1.1

Question 1

Deterrent Control

Answer 1

Psychologically discourages an attacker from attempting an intrusion.

EX: Warning sign

Question 2

Preventive Control

Answer 2

Physically or logically restricts unauthorized access.

EX: Physical door lock or password.

Question 3

Detective Control

Answer 3

Identify and record any attempted or successful intrusion.

EX: Security Camear

Question 4

Corrective Control

Answer 4

Responds to and fixes an incident. Also prevent the reoccurrence of the incident.

EX: antivirus software

Question 5

Technical Security Control

Answer 5

Hardware or software mechanisms used to protect assets.

EX: Antivirus software, firewalls, intrusion detection systems

Question 6

Operational Security Control

Answer 6

Items preventing or detecting unauthorized access to physical spaces, systems and assets.

Question 7

Compensating controls

Answer 7

refer to measures put in place to mitigate the risk of a vulnerability when security teams cannot directly eliminate it or when direct remediation is not immediately possible, such as additional monitoring or enhanced encryption.

Question 8

Policy enforcement points

Answer 8

enforce decisions about whether to grant access to a requested resource or not.

Question 9

Non-repudiation

Answer 9

assures the origin and integrity of transmitted data, preventing entities from denying the validity of the data.

Question 10

Zero trust

Answer 10

security concept that recommends not trusting any entity inside or outside the organization by default. It does not assist in granting access based on roles.

Question 11

honeypot

Answer 11

allows security teams to monitor attacker activity and gather information about the attacker’s tactics and tools.

mimics real systems or applications as a decoy system.

Question 12

honeynet

Answer 12

uses a network of interconnected honeypots to simulate an entire network versus mimicking a system or application.

Question 13

honeyfile

Answer 13

uses fake files that appear to contain sensitive information. A honeyfile will detect attempts to access and steal data.

Question 14

honeytoken

Answer 14

contains false credentials, login credentials, or other data types that distract attackers, trigger alerts, and provide insight into attacker activity.

Question 15

Gap analysis

Answer 15

assesses the differences in performance between a company’s information systems or software applications to determine whether they meet requirements.

Question 16

Authorization models

Answer 16

dictate what resources a user or system can access within a system.

Question 17

AAA

Answer 17

Authentication, authorization, and accounting

Question 18

RBAC

Answer 18

Role-based access control (RBAC) is the role assigned to individual users within an enterprise.

Question 19

policy engine

Answer 19

includes subject and host identities and credentials, access control policies, up-to-date threat intelligence, behavioral analytics, and other results of host and network security scanning and monitoring.

Question 20

Adaptive identity

Answer 20

dynamically adjusting user access rights based on various factors, such as user behavior, to maintain security and mitigate risk.

Question 21

Authenticating systems

Answer 21

refers to the process of confirming the identity of a system to ensure it’s trustworthy

Question 22

Policy-driven access control

Answer 22

uses policies to control access to resources. It is crucial for maintaining security but does not directly address the dynamic adjustment of access rights.

Question 23

Authorization models

Answer 23

determine what resources a user or system can access within a system.

Question 24

control plane uses router tables to

Answer 24

determine which path the data packets should take through the network.

Question 25

data plane is the network part that carries

Answer 25

user data

Question 26

router

Answer 26

device that routes data packets based on their destination internet protocol (IP) address. However, the path of the data based on routing tables is the control plane

Question 27

switch

Answer 27

network device connecting various devices on a computer network. The role of determining the path of data based on routing tables falls under the control plane.

Question 28

Threat scope reduction

Answer 28

involves minimizing the possible attack vectors and surfaces. This process reduces the company’s exposure to potential threats.

Question 29

Standard Operating Procedures

Answer 29

Outline regular operations or modifications and provide specific guidance for their execution.

Question 30

The cybersecurity analyst can streamline and standardize the documentation process for legacy system’s code and integrations by implementing…

Answer 30

Automation and Orchestration

Question 31

Data privacy policy

Answer 31

Defines how the company collects, stores, processes, and shares customer data and measures taken to protect customer information.

It ensures that the organization complies with relevant data protection laws and regulations, safeguarding sensitive data and promoting transparency in data handling practices

Question 32

Acceptable use policy

Answer 32

Outlines appropriate computer and network usage

Question 33

Information Security Policy

Answer 33

Ensures that all users follow the guidelines related to information security

Question 34

Disaster recovery policy

Answer 34

Deals with steps to recover from catastrophic events such as natural disaster or security breaches.

Question 35

Impact analysis

Answer 35

Assesses the potential implications of a proposed change but it does not test the changes.

Question 36

Testing results

Answer 36

Evaluate proposed changes in a test environment to ensure the changes will work as intended and not cause issues.

Question 37

Backout plan

Answer 37

A contingency plan for reversing changes and returning systems and software to their original state if the implementation plan fails but does not assess the implication of proposed changes.

Question 38

Maintenance Window

Answer 38

Predefined, recurring time frame for implementing changes but does not test the changes

Question 39

How can a cybersecurity analyst effectively utilize version control to maintain a historical record of changes and ensure security in the organization’s IT systems and applications?

Answer 39

Use version control to track changes in network diagrams and configuration files.

Question 40

Trusted Plateform Module

Answer 40

A crypto-processor implemented as a module within the CPU on a computer or mobile device

Question 41

Hardware Security Module

Answer 41

Cryptoprocessor that implements hardware through a removable or dedicated form factor, such as plug-in peripheral component interconnect express adaptor cards

Question 42

Certificate revocation list

Answer 42

Provides a summation of all revoked and suspended certificates and must be accessible to anyone relying on the validity of the certificate authority’s certificates

Question 43

Public key infrastructure

Answer 43

Framework that establishes trust in using public key cryptography to sign and encrypt messages via digital signatures

Question 44

Which encryption method would be inefficient for encrypting a large amount of data on a disk or transporting it over a network?

Answer 44

Asymmetric encryption: it becomes inefficient when dealing with large volumes of data on disks or during network transport due to its computational overhead.

Question 45

Tokenization

Answer 45

Replacing all or part of the value of a database field with a randomly generated token while maintaining the original data on a separate token server.

Question 46

Data masking

Answer 46

When a user redacts all or part of the contents of a database field by substituting the string, such as using “x” in its place.

Question 47

Salting

Answer 47

Cryptography hash method where the user hashes data used for something like a password, and the system cannot decrypt it back to the plaintext password that generated it,

Question 48

Stenography

Answer 48

Occurs when a user embeds information, such as a document, within an unexpected source, such as as a message hidden in a picture, to guise either true appearance

Question 49

Key escrow

Answer 49

Involves securely storing a copy of the private key with a trusted third party for recovery and availability in case of key loss or compromise. It serves as a backup mechanism for private keys

Question 50

Secure Enclave

Answer 50

Enhances security by providing an isolated environment for executing sensitive operations and protecting critical data.

Question 51

wildcard certificates

Answer 51

streamline the certificate deployment process and simplify ongoing maintenance tasks, leading to improved operational efficiency.