyware

(Malware) Malware that's used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

Whaling

(Phishing) A form of spear phishing. Threat actors target company executives to gain access to sensitive data.

Smishing

(Phishing) The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

Advanced persistent threats

Advanced persistent threats (APTs) have significant expertise accessing an organization's network without authorization. APTs tend to research their targets (e.g., large corporations or government entities) in advance and can remain undetected for an extended period of time. Their intentions and motivations can include: Damaging critical infrastructure, such as the power grid and natural resources Gaining access to intellectual property, such as trade secrets or patents

Which of the following statements accurately describe personally identifiable information (PII) and sensitive personally identifiable information (SPII)? Select all that apply. An example of SPII is someone's financial information. The theft of PII is often more damaging than the theft of SPII. Both PII and SPII are vulnerable to identity theft. An example of PII is someone's date of birth.

An example of SPII is someone's financial information. An example of PII is someone's date of birth.

Security controls

Are safeguards designed to reduce specific security risks. They are used with security frameworks to establish a strong security posture.

A security professional investigates an alert about an unknown user accessing a system within their organization. What is the purpose of computer forensics in this situation? Identify, analyze, and preserve criminal evidence Establish new security frameworks, controls, and regulations for the business Implement tools that help detect an incident Make upgrades to network security

Identify, analyze, and preserve criminal evidence

Fill in the blank: Cybersecurity is the practice of ensuring _____ by protecting networks, devices, people, and data from unauthorized access or criminal exploitation. A.) continuity, infrastructure, and attainment of business goals B.) confidentiality, integrity, and availability of information C.) customer trust, increased revenue, and advancement D.) compliance, instructions, and accuracy

B.) confidentiality, integrity, and availability of information

Internal Threat

Can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access can be a current or former employee, an external vendor, or a trusted partner who poses a security risk. At times, an internal threat is accidental. For example, an employee who accidentally clicks on a malicious email link would be considered an accidental threat. Other times, the internal threat actor intentionally engages in risky activities, such as unauthorized data access

Cryptographic attacks fall under what domain

Communication and Network Security

Passwords fall under what security domain

Communication and Security Domain

You are helping your security team consider risk when setting up a new software system. Using the CIA triad, you focus on integrity, availability, and what else? Confidentiality Consent Conformity Communication

Confidentiality

Security Framework Components

Identifying and documenting security goals Setting guidelines to achieve security goals Implementing strong security processes Monitoring and communicating results

You work for a U.S.-based utility company that suffers a data breach. Several hacktivist groups claim responsibility for the attack. However, there is no evidence to verify their claims. What is the most ethical way to respond to this incident? Target a specific hacktivist group as a warning to the others. Escalate the situation by involving other organizations that have been targeted. Improve the company's defenses to help prevent future attacks. Conduct cyberattacks against each hacktivist group that claimed responsibility.

Improve the company's defenses to help prevent future attacks.

Social Engineering

Is a manipulation technique that exploits human error to gain private information, access, or valuables. Human error is usually a result of trusting someone without question. It's the mission of a threat actor, acting as a social engineer, to create an environment of false trust and lies to exploit as many people as possible.

Programming

Is a process that can be used to create a specific set of instructions for a computer to execute tasks. These tasks can include: Automation of repetitive tasks Reviewing web traffic Altering suspicious activity

Threat Actor

Is any person or group who presents a security risk. This risk can relate to computers, applications, networks, and data

Malware

Is software designed to harm devices or networks. There are many types of malware. The primary purpose of malware is to obtain money, or in some cases, an intelligence advantage that can be used against a person, an organization, or a territory.

Compliance

Is the process of adhering to internal standards and external regulations and enables organizations to avoid fines and security breaches

What is one way that the Morris worm helped shape the security industry? It led to the development of computer response teams. It inspired threat actors to develop new types of social engineering attacks. It made organizations more aware of the significant financial impact of security incidents. It prevented the development of illegal copies of software.

It led to the development of computer response teams.

What is the focus of the security and risk management domain? Optimize data security by ensuring effective processes are in place Secure physical networks and wireless communications Manage and secure wireless communications Define security goals and objectives, risk mitigation, compliance, business continuity, and regulations

Define security goals and objectives, risk mitigation, compliance, business continuity, and regulations

Someone outside of an organization attempts to gain access to its private information. What type of threat does this scenario describe? Internal Accidental External Ethical

External

Social engineering, such as phishing, is a manipulation technique that relies on computer error to gain private information, access, or valuables. True False

False

An individual is in their first job as an entry-level security professional. They take training to learn more about the specific tools, procedures, and policies that are involved in their career. What does this scenario describe? Gaining new technical skills Improving management capabilities Transferring capabilities from one career to another Understanding different perspectives

Gaining new technical skills

In which domain would a security professional conduct security control testing; collect and analyze data; and perform security audits to monitor for risks, threats, and vulnerabilities? Identity and access management Communication and network engineering Security architecture and engineering Security assessment and testing

Security assessment and testing

Your supervisor asks you to audit the human resources management system at your organization. The objective of your audit is to ensure the system is granting appropriate access permissions to current human resources administrators. Which security domain is this audit related to? Software development security Security assessment and testing Identity and access management Security operations

Security assessment and testing (often involves regular audits of user permissions)

An organization requires its employees to complete a new data privacy training program each year to reduce the risk of a data breach. What is this training requirement an example of? Data confidentiality Security control Personally identifiable information (PII) Cybersecurity Framework (CSF)

Security control

A security professional working at a bank is running late for a meeting. They consider saving time by leaving files on their desk that contain client account numbers. However, after thinking about company guidelines with regards to compliance, the security professional takes the time to properly store the files. Which concept does this scenario describe? Public finance Preserving evidence Security controls Security ethics

Security ethics

You receive an alert that an unknown device has been connected to your company's internal network. You follow company policies and procedures to stop the potential threat. Which security domain is this scenario related to? Security operations Asset security Security architecture and engineering Software development security

Security operations

Question 6 Which of the following statements accurately describe the NIST CSF? Select all that apply. Security teams use it as a baseline to manage risk. It is only effective at managing short-term risk. It is a voluntary framework. Its purpose is to help manage cybersecurity risk.

Security teams use it as a baseline to manage risk. It is a voluntary framework. Its purpose is to help manage cybersecurity risk.

Telnet Port

TCP Port 23

IMAP

TCP port 143 (unencrypted) TCP port 587 (encrypted, SSL/TLS)

POP3

TCP/UDP port 110 (unencrypted) TCP/UDP port 995 (encrypted, SSL/TSL)

SMTP

TCP/UDP port 587 (encrypter, TLS)

What is the abbreviated name for a 'tunnel interface' in the output of your VPN boot-up sequence output?

TUN

What service do we identify on port 23/tcp during our scans?

Telnet

What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.

Terminal

Cloud security

The process of ensuring that assets stored in the cloud are properly configured, or set up correctly, and access to those assets is limited to authorized users. The cloud is a network made up of a collection of servers or computers that store resources and data in remote physical locations known as data centers that can be accessed via the internet. Cloud security is a growing subfield of cybersecurity that specifically focuses on the protection of data, applications, and infrastructure in the cloud.

For what reasons might disgruntled employees be some of the most dangerous threat actors? Select all that apply. They may have malicious intent. They are less productive than other employees. They know where to find sensitive information. They have access to sensitive information.

They may have malicious intent. They know where to find sensitive information. They have access to sensitive information.

What can cybersecurity professionals use logs for? To collect and analyze data to monitor critical activities in an organization To research and optimize processing capabilities within a network To identify vulnerabilities and potential security breaches To select which security team members will respond to an incident

To identify vulnerabilities and potential security breaches