Cybersecurity Principles and Technologies Quiz

Questions and Answers

Which of the following is a characteristic of a 'factory reset'?

• It reinstates the device to its original shipped configuration, removing user customizations. (correct)
• It saves user data to a hibernation file.
• It uses an infrared camera to verify a user's face.
• It progressively delays unlock attempts after multiple failures.

What is the primary function of the 'failed login attempts restriction'?

• To create a template signature using a fingerprint scanner.
• To restore the device to its original state.
• To encrypt the disk using FileVault.
• To progressively limit or block unlock attempts after multiple incorrect tries. (correct)

Which of the following best describes the purpose of 'fast startup'?

• It searches the file system for specific files.
• It manages files and folders in macOS.
• It encrypts the disk using FileVault disk encryption.
• It saves an image of system memory to a hibernation file, enabling swift resumption from sleep. (correct)

Which authentication mechanism relies on an infrared camera to verify a user's identity?

Facial recognition lock (D)

What is specific to 'firmware'?

It is software instruction embedded within hardware, such as a computer motherboard. (A)

What is a key function of a 'fingerprint scanner'?

To create a template signature from a fingerprint for comparison during login. (A)

Which authentication method requires the user to scan their fingerprint?

Fingerprint lock (B)

Which of these is an example of a command-line Linux tool, according to the text?

enrollment.nd command (D)

What is the primary function of a GUID Partition Table (GPT)?

To enable the existence of a large number of partitions and accommodate very large partition sizes. (C)

Which of the following would be categorized as a hardware-based authentication device?

A USB storage key with a cryptographic module. (C)

What is the main purpose of checking the Hardware Compatibility List (HCL) before OS installation?

To guarantee that all PC components have been tested for compatibility with the OS. (C)

The principle of 'implicit deny' in security means what?

All access requests are denied unless explicitly granted. (B)

What is the key characteristic of a social engineering attack?

An attacker pretends to be someone they are not to gain access. (C)

Which is NOT a direct consideration when planning the installation of new apps?

Hardware compatibility. (D)

What does the acronym IRP stand for in the context of cybersecurity?

Incident Response Plan. (C)

What is a cryptographic module's primary function within a hardware security device?

To hold authenticating encryption keys securely (B)

Which security measure primarily aims to prevent the retrieval of data from storage media?

Physical destruction (D)

What is the primary purpose of considering 'physical placement' in IT security?

To ensure reliable and secure operation of PC and network devices (A)

Which of the following describes a method by which a threat actor might gain unauthorized access to a restricted area?

Piggybacking (B)

Which authentication method is used on mobile devices to restrict access using a numeric code?

PIN code lock (C)

What is the function of a preboot execution environment (PXE) in networking?

To enable a device to boot from a network server (D)

Which of the following best describes the purpose of a pre-shared key (PSK)?

To enable group authentication to a wireless network (A)

Which technology is described as a command shell and scripting language based on the .NET Framework?

PowerShell (D)

Which of the following actions would help to mitigate the risk of data remnants being left behind after disposing of a storage device?

Implementing physical destruction (A)

What is the primary function of a port triggering mechanism within a firewall?

To dynamically permit inbound traffic on a secondary port based on outbound activity on a primary port. (B)

Which scenario best illustrates the concept of 'phishing' as described in the text?

A user receiving a suspicious email that asks for their banking credentials, from a source pretending to be their bank. (D)

What is the main purpose of the 'Power Options' control panel app mentioned here?

To configure power-saving modes and button/lid behavior. (B)

What type of data is referred to as 'Personally Identifiable Information (PII)'?

Data that can be used to contact or identify an individual. (B)

The term 'power users' in this context refers to what?

Users with the ability to change system policies and settings. (A)

Which of the following is NOT a function of the 'Windows Settings' pages mentioned in context?

Configuring access through a firewall using port triggering. (C)

What does 'power failure', as used in the text, refer to?

A complete loss of building-wide power. (C)

Which of the following best describes the use of 'themes' for a desktop environment?

They change the appearance and aesthetics of the desktop. (A)

What occurs when a data file is not saved to contiguous sectors on a hard disk drive (HDD)?

Fragmentation (A)

Which tool is used to mitigate fragmentation on hard drives?

Defragment and Optimize Drives (D)

In Linux, what allows multiple user sessions to be supported on a single host?

Virtual Consoles (D)

What is a denial of service (DoS) attack primarily concerned with?

Resource availability (A)

What security measure is performed on email and Internet traffic to identify and block suspicious content?

Content Filtering (B)

Which of the following is NOT an advantage of using a command shell in system management?

Graphical User Interface (B)

What type of attack can affect the availability of a managed resource through various means?

Denial of Service (C)

What does performance optimization on solid-state drives (SSDs) involve?

Optimization operations (B)

What is the primary responsibility of a Computer Security Incident Response Team (CSIRT)?

Managing responses to security breaches and incidents. (D)

Which of the following best describes 'cross-site scripting' (XSS)?

A vulnerability that allows attackers to run scripts in a user’s browser. (B)

What are the three principles of the CIA triad in cybersecurity?

Confidentiality, Integrity, Availability. (C)

Which description accurately represents cryptominer malware?

Malware that hijacks computer resources for cryptocurrency mining. (C)

What is commonly referred to as the AIC triad in cybersecurity?

Availability, Integrity, Confidentiality. (B)

What is a primary goal of implementing password complexity requirements?

To prevent unauthorized access through weak passwords. (A)

Which of the following best defines configuration management in cybersecurity?

A practice for maintaining systems and software in secure and compliant states. (A)

What is the intended effect of the CIA triad on cybersecurity practices?

To provide a framework for assessing security needs. (A)

What happens to the existing operating system and data files when a target disk is repartitioned and formatted?

They are completely removed. (B)

What is the primary function of a 'cron job' in a Linux environment?

To execute scheduled tasks automatically. (A)

Which statement best describes the 'command and control' (C2 or C&C) infrastructure?

It is used by attackers to manage malware across botnets. (D)

What does 'CCMP' stand for in the context of wireless LAN security?

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (B)

What is a primary concern when ensuring compatibility across multiple device and OS platforms?

Data processing regulations (A)

What does the command 'cp' accomplish in a Linux command line?

Copies files and directories. (A)

Which of the following statements accurately defines a compatibility concern in application use?

It involves ensuring functionality within diverse user environments. (D)

What task does the Linux cron daemon primarily perform?

Scheduling and executing automated tasks. (D)

What is the primary function of desktop management software as described?

To provide remote support for desktops and mobile devices. (A)

What might be a consequence of the developer mode feature in mobile devices?

Weakening of corporate security protections when misused. (B)

Which of the following is a characteristic of digital rights management (DRM)?

It aims to restrict the number of devices for playback. (C)

What does the Control Panel Legacy management interface predominantly manage?

User and system settings in Windows. (A)

How do changes to desktop styles over updates typically affect users?

They often lead to confusion in usage. (B)

What is one of the primary purposes of digital media DRM solutions?

To prevent unauthorized copying of digital files. (A)

Which command is primarily associated with desktop management tasks?

Copy command for duplicating files. (D)

What is a potential risk associated with using developer mode on mobile devices?

It can expose the device to corporate security vulnerabilities. (A)

What does the Apple File System (APFS) primarily serve as?

The default file system for macOS-based computers (A)

What is the purpose of an authenticator app in the context of security?

To provide an additional layer of two-step verification (B)

Which of the following actions does subject identification typically involve?

Assigning relevant permissions to a user (A)

What function does the AutoRun/AutoPlay feature serve in Windows operating systems?

To enable automatic actions when peripheral storage is connected (A)

How does automation benefit configuration steps in technology?

By using scripts to perform tasks without user intervention (A)

In what way does Apple ID function as a cloud-based service?

It manages files and shares content across multiple Apple devices. (C)

What is a characteristic feature of the APK Android app package format?

It enables installation of apps from sources outside of official app stores. (B)

What is the significance of creating an audit trail during subject identification?

To track permission changes and user interactions. (D)

What is the primary function of the group policy editor (gpedit.msc)?

To configure user and system registry settings through policies. (D)

How does a guest account function within a network environment?

It permits access without authentication as a non-privileged account. (A)

What does the term 'image deployment' refer to?

A method where a target disk is written with an image of a new OS. (D)

Which command tool is primarily used to gather information about the IP configuration?

ipconfig (C)

What does a 4-port LAN switch allow for in a network setup?

Simultaneous connection of multiple devices to a network. (B)

What is a key function of a firewall in a networking context?

To monitor and restrict incoming and outgoing network traffic. (C)

Which features are integrated with iCloud in terms of user experience?

Cloud-based file storage and synchronization across devices. (B)

What is the purpose of implementing group policy objects (GPO) in a Windows domain?

To enforce security settings and configurations across users and computers. (C)

What role does a ground wire play in an electrical system?

It provides a return path for electrical current as a safety feature. (D)

Which of the following best describes Extensible Authentication Protocol (EAP)?

A protocol that enables the use of hardware-based identifiers for authentication. (B)

What is a primary characteristic of fileless malware?

It exploits the host's scripting environment to create malicious processes. (D)

Which technology allows an operating system to utilize a mass storage device?

Partition formatting. (B)

How does facial recognition function as an authentication method?

By matching a live image to stored images for verification. (A)

What does the process of negotiating authentication methods encompass in an EAP framework?

Enabling a user to select an authentication method compatible with the server. (A)

What is a primary function of a ground wire when a short circuit occurs?

To ensure current flows to ground rather than through a person. (D)

Which of the following accurately describes a benefit of using hardware-based identifiers in authentication?

They enhance the security of authentication processes. (D)

What is the main purpose of the least privilege principle in security?

To allocate the minimum rights necessary for performing a role (D)

Which format is used to express an IPv4 address?

Dotted decimal notation, like 192.168.1.1 (C)

What role does the 'ip' command play in Linux networking?

To gather information about network configuration (A)

What is the purpose of a lessons learned report (LLR)?

To analyze events and improve future response processes (B)

How are IPv6 addresses typically represented?

In hexadecimal notation with colons (A)

What is a key aspect of physical security mechanisms concerning lighting?

To ensure safety and support surveillance systems (A)

What does the term 'configuration' refer to when discussing network settings?

The process of adjusting software settings to optimize performance (A)

Which of the following best describes the role of an Internet Protocol (IP) address?

A unique identifier for a device on a network (D)

Flashcards

Complexity Requirement Rules

Guidelines for creating strong passwords to enhance security.

Cross-Site Scripting (XSS)

A type of attack where malicious scripts are injected into trusted websites.

Computer Security Incident Response Team (CSIRT)

A group responsible for responding to security incidents across various domains.

Cryptominer

Malware that utilizes a computer's resources to mine cryptocurrency.

CIA Triad

Three principles of cybersecurity: Confidentiality, Integrity, and Availability.

Information Security Triad (AIC Triad)

Refers to Confidentiality, Integrity, and Availability, often listed in reverse order.

Malware

Software designed to disrupt, damage, or gain unauthorized access to systems.

Configuration Management

The process of maintaining computer systems in a desired, consistent state.

Face Recognition Lock

An authentication mechanism using infrared camera to verify user’s face against a 3D model.

Fingerprint Lock

A mobile device security that unlocks by scanning a user's fingerprint.

Factory Reset

A standard procedure by manufacturers to restore devices to original settings, erasing all customizations.

Failed Login Attempts Restriction

An authentication mechanism that blocks after multiple failed unlock attempts.

Firmware

Software instructions embedded on hardware devices like motherboards, can be updated.

Bio-Gesture Authentication

A security mechanism requiring users to perform gestures for access, like face or fingerprint scans.

Fast Startup

A power-saving option that enables quick resume from sleep using saved memory contents.

Command-Line Tool

A command line Linux tool used to search the file system.

Defragmentation

The process of reorganizing data on a hard drive to improve performance.

Optimization Operations

Methods used to enhance the performance of SSDs and HDDs.

Denial of Service Attack (DoS)

An attack that disrupts services to make them unavailable.

Content Filtering

A security measure that blocks suspicious email and internet traffic.

Graphical OS Interface

A user-friendly display that allows interaction using windows and icons.

Linux Virtual Console

A feature that allows multiple user sessions on a single Linux host.

Command Shell

A console device for input and output commands in a computing environment.

Fragmentation

Occurs when data is not stored in contiguous sectors on a HDD, reducing performance.

GUID Partition Table (GPT)

A modern disk partitioning system that supports many partitions and very large partition sizes.

Hardware Compatibility List (HCL)

A list of PC components tested for compatibility with an operating system before installation.

Implicit Deny

A security principle stating that all access should be denied unless explicitly granted.

Incident Response Plan (IRP)

Guidelines and procedures established for responding to security incidents.

Social Engineering

An attack that manipulates individuals into divulging confidential information by pretending to be someone else.

Cryptographic Module

A component that securely holds encryption keys for authentication.

Smart Card

A card with a cryptographic module capable of holding authenticating keys securely.

USB Token Storage Key

A USB device that securely stores cryptographic authentication keys.

Physical Data Destruction

Methods like drilling or shredding used to destroy storage media to prevent data recovery.

PowerShell (PS)

A command shell and scripting language for Windows based on the .NET Framework, utilizing cmdlets.

Preboot Execution Environment (PXE)

Feature that allows a computer to boot from a network server, rather than local storage.

Piggybacking in Security

Unauthorized entry into a location by using someone else's access credentials or permissions.

Pre-shared Key (PSK)

A passphrase used for wireless network authentication, allowing client devices to connect.

Physical Placement Considerations

Factors to ensure secure and reliable installation of PC and network devices.

Degaussing

A method of data destruction that uses magnetic fields to disrupt stored data on storage devices.

Incineration of Data Media

Burning of storage devices to destroy data beyond recovery.

PII

Personally Identifiable Information that can identify an individual.

Port Triggering

A firewall mechanism that opens inbound ports based on outbound traffic.

Phishing

An email-based attack to elicit private information by posing as a trusted source.

Power Failure

Complete loss of power to a building or facility.

Power Options

Settings for configuring power button actions and saving power modes.

Phone Settings

Configuration options available in Windows for managing smartphones.

Inbound Access

Permission for external devices to connect to a device on a network.

Subject Identification

The process of assigning relevant permissions to a subject in a system.

APK

Android app package format used for installing applications on Android devices.

Authenticator App

A software that allows a smartphone to serve as a second authentication factor.

Apple File System (APFS)

The default file system for macOS devices, optimizing storage management.

Apple ID

A cloud-based service for synchronizing settings, apps, and files among Apple devices.

AutoRun/AutoPlay

Windows feature for automatic actions upon connecting a storage device.

File Sharing

The practice enabling users to access and exchange files over a network.

Backup Synchronization

The process of copying data to maintain consistency across devices.

Counter Mode

A mode of operation for encryption that enhances security by chaining blocks together.

Command and Control (C2)

Infrastructure enabling attackers to control malware on infected devices.

CP Command

A command-line tool in Linux for copying files.

Credit Card Transactions

Data regulations dictate how financial transactions are processed responsibly.

Cron Job

A scheduled task managed through the Linux cron daemon to automatically run scripts or commands.

CCMP Protocol

An encryption protocol used in wireless LANs to address vulnerabilities of WEP.

Compatibility Concerns

Issues that arise when using applications across different device and OS platforms.

Formatted Disk

A disk that has been prepared for use by erasing existing data and creating a file structure.

Desktop Styles

Tools for launching apps and managing them in Windows.

Control Panel

The interface for configuring user and system settings in Windows.

Digital Rights Management (DRM)

Technologies that protect copyright of digital media.

Developer Mode

A feature that allows app testing on mobile devices.

Remote Support Software

Tools designed for facilitating remote access to desktops.

Malicious Content

Unwanted software or data that can harm systems.

Inappropriate Content

Material deemed unsuitable, often subject to filtering.

Group Policy Object (GPO)

A feature in Windows to manage settings and policies for users and computers in a domain.

iCloud

Apple's cloud storage service for syncing data across macOS and iOS devices.

Guest Account

A non-privileged user account allowing limited access to a computer or network without authentication.

Deployment Method

A process for writing a target disk with an image of a new operating system.

Firewall

A security system that monitors and controls incoming and outgoing network traffic.

LAN Switch

A device that connects multiple devices in a Local Area Network (LAN) to communicate with each other.

Policy Editor (gpedit.msc)

A Microsoft tool to manage group policies and user settings on a Windows computer.

Network Configuration

Settings that determine how a device connects to and communicates on a network.

Ground Wire

A wire providing a return path for electrical current to prevent electric shock.

Extensible Authentication Protocol (EAP)

A framework for negotiating authentication methods to secure network connections.

Biometric Authentication

Using biological traits like fingerprints or facial recognition for user verification.

Fileless Malware

Malware that operates in-memory using host scripting to avoid detection.

Mass Storage Devices

Devices like HDDs, SSDs, or thumb drives that store large amounts of data.

Partition Formatting

The process of preparing a disk partition for an operating system's use.

Secure Tunnels

Virtual pathways for secure data communication between devices.

Browser Add-on

Extensions that enhance browser functionality by adding new features.

Least Privilege

The principle of granting the minimum necessary access rights or privileges to users.

IP Address (IPv4)

A 32-bit numerical label used to identify devices on a network, shown in dotted decimal format like 192.168.1.1.

IP Address (IPv6)

A 128-bit address allocated for devices, represented in hexadecimal format, such as 2001:db8::0bcd:abcd:ef12:1234.

iOS

The operating system used for Apple's iPhone and most iPad devices.

Lighting in Security

Physical security measures ensuring sufficient illumination for safety and surveillance effectiveness.

Logical Host Addressing

The format for assigning and identifying devices on a network through IP addressing.

Lessons Learned Report (LLR)

An analysis of past events to identify insights for improving future responses and processes.

Study Notes

Core Glossary

• 2-step verification: Authentication mechanism using a separate channel for sign-on attempts or to transmit an additional credential. This can use email, SMS, or voice calls.
• 3-2-1 backup rule: Best practice for data backups. Maintaining three copies of data on two types of media, with one copy stored off-site.
• 32-bit versus 64-bit: Processing modes referring to CPU instruction size. 32-bit CPUs were common earlier but 64-bit CPUs are now more common in PCs. 64-bit software can typically run on 64-bit CPUs, but 32-bit software can often run on 64-bit CPUs.
• 802.1X: Standard for encapsulating EAP communications over LAN or WLAN to implement port-based authentication.
• Acceptable Use Policy (AUP): Policy governing employee computer and internet use. Internet Service Providers (ISPs) can also implement AUPs.
• Access Control List (ACL): Collection of access control entries that determine which subjects (user accounts, IPs, etc.) can access objects and their privileges.
• Access Control Vestibule: Security system with two gateways, only one open at a time.
• Accessibility Prefpane: macOS utility for desktop and input/output accessibility configuration.
• Accounts settings: Windows settings for user account creation and maintenance.
• Active Directory (AD): Network directory service for Microsoft Windows domain networks. Facilitates authentication and authorization of user and computer accounts.
• Active listening: Technique in communication to ensure all information, including nonverbal cues, is captured from the other person. This includes summarizing, reflecting, interpreting and attending to the speaker.

Additional Glossary Terms

• Ad blocker: Browser feature preventing third-party content display.
• Administrative tools: Folder in Control Panel containing default Microsoft management consoles for local system configuration.
• Administrator: Privileged account with membership in the Administrators security group.
• Advanced Encryption Standard (AES): Symmetric 128-, 192-, or 256-bit block cipher.
• AirDrop: iOS feature for simple file sharing via Bluetooth.
• Alarm system: Physical intrusion detection system with triggers like circuit, motion, proximity, or duress.
• Android: Open-source mobile operating system developed by the Open Handset Alliance (primarily Google).
• Antivirus scan (A-V): Software detecting and removing virus infections and malware.
• APK: Android app package format.
• App: Default extension for a macOS app subdirectory within Applications folder.
• Apple File System (APFS): Default file system for macOS computers.
• Apple ID: Cloud-based service for synchronizing settings, manage apps, and backups.
• Application programming interface (API): Methods that allow programs to interact with each other, for example interactions with TCP/IP or networking functions.
• Apps settings: Windows Settings pages for configuring Windows Features and third-party software apps.
• apt-get: Linux package management tool for installing and updating software.
• Asset: Item of economic value. Businesses manage these with location, attributes, and value tracked in a database.
• Asset tagging: Assigning an ID to assets to link them with inventory databases.
• Asymmetric encryption cipher: Cipher using public and private keys, linked mathematically. The private key is not created from the public key. For example, RSA or ECC algorithms.
• Authentication, authorization, and accounting (AAA): Security concept for identifying users, ensuring permissions and recording actions.
• Authenticator app: Software that acts as a second authentication factor.
• Automation: Use of scripts to perform configuration steps, avoiding manual intervention.
• AutoRun/AutoPlay: Windows mechanisms for automatic actions when peripheral storage devices are connected.
• Backdoor: Accessing a computer bypassing normal authentication, typically for malicious purposes.
• Backup: Security copy of data (often scheduled). Examples include full, incremental, or differential back ups.
• Backup chain: Backup sequence consisting of a full backup and incremental or differential backups following it.
• Badge reader: Authentication mechanism using smart cards for access control.
• Bash: Command interpreter and scripting language for Unix-like systems.
• BAT: Extension for batch files (containing Windows CMD commands).
• BIOS/UEFI password: Passwords set in system firmware to protect against unauthorized booting or configuration changes. and many more... (too many to list here)