Cybersecurity Essentials
eliminate single points of failure detect failures as they occur provide for reliable crossover
What three design principles help to ensure high availability? (Choose three.)
urgency intimidation
What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose two.)
Keep software up to date. Use antivirus software.
What are two ways to protect a computer from malware? (Choose two.)
Internet of Everything
What does the acronym IoE represent?
A weakness that makes a target susceptible to an attack
What does the term vulnerability mean?
The hash function is a one-way mathematical function.
What is a feature of a cryptographic hash function?
XSS (Cross Site Scripting)
What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?
What is an example of an Internet data domain?
Honeynet project
What is an example of early warning systems that can be used to thwart cybercriminals?
Goals
What is identified by the first dimension of the cybersecurity cube?
HMAC
A VPN will be used within the organization to give remote users secure access to the corporate network. What does IPsec use to authenticate the origin of every packet to provide data integrity checking?
PCI DSS
A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?
SaaS
A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?
Enable automated antivirus scans. Disable administrative rights for users. Enable screen lockout.
A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)
FERPA
A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?
Vulnerability Scanner
A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?
SSH (Secure Shell)
An administrator of a small data center wants a flexible, secure method of remotely connecting to servers.Which protocol would be best to use?
Bluesnarfing
An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?
a misconfigured firewall unauthorized port scanning and network probing unlocked access to network equipment
An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)
Disable ping, probing, and port scanning. Update devices with security fixes and patches. Test inbound and outbound traffic.
An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)
laws governing the data
As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?
GLBA
As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?
CFAA
If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?
preventive
Keeping data backups offsite is an example of which type of disaster recovery control?
audit
The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?
ensures a clean imaged machine can provide a full system backup easier to deploy new computers within the organization
The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.)
quantitative analysis
The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?
establishing early warning systems sharing cyber Intelligence information
Thwarting cyber criminals includes which of the following? (Choose two.)
Conduct security awareness training regularly. Establish policies and procedures for guests visiting the building.
Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)
Monitors, Definers, Builders
What are the three broad categories for information security positions? (Choose three.)
confidential business information national security and foreign policy information law enforcement records that implicate one of a set of enumerated concerns
What are three disclosure exemptions that pertain to the FOIA? (Choose three.)
InfoSec job postings InfoSec reports
What are two items that can be found on the Internet Storm Center website? (Choose two.)
unauthorized access data loss
What are two potential threats to applications? (Choose two.)
NVD
What can be used to rate threats by an impact score to emphasize important vulnerabilities?
develop tools, products, and methods to conduct forensic examinations resolve software vulnerabilities develop tools, products, and methods to analyze vulnerabilities
What three services does CERT provide? (Choose three.)
SQL Injection
What type of attack targets an SQL database using the input field of a user?
It is an open source Linux security distribution and contains over 300 tools.
Why is Kali Linux a popular choice in testing the network security of an organization?
Remove unnecessary programs and services.
A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?
System resiliency
Being able to maintain availability during disruptive events describes which of the principles of high availability?
Operating system
What does a rootkit modify?
Provide security awareness training. Use content filtering. Disable CD and USB access.
A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)
Type II
A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?
a type of ransomware
A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?
Encryption authentication
What are two methods that ensure confidentiality? (Choose two.)
authorization authentication
What are two methods that ensure confidentiality? (Choose two.)
mandatory use of AES algorithms
Why is WPA2 better than WPA?
easily crackable
Why should WEP not be used in wireless networks today?
high earning potential a career-field in high-demand service to the public
A specialist in the HR department is invited to promote the cybersecurity program in community schools. Which three topics would the specialist emphasize in the presentation to draw students to this field? (Choose three.)
Computer Firewall
A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem?
Rogue Access Point
A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?
Baseline
A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities?
Updates cannot be circumvented. Administrators can approve or deny patches. Updates can be forced on systems immediately.
A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)
the ability to control when updates occur the ability to obtain reports on systems no opportunities for users to circumvent updates
A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)
Secure password storage. Enforce the principle of least privilege. Reduce the number of privileged accounts.
After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)
Private Key from Alice
Alice and Bob are using a digital signature to sign a document. What key should Alice use to sign the document so that Bob can make sure that the document came from Alice?
secpol.msc
An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?
reverse lookup tables rainbow tables lookup tables
An organization has determined that an employee has been cracking passwords on administrative accounts in order to access very sensitive payroll information. Which tools would you look for on the system of the employee? (Choose three)
improving reliability and uptime of the servers
An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?
asset classification
An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?
NOC
Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible?
medical employment education
Pick three types of records that cyber criminals would be interested in stealing from organizations. (Choose three.)
The systems use different hashing algorithms. One system uses hashing and the other uses hashing and salting.
Technicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)
They collect sensitive information They contain personal information
Technologies like GIS and IoE contribute to the growth of large data stores. What are two reasons that these technologies increase the need for cybersecurity specialists? (Choose two.)
TPM= timbalan perdana menteri kepala bapak kau at least two volumes
The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution? (Choose two.)
digital certificates
The X.509 standards defines which security technology?
CVE national database
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can be used to identify specific details about vulnerabilities?
VPN
The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?
the New York Stock Exchange
There are many environments that require five nines, but a five nines environment may be cost prohibitive. What is one example of where the five nines environment might be cost prohibitive?
Limiting
What approach to availability involves using file permissions?
Layering
What approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?
Integrity, Availability, Confidentiality
What are the three foundational principles of the cybersecurity domain? (Choose three.)
in-transit in-process at rest
What are the three states of data? (Choose three.)
Authentication, authorization, accounting
What are three access control security services? (Choose three.)
PII classified business
What are three types of sensitive information? (Choose three.)
SHA MD5
What are two common hash functions? (Choose two.)
The email has no subject line. The email has misspelled words or punctuation errors or both.
What are two common indicators of spam mail? (Choose two.)
containment and recovery detection and analysis
What are two incident response phases? (Choose two.)
Asset Standardization
What is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?
Worms self-replicate but viruses do not.
What is the difference between a virus and a worm?
An HIDS monitors operating systems on host computers and processes file system activity. Firewalls allow or deny traffic between the computer and other systems.
What is the difference between an HIDS and a firewall?
a malicious program that uses a trigger to awaken the malicious code
What is the meaning of the term logic bomb?
Backdoor
What is the name given to a program or program code that bypasses normal authentication?
Spear Phishing
What is the term used to describe an email that is targeting a specific person employed at a financial institution?
Phishing
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
Analyze
What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?
entity integrity
What kind of integrity does a database have when all its rows have a unique identifier called a primary key?
Version Control
What mechanism can organizations use to prevent accidental changes by authorized users?
NAS
What name is given to a storage device connected to a network?
Backup
What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?
Buffer Overflow
What occurs on a computer when data goes beyond the limits of a buffer?
confidentiality
What principle prevents the disclosure of information to unauthorized people, resources, and processes?
Authorization
What service determines which resources a user can access along with the operations that a user can perform?
digital certificate
What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?
digital signature
What technology should you implement to ensure that an individual cannot later claim that he or she did not sign a given document?
gives security staff the backing of management is not legally binding defines legal consequences of violations
What three tasks are accomplished by a comprehensive security policy? (Choose three.)
equipment maintenance up-to-date operating systems
What two methods help to ensure system availability? (Choose two.)
Algorithm
What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?
DDoS
What type of attack uses many systems to flood the resources of a target, thus making the target unavailable?
Authentication
What type of cybersecurity laws protect you from an organization that might want to share your sensitive data?
SHA-256
Which hashing algorithm is recommended for the protection of sensitive, unclassified information?
HMAC
Which hashing technology requires keys to be exchanged?
transfer
Which risk mitigation strategies include outsourcing services and purchasing insurance?
DNS
Which service will resolve a specific web address into an IP address of the destination web server?
They are part of a protest group behind a political cause
Which statement best describes a motivation of hacktivists?
HMAC
Which technology could be used to prevent a cracker from launching a dictionary or brute-force attack off a hash?
RAID
Which technology would you implement to provide high availability for data storage?
Smishing
Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website
Trusted partners, ex-employees
Which two groups of people are considered internal attackers? (Choose two.)
hashing, data consistency checks
Which two methods help to ensure data integrity? (Choose two.)
The key is static and repeats on a congested network. The key is transmitted in clear text.
Which two reasons describe why WEP is a weak protocol? (Choose two.)
annual rate of occurrence single loss expectancy
Which two values are required to calculate annual loss expectancy? (Choose two.)
Packet Forgery
Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?
SHA-256
You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?
a validation rule which has been implemented to ensure completeness, accuracy, and consistency of data
You have been asked to work with the data collection and entry staff in your organization in order to improve data integrity during initial data entry and data modification operations. Several staff members ask you to explain why the new data entry screens limit the types and size of data able to be entered in specific fields. What is an example of a new data integrity control?
digital certificates
Your organization will be handling market trades. You will be required to verify the identify of each customer who is executing a transaction. Which technology should be implemented to authenticate and verify customer electronic transactions?
qualitative analysis
Your risk manager just distributed a chart that uses three colors to identify the level of threat to key assets in the information security systems. Red represents high level of risk, yellow represents average level of threat and green represents low level of threat. What type of risk analysis does this chart represent?