Cybersecurity Final

What does a router use to protect a network from attacks & to control which types of communications allowed on a network

Access control list

Which of the following BEST describes a rogue access point attack

A hacker installing an unauthorized access point within a company.

Which Wi-Fi attack uses a rogue access point configured with the same SSID as the organization's SSID

Evil twin

Which set of tools is often used to intercept the four-way handshake

aircrack-ng

You configure switches to shut down a port after it was accessed by unauthorized user. Type of attack are you preventing

Sniffing

Which of the following describes a credential stuffing attack

A hacker tries a list of credentials on multiple sites.

A password spraying attack is MOST like which of the following attack types

A brute force attack

Your co. had a problem with users getting hacked although you establish strong password policies. What's the next step

Implement two or more methods of authentication.

Which tools can you use to prevent data exfiltration by identifying and blocking the transfer of sensitive information

DLP

Which security control layer involves putting in place policies that comply with industry standards, such as OWASP

Application

Types of cyberattacks include a legitimate-looking embedded link to a malicious site in an email claim to be legitimate

Phishing

The DKIM tool can provide security for your company's emails because it contains which of the following

A digital signature

Which of the following can contain a wealth of information that can be used to determine the authenticity of an email

Header block

Web server receives a large no. of HTTP requests causing it to repeatedly load a webpage. What DDoS attack method is it

Application layer DDoS

Which ICS components allows an operator in a manufacturing plant to make configuration changes in the ICS system

HMI

Which of the following is used to monitor and control PLC systems

SCADA

Which of the following BEST describes the components of an ICS network

Operational technology

Which of the following handles the workflow and automation processes for all sorts of machinery

ICS

Which of the following is a good way to prevent privilege escalation attacks

Limit privileges.

A user enters a password & is prompted to enter a security code that's sent to his mobile device. This is an example of

Multi-factor authentication

What following malware analysis techniques identifies unique malware programs by generating a hash for that program

Fingerprinting

Mary has been receiving text messages that contain links to malicious websites. Which type of attack is Mary a victim of

SMiShing

Which of the mobile security concerns is characterized by malicious code that specifically targets mobile devices

Malicious Websites

Which of the following BEST describes a beaconing intrusion

A command issued to a botnet pool to verify that a bot is still alive

Fictitious scenario to persuade someone to perform an action or give info. they aren't authorized to share is called

Pretexting

Watermelons cost $6.99 today only! Which of the following commands would you use to make sure the text is displayed

echo "Watermelons cost $6.99 today only!"

Which of the following works together calling on each other, passing data to each other, & returning values in a program

Function

Which of the following BEST describes a SIEM system

Is sold as a software application or as a stand-alone security appliance

Which is a SIEM collection tool that's used to search and analyze large collections of data in multiple formats

Splunk

Where can you find a quick overview of your monitored system's current state

Dashboard

What is the philosophy behind DevSecOps

Everyone on the development team should be responsible for security.

Which of the following BEST describes how using scripts is different from running regular code

Scripts are usually interpreted instead of compiled.

Which of the following is the EDR-Endpoint Detection and Response component where data collected is stored and analyzed

Centralized security monitoring platform

Which type of IoC are pop-up windows and unusual error messages

Unexpected output

A security analyst has identified a critical vulnerability in the company's web server. The analyst

Mean time to respond

Which is the science of gathering and analyzing digital data in relation to a computer crime or cyber attack

Digital forensics

How can a legal hold be helpful in digital forensics

It protects data from being altered.

As a security analyst, you are monitoring a company's threat feed. Which should you look for as part of your analysis

IP addresses that might be malicious.

Mobile device attacks is devastating to devices & data stored on it. What attacks allow attackers to steal data or money

Agent Smith

Which tools can you use on a Linux host device to determine if any abnormal activity is occurring w/the device processor

top command

Which attacks send fragmented packets exceeding 65,535 bytes & cause a buffer overflow & system crash when reassembled

Ping of death attack

Which of the following MOST accurately describes the hardening process for a device

Process of putting an OS or application in a secure configuration

Beaconing intrusion communication channels (BICC) using commands that are usually embedded into request or response

Domain Name System (DNS)

BICC attack mitigated by intercepting & decrypting traffic at the edge of a network, forwarding only legitimate traffic

HTTP and HTTPS

A sec. analyst investigates a server issue where memory utilization is consistently high. What's MOST likely the cause

Memory leaks