CSX EXAM PRACTICE QUESTIONS

Ace your homework & exams now with Quizwiz!

Threat

Anything that is capable of acting against an asset in a manner that can result in harm

In practical applications:

Asymmetric key encryption is used to securely obtain symmetric keys

Which of the following is the best definition for cybersecurity? A. The protection of information from unauthorized access or disclosure B. Protecting information assets by addressing threats to information that is processed, stored, or transported by internet worked systems C. The protection of paper documents, digital and intellectual property, and verbal or visual communications

B. Protecting information assets by addressing threats to information that is processed, stored, or transported by internet worked systems

Which three elements of the current threat landscape have provided increased levels of access and connectivity and therefore increased opportunities for cyber crime? A. Text messaging, Bluetooth technology and SIM cards B. Web applications, botnets, and primary malware C. Cloud computing, social media, and mobile computing

C. Cloud computing, social media, and mobile computing

Maintaining a high degree of confidence regarding the integrity of evidence requires a(n):

Chain of custody

Outsourcing poses the greatest risk to an organization when it involves:

Core business functions

Privacy

Is a state of being free from unsanctioned intrusion

Security

Is action

Privacy

Is the outcome

A passive network hub operates at which layer of the OSI model?

Physical

Who has the greatest influence over access security in a password authentication environment?

Users

Likelihood

the possibility that something will happen

Vulnerability

A weakness in the design, implementation, operation or internal control of a process that could expose the system to adverse threats from threat events

Which of the following statements about advanced persistent threats (APTs) are true? A. APTs typically originate from sources such as organized crime groups, activities or governance B. APTs use obfuscation techniques that help them remain undiscovered for months or even years C.APTs are often long-term multiphase projects with a focus on reconnaissance D. The APT attack cycle begins with target penetration and collection of sensitive information

A. APTs typically originate from sources such as organized crime groups, activities or governance B. APTs use obfuscation techniques that help them remain undiscovered for months or even years C.APTs are often long-term multiphase projects with a focus on reconnaissance

The number and types of layers needed for defense in depth are a function of A. Asset value, criticality, reliability of each control and degree of exposure B. Network configuration navigation controls user interface and VPN traffic C. Isolation segmentation internal controls and external controls

A. Asset value, criticality, reliability of each control and degree of exposure

Which of the following are legal issues that may affect investigations? A. Evidence collection and storage B. Chain of custody of evidence C. Searching or monitoring communications D. Interviews or interrogations E. Education or training F. Labor, union, and privacy regulation

A. Evidence collection and storage B. Chain of custody of evidence C. Searching or monitoring communications D. Interviews or interrogations F. Labor, union, and privacy regulation

The core duty of cyber security is to: A. Manage risk B. Secure endpoints C. Protect enterprise infrastructure

A. Manage risk

intent

An actor or event with the potential to adversely impact an information system

Impact

An adverse effect that results from an event occurring

Where should an organization's network terminate virtual private network (VPN) tunnels?

At the perimeter, to allow for effective internal monitoring

Which of the following common controls protect the availability of information: A. Access controls, file permissions, encryption B. Access controls, backups, redundancy C. Access controls, logging, encryption

B. Access controls, backups, redundancy

___ is defined as a model for enabling convenient on demand network access to a shared pool of confit viable resources that can be rapidly provisioned and released with minimal management or service provider interaction A. Software as a a service (Saas) B. Cloud computing C. Platform as a service (Paas)

B. Cloud computing

Which element of an incident response plan (IRP) involves obtaining and preserving evidence? A. Identification B. Containment C. Eradication

B. Containment

Which of the following cybersecurity roles is charged with the duty of managing incidents and remediation A.Board of Directors B. Cybersecurity management C. Executive management

B. Cybersecurity management

Which of the following terms designates the process of implementing security controls on a computer system? A. Cybersecurity B. System hardening C. Patching

B. System hardening

Business continuity plans (BCPs) associated with organizational information systems should be developed primarily on the basis of:

Business needs

Which of the following is not true of likelihood? A. Measures frequency of an event occurring B. Is often a component of external factors C. Does not take into account current controls and countermeasures

C. Does not take into account current controls and countermeasures

Which of the following best describes the role of encryption within an overall cybersecurity program? A. Encryption is the primary means of securing digital assets B. Encryption depends upon shared secrets and is therefore an unreliable means of control C. Encryption is an essential but incomplete form of access control

C. Encryption is an essential but incomplete form of access control

NIST defines a(n) ________________ as a "violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices." A. Event B. Threat C. Incident

C. Incident

Vulnerability management begins with an understanding of IT assets and their locations, which can be accomplished by: A. Vulnerability scanning B. Penetration testing C. Maintaining an asset inventory

C. Maintaining an asset inventory

Which of the following are foundational tenets of security that inform security controls? A. Availability, integrity B. Confidentiality, non repudiation C. Need-to-know, principle of least privilege

C. Need-to-know, principle of least privilege

Policies

Communicate required and prohibited activities and behaviors

A segmented network:

Consists of two or more security zones

Put the steps of the penetration testing phase into the correct order. a. Attack b. Discovery c. Reporting d. Planning

D. Planning B.Discovery A. Attack C. Reporting

An interoperability error is what type of vulnerability?

Emergent

During which phase of the six-phase incident response model is the root cause determined?

Eradication

What kind of anti-malware program evaluates system processes based on their observed behaviors?

Heuristic

Virtual systems should be managed using a dedicated virtual local area network (VLAN) because:

Insecure protocols could result in a compromise of privileged user credentials

Standards

Interpret policies in specific situations

Privacy

Is a consequence

Security

Is a process

Privacy

Is the result of successful actions

Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following?

Malicious code

Which cybersecurity principle is most important when attempting to trace the source of malicious activity?

Nonrepudiation

Securing Supervisory Control and Data Acquisition (SCADA) systems can be challenging because they:

Operate in specialized environments and often have non-standard design elements

The attack mechanism directed against a system is commonly called a(n):

Payload

During which phase of the system development lifecycle (SDLC) should security first be considered?

Planning

Procedures

Provide details on how to comply with policies and standards

Guidelines

Provide strong general recommendations such as what to do in particular circumstances

Asset

Something of either tangible or intangible cakes that is worth protecting including people information infrastructure finances and reputation

Which of the following interpret requirements and apply them to specific situations?

Standards

A firewall that tracks open connection-oriented protocol sessions is said to be:

Stateful

A cybersecurity architecture designed around the concept of a perimeter is said to be:

System-centric

Risk

The combination of the likelihood of an event and it's impact

Capability

The knowledge and skill set required by a threat to carry out an event.

Opportunity

The resources and position required by a threat to carry out action

Which two factors are used to calculate the likelihood of an event?

Threat and vulnerability

Which of the following offers the strongest protection for wireless network traffic?

Wireless Protected Access 2 (WPA2)

A business continuity plan (BCP) is not complete unless it includes:

detailed procedures

Updates in cloud-computing environments can be rolled out quickly because the environment is:

homogeneous

Security

is the strategy

Risk assessments should be performed:

on a regular basis


Related study sets

1st Quarter Literature Exam 1 PT 2

View Set

SmartBook Chapter 10 (MKTG 4400)

View Set

MicroEconomics - Pearson - Chapter 11 Concept Check and Vocabulary

View Set

Chapter 23: Disruptive Behavior Disorders

View Set