Cryptography & VPNs
Which data type is protected through the use of an IPsec VPN?
Data in transit.
What type of malware attack uses unsafe websites and suspicious emails to entice users to give away personal information?
Phishing
If the IT team discovers employees are visiting inappropriate websites, which security policy governs user behavior and should be addressed first?
Acceptable Use Policy
In the security onion analogy for defense-in-depth, what does the outer layer of the onion represent?
The firewall as the first line of defense
What procedure should be strictly avoided by first responders in a digital forensics investigation?
Rebooting the affected system
Which of the following wireless protocols utilize the Advanced Encryption Standard (AES)?
WPA2 and WPA.
What type of attack disrupts services by overwhelming network devices with bogus traffic?
DDoS (Distributed Denial of Service)
If a company requires employees to report any observed or suspected security issues, which control type has been implemented?
Administrative controls
What tool is used to intentionally lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack?
Honeypot
When making copies of data from a compromised machine, what must be done to ensure it is an exact duplicate?
Perform a cyclic redundancy check using a checksum or hashing algorithm
What is a primary difference between symmetric and asymmetric encryption algorithms?
Symmetric encryption algorithms use pre-shared keys while asymmetric algorithms use different keys to encrypt and decrypt data.
What technology would be an appropriate solution to generate alerts on malware that has made it through the network perimeter?
Host intrusion detection system (HIDS)
An administrator with top security clearance finds they cannot access certain confidential documents. What security concept is at play?
The principle of least privilege
Which tool is integrated into the Security Onion platform and displays full packet captures for analysis?
Wireshark
What is the simplest type of exercise used for training employees and testing an organization’s disaster recovery plan?
A tabletop exercise
What is a major drawback of using a single-root PKI topology?
It is difficult to scale to a large environment.
Which open-source malware analysis tool can run locally on a network to analyze malware samples?
Cuckoo Sandbox
Which control type should an organization use to bring a system back to its normal state after an event?
Corrective controls
In a small business wireless router configuration, how can an internal server be made accessible by outside hosts while keeping traffic isolated?
By configuring a DMZ Host
In which phase of the NIST Incident Response Life Cycle are the tools and assets required to investigate incidents acquired and deployed?
Preparation
What vital function does the Diffie-Hellman algorithm provide to IPsec VPNs?
It allows two parties to establish a shared secret key over an unsecured channel.
Which type of DNS attack involves a threat actor creating multiple bogus sub-domains under a legitimate parent domain?
DNS Domain Shadowing attacks
A consulting company is helping an organization address specific operational conditions that require detailed directions. Which type of cybersecurity policy are they developing?
Issue specific policy
When configuring a zone-pair between a private and public security zone on a router, what must be entered to specify which traffic is allowed across the zones?
A service policy-map
What are three key actions taken during the Detection & Analysis phase of the NIST Incident Response Life Cycle?
Determining the type/extent of the incident, performing initial analysis on the incident's scope/origin, and notifying appropriate stakeholders