Cybersecurity Quiz

Questions and Answers

What cybersecurity term best describes an employee unknowingly clicking on a phishing email link, leading to a data breach?

• Risk
• Threat actor
• Vulnerability (correct)
• Threat

What concept is crucial in assessing the potential impact of a critical vulnerability in a payment processing system?

• Threat vector
• Risk (correct)
• Vulnerability
• Threat

What is the primary motivation for a threat actor demanding payment to prevent the release of sensitive customer data?

• Fraud
• Blackmail
• Extortion (correct)
• Political motivation

What cryptographic concept does Alice utilize when she encrypts a message to securely send to Bob?

Ciphertext (B)

Which type of cipher involves replacing individual characters or blocks in the plaintext with different ciphertext?

Substitution cipher (C)

Which term describes the potential for loss or damage when a system is exposed to a threat?

Risk (C)

What method can be employed to assess the effectiveness of current security measures?

Penetration testing (D)

What does the term 'threat actor' primarily refer to?

A party capable of causing harm (D)

Why is controlling data flow between network segments important in secure architecture design?

To prevent unauthorized access and data breaches (B)

What is the purpose of VLAN segmentation in a network infrastructure?

To improve network performance by reducing broadcast domains (C)

Which networking device is required for a VoIP handset to communicate with a workstation located in a different VLAN?

Router (A)

How do VLANs influence the overall security of a network?

By isolating sensitive data traffic from regular traffic (B)

What could be a potential disadvantage of VLAN segmentation?

Increased network latency due to routing overhead (B)

Which of the following is NOT a benefit of implementing VLANs?

Guaranteed quality of service for all traffic types (A)

What is a primary function of a router in a VLAN environment?

To connect multiple VLANs for communication (A)

Which scenario best illustrates a drawback of not using VLANs?

All workstations can access sensitive information regardless of necessity (C)

Why is it important for Alice and Bob to meet in person to agree on a cipher and secret key value?

To agree on a secret key without interception (C)

Which authentication design principle emphasizes that the method should not hinder user workflows?

Availability (A)

What is the first step in setting up biometric authentication?

Acquiring the biometric sample from the target (C)

Which advantage of fingerprint recognition is commonly recognized in security discussions?

It is non-intrusive and relatively simple to use (D)

In the context of cryptographic algorithms, what is a primary concern when using asymmetric encryption?

Key management complexity (A)

What factor is most significant when evaluating the usability of an authentication system?

User satisfaction and experience (C)

Which of the following is a major disadvantage of using biometric authentication?

It cannot be easily revoked (D)

Which of the following is NOT a type of hybrid cipher?

Vigenère cipher (D)

What feature of WPA3 enhances the security of Wi-Fi networks in open environments?

Simultaneous Authentication of Equals (SAE) (A)

Which configuration mode should a company choose for their access points to support both WPA2 and WPA3 devices?

WPA3-Personal Transition mode (D)

Why is 2nd Wave Corp implementing baseline configurations for its devices?

To establish a standard set of guidelines for configuring devices securely (B)

What is the reason for Manhize Corp to regularly update its baseline configurations?

To maintain the security and mitigate emerging threats (A)

Which of the following is a primary security feature offered by WPA3?

Improved password security with SAE (B)

What does the Enhanced Open feature in WPA3 specifically address?

Protection against eavesdropping on open networks (B)

Why is using default credentials for devices considered a security risk?

They are universally recognized by attackers (C)

What is a common reason for businesses to migrate from WPA2 to WPA3?

To implement better security measures (D)

Why is it important for Manhize Corp to test patches before deployment?

To identify potential issues or conflicts arising from the patch (D)

What protocol should be used to securely transmit sensitive user information over the network?

HTTPS (D)

What is a significant consideration when using secure communication protocols?

Effective management of cryptographic keys is crucial for secure protocol (A)

What is a potential drawback of endpoint hardening?

It could inadvertently restrict user access (A)

What is the main goal of testing patches before deployment?

To validate the stability and security of the patch (B)

Which of the following statements about secure protocols is correct?

They often rely on complex security measures (B)

Which option best describes a consequence of not testing patches before deployment?

Potential services disruption or system instability (C)

What is a critical advantage of using HTTPS over HTTP?

It encrypts data during transmission (D)

What action is most effective in addressing the vulnerabilities of the BIND server software?

Perform regular updates and apply the latest security patches. (D)

What is a critical reason for archiving historical log and network traffic data in a SIEM?

To meet compliance requirements and enable retrospective incident investigation. (B)

In what way does XCCDF enhance vulnerability scanning processes?

By developing and auditing best practice configuration checklists. (A)

How could enabling DNS Security Extensions (DNSSEC) benefit a DNS server?

By providing cryptographic authentication to prevent spoofing. (C)

Which of the following is NOT a benefit of performing regular patching on the BIND server?

It eliminates all potential vulnerabilities. (C)

Which measure helps strengthen DNS server security against unauthorized modifications?

Enforcing strong authentication mechanisms for DNS record changes. (C)

What is a potential impact of not archiving historical log data in a SIEM system?

Reduced incident response capabilities. (C)

What is a primary goal of implementing strict access controls on a DNS server?

To prevent unauthorized DNS footprinting and manipulation. (B)

Flashcards

Phishing Email Click

An employee accidentally clicking a malicious link in a phishing email.

Vulnerability (Security)

A weakness in a system that a threat actor can exploit.

Risk Assessment (Vulnerability)

Evaluating potential impact of a vulnerability.

Threat Actor Motivation (Extortion)

Threat actor demanding payment to prevent releasing data.

Encryption

The process of converting readable data into unreadable form.

Ciphertext

The encrypted form of a message.

Substitution Cipher

A cipher that replaces characters in a message with other characters.

Threat

A potential danger or cause of harm to a system or organization.

Transposition Cipher

A cipher that rearranges the order of characters in a message.

Secret Key Exchange (In-Person)

Meeting to agree on a cipher and key without eavesdropping.

Authentication Workflow

Authentication methods shouldn't get in the way; it's crucial to be user-friendly.

Biometric Authentication Setup

The first step is acquiring the biometric sample from the user.

Biometric Sample Acquisition

The initial step to set up biometric authentication is to collect the required biometric data from the user.

Fingerprint Recognition Advantage

Fingerprint recognition is non-intrusive and relatively simple to use.

Authentication Design Principle

Ensuring authentication doesn't hinder workflows and is user-friendly.

First Step in Biometric Authentication

Acquiring the biometric sample from the user.

VLAN Segmentation Purpose

VLAN segmentation divides a network into smaller broadcast domains, improving performance and security by reducing broadcast traffic.

Data Flow Control Importance

Controlling data flow between network segments prevents unauthorized access and data breaches by limiting the potential impact of vulnerabilities within a segment.

VoIP Handset and Workstation Communication

If separated by VLANs, a VoIP handset needs a router to communicate with a Workstation computer because VLANs isolate broadcast domains.

Network Segmentation Benefit

Network segmentation improves network performance by reducing the size of broadcast domains.

Importance of Network Segmentation

Network segmentation improves security by limiting the impact of a breach to a specific part of the network

Router Role

Routers are needed for communication between devices in different VLANs, since Switches operate within a single VLAN.

VLAN Definition

A virtual LAN (VLAN) is a logical grouping of devices on a network, independent of physical location. It improves performance by segmenting network traffic.

Security Importance of VLANs

VLAN segmentation limits the spread of malicious activity within a network, improving overall security

WPA3 Enhanced Open

A WPA3 feature providing improved security for Wi-Fi networks, especially in open environments.

WPA3-Personal Transition mode

A Wi-Fi configuration allowing compatibility between WPA2 and WPA3 devices.

Baseline Configurations

Standardized guidelines for securely configuring devices.

Importance of Baseline Configurations

Provides a standard set of guidelines for configuring devices securely.

Regular Baseline Configuration Updates

Maintaining up-to-date security for devices by regularly updating their configurations.

Wi-Fi Network Security Enhancement

Implementing WPA3 for improved security, particularly in open environments.

Device Configuration Compatibility

Ensuring a Wi-Fi network supports both WPA2 and WPA3 devices.

Security Configuration Guidelines

A set of pre-defined rules for securing devices.

Endpoint Hardening Importance

Minimizing the impact of security threats and vulnerabilities on a device.

Testing Patches Before Deployment

Crucial to identify potential conflicts or issues before use in a production environment.

Secure Protocol for Web Servers

HTTPS is the protocol for securely transmitting data (ex. logins, forms).

Secure Protocol Considerations

Key management is important for secure communication protocols.

HTTP vs. HTTPS

HTTP is not encrypted, HTTPS is.

Patch Testing

Testing a software patch before putting it into use to prevent unforeseen problems.

Secure Protocols

Secure protocols are essential for protecting data confidentiality, but are more complex and require key management.

Importance of HTTPS

HTTPS encrypts communication to keep sensitive data safe.

DNS Security Mitigation

Actions to reduce risks from vulnerabilities in DNS servers, like BIND.

DNS Zone Transfers

Transferring DNS data between authorized servers, crucial for security.

BIND Server Updates

Applying security patches to the BIND DNS server software.

SIEM Archiving

Storing historical log and network traffic data for investigation and compliance.

XCCDF and Vulnerability Scanning

XCCDF helps assess security configurations to identify vulnerabilities.

DNSSEC for Safety

Using DNS Security Extensions to authenticate DNS responses to prevent attacks.

Recursive DNS Queries

DNS requests handled by a server, typically requiring authentication.

DNS Record Modifications

Changes to DNS records need strong authentication.

Study Notes

Module: Systems Development 2B

• Exam revision for Summative Assessment 1 (SA1)
• Multiple choice questions (50 examples) are provided

Question 1

• Sarah needs to implement an access control system for sensitive company data.
• Only authorized employees should access the data.
• The correct security control is authentication.

Question 2

• John, the CISO, needs to conduct a gap analysis to identify differences between the implemented cybersecurity framework and the company's security systems.
• The purpose of the gap analysis is to evaluate the effectiveness of the company's existing security controls.

Question 3

• Emily, the compliance officer, needs to prioritize investments based on the gap analysis to achieve the target cybersecurity capabilities.
• Prioritizing investments allows the organization to achieve regulatory compliance and improve cybersecurity capabilities.

Question 4

• An employee clicking on a phishing link leading to a data breach is considered a vulnerability.
• The term that best describes this employee's action is vulnerability.

Question 5

• A critical vulnerability in a company's payment processing system could lead to financial loss.
• Risk is crucial in assessing the potential impact of this vulnerability.

Question 6

• A threat actor demands payment to prevent the release of sensitive customer data.
• The primary motivation is extortion.

Question 7

• Alice wants to securely send a message to Bob over an insecure channel.
• The cryptographic concept Alice utilizes is encryption using ciphertext.

Question 8

• A cipher that involves replacing characters or blocks in plaintext with different ciphertext is a substitution cipher.

Question 9

• Alice and Bob meet in person to agree on a cipher and a secret key.
• Meeting in person is important for ensuring authentication and agreeing on a secret key without interception.

Question 10

• The security team is evaluating authentication methods for usability.
• The authentication design principle is availability.

Question 11

• Biometric authentication is being considered for access control.
• The first step is acquiring the biometric sample from the target.

Question 12

• The security team is discussing fingerprint recognition.
• An advantage of fingerprint recognition is it is non-intrusive and relatively simple to use.

Question 13

• Controlling data flow between network segments is important for secure architecture.
• This is important for preventing unauthorized access and data breaches.

Question 14

• Cheerleaders Pvt. Ltd. segmented workstations and VoIP handsets using VLANs.
• VLAN segmentation improves network performance by reducing broadcast domains.

Question 15

• In Cheerleaders Pvt. Ltd's network, a VoIP handset needs to communicate with a workstation computer.
• A router is the required device for communication between these devices.

Question 16

• Security implications of single-tenant and multi-tenant cloud architectures are discussed.
• Single-tenant architectures offer better performance and control, but are more expensive. Multi-tenant architectures are cost-effective but can have unauthorized access risks.

Question 17

• 2nd Wave Pvt. Ltd. plans to implement a hybrid cloud environment.
• The primary security concern is integration issues related to managing multiple cloud environments.

Question 18

• A startup company needs to improve performance and reliability of its online platform by distributing content across servers.
• The best technology for this is Content Delivery Networks (CDNs).

Question 19

• A large organization is updating its asset management process.
• Asset ownership assignment involves designating individuals or teams responsible for specific assets.

Question 20

• An organization is concerned about ransomware attacks compromising their backup infrastructure.
• Implementing air-gapped backups physically disconnected from the network is a key strategy in this scenario.

Question 21

• An organization needs to maintain data availability and integrity across multiple locations and systems.
• Replication creates and maintains exact copies of data on different storage systems.

Question 22

• What is the main characteristic of an end-of-life (EOL) system?
• It is outdated and no longer supported by the manufacturer or vendor.

Question 23

• What is a common characteristic of legacy systems?
• They often remain in use despite being outdated.

Question 24

• Sarah, an employee, wants to install a productivity app on her company-issued Android device. She decided to sideload the app from a third-party website.
• This action exposes her and the organization to increased risk of data breaches and non-compliance.

Question 25

• A server administrator is tasked with securing the organization's servers to improve server security.
• Prioritize applying software security patches and updates regularly.

Question 26

• A small business wants to enhance Wi-Fi security with WPA3.
• Simultaneous Authentication of Equals (SAE) provides improved security, especially in open environments.

Question 27

• A company deploying a new Wi-Fi network wants compatibility with WPA2 and WPA3 devices.
• The configuration mode is WPA3-Personal Transition mode.

Question 28

• 2nd Wave Corp is planning to implement baseline configurations for security on devices.
• The main reason for this is to establish standard guidelines for securely configuring devices.

Question 29

• Manhize Corp needs to regularly update baseline configurations for security.
• The crucial reason is to minimize the impact of security threats and vulnerabilities.

Question 30

• Manhize Corp tests patches before deployment.
• This is crucial for identifying potential issues or conflicts arising from the patch.

Question 31

• Tom, a network administrator, needs to transmit sensitive user information securely.
• The prioritized protocol is HTTPS.

Question 32

• Olivia, a security consultant, is advising on secure communication protocols.
• A key consideration is that effective management of cryptographic keys is crucial for secure protocols.

Question 33

• Manhize Corporation uses an internal DNS server.
• Performing regular patching and updates to the BIND server software (ISC) is vital for mitigating potential risks.

Question 34

• Archiving historical log and network traffic data is important for a SIEM.
• This enables retrospective incident investigation and meeting compliance requirements.

Question 35

• Extensible Configuration Checklist Description Format (XCCDF) contributes to vulnerability scanning.
• This is through developing and auditing best practice configuration checklists.

Question 36

• The purpose of Open Vulnerability and Assessment Language (OVAL) in Security Content Automation Protocol (SCAP) is:
• To describe system security state and query vulnerability reports.

Question 37

• A user downloads a free software application with malicious code hidden.
• This describes a Trojan.

Question 38

• A user experiences unusual web browser behavior, including pop-up ads and changed bookmarks.
• The likely malware is Adware.

Question 39

• An individual installs a seemingly harmless software app from an untrusted source.
• The app is most likely classified as Spyware.

Question 40

• A company experiences increased malware infections due to unauthorized software downloads.
• Implementing an Acceptable Use Policy (AUP) is the most effective policy.

Question 41

• A corporation has experienced a data breach.
• Implementing Information Security Policies is the most relevant policy.

Question 42

• An organization's help desk receives many support requests via email.
• Guidelines should include recommending specific language and tone in email responses.

Question 43

• A company implements security controls to mitigate risks.
• They should primarily focus on residual risk before implementing mitigation measures.

Question 44

• An organization aims to reduce risk factors to a manageable level.
• The overall status of risk management is called risk posture.

Question 45

• An organization purchases cybersecurity insurance.
• This utilizes the risk transference strategy.

Question 46

• A company has a unique manufacturing process giving it a competitive edge.
• This represents trade secret data.

Question 47

• An organization develops a new military-grade encryption technology.
• The appropriate data classification is Critical (top secret).

Question 48

• A company uses cloud services globally.
• They should store and process data in data centers within the defined legal boundaries to comply with data sovereignty requirements.

Question 49

• An organization fails to meet its contractual cybersecurity measures.
• A potential consequence is termination of the contract.

Question 50

• An IT manager has extensive privileges.
• Implementing a Privilege/Credential Management Policy addresses the potential misuse of these privileges.