midterm Flashcards by Ashley Hargraves

Which of the following best describes the possible impact of an attack where credit card data is stolen from a company and the breach is eventually reported in the news? Select two.

Income generating loss
Possible prison time for IT personnel

How well did you know this?

Not at all

Perfectly

Which of the following best describes the differences or similarities between cybersecurity and information security? Select three.

Information security falls under the cybersecurity umbrella.
Cybersecurity primarily protects devices.
Information security protects using products, people, and procedures.

How well did you know this?

Not at all

Perfectly

Which of the following lists the data type in order from the type that needs the highest level of protection to the lowest level?

Confidential, private, sensitive

How well did you know this?

Not at all

Perfectly

Gemalyn enters websiteA.com in the address bar of a browser but is redirected to websiteB.com due to an infected DNS. What type of exploit did Gemalyn experience?

A redirection technique called pharming.

How well did you know this?

Not at all

Perfectly

An attacker is scanning wireless networks and discovers that one of them is set up to support the two most recent protocols. What type of attack is the malicious actor most likely to launch to try to breach the security settings of the wireless device?

Downgrade attack

How well did you know this?

Not at all

Perfectly

Kalaki subscribes to an online computer digest. Kalaki notices a string of characters with a message next to a link that reads “… use to verify file integrity after downloading.” What does the string of characters represent? Select four.

The result of a one-way algorithm
A message digest
A hash
A digital fingerprint

How well did you know this?

Not at all

Perfectly

Charlie, a manager, wants to implement TLS because he thinks it is easier to configure. However, Perry recommends using IPSec instead. Which of the following statements could be used to justify implementing one over the other? Select two.

IPSec authenticates that packets received were sent from the source.
IPSec manages the keys to ensure they are not intercepted by unauthorized parties.

How well did you know this?

Not at all

Perfectly

IPSec is considered a transparent protocol. Which of the following statements best describes what this means? Select two.

Users do not need to be trained on specific security procedures.
Programs do not need to be modified to run under IPSec.

How well did you know this?

Not at all

Perfectly

Jefferson downloads a version of PowerShell that is purported to have capabilities that exceed those of the native version. Shortly thereafter his computer starts to exhibit unusual behavior. The installed anti-malware tool does not reveal anything he does not already know. What type of malware is most likely to be installed on the system?

Fileless virus

How well did you know this?

Not at all

Perfectly

Pamela installed a program that scanned the internet for coupons. A week later her bank account was hacked. How was Pamela’s bank account most likely compromised?

She installed a computer Trojan.

How well did you know this?

Not at all

Perfectly

Which of the following best describes characteristics of embedded systems? Select two.

They are contained within a larger system.
They are designed for a specific function.

How well did you know this?

Not at all

Perfectly

Which of the following statements represents steps that can be taken to harden SCADA systems? Select two.

Disconnect unnecessary connections to the SCADA network.
Identify all connections to SCADA networks.

How well did you know this?

Not at all

Perfectly

As a security professional Anvi works for an organization authoring documents that define policies and procedures outlining security controls. What type of resource does the organization provide?

Framework

How well did you know this?

Not at all

Perfectly

Which of the following best describes what a nation-state actor is most likely to do if their attacks against a target are not successful?

Continue trying until successful.

How well did you know this?

Not at all

Perfectly

Which of the following can be included under the physical security controls umbrella? Select three.

Data leakage
Gel-based paint
Perimeter defenses

How well did you know this?

Not at all

Perfectly

Lamarr receives a text message indicating the password to his bank account has been changed but needs verification to commit the change. It includes a number to call and a link, both of which will lead to fraud if Lamarr follows through with the instructions. This is an example of what type of attack?

Smishing

How well did you know this?

Not at all

Perfectly

Which of the following statements best describes the critical factor that allows cryptographic algorithms to be effective?

The key(s) used by algorithms must be securely guarded.

How well did you know this?

Not at all

Perfectly

Johnny develops an app to encrypt short messages. He runs the encryption program, but it is designed to deliberately introduce a 5- to 15-second delay before encryption begins. What type of data is Johnny about to encrypt?

Plaintext

How well did you know this?

Not at all

Perfectly

A key was revoked before it expired. Xan takes the revoked key out of the revocation state and reactivates it to extract and decrypt old messages from an email archival system. What is this type of key reactivation called?

A revoked key cannot be reinstated.

How well did you know this?

Not at all

Perfectly

Which of the following is a true statement regarding the indicated block cipher mode? Select two.

GCM computes a MAC to ensure the message was not tampered with during transmission.

CBC uses the output of a round of encryption as input for the next round.

How well did you know this?

Not at all

Perfectly

A company determines that some of their computers are using specially coded attack commands that have been posted on certain social media sites. Every single one of the infected computers is considered a ________.

zombie

How well did you know this?

Not at all

Perfectly

Pamela installed a program that scanned the internet for coupons. A week later her bank account was hacked. How was Pamela’s bank account most likely compromised?

She installed a computer Trojan.

How well did you know this?

Not at all

Perfectly

For security reasons, an app has the restriction that it can only be used within a one-kilometer radius of a secure facility. What is being used to enforce this restriction?

Geofencing

How well did you know this?

Not at all

Perfectly

Kaven, an app developer, works for an organization that requires the implementation of dead code. Why would the organization have such a policy? Select two.

To provide an unnecessary attack vector for attackers.
Because it is one of the secure coding techniques the organization uses.

How well did you know this?

Not at all

Perfectly

A group of threat actors has a strong aversion to certain political ideologies. They launch a cyberattack against the organization to which its perceived adversarial counterpart belongs. This type of threat actor could most appropriately be classified under what category?

Hacktivist

Evin thinks one of the computer systems where he works may have been compromised. He does not currently have a good way of determining if an unauthorized user logged in successfully. Which of the following can Evin implement that will, going forward, help him identify who logs in?

Accounting

An intruder breaks into a large storehouse. An ultrasonic sensor triggers the alarm one-quarter of a second after detecting the intruder. About how far was the intruder when the alarm was sounded?

43 meters

Which of the following most accurately describes the similarities and/or differences between spear phishing and whaling? Select two.

Whaling targets wealthy individuals and senior executives in a business. Spear phishing uses customized information to target specific users.

Which of the following statements correctly describes the differences or similarities between a stream cipher and a block cipher? Select two.

Stream ciphers are less secure. Block ciphers reset after each iteration.

Which of the following statements best describes the critical factor that allows cryptographic algorithms to be effective?

The key(s) used by algorithms must be securely guarded.

Which of the following represents valid methods of establishing whether a certificate has been revoked? Select two.

Using the OCSP Harvesting revoked certificates and pushing them to the user's browser

Part of your responsibilities include maintaining the root CA as well as the intermediate CAs for a large organization. What should you do to ensure the security of the root CA?

Keep it powered down until you need to issue or reissue certificates.

Which of the following best describes the risks of installing bloatware that is not harmful and does not contain malware? Select two

The bundle may contain an unpatched application. It may inject advertising that interferes with web browsing.

You are serving as a contractor at a company to help harden endpoints. Which of the following could you implement to help achieve the goal? Select two.

Use a patch management system. Use an application allow list.

A threat actor uses an unpatched application to launch a specific executable file that has a vulnerability. The attacker uses the vulnerability in the executable as a means to make changes to the Microsoft Windows registry keys. What type of attack is the threat actor engaging in? Select two.

System tampering Process spawning control

Horacio is on a space team developing a RTOS for a mission-critical device that may be exposed to radiation. Which of the following best describes ways in which the team can improve the functionality and security of the RTOS? Select two.

Implement hardware monitoring. Implement OS self-inspection.

Chafik works at Company A. He apparently receives an email from Jon Dough of the purchasing department. The email includes a link along with a request to fill out a survey because they want to improve the procurement process. The from field in the email reads as follows: From: Jon Dough Which of the following statements is true? Select two.

This is an example of a potential phishing attack. The recipient is potentially more likely to click on the link because a reason was supplied.

Which of the following statements best describes how a Faraday cage prevents data leakage?

It is used to prevent EMI from escaping the enclosure.

Rico sends a message to Lola. However, based on how the message was sent, Lola cannot verify it was sent from Rico, but she can verify it has not been altered. What could Rico have done that would have enabled Lola to verify the sender? Select two.

Generate a digest and encrypt it with his private key. Generate a digital signature and attach it to the message.

Which of the following statements best describes a challenge, if any, associated with securing low-powered devices with very fast response times?

Cryptographic algorithms require a lot of time and energy.

You want to open an account with an online bank that is paying five percent interest because other banks are only paying two percent. You open a browser and go to bankofutopi.com but get a little suspicious. What can you do to help determine if this is a trusted site?

Check the digital certificate.

As a security compliance specialist, you are asked to produce CP and CPS documents. Which of the following statements most accurately defines these two types of documents? Select three.

A CPS can be referenced in the OID of a digital certificate. A CP is a set of rules that govern the operation of a PKI. A CPS is a more technical document than a CP.

Anita is visiting a client when she discovers an app that was internally developed is missing from her mobile device. She contacts the home office, and they install the app remotely. What tool most likely provided this capability?

MAM

Excel is watching a game with friends in a public forum. He is an avid fan and enjoys debating how his favorite player happens to be the best player in the league. Shortly after the game he receives a message on his mobile device with a link purporting to be advertising T-shirts and other merchandise with his favorite player. What may have caused this to happen?

Malware on his phone was engaged in unauthorized recording.

Which of the following accurately describes the differences or similarities between mainstream attack surfaces and specialized threat vectors? Select three.

One targets client-based software, the other targets supply chain components. An imposter calling the elderly is exploiting a specialized threat vector. Both are targeted with the same degree of frequency.

What type of security buffer are you most likely to encounter at a high-security data center that enforces restricted access and requires a security clearance to gain entry.

Access control vestibule

Daichi works on a project team that is designing a storage system with immutable archiving capabilities. Once data is archived, it uses cryptography to verify the data has not been changed. Which security protection is the system designed to enforce?

Integrity

After a recent breach in your industry, you are asked to ensure the databases your company uses are encrypted. They also request performance degradation be kept to a minimum. Which database encryption method are you most likely to implement?

File-level encryption

An employee was expected to return to work after a three-month leave due to personal issues. However, because of additional issues, the leave has been extended by nine months. What is a possible action the company could take regarding the employee's digital certificate? Select two.

Revoke it Suspend it

Which of the following statements are true regarding an IoA or can be an example of an IoA? Select three.

An IoA is a sign an attack is currently in progress. A user checks email while in Europe and downloads a file as if in Australia within 6 minutes. A user is not able to log into their account a day before their password expires

As part of your software test engineering role at a corporation, you need to set up a system that generates random input to trigger events such as exceptions, memory corruption, and other security breaches. Which of the following will you deploy? Select two.

Dynamic code analysis Fuzzing process

At a software development company, team Alpha is responsible for static code analysis while team Beta is responsible for dynamic code analysis. Which of the following statements accurately describes the differences or similarities relative to how the teams conduct their analysis? Select two.

Static code analysis may include actively examining each line of code visually. Dynamic code analysis is performed while the code is running.

You receive a text message indicating your online bank account is locked until you supply the needed credentials via a link included in the message. What type of threat vector is the attacker trying to exploit? Select three.

SMS Communications Specialized

A criminal organization has decided to leave their traditional ways and pursue cyberattacks as their new mode of operation. Why would they do this?

Easier to hide their tracks

Karlo installs an alarm system that is capable of emitting and detecting a signal in the light spectrum. The capability serves the purpose of detecting motion and how close an object is in a limited space. Which of the following best describes the type of signal the emitter can transmit?

Infrared

A large medical records archiving company adopts the slogan "Health Information Protected Against Attackers" to try to convey medical records are secure. If the organization suffers a significant data breach, who must they notify?

DHHS

Salvadori wants to send a message halfway around the world via email. He would like to convey the hash corresponding to the message over the phone to the recipient. Which of the following hash algorithms should Salvadori use? Select three.

SHA-2 Whirlpool RipeMD

You need to explain to the CEO of a company the differences between symmetric and asymmetric cryptographic algorithms. Which one of the following statements are you most likely to convey?

ECC is among the better asymmetric cryptographic algorithms.

Which of the following represents attributes, or attribute examples, that an X.509 digital certificate must include? Select three.

Encryption keys IP address of end device www.mysite.com

A malicious actor modifies the return address in an application to execute the code in the malware they injected into memory. What type of attack is this?

Buffer overflow

Which of the following statements best describes a TOCTTOU race condition?

When one thread overwrites the data created by another thread.

You work at a very large water treatment facility. Which of the following best describes systems you should secure and harden to help minimize any potential downtime? Select two.

SCADA systems ICS systems

Identify the differences or similarities between the Raspberry Pi and the Arduino. Select three.

ICs on the Raspberry Pi and Arduino are not user programmable. The Raspberry Pi has more processing power than the Arduino. The Arduino is designed as a controller for other devices.

What would motivate organized crime actors to add cyberattacks to their portfolio of malicious activities?

Increased financial gain

A fifth-grade teacher shows the class a message encrypted using ROT13. After explaining how it works, the teacher challenges them to decrypt the message, which they easily accomplish. The teacher then repeats the process with the XOR cipher. Which of the following statements is true? Select two.

XOR requires some type of key. Both methods use substitution.

Alpha and Beta are having a conversation in English. Gamma, who is a gifted conversationalist and tends to monopolize conversations, approaches Alpha and Beta. As soon as Alpha and Beta see Gamma, they start speaking in Spanish, but Gamma does not understand. What did Alpha and Beta just do?

They employed a form of encryption.

A web server is establishing a secure cryptographic connection in response to a client request. In the process, session keys will be created. Which of the following statements is true regarding session keys?

They are symmetric keys used to encrypt and decrypt traffic between a browser and web server.

Which of the following represents an improvement made to the current version of TLS outlined in this module? Select two.

Encrypts handshake messages after the ServerHello exchange. Uses Perfect Forward Secrecy for public key-based key exchange.

On December 15, a small company starts transitioning to a new accounting package during their holiday break. Suddenly, on January 2, when employees return to work at 9:00 a.m., all computers in the accounting department repeatedly shut down within 15 minutes of being powered up. What type of malware is likely to have infected the computers?

Logic bomb

An attacker captures traffic with the intention of impersonating a legitimate user. In what type of attack is the malicious actor engaging?

Replay attack

A parent, who is a small business owner, takes their child on a business trip. The child uses the parent's phone during the flight. Unfortunately, the child leaves the phone on the plane, but the parent realizes it after it is too late to retrieve it. What kind of security could have prevented this type of vulnerability?

Physical security

A friend gets a virus and asks if you can help them fix the problem. You boot the computer with a bootable flash drive containing security-related tools and remove the virus. What type of control did you employ?

Corrective

Duante needs to research the behavior of attackers as well as how they coordinate their attacks. Where is Duante most likely to look for this type of information?

TTP database

A large complex is being constructed on a restricted site. They require a very high-speed, low maintenance (from a physical perspective) classified network. What type of PDS should they install?

Alarmed carrier PDS

An employee tries to mask his identity by programmatically changing the From field to "a-nony-mouse" in an email. He uses periodic intervals to send the email to the entire company promoting a product he is selling online. An investigation reveals who sent the message. What capability of cryptography was used to confirm the sender's identity?

Nonrepudiation

Which of the following statements best describes the benefits of cryptography? Select two.

It is a mitigation technique. It is a hardening technique.

What type of information are you most likely to find in a digital signature and/or in a digital certificate? Select two.

A digital certificate can contain a postal address. A digital certificate contains a digital signature.

A company is developing an online app that will require users to sign in using their email and a password. What should the company do to prevent SQLi attacks?

Filter inputs

Spiro is doing research on HIDS, HIPS, and EDRs in his quest to implement a stronger security posture in a small company that was recently awarded a government contract. Which of the following statements are true regarding the technologies he is researching? Select two.

A HIPS attempts to block a malicious attack. EDR tools perform analytics that identify patterns and detect anomalies.

Which of the following statements best describe why it is beneficial to use a RTOS in a SoC?

A RTOS can handle very large amounts of data very quickly.

midterm Flashcards

(80 cards)