Lesson 10 Review Questions Flashcards
(14 cards)
An organization’s cyber security analyst is currently assessing various web filtering technologies for implementation. What is one of the key benefits of web filtering in cybersecurity operations?
A. Blocking encrypted web traffic (HTTPS) to prevent malicious activities
B. Monitoring web activity to identify potential policy violations
C. Allowing access to inappropriate or non-work-related content for employee satisfaction
D. Preventing malware infections and phishing attacks from malicious websites
D. Preventing malware infections and phishing attacks from malicious websites
A medium-sized company has entrusted its IT administrator with the crucial responsibility of improving network security. The company’s network contains sensitive financial data, proprietary software, and employee records. Since the IT administrator’s task is implementing access control lists (ACLs), what is the primary objective for using them in computer systems and networks?
A.To enforce mandatory access controls (MAC) on Linux systems
B.To establish standardized configuration baselines for devices
C.To regulate and manage permissions for resource access and actions
D.To provide centralized management and configuration of operating systems in Active Directory
C.To regulate and manage permissions for resource access and actions
A cybersecurity team for a technology company specializes in developing mobile applications for various industries. The team is working on a new app that utilizes location services to provide users with real-time updates on nearby events and activities. The app’s success depends on its ability to provide accurate and relevant information based on the user’s current location. However, the project stakeholders have expressed concerns about certain aspects of location services. What is the primary concern surrounding location services in mobile devices?
A.Battery consumption
B.Lack of accuracy
C.Privacy
D.Limited availability
C.Privacy
Which security feature in the Linux kernel supports access control security policies, including mandatory access controls (MAC)?
A.Group policy
B.SELinux
C.Application allow lists
D.Configuration drift
B.SELinux
A critical infrastructure organization responsible for managing energy distribution across a large region relies heavily on industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems to monitor and control the power grid. Given the critical nature of the operations, the IT team has implemented a control to safeguard these systems. Which control did the IT team use to protect ICS and SCADA systems?
A.Regular system updates
B.Network segmentation
C.Secure boot mechanisms
D.Transport encryption protocols
B.Network segmentation
A large financial corporation wants to incorporate a sandbox in its network. What is the purpose of using a sandbox in endpoint security?
A.To isolate and contain malicious files or processes
B.To restrict internet access on endpoint devices
C.To enforce strong password policies for user accounts
D.To manage group policies and access control lists
A.To isolate and contain malicious files or processes
A small company recently installed an intrusion detection system (IDS). What is the purpose of the analysis engine in the IDS?
A.To capture network traffic
B.To interpret and scan captured traffic for suspicious activity
C.To generate incident reports for security analysts
D.To update the signatures and rules for attack patterns
B.To interpret and scan captured traffic for suspicious activity
Which intrusion detection method involves the analysis engine trained to recognize baseline “normal” traffic and generates an incident when it detects deviations from this baseline?
A.Signature-based detection
B.Behavioral- and anomaly-based detection
C.Trend analysis
D.Network traffic analysis (NTA)
B.Behavioral- and anomaly-based detection
Which cybersecurity approach monitors and analyzes the behavior of users within an organization to detect anomalies indicative of potential threats, such as insider threats, compromised accounts, or fraud?
A.Endpoint Detection and Response (EDR)
B.Host-based intrusion detection/prevention (HIDS/HIPS)
C.Extended Detection and Response (XDR)
D.User Behavior Analytics (UBA)/User and Entity Behavior Analytics (UEBA)
D.User Behavior Analytics (UBA)/User and Entity Behavior Analytics (UEBA)
What is the purpose of implementing the principle of least privilege in endpoint protection?
A.To restrict user access to specific network resources
B.To enforce mandatory security configurations on devices
C.To manage firewall rules across an organization’s network
D.To grant minimum permissions needed to perform tasks
D.To grant minimum permissions needed to perform tasks
An organization uses host-based intrusion detection/prevention (HIDS/HIPS) to secure the enterprise. Why would the organization use this type of mitigation technique?
A.To monitor and protect individual hosts, like a computer or server, from unauthorized access or malicious activities
B.To contain a malware within a single host and facilitate remediation of the host to its original state on endpoint devices
C.To analyze user behavior patterns and detect anomalies indicative of potential threat
D.To extend protection beyond endpoints and incorporate data from various infrastructure components
A.To monitor and protect individual hosts, like a computer or server, from unauthorized access or malicious activities
An organization has a significant amount of mobile devices that it manages. Which mobile device deployment model gives the organization the MOST control over the device, thereby improving security?
A.BYOD
B.CYOD
C.COBO
D.COPE
C.COBO
A large manufacturing company relies heavily on industrial control systems to operate its production lines. The company has a range of devices, including programmable logic controllers (PLCs) and human-machine interfaces (HMIs), spread across the factory floor. Due to recent concerns about potential cyber threats, management wants to improve the security of these devices. How would the cybersecurity manager convince senior management of the primary objective of implementing physical device port hardening?
A.It encrypts data on USB drives.
B.It enables automatic network connections.
C.It restricts access to physical interfaces.
D.It blocks incoming and outgoing network traffic.
C.It restricts access to physical interfaces.
What is the primary purpose of the cybersecurity approach of User Behavior Analytics (UBA) or User and Entity Behavior Analytics (UEBA)?
A.To automatically block or mitigate threats on individual hosts
B.To establish a baseline profile for users’ physical locations
C.To monitor and analyze users’ behavior to detect potential threats
D.To detect, investigate, and respond to advanced endpoint threats
C. To monitor and analyze users’ behavior to detect potential threats
