Block 5

Question 1

What type of attacks often involving multiple devices usually using a botnet?

Answer 1

DDOS

Question 2

Blank is an aggregation of computers turning them into robots.

Answer 2

BOTNET

Question 3

According to the STRIVE model, what threat allows someone to perform an action they are not authorized to do?

Answer 3

elevation of privilege

Question 4

What is the definition of data diddling?

Answer 4

altering data entry

Question 5

What type of social engineering targets specific individuals utilizing messaging that appeals to that person?

Answer 5

phishing

Question 6

Social engineering is what kind of confidence trick?

Answer 6

low technology and non-technical

Question 7

What type of attacking involves leading infected media in a public place in order to trigger an attack?

Answer 7

bait

Question 8

What type of attack is a specific form of phishing targeting high-value individuals?

Answer 8

whaling

Question 9

Blank refers to software or website scripts written to cause undesired effects.

Answer 9

malware

Question 10

What type of virus executes when the system is booted?

Answer 10

boot sector virus

Question 11

Ransomware will ______ an entire system until a ransom is paid.

Answer 11

encrypt

Question 12

What type of malware acts normal and useful until a predefined event occurs?

Answer 12

logic bomb

Question 13

When moving data offsite, it’s important to ensure how ___ is securing the data.

Answer 13

third party

Ensuring data security when transferring data offsite is crucial.

Question 14

What is the single biggest drawback to single sign-on services?

Answer 14

attackers have access to multiple servers

This highlights the security vulnerability associated with single sign-on systems.

Question 15

What are the 4 types of network access control?

Answer 15

• agent less
• agent based
• dissolvable
• permanent

Understanding the types of access control helps in implementing security measures.

Question 16

Of the 4 access controls, which one runs a check but does not remain installed?

Answer 16

dissolvable

Dissolvable access controls are temporary and are removed after the session.

Question 17

What were the 3 A’s of the triple A protocol?

Answer 17

• accounting
• authentication
• authorization

These are essential components of security protocols.

Question 18

Of the 3 triple A protocols, which one logs all resources a user consumes?

Answer 18

accounting

Accounting is crucial for tracking user activity.

Question 19

Injecting malicious code into web applications is what kind of attack?

Answer 19

cross-site scripting

This type of attack poses significant risks to web application security.

Question 20

What type of encryption is applied much faster than software encryption?

Answer 20

hardware

Hardware encryption is typically more efficient and secure.

Question 21

What type of encryption stores processors?

Answer 21

hardware security module

This module is essential for secure processing of cryptographic keys.

Question 22

What type of encryption module stores cryptographic keys?

Answer 22

trusted platform module

TPMs provide secure storage for cryptographic keys.

Question 23

Software-based firewalls are also known as what?

Answer 23

• application firewall
• host-based firewalls
• personal firewall

These firewalls offer protection at the application layer.

Question 24

A packet filtering firewall can filter traffic based on source or destination what?

Answer 24

• port
• IP address

Packet filtering is a fundamental feature of firewalls.

Question 25

What security zone is designated for visitors?

Answer 25

guest ## Footnote Guest zones provide limited access to protect the main network.

Question 26

What category would be used for network functionality stopped by high network traffic?

Answer 26

category 4 ## Footnote Traffic congestion can significantly impact network performance.

Question 27

Which category is used if you cannot determine the cause or event of an incident?

Answer 27

category 8 ## Footnote This category addresses incidents with unclear origins.

Question 28

In what phase of the incident process would you address lessons learned, root cause, and other problems?

Answer 28

post-incident analysis ## Footnote This phase is critical for improving future incident response.

Question 29

What information is typically requested during an investigation?

Answer 29

* antivirus logs * system log ## Footnote These logs are essential for understanding the incident.

Question 30

How long do you have to determine if an incident meets operational reporting requirements?

Answer 30

1 hour ## Footnote Timely reporting is critical for incident management.

Question 31

Cyber hygiene refers to what?

Answer 31

practices and steps that maintain system health and improve online security ## Footnote Good cyber hygiene is vital for preventing security breaches.

Question 32

A baseline is a measure of a system's current state of ____.

Answer 32

system readiness ## Footnote Baselines help in assessing system performance.

Question 33

What is a baseline deviation?

Answer 33

change from original value ## Footnote Deviations can indicate potential issues in system performance.

Question 34

What are the direct 3 benefits of configuration management?

Answer 34

* uptime and site reliability * disaster recovery * scalability ## Footnote Effective configuration management enhances overall system performance.

Question 35

What is the last step in a disaster recovery plan?

Answer 35

testing ## Footnote Testing ensures that the recovery plan is effective.

Question 36

Compuscc is designed for protection of what 3 goals?

Answer 36

* confidentiality * integrity * availability ## Footnote These goals are fundamental to information security.

Question 37

Tempest governs red and black separation. Which side is red and which side is black?

Answer 37

* red is plain text * black is ciphertext ## Footnote Red and black separation is crucial for secure communications.

Question 38

What is one of the easiest ways for adversaries to gain information about military ops?

Answer 38

social media ## Footnote Social media can inadvertently expose sensitive information.

Question 39

____ is the science of trying to break a coding system.

Answer 39

cryptanalysis ## Footnote Cryptanalysis is essential for assessing the strength of cryptographic systems.

Question 40

____ is the science of creating a coding system for encryption and decryption.

Answer 40

cryptography ## Footnote Cryptography is fundamental to secure communications.