Chapter 1

Question 1

The three core goals of cybersecurity

Answer 1

CIA
Confidentiality, Integrity, and Availablility

Question 2

Acronyms

PII

Answer 2

Personally Identifiable Information

Examples: Medical Information, Credit Card Data

Question 3

What are the key elements of access controls?

Answer 3

Identification, Authentication, Authorization

Access controls help protect confidentiality by restricting access

Question 4

What is the best way to protect the confidentiality of data?

Answer 4

Encryption

Question 5

Which of the 3 core goals of cybersecurity do hashing techniques enforce?

Answer 5

Integrity

Ensures that information being sent and received has not been modified

Question 6

Ways to increase Availability

Answer 6

Adding fault tolerance and reduncancies

Question 7

Redundancy

Answer 7

Adds duplication which allows the service to continue without interruption

Provides fault tolerance

Question 8

Acronyms

SPOF

Answer 8

Single Point of Failure

If a SPOF fails, the entire system can fail

Question 9

Acronyms

UPS

Answer 9

Uninterrupted Power Supply

Question 10

Horizontal scaling

Answer 10

Adding additional servers

Question 12

Vertical Scaling

Answer 12

Adding more resources such as memory or processing power to individual servers

Question 13

Acronyms

TCO

Answer 13

Total Cost of Ownership

By increasing resiliency of systems, you can avoid higher TCO of a system

Question 14

Resiliency

Answer 14

The ability of systems to heal themselves or recover from faults with minimal downtime

Question 15

Risk

Answer 15

The possibilty of a threat exploiting a vulnerability

Question 16

Threat

Answer 16

Any circumstance or event that has the potential to compromise CIA

Question 17

Security Incident

Answer 17

An adverse event or series of events that can negatively affect the CIA of an organizations IT systems and data

Question 18

Risk Mitigation

Answer 18

Reducing a risk’s impact

Question 19

The 4 Security Control Categories

Answer 19

Technical, Physical, Manegerial, Operational

Question 20

Security Control Types

Answer 20

Preventive, Detective, Corrective, Deterrent, Compensating, Directive

Question 21

Acronyms

IDS and IPS

Types of technical controls

Answer 21

Intrusion detection systems and Intrusion Protection Systems

Types of technical controls

Question 22

Examples of Manegerial Controls

Manegerial Controls - documented in written policies

Answer 22

Risk assessments, vulnerability assessments

Question 23

Examples of Operational Controls

Answer 23

Awareness and training, Configuration management, Media Protection

Question 24

Examples of Preventive Controls

Answer 24

Hardening, Training, Security guards, Account disablements process, IPSs

Question 25

Hardening

Answer 25

The practice of making a system or application more secure than its default configuration

Includes disabling unnecessary ports and services, keeping system patched, using strong passwords and a robust password policy and disabling default and unnecessary accounts

Question 26

Acronyms

SIEM

Answer 26

Security Information and Event Management

Example of detective control

Question 27

What are the Primary Windows Logs?

Answer 27

System log, Security log, Application log

Can be viewed with the Windows Event Viewer

Question 28

Acronyms

TOTP

Answer 28

Time-based One Time Password

Example of compensating control

Question 29

Acronyms

NTP

Answer 29

Network Time Protocol

Question 30

Acronyms

NOC

Answer 30

Network Operations Center

Question 31

Where is log information stored in Linux Systems?

Answer 31

Text files contained in the /var/log directory

Question 32

Where can you find general system messages on Linux Systems?

Answer 32

/var/log/syslog and/or
/var/log/messages

Question 33

What are common sources of network logs?

Answer 33

Firewalls, IDSs, IPSs and packet captures

Gives information about network activity

Question 34

What do SIEMs do?

Answer 34

Collect, analyze, and correlate logs from multiple sources

Question 35

What is the syslog protocol?

Answer 35

Specifies a log entry format and the details on how to transport log entries

You can deploy a centralized syslog server to collect syslog entries from a variety of devices in the network

Question 36

Acronyms

MD5

Answer 36

Message Digest 5

A hashing algorithm that creates a fixed-length irriversible output

Question 37

Acronyms

RAID

Answer 37

Redundant Arrays of Inexpensive Disks

Question 38

What do RAIDs do?

Answer 38

Allow a single disk to fail without losing data

Question 39

Acronyms

NIC

Answer 39

Network Interface Card

Question 40

What is NIC teaming?

Answer 40

The use of multiple network interface cards so a server remains connected to the network even if one of the cards fails

Provides redundance/ fault tolerance