Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Cybersecurity > questions > Flashcards

questions Flashcards

1
Q

Chad is a security practitioner tasked with ensuring that the information on the organization’s public website is not changed by anyone outside the organization.

This task is an example of ensuring _________.

A
  • Integrity

Preventing unauthorized modification is the definition of integrity.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following is an example of a “Something you know” authentication factor?

A
  • Password
    A password is something the user knows and can present as an authentication factor to confirm an identity assertion.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is an example of a “Something you are” authentication factor?

A

A photograph of your face

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A system that collects transactional information and stores it in a record in order to show which users performed which actions is an example of providing ________.

A

Non-repudiation

Non-repudiation is the concept that users cannot deny they have performed transactions that they did, in fact, conduct. A system that keeps a record of user transactions provides non-repudiation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the European Union (EU) law that grants legal protections to individual human privacy?

A

The General Data Protection Regulation (GDPR)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

For which of the following systems would the security concept of availability probably be most important?

A

Medical systems that monitor patient condition in an intensive-care unit

Information that reflects patient condition is data that necessarily must be kept available in real time, because that data is directly linked to the patients’ well-being (and possibly their life). This is, by far, the most important of the options listed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

For which of the following assets is integrity probably the most important security aspect?

A

The file that contains passwords used to authenticate users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

In risk management concepts, a(n) _________ is something a security practitioner might need to protect.

A

Asset

An asset is anything with value, and a security practitioner may need to protect assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In risk management concepts, a(n) ___________ is something or someone that poses risk to an organization or asset.

A

Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Of the following, which would probably not be considered a threat?

A

A laptop with sensitive data on it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following probably poses the most risk?

A

A high-likelihood, high-impact event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Within the organization, who can identify risk?

A
  • Anyone
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Kerpak works in the security office of a medium-sized entertainment company. Kerpak is asked to assess a particular threat, and he suggests that the best way to counter this threat would be to purchase and implement a particular security solution.

This is an example of _______.

A
  • Mitigation (減少)

Applying a security solution (a type of control) is an example of mitigation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Sophia is visiting Las Vegas and decides to put a bet on a particular number on a roulette wheel.

This is an example of _________.

A

Acceptance

Sophia is accepting the risk that the money will be lost, even though the likelihood is high; Sophia has decided that the potential benefit (winning the bet), while low in likelihood, is worth the risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Phrenal is selling a used laptop in an online auction. Phrenal has estimated the value of the laptop to be $100, but has seen other laptops of similar type and quality sell for both more and less than that amount. Phrenal hopes that the laptop will sell for $100 or more, but is prepared to take less for it if nobody bids that amount.

This is an example of ___________.

A
  • Risk tolerance

Phrenal has decided there is an acceptable level of risk associated with the online sale of the laptop; this is within Phenol’s risk tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A software firewall is an application that runs on a device and prevents specific types of traffic from entering that device.

This is a type of ________ control.

A
  • Technical

A software firewall is a technical control because it is a part of the IT environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

At the airport, there are red lines painted on the ground next to the runway, which prohibits 禁止traffic from crossing it.

This is an example of a(n)______ control.

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A bollard is a post set securely in the ground in order to prevent a vehicle from entering an area or driving past a certain point.

Bollards are an example of ______ controls.

A

Physical

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Druna is a security practitioner tasked with ensuring that laptops are not stolen from the organization’s offices.

Which sort of security control would probably be best for this purpose?

A

Physical

Because laptops are tangible objects, and Druna is trying to ensure that these objects are not moved from a certain place, physical controls are probably best for the purpose.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Triffid Corporation has a policy that all employees must receive security awareness instruction before using email; the company wants to make employees aware of potential phishing attempts that the employees might receive via email.

What kind of control is this instruction?

A

Administrative

Both the policy and the instruction are administrative controls; rules and governance are administrative.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

ISC2 publishes a Common Body of Knowledge (CBK) that IT security practitioners should be familiar with; this is recognized throughout the industry as a set of material that is useful for practitioners to refer to.

Certifications can be issued for demonstrating expertise in this Common Body of Knowledge.

What kind of document is the Common Body of Knowledge?

A
  • Standard

The Common Body of Knowledge is used throughout the industry, recognized among many people, countries and organizations. This is a standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The city of Grampon wants to ensure that all of its citizens are protected from malware, so the city council creates a rule that anyone caught creating and launching malware within the city limits will receive a fine and go to jail.

What kind of rule is this?

A

Law

The city council is a governmental body making a legal mandate; this is a law.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The Triffid Corporation publishes a strategic overview of the company’s intent to secure all the data the company possesses. This document is signed by Triffid’s senior management.

What kind of document is this?

A

Policy

This is an internal, strategic document, and is therefore a policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Grampon municipal code requires that all companies that operate within city limits will have a set of processes to ensure employees are safe while working with hazardous 危險的 materials. Triffid Corporation creates a checklist of activities employees must follow while working with hazardous materials inside Grampon city limits.

The municipal code is a ______, and the Triffid checklist is a ________.

A

Law, procedure

The municipal code was created by a governmental body and is a legal mandate; this is a law. The Triffid checklist is a detailed set of actions which must be used by Triffid employees in specific circumstances; this is a procedure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
The Payment Card Industry (PCI) Council is a committee made up of representatives from major credit card providers (Visa, Mastercard, American Express) in the United States. The PCI Council issues rules that merchants must follow if the merchants choose to accept payment via credit card. These rules describe best practices for securing credit card processing technology, activities for securing credit card information, and how to protect customers' personal data. This set of rules is a _____.
Standard This set of rules is known as the Data Security Standard, and it is accepted throughout the industry.
26
Hoshi is an ISC2 member who works for the Triffid Corporation as a data manager. Triffid needs a new firewall solution, and Hoshi is asked to recommend a product for Triffid to acquire and implement. Hoshi's cousin works for a firewall vendor; that vendor happens to make the best firewall available. What should Hoshi do?
- Disclose the relationship, but recommend the vendor/product According to the third Canon of the ISC2 Code of Ethics, members are required to provide diligent and competent service to principals. Hoshi's principal here is Triffid, Hoshi's employer. It would be inappropriate for Hoshi to select the cousin's product solely based upon the family relationship; however, if the cousin's product is, in fact, the best choice for Triffid, then Hoshi should recommend that product. In order to avoid any appearance of impropriety or favoritism, Hoshi needs to declare the relationship when making the recommendation.
27
Olaf is a member of ISC2 and a security analyst for Triffid Corporation. During an audit, Olaf is asked whether Triffid is currently following a particular security practice. Olaf knows that Triffid is not adhering to that standard in that particular situation, but that saying this to the auditors will reflect poorly on Triffid. What should Olaf do?
Tell the auditors the truth The ISC2 Code of Ethics requires that members act honorably, honestly, justly, responsibly, and also advance and protect the profession. Both requirements dictate that Olaf should tell the truth to the auditors. While the Code also says that Olaf should provide diligent and competent service to principals, and Olaf's principal is Triffid in this case, lying does not serve Triffid's best long-term interests, even if the truth has some negative impact in the short term.
28
Aphrodite is a member of ISC2 and a data analyst for Triffid Corporation. While Aphrodite is reviewing user log data, Aphrodite discovers that another Triffid employee is violating the acceptable use policy and watching streaming videos during work hours. What should Aphrodite do?
- Inform Triffid management Aphrodite is required by the ISC2 Code of Ethics to provide diligent and competent service to principals. This includes reporting policy violations to Triffid management (Triffid is the principal, in this case). A policy violation of this type is not a crime, so law enforcement does not need to be involved, and ISC2 has no authority over Triffid policy enforcement or employees.
29
Glena is an ISC2 member. Glena receives an email from a company offering a set of answers for an ISC2 certification exam. What should Glena do?
Inform ISC2
30
You are reviewing log data from a router; there is an entry that shows a user sent traffic through the router at 11:45 am, local time, yesterday. This is an example of a(n) _______.
Event An event is any observable occurrence within the IT environment.
31
An attacker outside the organization attempts to gain access to the organization’s internal files. This is an example of a(n) ______.
- Intrusion An intrusion is an attempt (successful or otherwise) to gain unauthorized access.
32
Who approves the incident response policy?
- The subject The organization's senior management are the only entities authorized to accept risk on behalf of the organization, and therefore all organizational policies must be approved by senior management.
33
Which of the following are not typically involved in incident detection?
Regulators Typically, regulators do not detect incidents, nor alert organizations to the existence of incidents
34
What is the goal of Business Continuity efforts?
Keep critical business functions operational Business Continuity efforts are about sustaining critical business functions during periods of potential interruption, such as emergencies, incidents, and disasters.
35
Which of the following is likely to be included in the business continuity plan?
Alternate work areas for personnel affected by a natural disaster The business continuity plan should include provisions for alternate work sites, if the primary site is affected by an interruption, such as a natural disaster.
36
What is the most important goal of a business continuity effort?
Preserve health and human safety
37
What is the overall objective of a disaster recovery (DR) effort?
Return to normal, full operations
38
What is the risk associated with resuming full normal operations too soon after a DR effort?
The danger posed by the disaster might still be present
39
What is the risk associated with delaying resumption of full normal operations after a disaster?
The impact of running alternate operations for extended periods Alternate operations are typically more costly than normal operations, in terms of impact to the organization; extended alternate operations could harm the organization as much as a disaster.
40
Gelbi is a Technical Support analyst for Triffid, Inc. Gelbi sometimes is required to install or remove software. Which of the following could be used to describe Gelbi's account?
Privileged A privileged account is an account that typically needs greater permissions than a basic user.
41
Guillermo logs onto a system and opens a document file. In this example, Guillermo is:
The subject
42
Which of the following is not an appropriate control to add to privileged accounts?
Security deposit 保證金
43
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation, what is the ACL?
- The rule The ACL, in this case, acts as the rule in the subject-object-rule relationship. It determines what Prachi is allowed to do, and what Prachi is not permitted to do.
44
Prachi works as a database administrator for Triffid, Inc. Prachi is allowed to add or delete users, but is not allowed to read or modify the data in the database itself. When Prachi logs onto the system, an access control list (ACL) checks to determine which permissions Prachi has. In this situation, what is Prachi?
The subject
45
Larry and Fern both work in the data center. In order to enter the data center to begin their workday, they must both present their own keys (which are different) to the key reader, before the door to the data center opens. Which security concept is being applied in this situation?
Dual control This is an example of dual control, where two people, each with distinct authentication factors, must be present to perform a function.
46
Which of the following is a biometric access control mechanism?
A door locked by a voiceprint identifier
47
All visitors to a secure facility should be _______.
Escorted陪同 In a secure facility, visitors should be escorted by an authorized person.
48
A human guard monitoring a hidden camera could be considered a ______ control.
Detective
49
All of the following are typically perceived as drawbacks to biometric systems, except:
Lack of accuracy Biometric systems can be extremely accurate, especially when compared with other types of access controls.
50
A _____ is a record of something that has occurred.
Log
51
Tekila works for a government agency. All data in the agency is assigned a particular sensitivity level, called a Classification. Every person in the agency is assigned a clearances' level, which determines the classification of data each person can access and is controlled at the system level. What is the access control model being implemented in Tekila's agency?
MAC (mandatory access control) Mandatory Access Control is implemented at a system administrator level and cannot be adjusted for discretionary reasons.
52
Which of the following would be considered a logical access control?
- A fingerprint reader that allows an employee to access a laptop computer Logical access controls limit who can gain user access to a device/system.
53
Trina and Doug both work at Triffid, Inc. Doug is having trouble logging into the network. Trina offers to log in for Doug, using Trina's credentials, so that Doug can get some work done. What is the problem with this?
- Anything either of them do will be attributed to Trina If two users are sharing one set of credentials, then the actions of both users will be attributed to that single account; the organization will be unable to discern exactly who performed which action, which can be troublesome if either user does something negligent or wrong.
54
Gary is unable to log in to the production environment. Gary tries three times and is then locked out of trying again for one hour. Why could this be?
Gray's actions look like an attack Repeated login attempts can resemble an attack on the network; attackers might try to log in to a user's account multiple times, using different credentials, in a short time period, in an attempt to determine the proper credentials.
55
Suvid works at Triffid, Inc. When Suvid attempts to log in to the production environment, a message appears stating that Suvid has to reset the password. What may have occurred to cause this?
Suvid's password has expired
56
Prina is a database manager. Prina is allowed to add new users to the database, remove current users, and create new usage functions for the users. Prina is not allowed to read the data in the fields of the database itself. This is an example of:
Role-based access controls (RBAC) Role-based access controls often function in this manner, where the employee's job responsibilities dictate exactly which kinds of access the employee has. This also enforces the concept of least privilege.
57
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that operational managers have the utmost personal choice in determining which employees get access to which systems/data. Which method should Handel select?
Discretionary自主的 access controls (DAC) DAC gives managers the most choice in determining which employees get access to which assets.
58
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees transferring from one department to another, getting promoted, or cross-training to new positions can get access to the different assets they'll need for their new positions, in the most efficient manner. Which method should Handel select?
Role-based access controls (RBAC) RBAC is the most efficient way to assign permissions to users based on their job duties.
59
Handel is a senior manager at Triffid, Inc., and is in charge of implementing a new access control scheme for the company. Handel wants to ensure that employees who are assigned to new positions in the company do not retain whatever access they had in their old positions. Which method should Handel select?
Role-based access controls (RBAC) RBAC can aid in reducing privilege creep, where employees who stay with the company for a long period of time might get excess permissions within the environment.
60
What term refers to the logical address of a device connected to the network or Internet?
Internet Protocol (IP) address
61
What type of device filters network traffic in order to enhance overall security/performance?
Firewall
62
What protocol should Barry use when he wants to upload a series of files to a web-based storage service?
SFTP (Secure File Transfer Protocol)
63
What type of device, typically accessed by multiple users and often intended for a single purpose, such as managing email or web pages, is referred to as?
Server A server typically offers a specific service, such as hosting web pages or managing email, and is often accessed by multiple users. Routers and switches are used to vector network traffic, not to provide specific services. A laptop is typically only assigned to a single user.
64
Carol is browsing the Web. Which of the following ports is she probably using?
80 Port 80 is used for HTTP traffic, and HTTP is a Web-browsing protocol.
65
Cyril wants to ensure all the devices on his company's internal IT environment are properly synchronized. Which of the following protocols would aid in this effort?
NTP (Network Time Protocol) FTP, SMTP and HTTP are incorrect; these do not serve the purpose of synchronization.
66
Ludwig is a security analyst at Triffid, Inc. Ludwig notices network traffic that might indicate an attack designed to affect the availability of the environment. Which of the following might be the attack Ludwig sees?
DDOS (distributed denial of service) DDOS is an availability attack, often typified by recognizable network traffic; either too much traffic to be processed normally, or malformed 變形的traffic.
67
Gary is an attacker. Gary is able to get access to the communication wire between Dauphine's machine and Linda's machine and can then surveil the traffic between the two when they're communicating. What kind of attack is this?
On-path
68
Bert wants to add a flashlight 手電筒capability to a smartphone. Bert searches the internet for a free flashlight app, and downloads it to the phone. The app allows Bert to use the phone as a flashlight, but also steals Berta's contacts list. What kind of app is this?
Trojan This is a textbook example of a Trojan horse application. Bert has intentionally downloaded the application with the intent to get a desired service, but the app also includes a hostile component Bert is unaware of.
69
Triffid, Inc., has many remote workers who use their own IT devices to process Triffid's information. The Triffid security team wants to deploy some sort of sensor on user devices in order to recognize and identify potential security issues. Which of the following is probably most appropriate for this specific purpose?
HIDS (host-based intrusion-detection systems) Host-based intrusion-detection systems are expressly designed for this purpose; each HIDS is installed on each endpoint machine.
70
Inbound traffic from an external source seems to indicate much higher rates of communication than normal, to the point where the internal systems might be overwhelmed征服. Which security solution can often identify and potentially counter this risk?
Firewall Firewalls can often identify hostile inbound traffic, and potentially counter it.
71
What tool aggregates合計 log data from multiple sources, typically analyzes it, and reports potential threats?
SIEM
72
What type of solution typically inspects outbound communications traffic to check for unauthorized exfiltration外洩 of sensitive/valuable information?
DLP (data loss prevention) DLP solutions typically inspect outbound communications traffic to check for unauthorized exfiltration of sensitive/valuable information.
73
What type of tool is utilized to monitor local devices with the aim of reducing potential threats from hostile software?
Anti-malware
74
Which of the following activities is usually part of the configuration management process, but is also extremely helpful in countering potential attacks?
Updating and patching systems Keeping systems up to date is typically part of both the configuration management process and enacting best security practices.
75
Which type of fire-suppression 制止system is typically the safest for humans?
Water
76
Which common cloud service model offers the customer the most control of the cloud environment?
Infrastructure as a service (IaaS) IaaS offers the customer the most control of the cloud environment, in terms of common cloud service models.
77
What is the section of the IT environment that is closest to the external world; where we locate IT systems that communicate with the Internet?
DMZ DMZ is what we often call this portion of the environment the demilitarized zone. VLAN is a way to segment portions of the internal network. MAC is the physical address of a given networked device. RBAC is an access control model.
78
An IoT (Internet of Things) device is typified by its effect on or use of the _____ environment.
Physical IoT devices typically have some interaction with the physical realm, either by having some physical effect (a vacuum cleaner, refrigerator, light) or by monitoring the physical environment itself (a camera, sensor, etc.).
79
What type of device is commonly advisable to have on the perimeter between two networks?
Firewall Firewalls are often useful to monitor/filter traffic between two networks.
80
Archiving is typically done when _________.
Data is not needed for regular work purposes
81
Every document owned by Triffid, Inc., whether hardcopy or electronic, has a clear, 24-point word at the top and bottom. Only three words can be used: “Sensitive”, “Proprietary”, and “Public”.
Labeling
82
Security needs to be provided to ____ data.
Illegal, Restricted and Private All data needs some form of security; even data that is not sensitive (such as data intended for public view) needs protection to ensure availability.
83
Data retention periods數據保留期 apply to ____ data.
All of the answers All data should have specific retention periods (even though retention periods may differ for various types of data).
84
When data has reached the end of the retention period, it should be _____.
Destroyed
85
Data _____ is data left behind on systems/media after normal deletion procedures have been attempted.
Remanence剩磁
86
Log data should be kept ______.
On a device other than where it was captured
87
Security controls on log data should reflect ________.
The sensitivity of the source device Log data should be protected with security as high, or higher, than the security level of the systems or devices that log was captured from.
88
Logs should be reviewed ______.
Continually
89
Dieter wants to send a message to Lupa and wants to be sure that Lupa knows the message has not been modified in transit. What technique/tool could Dieter use to assist in this effort?
Hashing Hashing is a means to provide an integrity check.
90
Triffid, Inc., wants to host streaming video files for the company's remote users, but wants to ensure the data is protected while it's streaming. Which of the following methods are probably best for this purpose?
Symmetric encryption Symmetric encryption offers confidentiality of data with the least amount of processing overhead, which makes it the preferred means of protecting streaming data.
91
______ is used to ensure that configuration management activities are effective and enforced.
Verification and audit Verification and audit are methods we use to review the IT environment to ensure that configuration management activities have taken place, and are achieving their intended purpose.
92
An organization must always be prepared to ______ when applying a patch.
Rollback
93
Why is the proper alignment of security policy and business goals within the organization important?
Security policy that conflicts with business goals can inhibit productivity
94
The organization should keep a copy of every signed Acceptable Use Policy (AUP) on file, and issue a copy to _______.
The user who signed it The AUP is an agreement between the user and the organization, so both parties need to keep a copy of it.
95
What is the most crucial 決定性的element of any security instruction program?
Preserve health and human safety
96
Which one of the following is a benefit of computer-based training (CBT)?
Scalable可擴增的 CBT is completely scalable, because it can be replicated uniformly for any number of users.
97
The output of a hashing algorithm is _____.
The same length Hashing algorithms create output of a fixed length.
98
Hashing is often used to provide _______.
Integrity
99
If two people want to use asymmetric communication to conduct a confidential conversation, how many keys do they need?
4 In asymmetric encryption, each party needs their own key pair (a public key and a private key) to engage in confidential communication.
100
Steve is a security practitioner assigned to come up with a protective measure for ensuring cars don't collide with pedestrians. What is probably the most effective type of control for this task?
Physical

Cybersecurity (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions