Chapter 1

Question 1

Define Confidentiality:

Answer 1

prevents the unauthorized disclosure of data.

Question 2

The different methods to ensure confidentiality is:

Answer 2

Encryption

Access Controls

Steganography

Obfuscation

Question 3

Define Encryption:

Answer 3

scrambles data to make it unreadable by unauthorized personnel

Question 4

What is included to provide access controls?

Answer 4

Identification

Authentication

Authorization

Question 5

Define Identification:

Answer 5

a unique username

Question 6

Define Authentication:

Answer 6

a password

Question 7

Define Authorization:

Answer 7

grant or restrict access to resources

Question 8

Define Steganography:

Answer 8

the practice of hiding data within data

Question 9

Define obfuscation:

Answer 9

security through obscurity

Question 10

The CIA security triads includes:

Answer 10

Confidentiality

Integrity

Availability

Question 11

Define Integrity:

Answer 11

provides assurances that data has not changed

Question 12

What can you use to enforce integrity?

Answer 12

Hashing or Message Authentication Code (MAC)

Digital signatures

Question 13

Describe hash:

Answer 13

a number created by executing a hashing algorithm against data, such as a file or message

Question 14

What are two key concepts related to integrity?

Answer 14

Integrity provides assurances that data has not been modified, tampered with, or corrupted

Hashing verifies integrity

Question 15

Digital signatures provide:

Answer 15

non-repudiation

Question 16

Digital signatures requires:

Answer 16

the use of certificates

and

Public Key Infrastructure (PKI)

Question 17

Certificates include:

Answer 17

keys used for encryption

Question 18

Public Key Infrastructure provides:

Answer 18

the means to create, manage, and distribute certificates

Question 19

Define non-repudiation:

Answer 19

the ability to prevent a party from denying an action.

Question 20

Access logs provide:

Answer 20

non-repudiation

Question 21

Define availability:

Answer 21

indicates that data and services are available when needed

Question 22

What is a common goal of fault tolerance and redundancy?

Answer 22

To remove each single point of failure (SPOF)

Question 23

Some fault tolerance and redundancy techniques:

Answer 23

Disk redundancies

Server redundancies

Load balancing

Site redundancies

Backups

Alternate power

Cooling systems

Question 24

Define disk redundancies:

Answer 24

fault-tolerant disks allow a system to continue to operate even if a disk fails

Question 25

RAID-1:

Answer 25

mirroring

Question 26

RAID-5:

Answer 26

striping with parity

Question 27

RAID-10:

Answer 27

striping with a mirror

Question 28

Define server redundancies:

Answer 28

Failover clusters include redundant servers and ensure a service will continue to operate, even if a server fails Virtualization can also increase availability of servers by reducing unplanned downtime

Question 29

Load balancing uses:

Answer 29

multiples servers to support a single service

Question 30

Site redundancies provide:

Answer 30

an alternate site when a site can no longer function due to a disaster

Question 31

Alternate power:

Answer 31

Uninterruptible power supplies (USPs) and power generators can provide power to key systems even if commercial power fails.

Question 32

Cooling systems:

Answer 32

heating, ventilation, and air conditioning (HVAC) systems improve the availability of systems by reducing outages from overheating

Question 33

One of the basic goals of implementing IT security is to:

Answer 33

reduce risk.

Question 34

Define Risk:

Answer 34

the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss.

Question 35

Define Threat:

Answer 35

any circumstance or event that has the potential to compromise confidentiality, integrity, or availability.

Question 36

Define Vulnerability:

Answer 36

a weakness in either the hardware, software, configuration, or even the users operating the system.

Question 37

When can a security incident occur?

Answer 37

When a threat exploits a vulnerability.

Question 38

Define security incident:

Answer 38

an adverse event or series of events that can negatively affect the confidentiality, integrity, or availability of an organization's information technology (IT) systems and data.

Question 39

Risk mitigation:

Answer 39

reduces the chances that a threat will exploit a vulnerability.

Question 40

Technical controls:

Answer 40

use technology to reduce vulnerabilities

Question 41

Administrative controls:

Answer 41

use methods mandated by organizational policies or other guidelines

Question 42

Physical controls:

Answer 42

are any controls that you can physically touch

Question 43

Preventive controls:

Answer 43

attempt to prevent security incidents

Question 44

Detective controls:

Answer 44

attempt to detect when vulnerabilities have been exploited, resulting in a security incident

Question 45

Corrective controls:

Answer 45

attempt to reverse the impact of an incident or problem after it has occurred

Question 46

Compensating controls:

Answer 46

are alternative controls used when a primary control is not feasible

Question 47

Example of technical controls:

Answer 47

Encryption Antivirus software Intrusion detection systems (IDSs) and Intrusion prevention systems (IPSs) Firewalls Least privilege

Question 48

Define encryption:

Answer 48

a strong technical control used to protect confidentiality

Question 49

Define antivirus software:

Answer 49

once installed, the antivirus software provides protection against malware infection

Question 50

Define Intrusion detection systems (IDSs) and intrusion prevention systems (IPSs):

Answer 50

can monitor a network or host for intrusions and provide ongoing protection against various threats

Question 51

Define firewalls:

Answer 51

restrict network traffic going in and out of a network

Question 52

Define least privilege:

Answer 52

specifies that individuals or processes are granted only the privileges they need to perform their assigned tasks or functions, but no more.

Question 53

Some common administrative controls are:

Answer 53

Risk assessments Vulnerability assessments Penetration tests

Question 54

Risk assessments help:

Answer 54

quantify and qualify risks within an organization so that the organization can focus on the serious risks

Question 55

Vulnerability assessment attempts to:

Answer 55

discover current vulnerabilities or weaknesses

Question 56

Penetration tests attempt to:

Answer 56

exploit vulnerabilities

Question 57

Many administrative controls are also known as:

Answer 57

operations or management controls

Question 58

Operational or management controls include the following families:

Answer 58

Awareness and training Configuration and change management Contingency planning Media protection Physical and environmental protection

Question 59

Training helps users:

Answer 59

maintain password security, follow a clean desk policy, understand threats such as phishing and malware, and much more

Question 60

Configuration management often uses:

Answer 60

baselines to ensure that systems start in a secure, hardened state

Question 61

Change management helps ensure that:

Answer 61

changes don't result in unintended configuration errors

Question 62

The goal of contingency planning is to:

Answer 62

reduce the overall impact on the organization if an outage occurs

Question 63

Media protection includes:

Answer 63

physical media such as USB flash drives, external and internal drives, and backup tapes

Question 64

Physical and environmental protection includes:

Answer 64

physical controls, such as cameras and door locks, and environmental controls, such as heating and ventilation systems

Question 65

Technical and administrative controls categorize the controls based on:

Answer 65

how they are implemented

Question 66

Some examples of preventative controls are:

Answer 66

Hardening Security awareness and training Security guards Change management Account disablement policy

Question 67

Hardening is the practice of:

Answer 67

making a system or application more secure than its default configuration

Question 68

Security guards:

Answer 68

prevent and deter many attacks

Question 69

Change management ensures:

Answer 69

that changes don't result in unintended outages

Question 70

Account disablement policy ensures:

Answer 70

that users accounts are disabled when an employee leaves

Question 71

Some examples of detective controls are:

Answer 71

log monitoring trend analysis security audit video surveillance motion detection

Question 72

Log monitoring:

Answer 72

record details of activity on systems and networks

Question 73

Trend analysis:

Answer 73

monitor logs to detect trends

Question 74

Security audits can:

Answer 74

examine the security posture of an organization

Question 75

Video surveillance can:

Answer 75

record activity and detect what occurred

Question 76

Motion detection can:

Answer 76

detect motion from potential intruders and raise alarms

Question 77

What are the differences between detection and prevention controls?

Answer 77

A detective control can't predict when an incident will occur and it can't prevent it Prevention controls stop the incident from occurring at all

Question 78

Some examples of corrective controls are:

Answer 78

Intrusion prevention system (IPS) Backups and system recovery

Question 79

Backups ensure:

Answer 79

that personnel can recover data if it is lost or corrupted

Question 80

System recovery procedures ensure:

Answer 80

administrators can recover a system after a failure

Question 81

Deterrent controls attempt to:

Answer 81

discourage a threat

Question 82

Some physical security controls used to deter threats:

Answer 82

Cable locks Hardware locks

Question 83

Cable locks deter:

Answer 83

thieves from stealing the laptops

Question 84

Hardware locks:

Answer 84

locks such as locked doors securing a wiring closet or a server room

Question 85

Compensating controls are:

Answer 85

alternative controls used instead of a primary control

Question 86

Virtualization allows you to:

Answer 86

host one or more virtual systems, or virtual machines (VMs), on a single physical system

Question 87

Hypervisor is:

Answer 87

the software that creates, runs, and manages the VMs

Question 88

VM Host is:

Answer 88

the physical system hosting the VMs

Question 89

VM Guest is:

Answer 89

the operating systems running on the host system

Question 90

Host elasticity and scalability refer to:

Answer 90

the ability to resize computing capacity based on the load

Question 91

Type I hypervisors run:

Answer 91

directly on the system hardware

Question 92

Type II hypervisors run:

Answer 92

as software within a host operating system

Question 93

Application cell or container virtualization runs:

Answer 93

services or applications within isolated application cells (or containers)

Question 94

A benefit of container virtualization is that is uses:

Answer 94

fewer resources and can be more efficient than a system using a traditional Type II hypervisor virtualization

Question 95

A drawback of container virtualization is that:

Answer 95

containers must use the operating system of the host.

Question 96

VMs can provide:

Answer 96

segregation, segmentation, and isolation of individual systems

Question 97

Snapshot provides:

Answer 97

you with a copy of the VM at a moment in time, which you can use as a backup

Question 98

When do administrators commonly take snapshots of systems?

Answer 98

Prior to performing any risky operation

Question 99

Risky operations include:

Answer 99

applying patches or updates testing security controls installing new applications

Question 100

In a Virtual desktop infrastructure (VDI) or Virtual desktop environment (VDE) a:

Answer 100

user's desktop operating system runs as a VM on a server

Question 101

One benefit of using a VDI/VDE is that:

Answer 101

user PCs can have limited hardware resources

Question 102

Persistence or non-persistence

Answer 102

In a persistent virtual desktop, each user has a custom desktop image In a non-persistent virtual desktop, the users use the same desktop from a preconfigured snapshot for all users

Question 103

Risks associated with virtualization:

Answer 103

VM escape VM Sprawl Loss of confidentiality

Question 104

VM escape is:

Answer 104

an attack that allows an attacker to access the host system from within the virtual system

Question 105

VM sprawl occurs:

Answer 105

when an organization has many VMs that aren't managed properly

Question 106

Kali Linux is:

Answer 106

a free Linux distribution used by many security professionals for penetration testing and security auditing.

Question 107

Ping is:

Answer 107

a basic command used to test connectivity for remote systems

Question 108

What else can you use ping for?

Answer 108

to verify a system can resolve valid host names to IP addresses test the NIC Check the security posture of a network

Question 109

How does the ping command check connectivity?

Answer 109

by sending Internet Control Message Protocol (ICMP) echo request packets

Question 110

What is the command that verifies that your computer can connect with another computer on your network?

Answer 110

ping 192.168.1.1

Question 111

Ping on Windows systems:

Answer 111

ping -t 192.168.1.1

Question 112

Windows ping on a Linux system:

Answer 112

ping -c 4 192.168.1.1

Question 113

How to get IP address from Windows command prompt?

Answer 113

ping getcertifiedgetahead.com

Question 114

The ipconfig (Internet Protocol configuration) command shows:

Answer 114

the Transmission Control Protocol/Internet Protocol (TCP/IP) configuration information for a system

Question 115

What is included in the Transmission Control Protocol/Internet Protocol (TCP/IP)?

Answer 115

computer's IP address subnet mask default gateway MAC address the address of a Domain Name System (DNS) server

Question 116

Linux-based systems use what instead of ipconfig?

Answer 116

ifconfig (short for interface configuration)

Question 117

The netstat command:

Answer 117

allows you to view statistics for TCP/IP protocols on a system gives you the ability to view active TCP/IP network connections

Question 118

The tracert command:

Answer 118

lists the routers between two systems. In this context, each router is referred to as a hop

Question 119

Windows-based systems use tracert and Linux-based systems use:

Answer 119

traceroute

Question 120

Tracing internet path Windows command prompt:

Answer 120

tracert blogs.getcertifiedgetahead.com

Question 121

Arp is related to:

Answer 121

the Address Resolution Protocol (also ARP)

Question 122

The arp command is used to:

Answer 122

view and manipulate the ARP cache

Question 123

Some of the common state of connections are:

Answer 123

Established Listen Close_Wait Time_Wait Syn_Sent Syn_Received

Question 124

Established State:

Answer 124

the normal state for the data transfer phase of a connection

Question 125

Listen State:

Answer 125

indicates the system is waiting for a connection termination request

Question 126

Time_Wait State:

Answer 126

indicates the system is waiting for enough | time to pass to be sure the remote system received a TCP-based acknowledgment of the connection

Question 127

Close_Wait State:

Answer 127

indicates the system is waiting for a connection termination request

Question 128

Syn_Sent State:

Answer 128

indicates the system sent a TCP SYN (synchronize) packet as the first part of the SYN, SYN-ACK (synchronize-achknowledge), ACK (acknowledge) handshake process and it is waiting for the SYN-ACK response.

Question 129

Syn_Received State:

Answer 129

indicates the system sent a TCP SYN-ACK packet after receiving a SYN packet as the first part of the SYN, SYN-ACK, ACK handshake process