16-A

Question 1

What is information security?

Answer 1

The practice of controlling access to data in any format, including computer data and paper records

Information security aims to ensure confidentiality, integrity, and availability (CIA triad) of the data.

Question 2

Define the CIA triad in information security.

Answer 2

Confidentiality, Integrity, Availability

These are the three core properties that secure information should maintain.

Question 3

What does confidentiality mean in the context of information security?

Answer 3

Certain information should only be known to certain people.

Question 4

What is the meaning of integrity in information security?

Answer 4

Data is stored and transferred as intended, and any modification is authorized.

Question 5

Explain availability in information security.

Answer 5

Information is accessible to those authorized to view or modify it.

Question 6

How does cybersecurity differ from information security?

Answer 6

Cybersecurity specifically refers to controls that protect against attacks on computer storage and processing systems.

Question 7

What is a vulnerability?

Answer 7

A weakness that could be accidentally triggered or intentionally exploited to cause a security breach.

Question 8

Define a threat in the context of security.

Answer 8

The potential for someone or something to exploit a vulnerability and breach security.

Question 9

What is risk in information security?

Answer 9

The likelihood and impact of a threat actor exercising a vulnerability.

Question 10

What is a configuration baseline?

Answer 10

A set of recommendations for deploying a computer in a hardened configuration to minimize vulnerabilities.

Question 11

What does the term ‘non-compliant system’ refer to?

Answer 11

A system that has drifted from its hardened configuration.

Question 12

What is an unprotected system?

Answer 12

A system missing or improperly configuring at least one technical security control.

Question 13

Define a software vulnerability.

Answer 13

A fault in design or code that can cause an application security system to be circumvented or cause the application to crash.

Question 14

What is a zero-day vulnerability?

Answer 14

A vulnerability that is exploited before the developer knows about it or can release a patch.

Question 15

What are unpatched systems?

Answer 15

Systems that have not been updated with OS and application patches.

Question 16

What does BYOD stand for?

Answer 16

Bring Your Own Device.

Question 17

What is social engineering?

Answer 17

Techniques that persuade or intimidate people into revealing confidential information.

Question 18

Explain the concept of impersonation in social engineering.

Answer 18

Developing a pretext scenario to interact with an employee and gain their trust.

Question 19

What is dumpster diving?

Answer 19

Combing through an organization’s garbage to find useful documents for an attack.

Question 20

What is shoulder surfing?

Answer 20

Learning a password or PIN by watching the user type it.

Question 21

Define tailgating in the context of security.

Answer 21

Entering a secure area without authorization by following someone who has access.

Question 22

What is phishing?

Answer 22

Using social engineering techniques to make spoofed electronic communications seem authentic.

Question 23

What distinguishes spear phishing from regular phishing?

Answer 23

Spear phishing targets specific individuals with personalized information to increase effectiveness.

Question 24

What is whaling in cybersecurity?

Answer 24

An attack directed specifically against upper levels of management.

Question 25

Define vishing.

Answer 25

Phishing conducted through voice channels like telephone or VoIP.

Question 26

What is an evil twin attack?

Answer 26

Using a rogue wireless access point to harvest credentials from users.

Question 27

What is footprinting?

Answer 27

An information-gathering threat where the attacker learns about the configuration of the network and security systems.

Question 28

What is a spoofing threat?

Answer 28

An attack where the threat actor masquerades as a trusted user or computer.

Question 29

Define an on-path attack.

Answer 29

A specific type of spoofing where the threat actor intercepts traffic between two hosts.

Question 30

What is a denial of service (DoS) attack?

Answer 30

An attack that causes a service to fail or become unavailable to legitimate users.

Question 31

What is a distributed denial of service (DDoS) attack?

Answer 31

A DoS attack launched from multiple compromised systems, known as a botnet.

Question 32

What does DDoS stand for?

Answer 32

Distributed Denial of Service ## Footnote DDoS attacks are launched from multiple compromised systems referred to as a botnet.

Question 33

What is a botnet?

Answer 33

A network of compromised systems used to launch coordinated attacks ## Footnote Botnets are established by compromising machines and installing bots on them.

Question 34

What is the primary function of command & control (C&C) hosts in a DDoS attack?

Answer 34

To coordinate attacks using compromised devices ## Footnote C&C hosts manage the botnet and direct the attack.

Question 35

How can plaintext passwords be captured?

Answer 35

By obtaining a password file or sniffing unencrypted traffic ## Footnote Unencrypted protocols make it easy for threat actors to intercept credentials.

Question 36

What is a cryptographic hash?

Answer 36

A fixed-length string produced from a variable-length input using a one-way function ## Footnote Hashing is used for secure storage of data where recovery of the original input is not needed.

Question 37

What are two common techniques used by password cracking software?

Answer 37

* Dictionary attack * Brute force attack ## Footnote Dictionary attacks use common words, while brute force tries all combinations.

Question 38

What is Cross-site Scripting (XSS)?

Answer 38

An attack that exploits input validation vulnerabilities in web applications ## Footnote XSS allows attackers to inject malicious scripts that run in the client's browser.

Question 39

What distinguishes a nonpersistent XSS attack from a persistent XSS attack?

Answer 39

Nonpersistent XSS does not change server data, while persistent XSS does ## Footnote Persistent XSS inserts code into a back-end database that affects other users.

Question 40

What is SQL Injection?

Answer 40

An attack that modifies SQL queries to execute unauthorized commands ## Footnote SQL injection can extract, insert, or alter data in a database.

Question 41

What are the three principal types of cryptographic technology?

Answer 41

* Symmetric encryption * Asymmetric encryption * Cryptographic hashing ## Footnote Each type serves different roles in securing data.

Question 42

What is symmetric encryption?

Answer 42

A method that uses a single secret key for both encryption and decryption ## Footnote Security risks arise if the key is lost or stolen.

Question 43

What is asymmetric encryption?

Answer 43

A method that uses a key pair (private and public keys) for encryption and decryption ## Footnote Only the linked key can reverse the operation performed by the other key.

Question 44

What is the main drawback of asymmetric encryption?

Answer 44

A message cannot be larger than the key size ## Footnote This limitation necessitates the use of symmetric encryption for larger messages.

Question 45

What is a digital signature?

Answer 45

A cryptographic method that verifies the integrity and authenticity of a message ## Footnote It involves hashing the message and encrypting the hash with a private key.

Question 46

What is the purpose of key exchange?

Answer 46

To allow two hosts to share a symmetric encryption key securely ## Footnote Key exchange uses asymmetric encryption to protect the exchange of the secret key.

Question 47

Fill in the blank: A threat actor can capture a password hash transmitted during user authentication using an _______.

Answer 47

on-path attack ## Footnote On-path attacks can intercept data as it travels across the network.

Question 48

True or False: The level of risk from zero-day attacks is only significant with respect to EOL systems.

Answer 48

False ## Footnote Zero-day vulnerabilities can affect any system, not just those that are end-of-life.

Question 49

What type of attack involves sending a crafted email to steal credentials?

Answer 49

Phishing attack ## Footnote This attack often uses social engineering to entice users to click on malicious links.

Question 50

What is the difference between tailgating and shoulder surfing?

Answer 50

Tailgating is unauthorized entry following an authorized user, while shoulder surfing is observing someone entering sensitive information ## Footnote Both are physical security threats but target different aspects of security.

Question 51

What type of password cracking attack is a five-character password vulnerable to?

Answer 51

Brute force attack ## Footnote Short and non-complex passwords can be cracked quickly using brute force techniques.

Question 52

What type of cryptographic key is delivered in a digital certificate?

Answer 52

Public key ## Footnote Digital certificates bind a public key to an entity, enabling secure communication.