Cybersecurity Fundamentals

Questions and Answers

Which of the following biometrics will most likely be used without the need for enrollment? (Choose two)

Facial (correct)

Retina

Vein

Fingerprint

Voice

Gait (correct)

Which of the following would best assist a small company that does not have security staff in improving its security posture?

SOAR (correct)

IaaS

MSSP

PaaS

Which of the following attacks most likely occurred on the original DNS server when the helpdesk escalated a website access issue?

Distributed denial-of-service

DNS tunneling

Domain hijacking (correct)

DNS cache poisoning

Which of the following describes what a cyber security manager is doing by conducting biannual meetings to discuss responses to hypothetical cyberattacks?

Conducting a tabletop exercise

Which of the following recommendations would BEST prevent a Remote Access Trojan (RAT) from recurring on an organization's banking credentials?

Enforce application whitelisting.

Which of the following application attacks is being tested when a security analyst sends an internal user a link and can browse the website with a different session ID?

Cross-site request forgery

Which of the following control types is an Intrusion Detection System (IDS)?

Detective

Which of the following should be put in place when negotiating with a new vendor about the timeliness of the response to a significant outage or incident?

SLA

Which of the following solutions would be BEST to provide security, manageability, and visibility into multiple SaaS and IaaS platforms?

CASB

Which of the following implementations would be BEST to prevent web application outages caused by developers uploading new versions of shared libraries?

Containerization

Which tool will a security administrator MOST likely use to confirm suspicions of unnecessary services running on a server?

Nmap

Which of the following would BEST protect the company from data exfiltration via removable media?

Blocking removable-media devices and write capabilities using a host-based security tool

In which of the following common use cases would steganography be employed?

Obfuscation

Which option will BEST ensure a site's users are not compromised after a reset of their credentials following a large data breach?

Encrypted credentials in transit

In which of the following risk management strategies would cybersecurity insurance be used?

Transference

Which of the following describes the GREATEST risk to intellectual property when using conductive metal lockboxes for personal electronic devices?

Data exfiltration over a mobile hotspot

Which activity is a security analyst performing when reviewing historical logs for specific activity outlined in a security advisory?

Threat hunting

Which of the following would MOST likely support the integrity of a voting machine?

Perfect forward secrecy

Which of the following regulations should a Chief Information Security Officer (CISO) understand before creating data privacy policies?

GDPR

Which type of threat is represented when the IT department at a university is concerned about professors placing servers on the network to bypass security controls?

Shadow IT

Which obligation does a commercial cyber-threat intelligence organization have before releasing threat intelligence to subscribers?

Anonymize any PII that is observed within the IoC data.

Which situation is MOST likely occurring when end users suddenly download .tar.gz files without initiating the downloads?

A RAT was installed and is transferring additional exploit tools.

Which plan is an organization MOST likely developing in the event of a complete loss of critical systems and data?

Disaster recovery

What is the purpose of a risk register?

To identify the risk, the risk owner, and the risk measures.

Which type of attack is BEST described when a university loses Internet connectivity due to an edge-router vulnerability?

Race condition

Which standard must a company comply with before accepting credit cards on its e-commerce platform?

PCI DSS

Which security exploit is not readily available for which a vendor patch is unavailable?

Zero-day

Which social engineering technique is being used when a CFO receives an email requesting a fund transfer due to an alleged emergency?

Whaling

To implement a third factor for multifactor authentication, which option would meet the organization's needs?

Fingerprints

Which forensic technique should be used to preserve the admissibility of evidence during an investigation?

Chain of custody

Which type of SSL certificate would BEST meet the requirements for a company wanting to cover multiple subdomains?

Wildcard

Study Notes

Authentication and Biometrics

• Organizations can utilize machine learning to enhance authentication, improving accuracy over time without biometric enrollment.
• Two common biometrics likely used without prior enrollment are gait and facial recognition.

Security Improvements for Small Companies

• A small company lacking security staff can enhance its security posture through a Security Orchestration Automation and Response (SOAR) solution.

DNS Issues and Attacks

• If users report inaccessibility to previously available websites, it may indicate a domain hijacking.
• Flushing the DNS cache may not resolve this if the original DNS server has been compromised.

Cybersecurity Exercises

• Conducting tabletop exercises helps organizations prepare for potential cyberattacks by simulating incidents and assessing responses.

Prevention of Remote Access Trojans (RATs)

• Implementing application whitelisting can help prevent future infections from RATs that bypass antivirus detection.

Application Attacks

• Cross-site request forgery (CSRF) attacks involve unauthorized commands being transmitted from a user that a web application trusts.

Intrusion Detection Systems (IDS)

• An IDS functions as a detective control, identifying potential security breaches.

Vendor Negotiations

• Service Level Agreements (SLA) are crucial when negotiating vendor response times to outages.

Security in Cloud Solutions

• Cloud Access Security Brokers (CASB) enhance security, visibility, and management across SaaS and IaaS platforms for organizations.

Data Integrity in Development

• Containerization is an effective strategy to prevent issues arising from unintentional updates to shared library components in applications.

Network Scanning Tools

• Nmap is a commonly used tool for discovering running services on a system to confirm security suspicions.

Insider Threat Protection

• To mitigate risks of data exfiltration via removable media, blocking access to these devices using host-based security tools is effective.

Steganography Usage

• Steganography is primarily used for obfuscation, hiding data within other data formats.

Protection of Reset Credentials

• Ensuring encrypted credentials in transit is vital when resetting user passwords, particularly after data breaches.

Cybersecurity Insurance in Risk Management

• Cybersecurity insurance is a method of risk transference, shifting the burden of certain risks to an insurance provider.

Intellectual Property Risks

• Data exfiltration over mobile hotspots is a major concern when implementing policies around personal electronic devices.

Threat Hunting Activities

• Threat hunting involves reviewing historical logs for specific activities indicated by new security advisories.

Voting Machine Integrity

• Perfect forward secrecy can help maintain the integrity of voting machines against eavesdropping attempts.

International Data Privacy Standards

• The General Data Protection Regulation (GDPR) is critical for organizations aiming to align policies with international data protection standards.

Shadow IT Threats

• Shadow IT refers to the risks posed by unauthorized applications or devices being used within an organization.

Threat Intelligence Contracts

• Cyber-threat intelligence organizations must anonymize personally identifiable information (PII) before sharing threat intelligence.

Malware Infection Indicators

• Sudden downloads of unexpected file types may indicate that a RAT is transferring additional tools to compromised systems.

Disaster Recovery Planning

• Organizations develop disaster recovery plans to outline response strategies in case of critical system failures.

Risk Register Purpose

• A risk register is used to identify risks, assign risk owners, and implement measures for mitigation.

Network Attacks and Outages

• Denial-of-Service (DoS) and race conditions can lead to intermittent connection losses due to vulnerabilities in network equipment.

Compliance for E-commerce

• Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is necessary for companies accepting credit cards.

Vulnerability Exploits

• A zero-day exploit refers to vulnerabilities for which no vendor patch is available, posing significant security risks.

Social Engineering Techniques

• Whaling targets high-profile individuals for financial fraud through deceptive communications like phishing emails.

Multifactor Authentication Expansion

• Adding fingerprints can serve as the third factor for multifactor authentication systems already using smart cards and passwords.

Forensic Evidence Preservation

• Maintaining the chain of custody is essential in preserving the admissibility of evidence during legal investigations.

SSL Certificate Requirements

• A wildcard SSL certificate covers multiple subdomains, making it suitable for organizations with varying application URLs.

Description

This quiz covers essential concepts in cybersecurity, including authentication methods, security improvements for small businesses, DNS issues, and strategies to prevent remote access trojans. Test your knowledge on how organizations can enhance their security posture and respond to potential cyber threats.