Cysa +

Question 1

A location where security professionals monitor and protect critical
information assets in an organization

Answer 1

Security Operations Center (SOC)

Question 2

This document is called the security and privacy controls for federal
information systems and organizations

Answer 2

NIST Special Publication 800-53 Revision 5

Question 3

mitigates vulnerabilities and risk to ensure the confidentiality, integrity,
availability, nonrepudiation, and authentication of data

Answer 3

Security Control

Question 4

an international standard and a proprietary framework

Answer 4

ISO 27001

Question 5

A category of security control that is implemented as a system
(hardware, software, or firmware)

Answer 5

Technical (Logical) Controls

Question 6

A category of security control that is implemented primarily by
people rather than systems

Answer 6

Operational Controls

Question 7

A category of security control that provides oversight of the
information system

Answer 7

Managerial Controls

Question 8

A control that acts to eliminate or reduce the likelihood that an
attack can succeed

Answer 8

Preventative Control

Question 9

A control that may not prevent or deter access, but will identify
and record any attempted or successful intrusion

Answer 9

Detective Control

Question 10

A control that acts to eliminate or reduce the impact of an
intrusion event

Answer 10

Corrective Control

Question 11

A type of security control that acts against in-person intrusion
attempts

Answer 11

Physical Control

Question 12

A type of security control that discourages intrusion attempts

Answer 12

Deterrent Control

Question 13

A type of security control that acts as a substitute for a principal
control. Not the top line, but gives you some protection

Answer 13

Compensating Control

Question 14

A control that uses a system that actively monitors for potential vulnerabilities or
attacks, and then takes action to mitigate them before they can
cause damage

Answer 14

Responsive Control

Question 15

a system that monitors all incoming and outgoing network, traffic and
blocks

Answer 15

Firewall

Question 16

Devices that can monitor network traffic for patterns that indicate an
intrusion is occurring such as a repeated failed log on attempt (takes action)

Answer 16

Intrusion Prevention System (IPS)

Question 17

The process where data is generated and is then collected, processed,
analyzed, and disseminated to provide insights into the security status of
information systems

Answer 17

Security Intelligence

Question 18

Investigation, collection, analysis, and dissemination of information about
emerging threats and threat sources to provide data about the external
threat landscape

Answer 18

Cyber Threat Intelligence

Question 19

What are the 5 stages of the Intelligence Cycle?

Answer 19

1. Requirements (Planning & Direction) 2. Collection (& Processing) 3. Analysis 4. Dissemination 5. Feedback

Question 20

A not-for-profit group set up to share sector-specific threat intelligence
and security best practices amongst its members

Answer 20

Information Sharing and Analysis Center (ISAC)

Question 21

Similar to ISAC, but set up within the UK

Answer 21

Cyber Security Information Sharing Partnership (CISP)

Question 22

Identifies, evaluates, and prioritizes threats and vulnerabilities to reduce
their negative impact

Answer 22

Risk Management

Question 23

An organized approach to addressing and managing the aftermath of a
security breach or cyberattack

Answer 23

Incident Response

Question 24

The practice of identifying, classifying, prioritizing, remediating, and
mitigating software vulnerabilities

Answer 24

Vulnerability Management

Question 25

The practice of observing activity to identify anomalous patterns for further analysis

Answer 25

Detection and Monitoring

Question 26

A threat that can be identified using basic signature or pattern matching

Answer 26

Known Threats

Question 27

Any software intentionally designed to cause damage to a computer, server, client, or computer network

Answer 27

Malware

Question 28

A piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data

Answer 28

Documented Exploits

Question 29

A threat that cannot be identified using basic signature or patter

Answer 29

Unknown Threats

Question 30

An unknown exploit in the wild that exposes a vulnerability in software or hardware and can create complicated problems well before anyone realizes something is wrong

Answer 30

matching Zero-day Exploit

Question 31

Malicious code whose execution the malware author has attempted to hide through various techniques such as compression, encryption, or encoding to severely limit attempts to statically analyze the malware

Answer 31

Obfuscated Malware Code

Question 32

A malware detection method that evaluates an object based on its intended actions before it can actually execute that behavior

Answer 32

Behavior-based Detection

Question 33

Refers to the process of combining and modifying parts of existing exploit code to create new threats that are not as easily identified by automated scanning

Answer 33

Recycled Threats

Question 34

A classification of malware that contains obfuscation techniques to circumvent signature-matching and detection

Answer 34

Known Unknowns

Question 35

A classification of malware that contains completely new attack vectors and exploits

Answer 35

Unknown Unknowns

Question 36

Uses other people’s tools to conduct their attacks as they do not have the skills to make their own tools

Answer 36

Script Kiddie

Question 37

People who have authorized access to an organization’s network, policies, procedures, and business practices who can cause either intentional or unintentional harm

Answer 37

Insider Threat

Question 38

A rogue business attempting to conduct cyber espionage against an organization

Answer 38

Competitor

Question 39

Focused on hacking and computer fraud to achieve financial gains

Answer 39

Organized Crime

Question 40

Politically-motivated hacker who targets governments or individuals to advance their political ideologies

Answer 40

Hacktivist

Question 41

A group of attackers with exceptional capability, funding, and organization with an intent to hack a network or system

Answer 41

Nation-State

Question 42

An attacker that establishes a long-term presence on a network in order to gather sensitive information

Answer 42

Advanced Persistent Threat (APT)

Question 43

Malicious software applications that are widely available for sale or easily obtainable and usable

Answer 43

Commodity Malware

Question 44

A vulnerability that is discovered or exploited before the vendor can issue a patch to fix it

Answer 44

Zero-day Vulnerability