701 - Chapter 1

Question 1

What prevents the unauthorized disclosure of information, it keeps secret information secret?

Answer 1

Confidentiality

Question 2

What prevents the unauthorized alteration of information or systems. It keeps our information safe from unintentional or accidental changes.

Answer 2

Integrity

Question 3

What insurer authorized users are able to access information and systems when they need them?

Answer 3

Availability

Question 4

What are the two ways to ensure confidentiality?

Answer 4

Encryption and access controls

Question 5

Within access controls, what are the three core identity and access management activities that help ensure that only authorized person can access data?

Answer 5

Identification, authentication, authorization

Question 6

Within access controls, users claim and identity with a unique username. What is this called?

Answer 6

Identification

Question 7

Within access control, what is it called when users prove their identity for example with a password?

Answer 7

Authentication

Question 8

Within access control, this can grant or restrict access to resources uses using such things as permissions, what is this called?

Answer 8

Authorization

Question 9

You can increase availability by adding what and what? Give some examples.

Answer 9

Fault tolerance, and redundancy… RAID, failover clusters, backups, generators

Question 10

What is a common goal of fault tolerance, and redundancy techniques?

Answer 10

To remove each single point of failure, SPOF

Question 11

RAID is an example of what type of redundancy?

Answer 11

Disc

Question 12

Failover clusters are an example of what type of redundancy?

Answer 12

Server

Question 13

Load balancing uses multiple servers to support a single service such as a high volume website, what type of redundancy is that?

Answer 13

Network

Question 14

UPS and power generators can provide power to key systems if commercial power fails, what type of redundancy is this?

Answer 14

Power

Question 15

What is it called to put two or more network cards in a single server? And what type of redundancy is this?

Answer 15

NIC teaming…network

Question 16

What are two things that can contribute to high availability?

Answer 16

Scalability and elasticity

Question 17

What are the two types of scalability?

Answer 17

Horizontal and vertical

Question 18

Adding additional servers would be an example of this type of scalability? Adding additional resources (for example, adding more RAM) to the existing servers is an example of this type of scaling?

Answer 18

Horizontal and vertical

Question 19

What is called when scalability is automated by having the system add and remove resources as needed?

Answer 19

Elasticity

Question 20

What is an alternative to seeking the highest possible availability?

Answer 20

resiliency

Question 21

Resiliency methods help system _____ themselves or recover from _____ with minimal downtime?

Answer 21

Heal and Faults

Question 22

Resiliency methods also expect components to do what with fail processes? Give an example.

Answer 22

Retry… Examples would include the chrome browser and also TCP packets, when failing to reach the destination, TCP packets will be resent

Question 23

Organizations frequently need to balance resource availability with what? And why is this difficult to do?

Answer 23

Security constraints… it is difficult because when applying security constraint, such as encryption, it will require more memory and processing power in addition to slowing down applications

Question 24

What is the possibility or likelihood of a threat exploiting a vulnerability resulting in a loss?

Answer 24

Risk

Question 25

What is any circumstance or event that has the potential to compromise CIA?

Answer 25

Threat

Question 26

What is another name for a weakness?

Answer 26

A vulnerability

Question 27

What is an adverse event or series of events that can negatively affect the CIA of an organizations IT?

Answer 27

A security incident

Question 28

What are four types of threats?

Answer 28

Insider, an outside attacker, natural, accidental

Question 29

What is the process of reducing the chances that a threat will exploit of vulnerability or reduces the impact of the threat?

Answer 29

Risk mitigation

Question 30

What do organizations implement to help mitigate risk?

Answer 30

Security controls also called counter measures and safeguards

Question 31

What are some examples of technical controls?

Answer 31

Encryption, antivirus software, IDS and IPS, firewalls , least privilege

Question 32

Where are managerial controls typically documented?

Answer 32

In an organizations written security policy

Question 33

What type of control is implemented by people who performed the day-to-day operations to comply with an organizations overall security plan?

Answer 33

Operational controls

Question 34

What are three ways of assessing risk within managerial controls?

Answer 34

Quantitative and qualitative risk assessments, vulnerability assessments

Question 35

What are the three families of operational controls?

Answer 35

Awareness and training, configuration management, media protection

Question 36

Name some examples of the preventative control type?

Answer 36

Hardening, training, security guards, account disablement process, IPS

Question 37

What control type is put in place to discourage a threat? Give some examples.

Answer 37

Deterrent… Warning signs and login banners

Question 38

This type of control is used to discover an event after it has occurred? Give some examples.

Answer 38

Detective… Log monitoring, SIEM Systems, security audit, video surveillance, motion detection, IDS

Question 39

This control type attempts to reverse the impact of an incident or problem after it has occurred? Give some examples.

Answer 39

Corrective… Back ups/system recovery and incident handling processes

Question 40

This control type provides an alternate control instead of using a primary control?

Answer 40

Compensating

Question 41

This control type is designed to provide instruction to individuals and how they should handle security related situations that arise? Give some examples.

Answer 41

Directive… Policy, standards, procedures, guidelines and change management

Question 42

What are the three primary windows operating system logs?

Answer 42

Security, system, application

Question 43

What directory does Linux Systems store logs in?

Answer 43

/var/log

Question 44

Which Lennox log contain a wide variety of general system Messages including startup, mail, kernel messages?

Answer 44

Syslog or messages

Question 45

Which Linux log contains information related to authentication and authorization of user sessions?

Answer 45

Secure log

Question 46

What are three examples of network logs?

Answer 46

Firewall, IPS/IDS, packet captures

Question 47

What is the type of application log that follows the W3C common log format?

Answer 47

Web server logs

Question 48

Within an SIEM system, what is called the process of combining several similar items into a single similar format?

Answer 48

Log aggregation

Question 49

Within an SIEM system, what is the software component used to collect an analyze event log data from various systems within the network?

Answer 49

The correlation engine

Question 50

Within an SIEM system, this focuses on what users are doing such as application and network activity, and is looking for abnormal patterns of activity that may indicate malicious intent?

Answer 50

User behavior analysis, UBA

Question 51

What are the agents that an SIEM system places on Systems throughout a network called? These collect logs and send the logs to the SIEM system.

Answer 51

Sensors

Question 52

What are some common elements in a SIEM dashboard?

Answer 52

Sensors, alerts, correlation, trends

Question 53

What is the protocol that specifies a general log entry format and the details on how to transport log entries?

Answer 53

Syslog

Question 54

The system sending Syslog messages is called what? And what is the recipient of the syslog entries?

Answer 54

Originators and collectors