Course 2 | Play It Safe_

Question 1

What is security posture?

Answer 1

An organization’s ability to defend its data and assets and respond to change.

Question 2

What is business continuity?

Answer 2

The ability to keep operations running through disaster recovery planning.

Question 3

What is InfoSec?

Answer 3

A set of processes to secure information.

Question 4

What are examples of InfoSec design processes?

Answer 4

Incident response
Vulnerability management
Cloud security
Application security
Infrastructure security

Question 5

What is an example of managing data in Security Architecture?

Answer 5

Using a SIEM tool.

Question 6

What are key principles used in security architecture?

Answer 6

Threat modeling
Least privilege
Failing securely

Question 7

What is the purpose of NIST’s Risk Management Framework?

Answer 7

To help organizations manage risk across systems through a structured 7-step process.

Question 8

What happens during the Prepare step of RMF?

Answer 8

Organizations get ready to manage risk before a breach occurs (planning, roles, context).

Question 9

What does the Categorize step do in RMF?

Answer 9

Defines how different types of information and systems should be protected based on impact.

Question 10

What is the Select step of the RMF about?

Answer 10

Choosing the best security controls to handle the identified risks.

Question 11

What is the goal of the Implement step in RMF?

Answer 11

Putting selected security controls into place within the system.

Question 12

What does the Assess step evaluate in RMF?

Answer 12

Whether the security controls are installed correctly and working as intended.

Question 13

What does the Authorize step mean in RMF?

Answer 13

Officially accepting the system’s risk level and approving its use.

Question 14

What is the purpose of the Monitor step in RMF?

Answer 14

Continuously checking the system and its controls for ongoing risk or failure.

Question 15

What does risk acceptance mean in InfoSec?

Answer 15

Choosing to accept the risk as-in, often because reducing it would disrupt business or cost too much.

Question 16

What does the ProxyLogon vulnerability affect?

Answer 16

Microsoft Exchange servers. It allows attackers to authenticate remotely and run malicious code.

Question 17

What does ZeroLogon target, and why is it dangerous?

Answer 17

Microsoft’s Netlogon protocol - it let’s attackers bypass authentication and take control of the system.

Question 18

What is Log4Shell and what does it let attackers do?

Answer 18

A flaw in Java logging; allows remote code execution and data leaks acorss internet-connected systems.

Question 19

What does PetitPotam target and how?

Answer 19

NTLM (Windows LAN Manager); it lets attackers on a local network fake an authentication request to steal credentials.

Question 20

What is server-side request forgery (SSRF)?

Answer 20

Tricking a server into accessing backend resources or leaking internal data.

Question 21

What is the purpose of the CISSP domains in InfoSec?

Answer 21

They organize core areas of information security to help professionals manage and protect systems.

Question 22

What does Security Architecture and Engineering involve?

Answer 22

Designing secure systems, applying controls like least priveledge, and using tools like SIEMs.

Question 23

What is encryption and how does it work?

Answer 23

Converts readable data (plaintext) into unreadable code (ciphertext) to prevent unauthorized access.

Question 24

What are biometrics used for in security?

Answer 24

To verify identity using unique personal features like fingerprints or facial recognition.

Question 25

What is the Cyber Threat Framework?

Answer 25

A U.S. government standard for describing and communicating cyber threats using shared technology.

Question 26

What is ISO/IEC 27001?

Answer 26

An international standard for managing information security, outlining best practices and required controls.

Question 27

What is the NIST Cybersecurity Framework? (CSF)?

Answer 27

A flexible framework for managing cybersecurity risk through core functions.

Question 28

What is the goal of OWASP's (Open Web Application Security Project) security principals?

Answer 28

To guide secure software development and reduce common vulnerabilities.

Question 29

What are the six core functions of the NIST CSF?

Answer 29

1. Govern 2. Identify 3. Protect 4. Detect 5. Respond 6. Recover

Question 30

What is a security audit?

Answer 30

A review of an organization's security controls, policies, and procedures against a standard or requirement.

Question 31

What are the three main control categories in InfoSec?

Answer 31

1. Administrative 2. Technical 3. Physical

Question 32

What does a server log track?

Answer 32

Events related to services like logins, emails, file shares - includes usernames and passwords used.

Question 33

What is a SIEM (Security Information and Event Management) tool used for?

Answer 33

To collect, analyze, and monitor logs across systems for signs of threats or policy violations.

Question 34

What are proprietary tools in cybersecurity?

Answer 34

Software that is owned and licensed by a company - usually pad and closed-source.

Question 35

What is an OS (Operating System)?

Answer 35

The interface that connects computer hardware to the user, allowing interaction and control.

Question 36

What is Linux and why is it used in cybersecurity?

Answer 36

An open-source OS that allows users to customize and control their systems often through a command-line interface.

Question 37

What is Suricata?

Answer 37

An open-source network monitoring and threat detection tool maintained by the OISF.

Question 38

What is a SOAR tool, and how is it different from a SIEM tool?

Answer 38

A SOAR (Security Orchestration, Automation, and Response) tool automates and coordinates incident response, often working with a SIEM.

Question 39

What are the phases of incident response?

Answer 39

1. Preparation 2. Dectection and Analysis 3. Containment 4. Eradication and recovery 5. Post-incident activiy 6. Coordination