CHP 8

Question 1

EOL

Answer 1

End-of-Life (EOL) Systems: Systems or software that have reached the end of their support lifecycle as defined by the manufacturer. After the EOL date, the manufacturer no longer provides updates, patches, or support.
Legacy Systems: Older systems or software that are still in use but may not be supported or maintained actively. These systems are often based on outdated technologies that may not integrate well with modern systems.

Question 2

UEFI

Answer 2

Unified Extensible Firmware Interface (UEFI) is a modern firmware interface for computers that provides a flexible and robust environment for booting and managing system settings. UEFI is designed to replace the traditional Basic Input/Output System (BIOS) firmware interface.

Question 3

Fact

Answer 3

MD5 and SHA-1, once widely used cryptographic hash functions, are now considered insecure due to vulnerabilities that allow for collision attacks

Question 4

KRACK

Answer 4

KRACK (Key Reinstallation Attacks) is a security vulnerability in the WPA2 (Wi-Fi Protected Access II) protocol, which is widely used to secure Wi-Fi networks. Discovered in 2017, KRACK exploits weaknesses in the WPA2 protocol’s 4-way handshake process, allowing attackers to decrypt and intercept Wi-Fi traffic.

Question 5

DES

Answer 5

The Data Encryption Standard (DES) algorithm, once a popular symmetric encryption standard, was found to be vulnerable to brute force attacks due to its 56-bit key size. Now AES rules

Question 6

BEAST

Answer 6

(Browser Exploit Against SSL/TLS):

What it is: An attack that exploits weaknesses in older versions of SSL/TLS encryption used by web browsers.
Impact: Allows attackers to intercept and decrypt secure communications between a browser and a website

Question 7

POODLE

Answer 7

(Padding Oracle On Downgraded Legacy Encryption):

What it is: An attack that exploits a vulnerability in an older encryption protocol (SSL 3.0) by forcing the use of this less secure protocol.
Impact: Enables attackers to read encrypted information sent over the internet.

Question 8

Rooting

Answer 8

Gaining superuser-level access over an Android-based mobile device.

Question 9

sideloading

Answer 9

Installing an app to a mobile device without using an app store.

Question 10

Fact

Answer 10

Sideloading is generally associated with Android devices utilizing APK (Android Application Package)

Question 11

fact

Answer 11

Mobile Device Management (MDM) platforms can detect and restrict rooting, jailbreaking, and sideloading

Question 12

TOCTOU

Answer 12

Time-of-Check to Time-of-Use (TOCTOU) is a type of race condition vulnerability that occurs when a system’s state changes between the time a check is performed on a resource and the time the resource is used.

Question 13

ASLR

Answer 13

Address Space Layout Randomization (ASLR) A security technique that randomizes the memory addresses used by system and application processes. Think “randomizes memory addresses so hackers cant see where their buffer overflow attack will go”

Question 14

DEP

Answer 14

Data Execution Prevention (DEP) A security feature that marks certain areas of memory as non-executable. Prevents Buffer Overflow attacks by being preventable

Question 15

DOM

Answer 15

The Document Object Model (DOM) is a programming interface for web documents. It represents the structure of a document as a tree of objects, allowing programs and scripts to dynamically access and update the content, structure, and style of web pages.

Question 16

CASB

Answer 16

A Cloud Access Security Broker (CASB) is a security policy enforcement point placed between cloud service users and cloud applications to monitor and enforce security policies. CASBs help organizations secure their data and manage risks associated with cloud services.

Question 17

SBOM

Answer 17

A Software Bill of Materials (SBOM) is like a detailed list of ingredients for a software application. It shows everything that goes into the software, including parts from other sources.

Question 18

SCA

Answer 18

Software Composition Analysis (SCA) is a method used to identify and manage open-source components within a software application. It helps ensure that all parts of the software are secure, up-to-date, and compliant with licensing requirements.

Question 19

OTX

Answer 19

Open Threat Exchange (OTX) is a community-driven platform where security professionals share and collaborate on threat intelligence to help detect and defend against cyber threats.

Question 20

CTI

Answer 20

cyber threat intelligence (CTI)
The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources.

Question 21

fact

Answer 21

Threat data can be packaged as feeds that integrate with a security information and event management (SIEM) platform

Question 22

ISACs

Answer 22

Information Sharing and Analysis Centers (ISACs) are organizations that collect, analyze, and share critical information about threats and vulnerabilities within specific industries to enhance cybersecurity and resilience.

Question 23

OSINT

Answer 23

Open-source intelligence (OSINT)
OSINT is used to identify vulnerabilities and threat information by gathering data from many sources such as blogs, forums, social media platforms, and even the dark web.

Question 24

PCI DSS

Answer 24

Payment Card Industry Data Security Standard (PCI DSS)
The information security standard for organizations that process credit or bank card payments.

Question 25

NVTs

Answer 25

network vulnerability tests (NVTs)
Network Vulnerability Tests (NVTs) are procedures and tools used to identify security weaknesses and vulnerabilities in a computer network. These tests help organizations find and fix potential security issues before attackers can exploit them.

Question 26

NVD

Answer 26

The National Vulnerability Database (NVD) is a comprehensive database of information about security vulnerabilities. It is maintained by the National Institute of Standards and Technology (NIST) and provides details on known vulnerabilities in software, hardware, and firmware.

Question 27

SCAP

Answer 27

Security Content Automation Protocol (SCAP)
SCAP is a set of tools and standards that help computers talk about and manage security issues in a consistent way. Many vulnerability scanners use the Security Content Automation Protocol (SCAP) to obtain feed or plug-in updates

Question 28

CVE

Answer 28

Common Vulnerabilities and Exposures (CVE) is a dictionary of vulnerabilities in published operating systems and applications software

Question 29

CVSS

Answer 29

Common Vulnerability Scoring System (CVSS)
A risk management approach to quantifying vulnerability data and then taking into account the degree of risk to different types of systems or information.

Question 30

EF

Answer 30

Exposure factor (EF)
In risk calculation, the percentage of an asset’s value that would be lost during a security incident or disaster scenario.

Question 31

environmental variables

Answer 31

In vulnerability assessment, factors or metrics due to local network or host configuration that increase or decrease the base likelihood and impact risk level.

Question 32

A cybersecurity specialist is preparing to perform a vulnerability scan on an organization’s infrastructure. The organization’s management wants the scan to be as thorough as possible without directly compromising any systems or accessing sensitive data. The cybersecurity specialist considers both credentialed and non-credentialed scans to determine which will best suit the organization’s requirements. In the described situation, if aiming to gather detailed vulnerability data from the system by logging into it using pre-defined accounts, which type of scan is the specialist planning to conduct?

A.Credentialed scan
B.Non-credentialed scan
C.Passive network scan
D.External perimeter scan

Answer 32

A

Question 33

A cybersecurity specialist is conducting a comprehensive security assessment focusing on the organization’s use of cryptographic technologies and the configuration of its systems to safeguard against vulnerabilities. Which two of the following activities are essential for the specialist to perform to effectively assess the security posture regarding cryptographic algorithms? (Select the two best options.)

A.Evaluating the strength of cryptographic keys
B.Inspecting network traffic for encrypted malicious payloads
C.Checking for default passwords in software applications
D.Reviewing the aesthetics of the user interface

Answer 33

A and B

Question 34

A leading fintech company plans to migrate its primary financial application to a public cloud environment. Before the transition, the cloud security specialist reviews the application’s architecture to ensure its resistance against potential cloud-based application attacks. Given the specific vulnerabilities associated with cloud platforms, which attack method would be the MOST effective against a cloud-based application that has not appropriately secured its Application Programming Interface (API)?

A.Distributed denial of service (DDoS) against the cloud infrastructure
B.Brute force attack on application user accounts
C.Injection attack targeting the application’s API
D.Social engineering attack on cloud provider personnel

Answer 34

C

Question 35

A system administrator at a software development company is working on integrating package monitoring into the organization’s vulnerability management strategy. The administrator aims to track software packages and applications to ensure they remain free from vulnerabilities and continue to support the firm’s security framework. As the system administrator incorporates package monitoring into the vulnerability management process, which actions will MOST likely get prioritized to enhance the effectiveness of this approach? (Select the two best options.)

A.Tracking outdated software packages
B.Manually updating software every day
C.Monitoring software repositories for new updates
D.Buying the latest antivirus software every month

Answer 35

A and C

Question 36

A software development company has recently integrated new tools for dependency analysis and Software Bill of Materials (SBOM) into its development pipeline. The security team ensures that these tools effectively identify and manage vulnerabilities. When leveraging dependency analysis and SBOM tools in a software development environment, which key factors should the security team prioritize to address potential vulnerabilities more efficiently? (Select the two best options.)

A.Recognizing outdated software dependencies
B.Tracking the frequency of software updates
C.Identifying undisclosed open-source components
D.Calculating the software’s runtime speed

Answer 36

A and C