Cybersecurity Fundamentals

Questions and Answers

What is the primary purpose of a Virtual Private Network?

To encrypt data transmissions

What is the main goal of penetration testing?

To assess the resilience of an organization's cybersecurity defenses

What type of malware is a Trojan horse?

Trojan horse

What is the primary purpose of a strong password?

To prevent unauthorized access to a system

What is the main purpose of a Captcha?

To distinguish between humans and bots

What is the main purpose of a Honeypot?

To lure cybercriminals into a controlled environment

What is the most effective way to limit access to sensitive documents based on geographical location?

Geolocation policy

What type of access control is most likely inhibiting the transfer of a critical patch?

Least privilege

What vulnerability is associated with installing software from outside a manufacturer's approved repository?

Side loading

What type of control is a company setting up with a SIEM system and analyst review?

Detective

What access management concept is the company using to safeguard intranet accounts and grant access to multiple sites?

Federation

What is the main purpose of setting up a strong password with ten characters, numbers, letters, and two special characters?

To grant access to multiple company-owned websites

Which of the following describes the process of concealing code or text inside a graphical image?

Steganography

What type of attack involves taking advantage of database misconfigurations?

SQL injection

What action would provide information about a malicious file's creation date and creator?

Query the file's metadata

What role does a customer play in a company's data collection and storage process?

Subject

What feature should a company implement to allow users to log in with credentials from other popular websites?

OpenID

What is the concept of using a single set of login credentials to access multiple applications or systems?

SSO

Study Notes

Cybersecurity Measures

• Physical intrusions into a building can be prevented by implementing security measures.

Network Security

• Network traffic can be monitored and controlled to prevent cyber threats.

Virus Protection

• Computer viruses can be detected and removed using anti-virus software.

Data Encryption

• Data transmissions can be encrypted to protect them from hackers.

Password Security

• Strong passwords should be used, such as """P@ssw0rd!""", """Tr0ub4dor&3""", """CorrectHorseBatteryStaple""", instead of weak passwords like """Password123""".

Network Security Types

• A Virtual Private Network (VPN) is used to encrypt internet traffic.

Cyber Threats

• Phishing is a type of fishing technique used by cybercriminals.
• Sending unsolicited emails to gather personal information is a type of phishing.
• Intercepting wireless network traffic is a type of cyber threat.

Encryption Algorithms

• RSA (Rivest-Shamir-Adleman) is an encryption algorithm used to secure data transmissions.

Penetration Testing

• Penetration testing is done to assess the resilience of an organization's cybersecurity defenses.

Malware Types

• A Trojan horse is a type of malware that disguises itself as legitimate software.
• Worm is a type of malware that replicates itself to spread to other systems.
• Ransomware is a type of malware that encrypts files and demands payment.

Authentication Methods

• Username and password is a type of authentication method.
• Fingerprint scanner is a type of biometric authentication method.

Cybersecurity Terms

• A Distributed Denial of Service (DDoS) is a type of cyber attack.

Honeypot

• A honeypot is a decoy system used to lure cybercriminals into a controlled environment.

Access Control and Security

• To limit access to sensitive documents in a SaaS application based on geolocation, implementing a Geolocation policy is the most effective way.
• When a patch fails to transfer, Role-based access control is most likely inhibiting the transfer.
• Data masking is not the correct answer, as it is used to conceal sensitive data, not control access.
• Encryption is also not the correct answer, as it is used to protect data in transit, not control access.

Vulnerabilities

• Side loading is a vulnerability associated with installing software outside of a manufacturer's approved software repository.
• Jailbreaking is the process of removing restrictions on a device, but it is not directly related to software installation.
• Memory injection is a type of attack where an attacker injects code into a running process, but it is not related to software installation.
• Resource reuse is not a common vulnerability associated with software installation.

SIEM Systems

• A company setting up a SIEM system and assigning an analyst to review logs on a weekly basis is implementing a Detective control.

Access Management

• A company requiring a password with ten characters, numbers, and letters, and two special characters, and then granting access to other company-owned websites based on the intranet profile, is using Federation to safeguard intranet accounts.
• Identity proofing is the process of verifying an individual's identity, but it is not directly related to password management.
• Password complexity is a requirement for password strength, but it is not a type of access management.
• Default password changes and Password manager are not directly related to the scenario.

Steganography

• Steganography is the process of concealing code or text inside a graphical image.
• Symmetric encryption is a type of encryption, but it is not related to concealing code in images.
• Hashing is a one-way function, but it is not related to concealing code in images.
• Data masking is used to conceal sensitive data, but it is not related to concealing code in images.

Database Security

• SQL injection involves an attempt to take advantage of database misconfigurations.
• Buffer overflow is a type of attack where an attacker injects more data than a buffer can hold, but it is not directly related to database security.
• VM escape is a type of attack where an attacker escapes from a virtual machine, but it is not directly related to database security.
• Memory injection is a type of attack where an attacker injects code into a running process, but it is not directly related to database security.

File Metadata

• To identify the creation date and the file's creator, a security analyst should Query the file's metadata.
• Obtaining the file's SHA-256 hash is a way to identify the file, but it does not provide information about the creator or creation date.
• Using hexdump on the file's contents is a way to view the file's contents, but it does not provide information about the creator or creation date.
• Checking endpoint logs is a way to monitor network activity, but it does not provide information about the creator or creation date.

Data Roles

• In the context of data collection and storage, the Subject is the customer whose data is being collected.
• Processor is the entity responsible for processing the data, but it is not the customer.
• Custodian is the entity responsible for storing the data, but it is not the customer.
• Owner is the entity responsible for the data, but it is not the customer in this context.

Single Sign-On (SSO)

• To implement an option that allows users to log in to an application with the credentials of other popular websites, a company should implement OpenID.
• SSO is a type of authentication that allows users to access multiple systems with a single set of credentials, but it is not directly related to logging in with other websites' credentials.
• CHAP is a type of authentication protocol, but it is not directly related to logging in with other websites' credentials.
• 802.1x is a type of authentication protocol, but it is not directly related to logging in with other websites' credentials.