Podcast Beta
Questions and Answers
Which of the following best describes the concept of confidentiality in information security?
What is the main focus of cybersecurity?
What does the term 'hardening' refer to in the context of information security?
Which one of the following best describes a vulnerability?
Signup and view all the answers
What is the relationship between threat, vulnerability, and risk?
Signup and view all the answers
What is the purpose of a configuration baseline?
Signup and view all the answers
What is an exploit?
Signup and view all the answers
Which of the following techniques involves searching through an organization's garbage to find useful documents?
Signup and view all the answers
What type of attack involves observing someone entering a password or PIN by watching them?
Signup and view all the answers
Which technique involves entering a secure area without authorization by closely following behind someone who has been allowed access?
Signup and view all the answers
What social engineering technique uses spoofed electronic communications to make them seem authentic to the victim?
Signup and view all the answers
Which type of phishing attack is specifically targeted towards upper levels of management in an organization?
Signup and view all the answers
What type of phishing attack is conducted through a voice channel, such as telephone or VoIP?
Signup and view all the answers
In which type of phishing attack does the attacker use a rogue wireless access point to try to harvest credentials?
Signup and view all the answers
Why is it important to be able to describe and analyze behaviors in modern cybersecurity threats?
Signup and view all the answers
Which of the following is true about zero-day vulnerabilities?
Signup and view all the answers
What is an unpatched system?
Signup and view all the answers
What is a legacy or end of life (EOL) system?
Signup and view all the answers
What is social engineering?
Signup and view all the answers
Which of the following is NOT a method used in DoS attacks?
Signup and view all the answers
What is the purpose of a DoS attack?
Signup and view all the answers
What is the difference between DoS and DDoS attacks?
Signup and view all the answers
Which of the following best describes an insider threat actor?
Signup and view all the answers
What is the main goal of footprinting threats?
Signup and view all the answers
What is a spoofing threat?
Signup and view all the answers
What is an on-path attack?
Signup and view all the answers
Which of the following is a common method for threat actors to gain access to a network?
Signup and view all the answers
What can threat actors do if they gain access to a network via an on-path or malware attack?
Signup and view all the answers
How is a password typically stored and transmitted securely?
Signup and view all the answers
Which of the following best describes the purpose of a digital signature?
Signup and view all the answers
What is the role of key exchange in secure communication?
Signup and view all the answers
What is the purpose of an ephemeral key in key exchange?
Signup and view all the answers
Which cryptographic technology uses a single secret key for both encryption and decryption?
Signup and view all the answers
Which cryptographic technology uses a key pair consisting of a private key and a public key?
Signup and view all the answers
Which cryptographic technology is used for secure storage of data where the original value does not need to be recovered?
Signup and view all the answers
Which cryptographic hash algorithm is being phased out of use?
Signup and view all the answers
Which of the following best describes a nonpersistent XSS attack?
Signup and view all the answers
What is the main goal of a stored/persistent XSS attack?
Signup and view all the answers
In a SQL injection attack, how does the threat actor modify the SQL statements?
Signup and view all the answers
What is the purpose of encryption in information security?
Signup and view all the answers
Which of the following is NOT a common password hash file or database that a threat actor might obtain from a local system?
Signup and view all the answers
Which technique does a password cracker use to try to identify a password from a cryptographic hash?
Signup and view all the answers
Which method of running code in a web application modifies the web page before it is displayed to the user?
Signup and view all the answers
What type of vulnerability in web apps is commonly exploited by a cross-site scripting (XSS) attack?
Signup and view all the answers