IT 121

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

What is the main purpose of cyberwarfare?

To gain advantage over adversaries

What is the purpose of a backdoor?

To gain unauthorized access to a system without normal authentication procedures

Which of the following firewalls filters traffic based on source and destination data ports and filtering based on connection states?

Transport layer firewall

A port scan returns an 'open' response. What does this mean?

A service is listening on the port

When describing malware, what is a difference between a virus and a worm?

A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.

'A botnet can have tens of thousands of bots, or even hundreds of thousands.' Is this statement true or false?

True

You are configuring access settings to require employees in your organization to authenticate first before accessing certain web pages. Which requirement of information security is addressed through this configuration?

Confidentiality

A port scan returns a 'closed' response. What does this mean?

Connections to the port will be denied

Which of the following firewalls filters traffic based on the user, device, role, application type and threat profile?

Context aware application firewall

What action will an IDS take upon detection of malicious traffic?

Create a network alert and log the detection

What do you call a digital asset designed to work as a medium of exchange that uses strong encryption to secure a financial transaction?

Cryptocurrency

What name is given to the emerging threat that hides on a computer or mobile device and uses that machine's resources to mine cryptocurrencies?

Cryptojacking

'After a data breach, it's important to educate employees, partners and customers on how to prevent future breaches.' Is this statement true or false?

True

'Cryptocurrency transactions are digital.' Is this statement true or false?

True

An advanced persistent threat (APT) is usually well funded.' Is this statement true or false?

True

Cybersecurity certifications are a way for you to verify your skills and knowledge and can also boost your career.' Is this statement true or false?

True

An organization's IT department reports that their web server is receiving an abnormally high number of web page requests from different locations simultaneously. What type of security attack is occurring?

DDoS

What type of attack uses zombies?

DDoS

What are the objectives of ensuring data integrity? (Choose two correct answers)

Data is unaltered during transit Data is not changed by unauthorized entities

'Data coming into a program should be sanitized, as it could have malicious content, designed to force the program to behave in an unintended way.' This statement describes what security vulnerability?

Non-validated input

An employee is at a restaurant with friends and tells them about an exciting new video game that is under development at the organization they work for. Is this employee's behavior ethical or unethical?

Unethical

An employee is laid off after fifteen years with the same organization. The employee is then hired by another organization within a week. In the new organization, the employee shares documents and ideas for products that the employee proposed at the original organization. Is the employee's behavior ethical or unethical?

Unethical

An employee is laid off after fifteen years with the same organization. The employee is then hired by another organization within a week. In the new organization, the employee shares documents and ideas for products that the employee proposed at the original organization.Is the employee's behavior ethical or unethical?

Unethical

One of your colleagues has lost her identification badge. She is in a hurry to get to a meeting and does not have time to visit Human Resources to get a temporary badge. You lend her your identification badge until she can obtain a replacement.Is this behavior ethical or unethical?

Unethical

If developers attempt to create their own security algorithms, it will likely introduce what type of vulnerabilities?

Weaknesses in security practices

Several @Apollo employees have reported that the network access is slow. After investigation, the network administrator has learned that one employee downloaded a third-party scanning program for the printer. What type of malware might have been introduced that is causing slow performance of the network?

Worm

Which of the following are commonly used port scanning applications? (Select two correct answers)

Zenmap Nmap

Which of the following firewalls hides or masquerades the private addresses of network hosts?

Network address translation firewall

Which of the following firewalls filters traffic based on source and destination IP addresses?

Network layer firewall

A port scan returns a 'dropped' response. What does this mean?

There was no reply from the host

For what purpose would a network administrator use the Nmap tool?

To detect and identify open ports

What is the main function of the Cisco Security Incident Response Team?

To ensure company, system and data preservation

What type of attack disrupts services by overwhelming network devices with bogus traffic?

DDoS

Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability?

Access control problems

Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what?

Advanced persistent threat

Which of the following firewalls filters traffic based on application, program or service?

Application layer firewall

An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

Availability

What names are given to a database where all cryptocurrency transactions are recorded? (Select two correct answers)

Blockchain Ledger

What name is given to a group of bots, connected through the Internet, with the ability to be controlled by a malicious individual or group?

Botnet

What of the following are examples of cracking an encrypted password? (Choose four correct answers)

Brute force attack Rainbow tables Spraying Dictionary attack

What vulnerability occurs when data is written beyond the memory areas allocated to an application?

Buffer overflow

Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government?

CompTIA Security+

Which of the following certifications tests your understanding and knowledge in how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner?

EC Council Certified Ethical Hacker

During a meeting with the Marketing department, a representative from IT discusses features of an upcoming product that will be released next year. Is this employee's behavior ethical or unethical?

Ethical

'A data breach does not impact the reputation of an organization.' Is this statement true or false?

False

'Cryptocurrencies are handled on a centralized exchange.' Is this statement true or false?

False

'Internet-based cameras and gaming gear are not subject to security breaches.'Is this statement true or false?

False

Which of the following security implementations use biometrics? (Choose two correct answers)

Fingerprint Voice recognition

What tool is used to lure an attacker so that an administrator can capture, log and analyze the behavior of the attack?

Honeypot

Which of the following firewalls filters ports and system service calls on a single computer operating system?

Host-based firewall

Which of the following certifications does not expire or require periodic recertification and is geared towards post-secondary graduates and those interested in a career change?

ISACA CSX Cybersecurity Fundamentals

You are surfing the Internet using a laptop at a public Wi-Fi cafe. What should you check first before you connect to the public network?

If the laptop requires user authentication for file and media sharing

What is the best way to avoid getting spyware on a machine?

Install software only from trusted websites

Which of the following tools used for incident detection can be used to detect anomalous behavior, command and control traffic, and detect infected hosts? (Choose two correct answers)

Intrusion detection system Netflow

Which of the following statements best describes cybersecurity?

It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm

Which of the following are examples of on-path attacks? (Choose two correct answers)

Man-in-the-Mobile Man-in-the-Middle

Which of the following certifications is aimed at high school and early college students, as well as anyone interested in a career change?

Microsoft Technology Associate Security Fundamentals

Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?

Open authorization

Which of the following is an entry-level certification for newcomers who are preparing to start their career in cybersecurity?

Palo Alto Networks Certified Cybersecurity Associate

A medical office employee sends emails to patients about their recent visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?

Patient records

What is the best approach for preventing a compromised IoT device from maliciously accessing data and devices on a local network?

Place all IoT devices that have access to the Internet on an isolated network

Which of the following are categories of security measures or controls? (Choose three correct answers)

Policy and procedure Technology Awareness, training and education

In networking, what name is given to the identifier at both ends of a transmission to ensure that the right data is passed to the correct application?

Port number

Which of the following firewalls filters web content requests such as URLs and domain names?

Proxy server

What vulnerability occurs when the output of an event depends on ordered or timed outputs?

Race conditions

Which of the following firewalls are placed in front of web services to protect, hide, offload and distribute access to web servers?

Reverse proxy server

An organization's process of identifying and assessing risk with the goal of reducing these threats to an acceptable level is known as what?

Risk management

What do you call the vulnerabilities discovered by Google security researchers that affect almost all CPUs released since 1995? (Select two correct answers)

Spectre Meltdown

Which of the following items are states of data? (Choose three correct answers)

Storage Transmission Processing

What is an example of cyber kill chain?

a planned process of cyber attack

An employee points out a design flaw in a new product to the department manager. Is this employee's behavior ethical or unethical?

ethical


Set pelajaran terkait

CMS Lecture 1: Intro to Cost Accounting

View Set

MIE CH5: Small Business, Entrepreneurship, and Franchising

View Set

strength and conditioning exam 4

View Set

Unit 2 (adroit, amicable, averse...)

View Set

Unit 4: Chapter 13 (Endocrine System)

View Set

Newton's Universal Law of Gravitation

View Set

AP LANGUAGE AND COMPOSITION MIDTERM GLOSSARY

View Set

Biology 1001 chapter2 Thinking Critcally

View Set

Perioperative: Chapters 17, 18, 19

View Set

Density Altitude, Effect of Temperature/Pressure/Humidity on Density (Chapter 4: Principles of Flight)

View Set