General Information Quiz

Questions and Answers

What type of tool is Skipfish, as used by a white hat hacker?

Vulnerability scanner (correct)

Debugger

Packet sniffer

Fuzzer

Which of the following statements best describes a man-in-the-middle attack?

It manipulates data in transit.

It validates data during transmission.

It floods a network with excessive traffic.

It establishes unauthorized communication between two parties. (correct)

What are the two primary functions provided by NetFlow?

Monitoring application performance and auditing network access

Using AI for incident detection and providing statistics on IP flows (correct)

Capturing real-time traffic and performing vulnerability assessments

Encrypting network traffic and blocking unauthorized access

What is the primary goal of a white hat hacker?

Protecting systems from vulnerabilities

What is a characteristic of the RADIUS protocol regarding packet encryption?

Encryption of the password only

What is the purpose of the automated system that CISA uses to share verified cybersecurity information?

To support the Automated Information Sharing (AIS)

What security threat is represented by a phone call requesting a user's username and password for auditing?

Phishing attempt

Which AAA component can be established through the use of token cards?

Authentication

What principle underlies the nondiscretionary access control model?

Access control based on roles and responsibilities

Why might an attacker want to spoof a MAC address?

To capture traffic from multiple VLANs

Which of these is NOT a characteristic of a vulnerability scanner like Skipfish?

Provides real-time packet analysis

Which type of access control applies the strictest measures and is commonly used in military applications?

Mandatory access control (MAC)

Which security term encompasses passwords, passphrases, and PINs?

Authentication factors

What is a key feature of the RADIUS protocol in relation to communication ports?

Relies on UDP ports for authentication and accounting

What certificate class is considered more reliable than class 1 certificates?

Class 0

Which objective of secure communications focuses on confidentiality?

Encryption

What is the primary benefit of performing a retrospective analysis after identifying malware entering the network?

It helps in tracking the behavior of the malware.

In which attack phase of the Cyber Kill Chain does a threat actor collect employee information from web servers?

Reconnaissance

Which HIDS is integrated into the Security Onion to detect changes in operating parameters caused by malware?

OSSEC

Which type of event is assigned to the SID created by Sourcefire and distributed under a GPL agreement?

True positive

Which tool should a cybersecurity analyst visit first to verify security alerts in Security Onion?

Sguil

What does the field in the Sguil application window indicate?

Event priority

Which method describes how the malware originally entered the network?

Initial access vector

What is the role of the EmergingThreats community in relation to Snort?

Creation of community rules

What is CybOX focused on capturing and communicating?

Network operations properties

Which component of the zero trust security model ensures secure access while accessing a database?

Container

What is the purpose of the network security accounting function?

To determine resource access for users

Which term best describes the capability of a web server to log usage time by users?

Accounting

What is a characteristic of the defense-in-depth approach?

Each layer must be penetrated to access target data

Which statement accurately describes a characteristic of a layered defense-in-depth security approach?

Three or more devices are required

What is a key benefit of implementing a defense-in-depth strategy?

Multiple safeguards can protect against failures

What does the concept of zero trust imply regarding user verification?

Continuous verification is required

What are two purposes of launching a reconnaissance attack on a network?

To scan for accessibility

Which type of network attack involves randomly opening many Telnet requests to a router, preventing legitimate access?

SYN flooding

What functionality is provided by Cisco SPAN in a switched network?

It mirrors traffic for analysis on another port

Which technology is recognized as a proprietary SIEM system?

StealthWatch

What are three functionalities provided by SOAR? (Choose three.)

Uses artificial intelligence for incident detection

Which cyber attack involves a coordinated attack from a botnet of zombie computers?

DDoS

What technique depletes the pool of IP addresses available for legitimate hosts?

DHCP starvation

What is one purpose of gathering information about the network and devices during a reconnaissance attack?

To identify vulnerabilities for exploitation

What is the primary purpose of using digital signatures for code signing?

To verify the integrity of executable files

Which technology uses trusted third-party protocols to issue authoritative identity credentials?

Public Key Infrastructure (PKI) certificates

In a CVSS assessment, which metric describes the requirement for user interaction in an attack scenario?

Exploitability

What risk management strategy is used when facing low potential impact but high mitigation costs?

Risk retention

Which two classes of metrics are part of the CVSS Base Metric Group?

Impact metrics and Exploit Code Maturity

Which type of test employs software to scan networks for vulnerabilities?

Vulnerability assessment

What are the outcomes of the NIST Cybersecurity Framework core function?

Identify, protect, detect

Which strategy is utilized to enhance endpoint security in a company?

Implementing multi-factor authentication

Study Notes

General Information

• Study notes are being generated.
• Please provide the text or questions for which you require study notes.

Description

This quiz focuses on general information and serves as a study guide. It aims to test and reinforce knowledge across various subjects. Get ready to challenge yourself and assess your understanding.