Module 2 - Securing Networks

Question 1

Which organization provides an interactive global map that shows live network attacks based on its deployed security products?

Answer 1

Kaspersky

Question 2

Which Cisco team is tasked with investigating and mitigating vulnerabilities in Cisco products?

Answer 2

Cisco Product Security Incident Response Team (PSIRT)

Question 2

Which Cisco group provides threat intelligence to defend customers and protect digital assets?

Answer 2

Cisco Talos intelligence group

Question 2

Which type of network attack occurs when a system can no longer support requests from legitimate users due to overload or interruption?

Answer 2

A DoS attack (Denial of Service).

Question 2

What term describes the path a threat actor uses to gain access to a server, host, or network?

Answer 2

An Attack Vector

Question 3

Why are internal threats potentially more damaging than external threats?

Answer 3

Internal threats are potentially more damaging because internal users have direct access to infrastructure and data

Question 3

Which type of threat may involve actions like disconnecting critical network connections or copying data to external media?

Answer 3

An internal threat

Question 3

What is considered one of an organization’s most valuable assets that must be protected from exfiltration?

Answer 3

Data

Question 4

What kind of threat can result from a user inserting an infected USB drive into a corporate system?

Answer 4

An Internal threat

Question 4

What term refers to the unauthorized theft, loss, or leakage of sensitive organizational data?

Answer 4

Data loss or data exfiltration

Question 5

What controls must organizations implement to prevent data loss and protect sensitive information?

Answer 5

DLP (Data Loss Prevention) controls.

Question 5

Which aspect of device security is crucial in preventing data loss from stolen hardware?

Answer 5

Encryption of the stored data

Question 6

What is the first line of defense against unauthorized access to sensitive data?

Answer 6

Strong and secure passwords

Question 6

Which concept refers to a potential danger to an organization’s asset, such as data or its network infrastructure?

Answer 6

A Threat - {a possible event or actor that may cause harm by targeting valuable assets like data, servers, or devices.}

Question 7

Which term describes a flaw or weakness in a system’s design or configuration that could be used by a threat to gain unauthorized access or control?

Answer 7

A Vulnerability -{it represents a weak point in the system that a threat actor can exploit.}

Question 8

Which concept represents the combined total of all vulnerabilities in a system that are exposed and accessible to an attacker?

Answer 8

The Attack Surface - {this includes every potential entry and exit point in a system, such as unpatched software or exposed services.}

Question 8

Which term defines the probability that a threat will successfully exploit a vulnerability and cause harm to an asset?

Answer 8

Risk -{it measures the likelihood and impact of a threat actor exploiting a specific weakness.}

Question 8

Which type of exploit allows an attacker to compromise a system over a network without needing prior access to it?

Answer 8

A remote exploit -{ it does not require the attacker to have an account or direct access to the target system.}

Question 9

Which term refers to the tool, method, or technique used to take advantage of a vulnerability in order to compromise a system?

Answer 9

An Exploit - {it is the actual mechanism or process that makes use of a vulnerability to harm or gain unauthorized control.}

Question 9

Which type of hacker uses their programming knowledge for ethical and legal purposes, such as performing penetration tests and reporting security flaws to developers?

Answer 9

White hat hackers

Question 9

Which type of exploit is used when the attacker already has user or administrative access on the target system?

Answer 9

A local exploit -{this involves leveraging a vulnerability from within the system, without necessarily needing physical access.}

Question 10

Which strategy eliminates an activity or asset entirely to prevent any exposure to associated risks, even if it means losing its benefits?

Answer 10

Risk Avoidance -{this method removes the source of the risk by stopping the activity that causes it.}

Question 10

Which risk management strategy involves taking no action because the cost of protection is greater than the cost of the potential risk?

Answer 10

Risk acceptance -{this strategy accepts the risk as-is without applying mitigation due to cost inefficiency}

Question 10

Which risk management approach involves minimizing the likelihood or consequences of a risk by taking protective actions, and is considered the most commonly used method?

Answer 10

Risk Reduction -{this involves applying cost-effective actions that lower either the impact or likelihood of the risk.}

Question 10

Which method of managing risk involves assigning responsibility for some or all of the risk to another party, such as an insurance provider?

Answer 10

Risk Transfer -{this shifts financial or operational burden to a third party in case the risk occurs.}

Question 10

Which term refers to the set of actions taken to protect assets by reducing risk or mitigating specific threats?

Answer 10

Countermeasure -{these are protective measures designed to defend against identified risks.}

Question 11

Which term defines the extent of harm or disruption an organization could suffer due to a realized threat?

Answer 11

Impact -[potential consequences or severity of damage resulting from a threat.}

Question 11

Which process balances the costs of implementing protective measures with the value of securing assets and minimizing loss?

Answer 11

Risk management

Question 12

Which hacker type discovers and sometimes exploits network vulnerabilities without permission but typically informs the organization or discloses it publicly without seeking personal gain?

Answer 12

Gray hat hackers

Question 13

Which type of hacker violates network security for personal gain or malicious purposes, such as stealing data or disrupting systems?

Answer 13

Black hat hacker

Question 14

Which term is used throughout this course to describe individuals or groups that may fall under the grey or black hat category?

Answer 14

Threat actors

Question 14

Which early form of hacking involved mimicking telephone tones to manipulate phone systems and make free long-distance calls?

Answer 14

Phone freaking or Phreaking

Question 15

Which kind of hacker emerged in the 1990s and refers to unskilled individuals using pre-existing hacking tools or scripts, typically without understanding how they work?

Answer 15

Script kiddies

Question 15

Which term refers to the hacking method where programs were written to dial every number in an area to find accessible computers or devices over phone lines?

Answer 15

War dialing

Question 16

Which category of hacker is typically a grey hat who discovers vulnerabilities and reports them to vendors, sometimes for cash or recognition?

Answer 16

A vulnerability broker

Question 17

Which group of threat actors uses hacking as a form of political or social protest, often leaking sensitive data or performing DDoS attacks to make a statement?

Answer 17

Hacktivists

Question 18

Which black hat group may be self-employed or part of organized crime, typically motivated by financial gain through data theft or fraud?

Answer 18

Cybercriminals

Question 19

Which group conducts cyber operations to steal state secrets, gather intelligence, or sabotage foreign networks, often under government directive?

Answer 19

State-sponsored hackers

Question 19

Which type of hacker might receive bounties from organizations as a reward for responsibly disclosing vulnerabilities?

Answer 19

White hat hacker

Question 20

Which threat actor frequently targets both consumers and small businesses, in addition to attacking large enterprises?

Answer 20

Cybercriminals

Question 21

Which task involves verifying the credibility and reliability of companies that provide IT hardware and software services?

Answer 21

A Trustworthy IT vendor

Question 22

Which test simulates real-world attacks on a system or network to uncover vulnerabilities?

Answer 22

Penetration test

Question 23

Which protective measure involves creating secure copies of data on both remote servers and physical devices?

Answer 23

Backing up to the cloud and hard disk

Question 24

Which term refers to identifiable attributes such as IP addresses, filenames, and software changes that reveal a cyberattack has occurred?

Answer 24

IOCs (Indicators of Compromise)

Question 25

Which annual campaign every October is co-sponsored by CISA and NCSA to promote security awareness each October?

Answer 25

NCASM (National cybersecurity Awareness month)

Question 25

Which cybersecurity concept focuses on understanding the motivation and strategy of attackers rather than identifying specific signs of an attack?

Answer 25

IOAs (Indicators of Attack) -{ Focus on what the attacker is trying to do, not just what has already happened}

Question 25

Which sharing platform is used by the U.S. government to speed up threat mitigation by distributing verified IOCs to businesses?

Answer 25

AIS (Automated Indicator Sharing) - {operated by CISA to distribute threat data efficiently}

Question 26

Which CISA system allows near real-time exchange of verified threat information between the U.S. government and private sector?

Answer 26

AIS (Automated Indicator Sharing)

Question 26

Which agency leads U.S. efforts to automate threat information sharing between government and private organizations?

Answer 26

CISA (Cybersecurity Infrastructure Security Agency) -{responsible for coordinating threat sharing.}

Question 27

Which European agency provides cybersecurity solutions and advice for EU member states?

Answer 27

ENISA (European Union Agency for Cybersecurity) -{the EU counterpart to the U.S. CISA}