Threats, and Vulnerablilites
Architecture and Design
Implementation
Operations and Incident Response
Governance, Risk, and Compliance
Bonus
100

Which of the following types of attacks occurs when an attacker calls up people over the phone and attempts to trick them into providing their credit card information?

What is Vishing

100

Nicole's organization does not have the budget or staff to conduct 24/7 security monitoring of their network. To supplement her team, she contracts with a managed SOC service. Which of the following services or providers would be best suited for this role?

What is a MSSP(managed security service provider)

100

Your company just launched a new invoicing website for use by your five largest vendors. You are the cybersecurity analyst and have been receiving numerous phone calls that the webpage is timing out, and the website overall is performing slowly. You have noticed that the website received three million requests in just 24 hours, and the service has now become unavailable for use. What do you recommend should be implemented to restore and maintain the availability of the new invoicing system? What type of spam relies on text-based communication?

What is Whitelisting (By implementing whitelisting of the authorized IP addresses for the five largest vendors, they will be the only ones who will be able to access the webserver. )

100

An attacker has compromised a virtualized server. You are conducting forensic analysis as part of the recovery effort but found that the attacker deleted a virtual machine image as part of their malicious activity. Which of the following challenges do you now have to overcome as part of the recovery and remediation efforts?

The attack widely fragmented the image across the host file system ( Due to the deletion of the VM disk image, you will now have to conduct file carving or other data recovery techniques to recover and remediate the virtualized server.)

100

Which law requires that government agencies and other organizations that operate systems on behalf of government agencies to comply with security standards?

What is FISMA  (The Federal Information Security Management Act (FISMA) is a United States federal law that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats. )

100

Your company has decided to move all of its data into the cloud. Your company is small and has decided to purchase some on-demand cloud storage resources from a commercial provider (such as Google Drive) as its primary cloud storage solution. Which of the following types of clouds is your company using?

What is Public Cloud. (The public cloud is defined as computing services offered by third-party providers over the public internet, making them available to anyone who wants to use or purchase them. ) 

200

Which of the following types of attacks occurs when an attacker attempts to gain confidential information or login credentials by sending targeted emails to a specific set of recipients within an organization?

What is Spear phishing 

200

The practice of using a telephone system to manipulate users into disclosing confidential information is known as:

What are Proximity cards 

200

Which type of monitoring would utilize a network tap?

What is Passive ( Network taps are devices that allow a copy of network traffic to be captured for analysis. They conduct passive network monitoring and visibility without interfering with the network traffic itself.)

200

What represents a document that includes detailed information on when an incident was detected, how impactful the incident was, how it was remediated, the effectiveness of the incident response, and any identified gaps that might require improvement?

What is a Lessons learned report. ( The lessons learned report provides you with the details of the incident, its severity, the remediation method, and, most importantly, how effective your response was. Additionally, it provides recommendations for improvements in the future.)

200

Dion Training has a $15,000 server that has been crashing frequently. Over the past 12 months, the server has crashed 10 times, requiring the server to be rebooted in order to recover from the crash. Each time, this has resulted in a 5% loss of functionality or data. Based on this information, what is the Annual Loss Expectancy (ALE) for this server?

What is $7,500 .(The SLE is calculated by multiplying the Exposure Factor (EF) by the Asset Value (AV). Therefore, SLE = EF x AV, and ALE = SLE x ARO. )

200

Which of the following describes the security method that is used when a user enters their username and password only once and is gained access to multiple applications?

What is SSO. ( Single sign-on (SSO) is an authentication process that allows a user to access multiple applications with one set of login credentials. )

300

A cybersecurity analyst is reviewing the logs of a proxy server and saw the following URL, http://test.diontraining.com/../../../../etc/shadow. What type of attack has likely occurred?

What is Directory traversal 

300

Maria is trying to log in to her company's webmail and is asked to enter her username and password. Which type of authentication method is Maria using?

What is a Single-factor 

300

Dion Training has an open wireless network called "InstructorDemos" for its instructors to use during class, but they do not want any students connecting to this wireless network. The instructors need the "InstructorDemos" network to remain open since some of their IoT devices used during course demonstrations do not support encryption. Based on the requirements provided, which of the following configuration settings should you use to satisfy the instructor's requirements and prevent students from using the "InstructorDemos" network?

What is MAC filtering  (Since the instructors need to keep the wireless network open, the BEST option is to implement MAC filtering to prevent the students from connecting to the network while still keeping the network open. )

300

During which phase of the incident response process does an organization assemble an incident response toolkit?

What is Preparation . (During the preparation phase, the incident response team conducts training, prepares their incident response kits, and researches threats and intelligence. )

300

Which type of personnel control is being implemented if Kirsten must receive and inventory any items that her coworker, Bob, orders?

What is Separation of duties. ( Separation of duties is the concept of having more than one person required to complete a particular task to prevent fraud and error.)

300

You are working for a government contractor who requires all users to use a PIV device when sending digitally signed and encrypted emails. Which of the following physical security measures is being implemented?

What is a Smart card . ( A smart card is used in applications that need to protect personal information and/or deliver fast, secure transactions, such as transit fare payment cards, government, and corporate identification cards, documents such as electronic passports, visas, and financial payment cards. )

400

Which of the following attacks would most likely be used to create an inadvertent disclosure of information from an organization's database?

What is SQL injection 

400

 A situation in which an unauthorized person can view another user's display or keyboard to learn their password or other confidential information is referred to as:

  •  Spear phishing

  •  Tailgating

  •  Shoulder surfing

  •  Spoofing

400

Your company just installed a new webserver within your DMZ. You have been asked to open up the port for secure web browsing on the firewall. Which port should you set as open to allow users to access this new server?

What is Port 443 (Port 443 is used for HTTPS traffic. )

400

If you are unable to ping a target because you are receiving no response or a response that states the destination is unreachable, then ICMP may be disabled on the remote end. If you wanted to try to elicit a response from a host using TCP, what tool would you use?

What is Hping ( Hping is a handy little utility that assembles and sends custom ICMP, UDP, or TCP packets and then displays any replies.)

400

Following a root cause analysis of the unexpected failure of an edge router, a cybersecurity analyst discovered that the system administrator had purchased the device from an unauthorized reseller. The analyst suspects that the router may be a counterfeit device. Which of the following controls would have been most effective in preventing this issue?

What is Conduct secure supply chain management training. (: Anti-counterfeit training is part of the NIST 800-53r4 control set (SA-19(1)) and should be a mandatory part of your supply chain management training within your organization. )

400

Aymen is creating a procedure for the remediation of vulnerabilities discovered within his organization. He wants to ensure that any vendor patches are tested prior to deploying them into the production environment. What type of environment should his organization establish?

What is Staging . ( Staging environments can mimic the actual production environment, leading to a realistic test environment that minimizes the risk of failure during a push to the production environment. )

500

Dion Training has applied a new Group Policy to all student accounts that will lock out any account in which the student enters their password incorrectly 3 times in a row. Once the account is locked out, the student must wait 15 minutes before they can attempt to log in again. What type of attack is this mitigation strategy trying to prevent?  

What is Brute force attack

500

Which party in a federation provides services to members of the federation?

What is RP (Relying parties (RPs) provide services to members of a federation )

500

What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?

What is 802.1x 

500

Which of the following type of threats did the Stuxnet attack rely on to cross an airgap between a business and an industrial control system network?

What is Removable media 

600

You have been hired to perform a web application security test. During the test, you notice that the site is dynamic and, therefore, must be using a backend database. You decide you want to test to determine if the site is susceptible to a SQL injection. What is the first character that you should attempt to use in breaking a valid SQL request?

What is a Semicolon

600

Which of the following authentication mechanisms involves receiving a one-time use shared secret password, usually through a token-based key fob or smartphone app, that automatically expires after a short period of time (for example, 60 seconds)?

What is TOTP (Time-based One-time Password Algorithm) a refinement of the HOTP 

600

You have run finished running an nmap scan on a server are see the following output: -=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=- # nmap diontraining.com Starting Nmap ( http://nmap.org ) Nmap scan report for diontraining.com (64.13.134.52) Not shown: 996 filtered ports PORT STATE 22/tcp open 23/tcp open 53/tcp open 443/tcp open Nmap done: 1 IP address (1 host up) scanned in 2.56 seconds -=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=--=-=-=-=-=-=- Based on the output above, which of the following ports listed as open represents the most significant security vulnerability to your network?

What is Port 23 (Port 23 is used by telnet and is not considered secure because it sends all of its data in cleartext, including authentication data like usernames and passwords. As an analyst, you should recommend that telnet is disabled and blocked from use. )

600

Dion Training has just suffered a website defacement of its public-facing webserver. The CEO believes this act of vandalism may have been done by the company’s biggest competitor. The decision has been made to contact law enforcement, so evidence can be collected properly for use in a potential court case. Laura is a digital forensics investigator assigned to collect the evidence. She creates a bit-by-bit disk image of the web server’s hard drive as part of her evidence collection. Which technology should Laura use after creating the disk image to verify the data integrity of the copy matches that of the original web server’s hard disk?

What is SHA-256 ( SHA-256 is the Secure Hash Algorithm with a 256-bit length output. This is one of the most common hash algorithms in use and is employed in many applications and protocols. )

700

Keith wants to validate the application file that he downloaded from the vendor of the application. Which of the following should he compare against the file to verify the integrity of the downloaded application?

What is the MD5 or SHA1 hash digest of the file

700

Which of the following cryptographic algorithms is classified as asymmetric?

DES
Twofish
RC4
ECC


What is ECC  ( Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. )

800

Which of the following cryptographic algorithms is classified as asymmetric?

What is PGP ( Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. )