CYBERSECURITY - A WORLD OF EXPERTS AND CRIMINALS

Question 1

This group of criminals breaks into computers or networks to gain access for various
reasons

Answer 1

Hackers

Question 2

attackers break into networks or computer systems to discover weaknesses in order to
improve the security of these systems.

Answer 2

White hat

Question 3

attackers are somewhere between white and black hat attackers. The gray hat attackers may
find a vulnerability and report it to the owners of the system if that action coincides with their agenda.

Answer 3

Gray hat

Question 4

attackers are unethical criminals who violate computer and network security for personal gain,
or for malicious reasons, such as attacking networks.

Answer 4

Black Hat

Question 5

• Teenagers or hobbyists mostly limited to pranks and vandalism, have little or
  no skill, often using existing tools or instructions found on the Internet to launch attacks.

Answer 5

Script Kiddies

Question 6

Grey hat hackers who attempt to discover exploits and report
them to vendors, sometimes for prizes or rewards.

Answer 6

Vulnerability Brokers

Question 7

Grey hat hackers who rally and protest against different political and social
ideas. Hacktivists publicly protest against organizations or governments by posting articles,
videos, leaking sensitive information, and performing distributed denial of service (DDoS)
attacks.

Answer 7

Hacktivists

Question 8

These are black hat hackers who are either self-employed or
working for large cybercrime organizations.

Answer 8

Cyber Criminals

Question 9

Depending on a person’s perspective, these are either
white hat or black hat hackers who steal government secrets, gather intelligence, and
sabotage networks. Their targets are foreign governments, terrorist groups, and
corporations

Answer 9

State Sponsored Hackers

Question 10

is a weakness that makes a target susceptible to an attack

Answer 10

Cyber vulnerability

Question 11

recognize the threat that data poses if used against people

Answer 11

Cybersecurity specialists

Question 12

is the possibility that a harmful event, such as an attack, will occur

Answer 12

cybersecurity threat

Question 13

are particularly dangerous to certain industries and the type of
information they collect and protect

Answer 13

Cyber threats

Question 14

possess the insight to recognize the influence of data and
harness that power to build great organizations, provide services and protect people
from cyberattacks

Answer 14

• Cybersecurity specialists

Question 15

are an example of Information Security
Management Standards. The standards provide a framework for implementing
cybersecurity measures within an organization.

Answer 15

ISO 27000 standards

Question 16

The following examples are just a few sources of data that can come from established
organizations:

Answer 16

Personal Information
Medical Records
Education Records
Employment and Financial Records

Question 17

Criminals use _______-______ tools to capture data streams over a network. Packet
sniffers work by monitoring and recording all information coming across a network.

Answer 17

Packet Sniffing Tools

Question 18

interferes with an established network
communication by constructing packets to appear as if they are part of a communication.

Answer 18

Packet Injection

Question 19

An internal user, such as an employee or contract partner, can accidently or intentionally

Answer 19

Internal Security Threats

Question 20

Big data is the result of data sets that are large and complex, making traditional
data processing applications inadequate

Answer 20

Impact of Big Data

Question 21

Big data poses both challenges and opportunities based on three
dimensions:

Answer 21

The amount of data
The speed of data
The range of data types and sources

Question 22

is a continuous computer hack that occurs under the radar against a specific object. Criminals usually
choose an APT for business or political motives.

Answer 22

Advanced Persistent Threat

Question 23

can track system self-reporting data, like how much energy a computer is using, and use that information to select
targets or trigger false alerts

Answer 23

Algorithm Attacks

Question 24

are more devious because they exploit designs used to improve energy savings,
decrease system failures, and improve efficiencies.

Answer 24

Algorithm Attacks

Question 25

In the past, attacks would select the low hanging fruit or most vulnerable victims. Many of the most
sophisticated attacks will only launch if the attacker can match the signatures of the targeted victim.

Answer 25

Intelligent selection of victims

Question 26

refers to multiple enterprises that let their users use the same identification credentials gaining access to
the networks of all enterprises in the group. The goal of federated identity management is to share identity information automatically
across castle boundaries.

Answer 26

Federated Identity Management

Question 27

uses phone calls against a target telephone network tying up the system and
preventing legitimate calls from getting through.

Answer 27

Telephone denial of service or TDOS attack

Question 28

The Seven Categories of Cybersecurity Work

Answer 28

Operate and Maintain
Protect and Defend
Investigate
Collect and Operate
Analyze
Oversight and Development
Securely Provision

Question 29

includes providing the support, administration, and maintenance required to ensure IT system
performance and security

Answer 29

Operate and Maintain

Question 30

includes the identification, analysis, and mitigation of threats to internal systems and networks

Answer 30

Protect and Defend

Question 31

includes the investigation of cyber events and/or cyber crimes involving IT resources

Answer 31

Investigate

Question 32

includes specialized denial and deception operations and the collection of cybersecurity information

Answer 32

Collect and Operate

Question 33

includes highly specialized review and evaluation of incoming cybersecurity
information to determine if it is useful for intelligence

Answer 33

Analyze

Question 34

provides for leadership, management, and direction to
conduct cybersecurity work effectively

Answer 34

Oversight and Development

Question 35

includes conceptualizing, designing, and building secure IT systems

Answer 35

Securely Provision

Question 36

How to Become a Cybersecurity Specialist

Answer 36

Study
Pursue Certifications
Pursue Internships
Join Professional Organizations

Question 37

Industry Certifications

Answer 37

CompTIA Security+
CEH
GSEC
CISSP
CISM
CCNA SECURITY
Company Sponsored Certifications

Question 38

An internal user, such as an employee or contract partner, can accidently or intentionally

Answer 38

Internal Security Threats

Question 39

External threats from amateurs or skilled attackers can exploit vulnerabilities in networked devices, or can use social
engineering, such as trickery, to gain access.

Answer 39

External Security Threats