Chapter 4

Question 1

What is the primary goal of OS hardening?

A) To enhance the system’s performance by optimizing hardware usage.

B) To make the system more secure by improving its design and coding.

C) To simplify the user interface for easier navigation.

D) To increase the system’s compatibility with various software applications.

Answer 1

To make the system more secure by improving its design and coding.

Question 2

What type of OS is considered a trusted OS?

A) An OS that has been designed with OS hardening.

B) An OS that is compatible with the most software applications.

C) An OS that focuses on enhancing user interface features.

D) An OS that prioritizes high performance and fast processing speeds.

Answer 2

An OS that has been designed with OS hardening

Question 3

What does application whitelisting/blacklisting involve?

A) Allowing or disallowing applications based on their performance metrics.

B) Requiring preapproval for an application to either run or not run.

C) Changing the user interface to enhance application usability.

D) Increasing system compatibility with a wide range of software.

Answer 3

Requiring preapproval for an application to either run or not run

Question 4

What does whitelisting involve in the context of application security?

A) Permitting only specific applications that are pre-approved to run, while blocking or denying any not on the list.

B) Allowing all applications to run unless specifically blocked.

C) Automatically updating applications to the latest version without user intervention.

D) Granting access to applications based on their performance and compatibility.

Answer 4

Permitting only specific applications that are pre-approved to run, while blocking or denying any not on the list.(default-deny)

Question 5

What does blacklisting involve in the context of application security?

A) Creating a list of unapproved software, while allowing any program not on this list to run.

B) Requiring pre-approval for specific applications to run, blocking any not on the approved list.

C) Automatically updating applications to the latest version without user intervention.

D) Granting access based on an application’s performance and compatibility.

Answer 5

Creating a list of unapproved software, while allowing any program not on this list to run.
(default-allow)

Question 6

What is a sandbox in the context of application security?

A) A virtual environment that simulates different operating systems for testing purposes.

B) A feature that improves the performance and speed of the operating system.

C) A tool that automatically updates software applications to their latest versions.

D) A “container” where an application can run without affecting the underlying OS.

Answer 6

A “container” where an application can run without affecting the underlying OS.

Question 7

What happens to actions that occur within a sandbox?

A) They are visible to other applications and the OS outside the sandbox.

B) They are logged and monitored by the OS for security purposes.

C) They do not affect other applications or the OS outside the sandbox.

D) They automatically update the OS to ensure compatibility.

Answer 7

They do not affect other applications or the OS outside the sandbox.

Question 8

What happens to the contents of a sandbox when it is closed?

A) The contents are saved and can be accessed later.

B) The contents are archived for future reference.

C) The contents are not saved and are discarded.

D) The contents are automatically updated to reflect the latest changes.

Answer 8

The contents are not saved and are discarded

Question 9

How does a sandbox differ from a virtual machine?

A) a virtual machine operates as a “computer within a computer,” running a full OS as an application on the main OS, with its contents saved for later use.

B) A sandbox allows a full OS to run independently, while a virtual machine limits the OS to a contained environment without saving changes.

C) A sandbox saves its contents for later use, while a virtual machine discards changes when closed.

D) A virtual machine runs applications in isolation, similar to a sandbox, but without the ability to save contents.

Answer 9

a virtual machine operates as a “computer within a computer,” running a full OS as an application on the main OS, with its contents saved for later use

Question 10

How does a sandbox differ from a virtual machine?

A) A sandbox runs applications in a contained environment without affecting the main OS, and its contents are discarded when closed. In contrast, a virtual machine operates as a “computer within a computer,” running a full OS as an application on the main OS, with its contents saved for later use.

B) A sandbox allows a full OS to run independently, while a virtual machine limits the OS to a contained environment without saving changes.

C) A sandbox saves its contents for later use, while a virtual machine discards changes when closed.

D) A virtual machine runs applications in isolation, similar to a sandbox, but without the ability to save contents.

Answer 10

A sandbox runs applications in a contained environment without affecting the main OS, and its contents are discarded when closed. In contrast, a virtual machine operates as a “computer within a computer,” running a full OS as an application on the main OS, with its contents saved for later use

Question 11

What does quarantine do with an attachment according to the organization’s policy?

A) It archives the attachment for future reference and informs the user of its location.

B) It removes the attachment and sends a cleaned version to the user or provides a URL to view, print, or delete the attachment from a secure computer.

C) It immediately deletes the attachment and notifies the user without providing further options.

D) It automatically downloads the attachment and scans it for viruses before delivery.

Answer 11

It removes the attachment and sends a cleaned version to the user or provides a URL to view, print, or delete the attachment from a secure computer

Question 12

What do executable file attacks typically involve?

A) Tricking a vulnerable application into modifying or creating executable files on the system.

B) Encrypting all files on the system to prevent unauthorized access.

C) Automatically updating system files to prevent vulnerabilities.

D) Scanning the system for outdated software and notifying the user.

Answer 12

Tricking a vulnerable application into modifying or creating executable files on the system.

Question 13

What is a defense strategy for protecting against executable file attacks?

A) Regularly updating executable files to the latest versions automatically.

B) Preventing the application from creating or modifying executable files that are necessary for its proper function.

C) Encrypting executable files to prevent unauthorized modifications.

D) Allowing the application to freely create or modify executable files to ensure optimal performance.

Answer 13

Preventing the application from creating or modifying executable files that are necessary for its proper function.

Question 14

What does system tampering involve?

A) Using the vulnerable application to modify special sensitive areas of the operating system.

B) Automatically updating system components to improve performance.

C) Encrypting sensitive areas of the operating system to protect against unauthorized access.

D) Regularly scanning the system for vulnerabilities and applying patches.

Answer 14

Using the vulnerable application to modify special sensitive areas of the operating system

Question 15

What is a defense strategy against system tampering?

A) Allowing applications to modify special areas of the OS to ensure proper functionality.

B) Regularly updating the operating system to patch vulnerabilities.

C) Restricting applications from modifying special areas of the OS.

D) Encrypting sensitive areas of the OS to prevent unauthorized access.

Answer 15

restricting applications from modifying special areas of the OS

Question 16

What does process spawning involve in the context of application security?

A) Tricking the vulnerable application into spawning executable files on the system.

B) Automatically updating system processes to prevent security breaches.

C) Encrypting process files to prevent unauthorized access.

D) Regularly scanning processes for vulnerabilities and applying patches.

Answer 16

Tricking the vulnerable application into spawning executable files on the system

Question 17

What is a root directory in the context of a web server’s file system?

A) A specific directory that restricts users to access only the root directory and its subdirectories.

B) A directory that grants users full access to all directories and files on the server.

C) A directory that automatically updates its contents based on user activity.

D) A backup directory that stores copies of files from all directories on the server.

Answer 17

A specific directory that restricts users to access only the root directory and its subdirectories

Question 18

What is a directory traversal attack?

A) An attack that encrypts files in the root directory to prevent unauthorized access.

B) An attack that scans the server for vulnerabilities and automatically applies patches.

C) An attack that modifies the contents of the root directory to disrupt server operations.

D) An attack that exploits a weakness in a web application or server to allow access to restricted directories beyond the root directory.

Answer 18

An attack that exploits a weakness in a web application or server to allow access to restricted directories beyond the root directory

Question 19

What is command injection in the context of moving to another directory on a server?

A) An unauthorized user viewing confidential files or entering commands to execute on the server.

B) An authorized user moving to another directory to improve server performance.

C) A process that automatically encrypts files in a directory for enhanced security.

D) A technique used to scan and update server directories for vulnerabilities

Answer 19

An unauthorized user viewing confidential files or entering commands to execute on the server

Question 20

What is the primary cause of most insecure applications?

A) Issues with how the application was designed and written.

B) The hardware configuration of the server hosting the application.

C) The network bandwidth available to the application.

D) The frequency of software updates applied to the application.

Answer 20

Issues with how the application was designed and written.

Question 21

What are the stages of general application development?

A) Design, Coding, Deployment, Maintenance

B) Planning, Prototyping, Integration, Release

C) Analysis, Implementation, Review, Optimization

D) Development, Testing, Staging, Production

Answer 21

Development, Testing, Staging, Production

Question 22

What occurs during the development stage of application development?

A) The application is released to the end-users in a live production environment.

B) The application is tested for bugs and performance issues.

C) The application is deployed to a staging environment for further review.

D) The requirements for the application are established, and it is confirmed that the application meets the intended business needs before actual coding begins.

Answer 22

The requirements for the application are established, and it is confirmed that the application meets the intended business needs before actual coding begins.

Question 23

What is the focus of the testing stage in application development?

A) The application is released to end-users and monitored for feedback.

B) The application is tested for any errors that could result in a security vulnerability.

C) The application is designed and coded based on initial requirements.

D) The application is prepared for deployment by configuring production settings.

Answer 23

The application is tested for any errors that could result in a security vulnerability.

Question 24

What is the purpose of the staging stage in application development?

A) To test and verify that the code functions as intended before it is deployed to the production environment.

B) To establish the requirements and confirm that the application meets business needs before coding begins.

C) To release the application to end-users and gather feedback for improvements.

D) To develop and code the application based on initial design specifications.

Answer 24

To test and verify that the code functions as intended before it is deployed to the production environment

Question 25

What occurs during the production stage of application development?

A) The application is tested and verified in a staging environment to ensure it functions as intended.

B) The application is developed and coded based on established requirements.

C) The application is released to be used in its actual setting by end-users.

D) The requirements for the application are defined and confirmed before the coding begins.

Answer 25

The application is released to be used in its actual setting by end-users.

Question 26

What is software diversity?

A) A method of integrating multiple programming languages into a single application for enhanced functionality.

B) A technique where two or more versions of a program that perform the same function are developed from the same specifications by different programmers or teams.

C) A practice of updating software versions simultaneously to maintain consistency.

D) A strategy for standardizing software development practices across different teams.

Answer 26

A technique where two or more versions of a program that perform the same function are developed from the same specifications by different programmers or teams

Question 27

What benefits does software diversity provide?

A) Enhanced graphics capabilities, faster processing speeds, and reduced memory usage.

B) Error detection, increased reliability, and additional documentation.

C) Simplified user interface, increased user engagement, and lower development costs.

D) Automatic updates, easier integration with third-party tools, and better compatibility with various operating systems.

Answer 27

Error detection, increased reliability, and additional documentation

Question 28

What is the primary function of a compiler?

A) To execute binary machine code directly on the hardware.

B) To convert binary machine code into human-readable source code.

C) To manage memory allocation and system resources during runtime.

D) To create binary machine code from human-readable source code

Answer 28

To create binary machine code from human-readable source code

Question 29

What does provisioning involve in an IT context?

A) The installation and configuration of hardware components within a server.

B) The design and development of software applications for business needs.

C) The continuous monitoring of network performance and security.

D) The setup, use, and management of different types of IT resources across the entire company.

Answer 29

The setup, use, and management of different types of IT resources across the entire company

Question 30

What does deprovisioning involve in an IT context?

A) The continuous monitoring of network performance and security.

B) The setup, use, and management of different types of IT resources across the entire company.

C) The removal of a resource that is no longer needed.

D) The design and development of software applications for business needs.

Answer 30

The removal of a resource that is no longer needed.

Question 31

What is integrity measurement in the context of application security?

A) A process for encrypting data to protect it from unauthorized access.

B) A method for automatically updating applications to their latest versions.

C) A technique for analyzing network traffic to detect potential security threats.

D) An attestation mechanism designed to ensure that an application is running only known and approved executables.

Answer 31

An attestation mechanism designed to ensure that an application is running only known and approved executables

Question 32

What is a characteristic of the waterfall model in software development?

A) It uses an iterative design process where stages are revisited as needed.

B) It involves a sequential design process where each stage is fully completed before moving on to the next stage.

C) It emphasizes flexible and adaptive design with ongoing user feedback throughout the project.

D) It integrates multiple stages of development simultaneously to accelerate project completion.

Answer 32

It involves a sequential design process where each stage is fully completed before moving on to the next stage

Question 33

In the waterfall model, what happens once a stage is finished?

A) Developers can revisit and revise previous stages without starting over.

B) Developers can go back to a previous stage without starting the project from the beginning.

C) Developers cannot return to a previous stage without starting all over again.

D) Developers can integrate feedback from later stages into earlier ones without restarting

Answer 33

Developers cannot return to a previous stage without starting all over again

Question 34

What approach does the Agile model use in software development?

A) A sequential design process where each stage must be completed before moving to the next.

B) A rigid, step-by-step process that does not allow for changes once a stage is completed.

C) An incremental approach that emphasizes iterative development and frequent reassessment.

D) A single, comprehensive phase where all development and testing occur simultaneously.

Answer 34

An incremental approach that emphasizes iterative development and frequent reassessment

Question 35

What does SecDevOps involve?

A) Implementing security measures after the deployment of software to ensure compliance.

B) Focusing solely on security during the final testing phase of software development.

C) Developing security policies and procedures separately from the software development lifecycle.

D) Adding security best practices into the development and deployment of software, using the Agile model.

Answer 35

Adding security best practices into the development and deployment of software, using the Agile model

Question 35

What does SecDevOps focus on in the software development process?

A) Applying manual procedures to ensure code security and development efficiency.

B) Using automated courses of action to develop code as quickly and securely as possible.

C) Separating security measures from the development process to avoid delays.

D) Limiting code development speed to prioritize security over rapid deployment.

Answer 35

Using automated courses of action to develop code as quickly and securely as possible.

Question 36

What are immutable systems in the context of application development?

A) Configurations that are frequently changed to adapt to new requirements.

B) Systems that automatically update their values and configurations based on user input.

C) Values or configurations that are employed as part of an application and are not modified.

D) Values that are encrypted to prevent unauthorized access and modifications.

Answer 36

Values or configurations that are employed as part of an application and are not modified

Question 36

What does Infrastructure as Code (IaC) involve?

A) Managing hardware and software infrastructure using the same principles as developing computer code.

B) Developing software applications with a focus on manual configuration of hardware resources.

C) Using a graphical user interface to manage hardware and software infrastructure.

D) Employing traditional hardware management methods while integrating with modern software development practices.

Answer 36

Managing hardware and software infrastructure using the same principles as developing computer code

Question 36

What is OWASP?

A) A group that monitors web attacks and provides guidelines for web application security.

B) An organization that develops proprietary software for network security.

C) A certification body that accredits cybersecurity professionals.

D) A governmental agency that enforces compliance with IT security regulations.

Answer 36

A group that monitors web attacks and provides guidelines for web application security.

Question 36

What is the purpose of baselining in the context of performance measurement?

A) Developing new software features based on user feedback and testing results.

B) Implementing security measures to protect data from unauthorized access.

C) Updating system configurations to improve performance and reliability.

D) Creating a starting point for comparison purposes in order to apply targets and goals to measure success.

Answer 36

Creating a starting point for comparison purposes in order to apply targets and goals to measure success.

Question 36

What is SANS known for?

A) Specializing in cybersecurity training and providing certifications in secure web application development.

B) Developing and selling proprietary cybersecurity software solutions.

C) Offering financial consulting services focused on cybersecurity investments.

D) Providing legal services related to cybersecurity compliance and regulations.

Answer 36

Specializing in cybersecurity training and providing certifications in secure web application development.

Question 36

What is CIS known for?

A) Developing and selling commercial cybersecurity software solutions.

B) Offering cybersecurity consulting services for financial institutions.

C) Accrediting cybersecurity professionals and providing industry certifications.

D) Compiling CIS security controls and providing best practices for cybersecurity, as a not-for-profit organization.

Answer 36

Compiling CIS security controls and providing best practices for cybersecurity, as a not-for-profit organization.

Question 36

What is a key characteristic of SecDevOps?

A) It involves continuous modifications throughout the process, based on the Agile method.

B) It follows a rigid, sequential process with predefined stages and no changes allowed.

C) It focuses solely on post-deployment security measures without integrating security during development.

D) It relies on manual procedures and infrequent updates to ensure application security.

Answer 36

It involves continuous modifications throughout the process, based on the Agile method

Question 37

What is a primary function of version control?

A) Encrypting software to prevent unauthorized access and modifications.

B) Integrating new features into software without altering existing functionality.

C) Automatically deploying updates to all users simultaneously.

D) Allowing changes to be automatically recorded and, if necessary, “rolled back” to a previous version of the software.

Answer 37

D) Allowing changes to be automatically recorded and, if necessary, “rolled back” to a previous version of the software.

Question 37

What does data exposure refer to in cybersecurity?

A) Disclosing sensitive data to attackers.

B) Encrypting sensitive data to prevent unauthorized access.

C) Regularly updating software to fix vulnerabilities and prevent data breaches.

D) Backing up data to ensure it is recoverable in case of loss or corruption.

Answer 37

Disclosing sensitive data to attackers

Question 38

What does proper input validation involve?

A) Automatically correcting user input errors and providing suggestions for improvement.

B) Encrypting user input to secure data transmission over networks.

C) Testing input fields to ensure they meet predefined security standards before data submission.

D) Accounting for errors such as incorrect user input to prevent security vulnerabilities and ensure data integrity.

Answer 38

Accounting for errors such as incorrect user input to prevent security vulnerabilities and ensure data integrity

Question 39

What is a stored procedure?

A) A method for encrypting data before it is stored in a database.

B) A tool for automatically generating reports based on database queries.

C) A process for backing up and restoring database contents.

D) A set of instructions that applications can use to interact with a relational database.

Answer 39

A set of instructions that applications can use to interact with a relational database.

Question 40

What does code signing involve?

A) Encrypting code to prevent unauthorized access during development.

B) Automatically updating software to the latest version to ensure security.

C) Using a code review process to identify and fix vulnerabilities in software.

D) Digitally signing applications to confirm the software author and guarantee the code has not been altered or corrupted.

Answer 40

Digitally signing applications to confirm the software author and guarantee the code has not been altered or corrupted

Question 41

What does obfuscation or camouflaged code involve?

A) Automatically generating documentation for code to improve readability.

B) Using automated testing tools to identify and fix errors in the code.

C) Encrypting code to ensure it remains secure from unauthorized access.

D) Writing an application in such a way that its inner functionality is difficult for an outsider to understand

Answer 41

Writing an application in such a way that its inner functionality is difficult for an outsider to understand

Question 42

What is dead code in programming?

A) Code that generates errors or exceptions during execution.

B) Code that automatically updates itself to fix bugs and vulnerabilities.

C) Code that is actively used and critical for the application’s functionality.

D) Code that executes but performs no meaningful function.

Answer 42

Code that executes but performs no meaningful function.

Question 43

Where does input validation typically occur?

A) Input validation is exclusively handled during the software development phase, not during runtime..

B) Input validation is performed only on the client side by the user’s web browser.

C) Input validation usually happens on the server, but it can also be done on the client side by the user’s web browser

D) Input validation is managed solely by external security tools and not integrated into the application itself.

Answer 43

Input validation usually happens on the server, but it can also be done on the client side by the user’s web browser

Question 44

What is one of the most important steps in SecDevOps?

A) Documentation review, to ensure all project requirements are thoroughly recorded

B) Code testing, because it allows you to test the code during the implementation and verification phases

C) Deployment automation, to streamline the release of new code updates.

D) User training, to educate end-users about the new features and security practices.

Answer 44

Code testing, because it allows you to test the code during the implementation and verification phases

Question 45

What does static code analysis involve?

A) Encrypting source code to secure it before distribution and deployment

B) Testing software during runtime to identify vulnerabilities and performance issues.

C) Analyzing and testing software from a security perspective BEFORE the source code is compiled

D) Monitoring software in production to detect and respond to security threats in real-time

Answer 45

Analyzing and testing software from a security perspective BEFORE the source code is compiled

Question 46

What does dynamic code analysis involve?

A) Examining code after the source code is compiled and when all components are integrated and running.

B) Analyzing and testing software from a security perspective before the source code is compiled.

C) Reviewing documentation to ensure it aligns with the software’s intended functionality.

D) Encrypting code during development to prevent unauthorized access.

Answer 46

Examining code after the source code is compiled and when all components are integrated and running

Question 47

What is fuzzing in the context of software security?

A) The method of encrypting data to protect it from unauthorized access.

B) The technique of manually reviewing code to identify potential vulnerabilities.

C) The process of giving random input to a program to try to make it crash, corrupt memory, or reveal security issues.

D) The approach of updating software to the latest version to fix known security vulnerabilities.

Answer 47

The process of giving random input to a program to try to make it crash, corrupt memory, or reveal security issues