CYBRSCRTY-MODULE 2

Question 1

Benchmark/secure configuration guides

Answer 1

Guidelines for configuring a device or software usually distributed by hardware manufacturers and software developers

Question 1

Adversary tactics, techniques, and procedures (TTP)

Answer 1

A database of the behavior of threat actors and how they orchestrate and manage attacks

Question 2

Black box

Answer 2

A penetration testing level in which the testers have no knowledge of the network and no special privileges

Question 3

Blue Team

Answer 3

A penetration testing team that monitors for Red Team attacks and shores up defenses as necessary

Question 4

Bug bounty

Answer 4

A monetary reward given for uncovering a software vulnerability

Question 5

Center for Internet Security (CIS)

Answer 5

A nonprofit community-driven organization

Question 6

Cleanup

Answer 6

Returning all systems back to normal following a penetration test

Question 7

Cloud Controls Matrix

Answer 7

A specialized framework of cloud-specific security controls

Question 8

Cloud Security Alliance (CSA)

Answer 8

An organization whose goal is to define and raise awareness of best practices to help secure cloud computing environments

Question 9

Common Vulnerabilities and Exposures (CVE)

Answer 9

A tool that identifies vulnerabilities in operating systems and application software

Question 10

Common Vulnerability Scoring System (CVSS)

Answer 10

A numeric rating system of the impact of a vulnerability

Question 11

Configuration review

Answer 11

An examination of the software settings for a vulnerability scan

Question 12

Credentialed scan

Answer 12

A scan in which valid authentication credentials, such as usernames and passwords, are supplied to the vulnerability scanner to mimic the work of a threat actor who possesses these credentials

Question 13

Drone

Answer 13

An unmanned aerial vehicle (UAV) without a human pilot on board to control its flight

Question 14

European Union General Data Protection Directive (GDPR)

Answer 14

A regulation regarding data protection and privacy in the European Union and the European Economic Area (EEA)

Question 15

False negative

Answer 15

Failure to raise an alarm when there is a problem

Question 16

False positive

Answer 16

Raising an alarm when there is no problem

Question 17

Footprinting

Answer 17

Gathering information from outside the organization

Question 18

Framework

Answer 18

A series of documented processes used to define policies and procedures for implementation and management of security controls in an enterprise environment

Question 19

Fusion center

Answer 19

A formal repository of information from enterprises and the government used to share information on the latest attacks

Question 20

Gray box

Answer 20

A penetration testing level in which the testers are given limited knowledge of the network and some elevated privileges

Question 21

Intrusive scan

Answer 21

A vulnerability scan that attempts to employ any vulnerabilities which it finds, much like a threat actor would

Question 22

ISO 27001

Answer 22

A standard that provides requirements for an information security management system (ISMS)

Question 23

ISO 27002

Answer 23

A “code of practice” for information security management within an organization and contains 114 different control recommendations

Question 24

ISO 27701

Answer 24

An extension to ISO 27001 and is a framework for managing privacy controls to reduce the risk of privacy breach to the privacy of individuals

Question 25

ISO 31000

Answer 25

A standard that contains controls for managing and controlling risk

Question 26

Lateral movement

Answer 26

Moving through a network looking for additional systems threat actors can access from their elevated position

Question 27

Log

Answer 27

A record of events that occur

Question 28

Log reviews

Answer 28

An analysis of log data

Question 29

Maneuvering

Answer 29

Conducting unusual behavior when threat hunting

Question 30

NIST Cybersecurity Framework (CSF)

Answer 30

A measuring stick against which companies can compare their cybersecurity practices relative to the threats they face

Question 31

NIST Risk Management Framework (RMF)

Answer 31

A guidance document designed to help organizations assess and manage risks to their information systems

Question 32

Non-credentialed scan

Answer 32

A vulnerability scan that provides no authentication information to the tester

Question 33

Nonintrusive scan

Answer 33

A vulnerability scan that does not attempt to exploit the vulnerability but only records that it was discovered

Question 34

Open source intelligence (OSINT)

Answer 34

Publicly accessible information

Question 35

Passive reconnaissance

Answer 35

Searching online for publicly accessible information

Question 36

Payment Card Industry Data Security Standard (PCI DSS)

Answer 36

A compliance standard to provide a minimum degree of security for handling customer card information

Question 37

Penetration testing

Answer 37

A type of test that attempts to exploit vulnerabilities just as a threat actor would

Question 38

Persistence

Answer 38

A process in which a load balancer creates a link between an endpoint and a specific network server for the duration of a session

Question 39

Pivot

Answer 39

Turning to other systems to be compromised

Question 40

Platform/vendor-specific guides

Answer 40

Guidelines that only apply to specific products

Question 41

Privilege escalation

Answer 41

Moving to more advanced resources that are normally protected from an application or user

Question 42

Purple Team

Answer 42

A penetration testing team that provides real-time feedback between the Red and Blue teams to enhance the testing

Question 43

Red Team

Answer 43

A penetration testing team that scans for vulnerabilities and then exploits them

Question 44

Reference architecture

Answer 44

An authoritative source of information

Question 45

Regulations

Answer 45

Standards typically developed by established professional organizations or government agencies using the expertise of seasoned security professionals

Question 46

Request for comments (RFC)

Answer 46

Documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas

Question 47

Rules of engagement

Answer 47

Limitations or parameters in a penetration test

Question 48

Security Information and Event Management (SIEM)

Answer 48

A tool that consolidates real-time security monitoring and management of security information with analysis and reporting of security events

Question 49

Security, Orchestration, Automation, and Response (SOAR)

Answer 49

A tool designed to help security teams manage and respond to the very high number of security warnings and alarms by combining comprehensive data gathering and analytics in order to automate incident response

Question 50

Sentiment analysis

Answer 50

The process of computationally identifying and categorizing opinions, usually expressed in response to textual data, in order to determine the writer’s attitude toward a particular topic

Question 51

SSAE SOC 2 Type II

Answer 51

A standard for reports on internal controls that reviews how a company safeguards customer data and how well those controls are operating

Question 52

SSAE SOC 2 Type III

Answer 52

A standard for reports on internal controls that can be freely distributed

Question 53

Standard

Answer 53

A document approved through consensus by a recognized standardization body

Question 54

Threat feeds

Answer 54

Cybersecurity data feeds that provide information on the latest threats

Question 55

Threat hunting

Answer 55

Proactively searching for cyber threats that thus far have gone undetected in a network

Question 56

Unmanned Aerial Vehicle (UAV)

Answer 56

An aircraft without a human pilot on board to control its flight

Question 57

User behavior analysis

Answer 57

Looking at the normal behavior of users and how they interact with systems to create a picture of typical activity

Question 58

Vulnerability feeds

Answer 58

Cybersecurity data feeds that provide information on the latest vulnerabilities

Question 59

Vulnerability scan

Answer 59

A frequent and ongoing process, often automated, that continuously identifies vulnerabilities and monitors cybersecurity progress

Question 60

War driving

Answer 60

Searching for wireless signals from an automobile or on foot while using a portable computing device

Question 61

War flying

Answer 61

An efficient means of discovering a Wi-Fi signal using drones

Question 62

White box

Answer 62

A penetration testing level in which the testers are given full knowledge of the network and the source code of applications

Question 63

White Team

Answer 63

A penetration testing team that enforces the rules of the penetration testing