Cybersecurity Roles and Concepts Quiz

Questions and Answers

What best describes an attack vector?

• A specific path by which a threat actor gains unauthorized access to a system (correct)
• A report detailing the findings of a security assessment
• A type of hardware used in cybersecurity efforts
• A method for securing a network against intrusions

Which of the following is NOT a type of attack vector?

• Cyber
• Environmental (correct)
• Physical
• Human

What does the term 'likelihood' refer to in the context of threat assessment?

• The chance of a threat being realized, usually expressed as a percentage (correct)
• The frequency of vulnerabilities being exploited
• The time it takes to respond to a security incident
• The total cost incurred from a security breach

What is the primary goal of threat hunting in cybersecurity?

To detect presence of threats that haven’t been discovered by regular monitoring (D)

How is 'impact' defined in a threat assessment scenario?

The measurement of damage costs, usually expressed in dollars (B)

What is the primary responsibility of a Cybersecurity Manager/Administrator?

Managing network operations and infrastructure (B)

Which role is primarily concerned with the creation of tools and techniques for cybersecurity?

Cybersecurity Engineer (C)

Who is responsible for directing the overall cybersecurity strategy of an organization?

Chief Information Security Officer (A)

What distinguishes a Cybersecurity Engineer from a Cybersecurity Manager?

The Engineer focuses on system design, while the Manager oversees operations. (A)

Which of the following roles likely has the highest level of responsibility in an organization?

Chief Information Security Officer (C)

What should you do if you believe you’ve completed everything but still do not see a 100% completion rate?

Email [email protected] (B)

What is the result of receiving a course completion letter?

You qualify for the 60-Day 100% Pass Guarantee (C)

Who is responsible for the hands-on configuration of a system in cybersecurity?

Cybersecurity Specialist / Technician (B)

How can learners ask questions regarding the course or concepts they do not understand?

Email [email protected] (B)

Which of the following statements is true regarding the 60-Day 100% Pass Guarantee?

It is contingent upon receiving a completion letter (C)

Which role primarily involves direct action in configuring cybersecurity systems?

Cybersecurity Specialist / Technician (A)

What action should be taken if a concept within the course is unclear?

Email [email protected] for assistance (C)

What type of company is Dion Training Solutions in relation to CompTIA?

A Platinum Delivery Partner (C)

Which of the following describes a preventative control?

It eliminates or reduces the likelihood that an attack can succeed. (C)

What is the main purpose of a detective control?

To identify and record any attempted or successful intrusion. (D)

Which statement about corrective controls is correct?

They act to address impacts after an intrusion event has occurred. (C)

What does the efficiency of a security control measure?

The duration it delays an attack from succeeding. (C)

Which of the following is NOT a function of a preventative control?

Eliminate all intrusion attempts. (C)

Which type of control focuses on access denial?

Preventative Control (C)

What role do physical controls play in security?

They prevent intrusion by physical barriers. (D)

Which of the following is an example of a corrective control?

Incident response plan after a data breach. (B)

What is a primary purpose of Open-Source Intelligence (OSINT)?

To develop strategies for compromising a target (B)

Which of the following could be considered a source of OSINT?

Publicly available information (D)

Which of these is NOT a potential method for gathering OSINT?

Accessing government classified documents (B)

In the context of OSINT, what type of information can be gathered from dating sites?

User preferences and profiles (A)

Which technique can be used to aggregate OSINT effectively?

Using search engines and data mining tools (D)

What is the purpose of Structured Threat Information eXpression (STIX)?

To standardize terminology for indicators of compromise (IoCs) (C)

In what format is STIX expressed?

JavaScript Object Notation (JSON) (D)

Which of the following is NOT a high-level STIX domain object (SDO)?

Malware Types (B)

Which version of STIX does the exam focus on?

STIX v2 (D)

What are attribute-value pairs used for in STIX?

To express structured information about IoCs (B)

Which of the following best describes the relationship features of STIX?

It includes ways of indicating relationships between IoCs. (D)

Which of the following attributes can be found in a high-level STIX domain object?

Threat Actor Name (B)

What aspect of STIX is emphasized in the exam preparation?

Familiarity with STIX v2 (A)

Flashcards

Cybersecurity Specialist/Technician

A cybersecurity professional who configures systems and performs tasks under the direction of a cybersecurity manager.

Vulnerability Response

A role responsible for identifying and responding to vulnerabilities within a system.

Vulnerability Management

The process of managing and controlling the identified vulnerabilities within a system or network.

Vulnerability Handling

A core function related to vulnerability response, where vulnerabilities are processed and dealt with.

Vulnerability Remediation

The steps taken to fix or mitigate a vulnerability in a system.

60-Day 100% Pass Guarantee

A guarantee offered by Dion Training that assures you'll pass your CompTIA exam within 60 days of receiving the course completion letter by providing additional support if you don't succeed on the first attempt.

Core Cybersecurity Roles

The role of the cybersecurity specialist/technician involves configuring and managing systems under the direction of a cybersecurity manager.

[email protected]

The communication channel used to reach Dion Training's support team for assistance or enquiries related to the course content.

Cybersecurity Manager/Administrator

The individual responsible for monitoring and managing the entire network and its infrastructure.

Cybersecurity Engineer

This professional focuses on building tools and designs large-scale security systems for the organization.

Chief Information Security Officer (CISO)

This high-level executive is responsible for the overall cyber and information security strategy of the organization.

Attack Vector

The route (path) a hacker uses to gain unauthorized access to a system.

Types of Attack Vectors

Cyber, Human, and Physical. Different pathways used to exploit vulnerabilities.

Likelihood (Security)

The chance (probability) of a threat becoming a real security incident.

Impact (Security)

The financial or operational cost incurred after a successful attack.

Threat Hunting

A proactive cybersecurity technique used to discover hidden threats that traditional monitoring missed.

Preventative Control

A security control that aims to stop an attack before it can be successful.

Detective Control

A security control that detects an attack that has already happened or is happening.

Corrective Control

A security control that fixes the damage caused by a successful attack.

Physical Control

A security control that physically restricts access to systems or data.

Security Control Efficiency

The ability of a security control to delay an attacker for a long period of time.

NIST SP 800-53

A comprehensive set of security guidelines developed by NIST that details security controls for various systems.

Family Designations in NIST SP 800-53

Categorizations within NIST SP 800- 53 that group related security controls.

Familiarity with NIST SP 800-53 Concepts

Understanding the core concepts within NIST SP 800-53, even if you don't memorize every detail.

Open-Source Intelligence (OSINT)

The practice of gathering information publicly available through sources like websites, social media, and publicly accessible databases.

How OSINT assists attackers

OSINT allows attackers to gather vital information about a target, including their online presence, personal details, and potentially security weaknesses., enabling them to plan and execute targeted attacks.

Publicly Available Information

Publicly available information is information that is readily accessible to anyone, including social media profiles, website content, public records, news articles, and more.

OSINT from Social Media

Social media platforms like Facebook, Twitter, and Instagram offer a treasure trove of information about individuals and organizations. Attackers can use this information to learn about their targets' habits, interests, and relationships, potentially identifying vulnerabilities.

Metadata in OSINT

Metadata is hidden data embedded within files, revealing information such as creation date, author, and even location. This can give attackers valuable insights into a target's activities and potential system vulnerabilities.

STIX (Structured Threat Information eXpression)

A standard terminology for Indicators of Compromise (IoCs) and their relationships, used in the OASIS Cyber Threat Intelligence (CTI) framework.

STIX format

STIX is represented in JSON format, which uses key-value pairs (attribute: value) to define information about cyber threats.

STIX Domain Objects (SDO)

STIX is built upon high-level objects called STIX Domain Objects (SDO) that contain multiple attributes and values. These objects provide a structured way to represent various aspects of cyber threats.

STIX Observed Data

One of the SDOs used in STIX, Observed Data represents observed activities and events related to cyber threats.

STIX Indicator

An SDO in STIX used to represent a specific pattern or indicator that can be used to identify a cyber threat.

STIX Attack Pattern

An SDO that describes the tactics, techniques, and procedures used by attackers in a specific attack.

STIX Campaign and Threat Actors

An SDO in STIX that provides information about organized cyber campaigns and the actors involved.

STIX Course of Action (COA)

An SDO in STIX that represents a recommended course of action to mitigate or respond to a cyber threat.