General security concepts
When referencing the CIA Triad which component is related to data that is stored and transferred as intended and any modification is authorized?
Integrity
Which statement is true about Insider Threats?
a. The motive is always just revenge.
b. They may have a lot of access.
c. The financial resources are high.
d. They are technically skilled.
b. They may have a lot of access.
A doctor is updating a patient account based on test results. What type of data classification is this?
a. PII
b. PCI/DSS
c. PHI
d. HIPAA
c. PHI
Which of the following is the 4th step of the Incident Response Process?
a. Recovery
b. Detection
c. Containment
d. Eradication
c. Containment
Your organization is hosting a security awareness and training program. What considerations needed to be taken into account?
a. Not every user requires the same level of training.
b. Using computer-based training is the only successful type of security training.
c. The program training frequency is ideally done annually or semi-annually.
d. The policies on security gets updated during the training program.
a. Not every user requires the same level of training.
The company is rolling out new updates in the policies and procedures for their information security. What type of security control best describes this scenario?
a. Deterrent
b. Corrective
c. Compensating
d. Directive
d. Directive
Explain the difference between Impersonation and Pretexting, as well as what they are examples of.
Impersonation is pretending to be someone else, while Pretexting is making up a reason to approach someone.
What cloud computing deployment option is best to have for a single platform that has multiple elements from different providers?
a. Private cloud
b. Hybrid cloud
c. Public cloud
d. Community cloud
b. Hybrid cloud
From analyzing the results of a vulnerability scan, the scanner reported that a vulnerability was not present when it actually was. What type of error is this?
a. False negative
b. True positive
c. False positive
d. True negative
a. False negative
A company has decided to invest in cybersecurity insurance. Which risk management strategy is being used?
a. Avoid
b. Transfer
c. Accept
d. Mitigate
b. Transfer
Which type of technical change management allows someone to revert information to a previous setting?
a. Version control
b. Allow list
c. Backout plan
d. Standard operating procedure
a. Version control
A Birthday Attack is an example of…
a. Password attack
b. Bloatware
c. On-Path attack
d. Cryptographic attack
d. Cryptographic attack
If an organization wants to observe attack tools and techniques, as well as patterns of behaviors, what can be set up to view and document these attacks without using the actual network used by the organization?
Honeynet
Which mobile device deployment/management model type provides greater risk for an organization?
a. CYOD
b. BYOD
c. COPE
d. COBO
b. BYOD
An organization wants to ensure that they are still making efforts to maintain the security compliance policies that were implemented. What concept are they trying to uphold?
a. Due diligence
b. Acknowledgement
c. Due care
d. External monitoring
c. Due care
Which is not an example of Data Obfuscation?
a. Tokenization
b. Compression
c. Hashing
d. Masking
b. Compression
Which term is not related to Race Conditions?
a. Time-of-Use
b. Target of Evaluation
c. Target of System
d. Time-of-Check
c. Target of System
Which form of exercise is not a type of testing for resilience and recovery?
a. Tabletop exercises
b. Parallel processing exercises
c. Failover exercises
d. Site security exercises
d. Site security exercises
Why would an organization want to retain instead of decommission a system or device?
a. They want to practice enumeration.
b. It may lead to data exposure.
c. They want to identify security gaps from legacy systems.
d. It may be for legal or business purposes.
d. It may be for legal or business purposes.
This institution has a series of standards on cybersecurity best practices.
ISO (International Organization for Standardization)
Which is not a certificate attribute for Digital Certificates that conform to X.509?
a. Validity period
b. Common Name (CN)
c. Wildcard
d. Serial number
c. Wildcard
How would a network administrator prevent threat actors from moving between devices in an internal network in the case that one device is compromised?
a. Segmentation
b. Root Cause Analysis
c. Decommissioning
d. Blacklisting
a. Segmentation
If we choose to distribute traffic to various online systems simultaneously without overloading a single node, what type of design is being used?
a. Active/active load balancing
b. Zero Trust
c. Proxy servers
d. Active/passive load balancing
a. Active/active load balancing
Which of the following BEST describes the primary difference between an Endpoint Detection and Response (EDR) system and a Data Loss Prevention (DLP) solution?
a. EDR prevents users from copying files to USB drives, while DLP monitors endpoints for malware infections.
b. EDR focuses on detecting and responding to malicious activity on endpoints, while DLP focuses on preventing sensitive data from leaving the organization.
c. EDR encrypts data in transit, while DLP encrypts data at rest.
d. EDR scans emails for confidential data, while DLP isolates infected hosts from the network.
b. EDR focuses on detecting and responding to malicious activity on endpoints, while DLP focuses on preventing sensitive data from leaving the organization.
An organization has reached out to a vendor and they are now documenting about the vendor relationship in order to avoid miscommunications. What type of vendor agreement is this?
a. MSA
b. MOA
c. BPA
d. MOU
d. MOU