Intro Cybersecurity Final
In which type of computer crime do cybercriminals engage in activities to either impersonate victims or to convince victims to carry out transactions that benefit the criminals, with a focus on extracting revenue from victims? Exfiltrating data Cyberstalking Nonaccess computer crime Online fraud
Online fraud
Janette is the director of her company's network infrastructure group. She is explaining to the business owners the advantages and disadvantages of outsourcing network security. One consideration she presents is the question of who would be responsible for the data, media, and infrastructure. What consideration is she describing? Ownership Adherence to policy Risk Privacy
Ownership
Susan performs a full backup of her server every Sunday at 1:00 a.m. and differential backups on Mondays through Fridays at 1:00 a.m. Her server fails at 9:00 a.m. on Wednesday. How many backups does Susan need to restore? 1 4 2 3
2
Devaki is a network engineer. She is diagnosing an issue with a small business customer's wireless local area network (WLAN). She knows the Institute of Electrical and Electronics Engineers (IEEE) has created the standards involved in various network technologies. While WLAN standards cover a wide array of subsets, which general standard does she need to consult that addresses all WLANs? 802.3 802.18 802.11 802.16
802.11
Mark is considering outsourcing security functions to a third-party service provider. What benefit is he most likely to achieve? Building internal knowledge Access to a higher level of expertise Higher degree of privacy Developing in-house talent
Access to a higher level of expertise
In the Open Systems Interconnection (OSI) Reference Model, which layer has the user interface that displays information to the user? Presentation Session Transport Application
Application
Mary is designing a software component that will function at the Presentation Layer of the Open Systems Interconnection (OSI) Reference Model. What other two layers of the model will her component need to interact with? Application and Transport Network and Session Session and Transport Application and Session
Application and Session
Jiang is pursuing a career in information security. He wants to eventually achieve the (ISC)2 Certified Information Systems Security Professional (CISSP) certification but does not have the required experience. If he passes the CISSP exam now, which credential will Jiang get? CISSP-ISSAP Certified Cloud Security Professional (CCSP) Associate of (ISC)2 Systems Security Certified Practitioner (SSCP)
Associate of (ISC)2
Lin is creating a template for the configuration of Windows servers in her organization. The configuration includes the basic security settings that should apply to all systems. What type of document should she create? Guideline Baseline Procedure Policy
Baseline
Arturo is leading a project to commission a new information system that will be used by a U.S. federal government agency. The agency uses the risk management framework (RMF) approach for Federal Information Security Management Act (FISMA) compliance. He is working with his team to assess and document agency IT systems based on risk. What step of the risk management framework is Arturo completing? Assess security controls for effectiveness Continuously monitor security controls Categorize information systems Implement security controls in IT systems
Categorize information systems
Richard would like to earn a certification that demonstrates his ability to manage enterprise security programs. What certification would be most appropriate for Richard? Certified Information Security Manager (CISM) Certified in Risk and Information Systems Control (CRISC) Certified Information Systems Auditor (CISA) Certified in the Governance of Enterprise IT (CGEIT)
Certified Information Security Manager (CISM)
Betty visits a local library with her young children. She notices that someone using a computer terminal in the library is visiting pornographic websites. What law requires that the library filter offensive web content for minors? Family Educational Rights and Privacy Act (FERPA) Sarbanes-Oxley Act (SOX) Children's Internet Protection Act (CIPA) Children's Online Privacy Protection Act (COPPA)
Children's Internet Protection Act (CIPA)
Oscar is a network engineer. He is responsible for the networks and security protections, such as firewalls, in his local government agency. He is beginning a professional development journey and trying to determine an entry-level or associate-level security certification that is a good match with his current knowledge and skills. Which certification should he pursue? Cisco Certified Network Associate (CCNA) Administration of Symantec Security Analytics Juniper Networks Certified Internet Professional (JNCIP)-Enterprise Check Point Certified Security Administrator (CCSA)
Cisco Certified Network Associate (CCNA)
Helen has no security experience. She would like to earn a certification that demonstrates that she has the basic knowledge necessary to work in the information security field. What certification would be an appropriate first step for her? Certified Internet Web Professional (CIW) CompTIA Security+ GIAC Assessing Wireless Networks (GAWN) Certified Information Systems Security Professional (CISSP)
CompTIA Security+
Maya is creating a computing infrastructure compliant with the Payment Card Industry Data Security Standard (PCI DSS). What type of information is she most likely trying to protect? Health records Educational records Trade secrets Credit card information
Credit card information
Omar is an infrastructure security professional. After reviewing a set of professional ethics issued by his company, he is learning and adopting ethical boundaries in an attempt to demonstrate them to others. What is this called? Understanding common assumptions that lead computer users to unethical behavior Informing users through security awareness training Communicating the freedom to access all system resources Encouraging the adoption of ethical guidelines and standards
Encouraging the adoption of ethical guidelines and standards
Biyu is a network administrator. She is developing the compliance aspect of her company's security policy. Currently, she is focused on the records of actions that the organization's operating system or application software creates. What aspect of compliance is Biyu focusing on? Professional ethics Event logs Certification Remediation
Event logs
Antonio is responsible for tuning his organization's intrusion detection system. He notices that the system reports an intrusion alert each time that an administrator connects to a server using Secure Shell (SSH). What type of error is occurring? False positive error Remote administration error False negative error Clipping error
False positive error
Erin is a system administrator for a U.S. federal government agency. What law contains guidance on how she may operate a federal information system? Family Educational Rights and Privacy Act (FERPA) Gramm-Leach-Bliley Act (GLBA) Federal Information Security Management Act (FISMA) Sarbanes-Oxley Act (SOX)
Federal Information Security Management Act (FISMA)
Bob is preparing to dispose of magnetic media and wishes to destroy the data stored on it. Which method is not a good approach for destroying data? Physical destruction Degaussing Formatting Repeatedly overwriting data
Formatting
Devaki is a new compliance manager. She is reading about various regulations to determine which ones apply to her industry. What law applies specifically to consumer data that originates in Europe? Sarbanes-Oxley Act (SOX) General Data Protection Regulation (GDPR) Payment Card Industry Data Security Standard (PCI DSS) Health Insurance Portability and Accountability Act (HIPAA)
General Data Protection Regulation (GDPR)
Gary is troubleshooting a security issue on an Ethernet network. He would like to look at the relevant Ethernet standard. What publication should he seek out? ISO 17799 NIST 800-53 ANSI X.1199 IEEE 802.3
IEEE 802.3
Juan comes across documentation from his organization related to several information security initiatives using different standards as their reference. Which International Organization for Standardization (ISO) standard provides current guidance on information security management? ISO 27002 ISO 14001 ISO 9000 ISO 17799
ISO 27002
During which step of the incident-handling process does triage take place? Notification Recovery and follow-up Identification Response
Identification
Bill is conducting an analysis of a new IT service. He would like to assess it using the Open Systems Interconnection (OSI) Reference Model and would like to learn more about this framework. What organization should he turn to for the official definition of OSI? Information Systems Audit and Control Association (ISACA) Ocean Surveillance Information System (OSIS) National Institute of Standards and Technology (NIST) International Organization for Standardization (ISO)
International Organization for Standardization (ISO)
Rodrigo has just received an email at work from an unknown person. The sender claims to have incriminating evidence against Rodrigo and threatens to release it to his employer and his family unless he discloses certain confidential information about his employer's company. Rodrigo does not know that several other people in the organization received the same email. What form of social engineering has occurred? Appeal for help Name dropping Intimidation Phishing
Intimidation
Lin is a digital forensic specialist who works in a forensic lab. She is evaluating diagnostic forensic software to add to the lab's toolkit. She wants a tool that is open source that can also be used for penetration testing. Which tool should she choose? EnCase OSForensics Kali Linux The Forensic Toolkit (FTK)
Kali Linux
Isabella is a digital forensic specialist. She wants to recover deleted data from a computer disk. The computer is currently running. Which process should she take to do so without accidentally overwriting any deleted data? Shut down the computer, reboot, and then copy the contents of the disk drive to an external drive Copy the contents of the disk drive to an external drive without shutting down the computer Make an image of memory, shut down the computer, attach the disk drive to a forensic lab device, and read the data from the disk Because processes constantly run on computers and request new sectors to store data, it is not possible to recover deleted data without some data being overwritten
Make an image of memory, shut down the computer, attach the disk drive to a forensic lab device, and read the data from the disk
Alison retrieved data from a company database containing personal information on customers. When she looks at the Social Security number (SSN) field, she sees values that look like this: "XXX-XX-9142." What has happened to these records? Hashing Truncation Masking Encryption
Masking
Security controls place limits on activities that might pose a risk to an organization. Ricky, a security engineer for his company, is performing a review and measurement of all controls to capture changes to any environment component. What is this called? Monitoring Remediating Securing Auditing
Monitoring
Hajar is a network engineer. She is creating a system of access involving clearance and classification based on users and the objects they need in a secure network. She is restricting access to secure objects by users based on least privilege and which of the following? Separation of duties Security awareness Job rotation Need to know
Need to know
Jermaine is a security administrator for his company. He is developing a defense against attacks based on network-mapping methods. He prevents the Internet Control Message Protocol (ICMP) from operating to stop attackers from using ping packets to discover the network layout, but he must also guard against operating system fingerprinting since many attacks are tailored to specific operating systems. What must Jermaine be concerned about? Unnecessary services Port mapping Zone transfers Snapshots
Port mapping
During which step of the incident-handling process do you develop a formal communication plan and identify all key stakeholders? Preparation Notification Identification Documentation
Preparation
Marguerite is creating a budget for a software development project. What phase of the system life cycle is she undertaking? Project initiation and planning Operations and maintenance Functional requirements and definition System design specification
Project initiation and planning
Arturo is an IT manager for a school district. He is planning recovery options for a small data center that supports teacher and classroom activities for 5 of the 21 schools in his district. Many school districts in his state use similar classroom technology. Arturo is looking for a temporary alternate site that would be easy to cut over to and is affordable. Which option is most likely to fit Arturo's needs? Service provider that has extra capacity Reciprocal agreement with another school district Reciprocal center Contingency carrier
Reciprocal agreement with another school district
During which step of the incident-handling process should a lessons-learned review of the incident be conducted? Recovery and follow-up Documentation Response Notification
Recovery and follow-up
Isabella is an IT security manager for a state agency. The agency can survive for nine hours without a functioning data center. The power goes out in her data center. It takes six hours to move data center operations to an alternate site. Which of the following describes the time it takes for the move? Recovery time objective (RTO) Critical business function (CBF) Recovery point objective (RPO) Mean time to failure (MTTF)
Recovery time objective (RTO)
During which step of the incident-handling process is the goal to contain the incident? Notification Response Recovery and follow-up Identification
Response
Mia is her company's network security professional. She is developing access policies based on personnel security principles. As part of this effort, she is devising a method of taking high-security tasks and splitting them among several different employees so that no one person is responsible for knowing and performing the entire task. What practice is she developing? Separation of duties Job rotation Limiting access Mandatory vacations
Separation of duties
Isaac is responsible for performing log reviews for his organization in an attempt to identify security issues. He has a massive amount of data to review. What type of tool would best assist him with this work? Data loss prevention (DLP) system Security information and event management (SIEM) system Intrusion prevention system (IPS) Virtual private network (VPN)
Security information and event management (SIEM) system
Aditya is a network technician. He is collecting system data for an upcoming internal system audit. He is currently performing vulnerability testing to determine what weaknesses may exist in the network's security. What form of assessment is he conducting? Security testing Checklists Observation Configuration review
Security testing
Carl has assembled a team of representatives from each department to test a new business continuity plan (BCP). During the test, the representatives meet in a room and review many aspects of the plan, such as the goals, scope, assumptions, and the structure of the organization. They also conduct scenario-based exercises as though they are executing the plan for a certain type of incident to find errors, such as gaps or overlaps. What type of plan is being conducted? Simulation Parallel Checklist Structured walk-through
Structured walk-through
Ben is working toward a position as a senior security administrator. He would like to earn his first International Information Systems Security Certification Consortium (ISC)2 certification. Which certification is most appropriate for his needs? Certified Cloud Security Professional (CCSP) Certified Information Systems Security Professional (CISSP) Certified Secure Software Lifecycle Professional (CSSLP) Systems Security Certified Practitioner (SSCP)
Systems Security Certified Practitioner (SSCP)
Susan is a digital forensic examiner. She is investigating a case in which a driver has been accused of vehicular homicide. She has the driver's mobile device and cellular records. What type of mobile device evidence is most likely to reveal whether the driver was actively using a mobile device when the incident occurred? Device information Global positioning system (GPS) information and history Text messages Network connection information and history
Text messages
How are the Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry Data Security Standard (PCI DSS) alike? The same federal agencies have oversight over both HIPAA and PCI DSS. The same federal agencies have oversight over both HIPAA and PCI DSS. They have similar scopes. They both focus on the health care industry. They both have requirements that protect the confidentiality, integrity, and availability of data.
They both have requirements that protect the confidentiality, integrity, and availability of data.
Aditya is attempting to classify information regarding a new project that his organization will undertake in secret. Which characteristic is not normally used to make these types of classification decisions? Threat Sensitivity Value Criticality
Threat
Log files can help provide evidence of normal and abnormal system activity, as well as valuable information on how well security controls are doing their jobs. Regulation, policy, or log volume might dictate how much log information to keep. If a log file is subject to litigation, how long must a company keep it? A minimum of seven years Until the case is over At least one year Until litigation starts
Until the case is over
A(n) _________ is an event that prevents a critical business function (CBF) from operating for a period greater than the maximum tolerable downtime (MTD). incident contingency disaster violation
disaster
Because __________, auditing every part of an organization and extending into all outsourcing partners may not be possible. such an extensive audit is outside of best practices recommendations all users should not be informed they are being audited all users should be informed they are being audited of resource constraints
of resource constraints
Leola is a cybersecurity consultant hired by a company to test the effectiveness of its network's defenses. She has something in common with the malicious people who would perform the same tasks involved in _________________, except that, unlike Leola, they would not have consent to perform this action against the system. stateful matching penetration testing network access control system hardening
penetration testing