CyberBook

Question 1

Company needs to validate its updated incident response plan using a real world scenario.

Answer 1

Tabletop exercise.

Question 2

A security analyst is evaluating solutions to deploy additional layers of security to a web application. What is the most obvious solution?

Answer 2

HTTPS

Question 3

Help desk technician receives an email from a CIO he knows to be on vacation asking for documents. What should the technician do to validate the authenticity of the email?

Answer 3

Check the metadata in the email header of the received path in reverse order.

Question 4

An attacker sends multiple SYN packets from multiple sources. What is this and the best way to defend.

Answer 4

Botnet; enable DDoS protection.

Question 5

Attack that establishes a connection, which allows remote commands to be executed. What is this and the best way to defend.

Answer 5

RAT; Disable remote access services.

Question 6

Attack self propagates and compromises SQL databases suing well known credentials as it moves through the network.

Answer 6

Worm; Change default passwords.

Question 7

Attacker uses hardware to remotely monitor a users’ input activity to harvest credentials.

Answer 7

Keylogger; Implement 2FA using push notification.

Question 8

Attackers embed hidden access in a internally developed application that bypasses account login.

Answer 8

Backdoor; code review.

Question 9

URL filtering can be used in a network on what device to perform what type of action.

Answer 9

Webserver to prevent users from accessing unauthorized websites.

Question 10

Brownouts are causing power loss for several seconds on servers. What is the best course of action to mitigate this.

Answer 10

UPS; undisrupted power supply.

Question 11

Users are presented with a banner at login stating they are not entitled to reasonable expectation of privacy access.

Answer 11

AUP; acceptable use policy

Question 12

Best solution to install on stations to prevent sensitive information from being sent in email from workstations.

Answer 12

DLP; data loss prevention.

Question 13

security analysis assessing programs are deployed in a runtime environment and sent back to the developer if issues are found.

Answer 13

Dynamic Code Review.

Question 14

Company wants customers to be able to login with the same PAP (sid and password) for a trusted third-party organization.

Answer 14

Federation implementation.

Question 15

User wanted to VPN to the company network for work over the weekend but couldn’t. By Monday everything worked fine, what was the issue?

Answer 15

Time-based logins.

Question 16

Company is forced to continue using legacy software to support critical services..

Answer 16

Lack of vendor support.

Question 17

Port 53

Answer 17

DNS; Domain name server uses Port 53

Question 18

Port 23

Answer 18

Telnet

Question 19

Port 25

Answer 19

SMTP

Question 20

Port 69

Answer 20

TFTP; trivial file transfer protocol

Question 21

Port 443

Answer 21

HTTPS

Question 22

Cost-effective physical control to enforce USB removable media restriction policy.

Answer 22

GPO; Group Policy Objects that will restrict access to authorized USB removable media.