IT6205A-2113T - Introduction to Cybersecurity (Cisco)
|
Which statement
describes cybersecurity? |
It is
an ongoing effort to protect Internet-connected systems and the data
associated with those systems from unauthorized use or harm. |
|
What are two
objectives of ensuring data integrity? (Choose two.) |
Data is unaltered
during transit. Data is not changed by
unauthorized entities. |
|
A web server
administrator is configuring access settings to require users to authenticate
first before accessing certain web pages. Which requirement of information
security is addressed through the configuration? |
confidentiality |
|
A company is experiencing
overwhelming visits to a main web server. The IT department is developing a
plan to add a couple more web servers for load balancing and redundancy.
Which requirement of information security is addressed by implementing the
plan? |
availability |
|
True or False?An
employee does something as a company representative with the knowledge of
that company and this action is deemed illegal. The company would be legally
responsible for this action. |
true |
|
What is the main
purpose of cyberwarfare? |
to gain advantage over
adversaries |
|
When describing
malware, what is a difference between a virus and a worm? |
A virus replicates
itself by attaching to another file, whereas a worm can replicate itself
independently. |
|
What type of attack
uses zombies? |
DDoS |
|
The IT department
is reporting that a company web server is receiving an abnormally high number
of web page requests from different locations simultaneously. Which type of
security attack is occurring? |
DDoS |
|
What is the best
approach to prevent a compromised IoT device from maliciously accessing data
and devices on a local network? |
Place all IoT devices
that have access to the Internet on an isolated network. |
|
What is the best
method to avoid getting spyware on a machine? |
Install software only
from trusted websites. |
|
What are two
security implementations that use biometrics? (Choose two.) |
voice recognition fingerprint |
|
Which technology
creates a security token that allows a user to log in to a desired web
application using credentials from a social media website? |
Open Authorization |
|
A medical office
employee sends emails to patients about recent patient visits to the
facility. What information would put the privacy of the patients at risk if
it was included in the email? |
patient records |
|
Which two tools
used for incident detection can be used to detect anomalous behavior, to
detect command and control traffic, and to detect infected hosts? (Choose
two.) |
intrusion detection
system NetFlow |
|
For what purpose
would a network administrator use the Nmap tool? |
detection and
identification of open ports |
|
Which stage of the
kill chain used by attackers focuses on the identification and selection of
targets? |
reconnaissance |
|
What is an example
of the a Cyber Kill Chain? |
a planned process of
cyberattack |
|
What tool is used
to lure an attacker so that an administrator can capture, log, and analyze
the behavior of the attack? |
honeypot |
|
What is one main
function of the Cisco Security Incident Response Team? |
to ensure company,
system, and data preservation |
|
What action will an
IDS take upon detection of malicious traffic? |
create a network alert
and log the detection |
|
An employee is at a
restaurant with friends and describes an exciting new video game that is
under development at the company the employee works for. Is the behavior of
the employee ethical or unethical? |
unethical |
|
During a meeting
with the Marketing department, a representative from IT discusses features of
an upcoming product that will be released next year. |
ethical |
|
An employee points
out a design flaw in a new product to the department manager. |
ethical |
|
Alicia, a company
employee, has lost her corporate identification badge. She is in a hurry to
get to a meeting and does not have time to visit Human Resources to obtain a
temporary badge. You lend her your identification badge until she can obtain
a replacement. |
unethical |
|
An employee is laid
off after fifteen years with the same company. The employee is then hired by
another company within a week. In the new company, the employee shares
documents and ideas for products that the employee proposed at the original
company. |
unethical |
|
What three items
are components of the CIA triad? (Choose three.) |
availability confidentiality integrity |
|
What is another
name for confidentiality of information? |
privacy |
|
Which statement
describes cyberwarfare? |
It is Internet-based
conflict that involves the penetration of information systems of other
nations. |
|
What is an example
of “hacktivism”? |
A group of
environmentalists launch a denial of service attack against an oil company
that is responsible for a large oil spill. |
|
What is the motivation
of a white hat attacker? |
discovering weaknesses
of networks and systems to improve the security level of these systems |
|
Which method is
used to check the integrity of data? |
checksum |
|
Fill in the
blank.The individual user profile on a social network site is an example of
a/an _____ identity. |
online |
|
Match the type of
cyber attackers to the description. (Not all options are used.) |
|
|
gather intelligence
or commit sabotage on specific goals on behalf of their government |
state-sponsored
attackers |
|
make political
statements, or create fear, by causing physical or psychological damage to
victims |
terrorists |
|
make political
statements in order to create an awareness of issues that are important to
them |
hacktivists |
|
What are three
methods that can be used to ensure confidentiality of information? (Choose
three.) |
data encryption username ID and
password two factor
authentication |
|
What is a reason
that internal security threats might cause greater damage to an organization
than external security threats? |
Internal users have
direct access to the infrastructure devices. |
|
A user is surfing
the Internet using a laptop from a public WiFi cafe. What should be checked
first when the user connects to the public network? |
if the laptop requires
user authentication for file and media sharing |
|
How can users
working on a shared computer keep their personal browsing history hidden from
other workers that may use this computer? |
Operate the web
browser in private browser mode |
|
Which technology
removes direct equipment and maintenance costs from the user for data
backups? |
a cloud service |
|
Why do IoT devices
pose a greater risk than other computing devices on a network? |
Most IoT devices do
not receive frequent firmware updates. |
|
Which configuration
on a wireless router is not considered to be adequate security for a wireless
network? |
prevent the broadcast
of an SSID |
|
A network
administrator is conducting a training session to office staff on how to
create a strong and effective password. Which password would most likely take
the longest for a malicious user to guess or break? |
mk$$cittykat104# |
|
What is the best
method to prevent Bluetooth from being exploited? |
Always disable
Bluetooth when it is not actively used. |
|
A consumer would
like to print photographs stored on a cloud storage account using a third
party online printing service. After successfully logging into the cloud
account, the customer is automatically given access to the third party online
printing service. What allowed this automatic authentication to occur? |
The cloud storage
service is an approved application for the online printing service. |
|
How can a user
prevent others from eavesdropping on network traffic when operating a PC on a
public Wi-Fi hot spot? |
Connect with a VPN
service. |
|
As data is being
stored on a local hard disk, which method would secure the data from
unauthorized access? |
data encryption |
|
Which type of
technology can prevent malicious software from monitoring user activities,
collecting personal information, and producing unwanted pop-up ads on a user
computer? |
antispyware |
|
A user is having difficulty
remembering passwords for multiple online accounts. What is the best solution
for the user to try? |
Save the passwords in
a centralized password manager program. |
|
What is the purpose
of a rootkit? |
to gain privileged
access to a device while concealing itself |
|
Which example
illustrates how malware might be concealed? |
An email is sent to
the employees of an organization with an attachment that looks like an
antivirus update, but the attachment actually consists of spyware. |
|
What is the most
common goal of search engine optimization (SEO) poisoning? |
to increase web traffic
to malicious sites |
|
Which tool can
identify malicious traffic by comparing packet contents to known attack
signatures? |
IDS |
|
Fill in the blank.
_________ is a group of compromised or hacked computers (bots) controlled by
an individual with malicious intent. |
botnet |
|
Refer to the
exhibit. Rearrange the letters to fill in the blank The behavior-based
analysis involves using baseline information to detect _______ that
could indicate an attack. |
anomaly |
|
Which tool can
perform real-time traffic and port analysis, and can also detect port scans,
fingerprinting and buffer overflow attacks? |
Snort |
|
What is the last
stage of the Cyber Kill Chain framework? |
malicious action |
|
Fill in the blank.
Any device that controls or filters traffic going in or out of the network is
known as a ____ |
firewall |
|
What type of attack
disrupts services by overwhelming network devices with bogus traffic? |
DDoS |
|
Which protocol is
used by the Cisco Cyber threat Defense Solution to collect information about
the traffic that is traversing the network? |
NetFlow |
No comments:
Post a Comment