Exam7 Flashcards
Content categorization in web filtering involves classifying web content into predefined categories based on its subject matter or type. This technique enables organizations to apply filtering policies selectively, for example restricting access to certain categories during work hours or blocking access to categories associated with security risks or non-work-related activities.
True
False
In Windows Active Directory environment, this feature enables centralized management and configuration of operating systems, applications, and user account settings.
A. Local Users and Groups
B. Resource Monitor
C. Group Policy
D. User Account Control
What is SELinux?
A. A security feature in Linux OSs
B. A secure boot mechanism implemented in certain Linux distributions
C. An open-source web server software
D. A Linux distribution
Which of the following answers refers to a security mechanism imposed by SELinux over system access?
A. DAC
B. RBAC
C. MAC
D. ABAC
** Message Authentication Code (MAC)**, also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.
Which of the protocols listed below is used to enable secure web browsing?
A. L2TP
B. HTTPS
C. SSH
D. IPsec
Which of the following protocols allow(s) for secure file transfer? (Select all that apply)
A. FTPS
B. TFTP
C. FTP
D. SFTP
FTPS is an extension to the SSH protocol and runs by default on TCP port 22.
True
False
Which of the answers listed below refers to a secure replacement for Telnet?
A. RSH
B. IPsec
C. SSH
D. RTPS
Which of the following answers refers to a deprecated protocol designed as a secure way to send emails from a client to a mail server and between mail servers?
A.I MAPS
B. SFTP
C. POP3S
D. SMTPS
Which of the protocols listed below enable secure retrieval of emails from a mail server to an email client? (Select 2 answers)
A. FTPS
B. IMAPS
C. POP3S
D. STARTTLS
E. SMTPS
Which of the following protocols enables secure access and management of emails on a mail server from an email client?
A. POP3S
B. SMTPS
C. IMAPS
D. S/MIME
Which of the answers listed below refers to a secure network protocol used to provide encryption, authentication, and integrity for real-time multimedia communication?
A. IPsec
B. SIP
C. VoIP
D. SRTP
Secure Real-Time Transport Protocol (SRTP) is a security extension of the Real-time Transport Protocol (RTP) that protects audio and video traffic from eavesdropping, tampering, and replay attacks.
An Extension of Real-time Transport Protocol (RTP) that features enhanced security measures. The protocol provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic.
A type of firewall used for protecting a single computer is commonly referred to as: (Select 2 answers)
A. Hardware firewall
B. Host-based firewall
C. Proxy firewall
D. Network-based firewall
E. Personal firewall
UDP is a connection-oriented protocol using a three-way handshake which is a set of initial steps required for establishing network connection. UDP supports retransmission of lost packets, flow control (managing the amount of data that is being sent), and sequencing (rearranging packets that arrived out of order). Example applications of UDP include transmission of text and image data.
True
False
TCP is an example of a connectionless protocol. Because TCP does not support three-way handshake while establishing a network connection, it is referred to as unreliable or best-effort protocol. Example applications of TCP include transmission of video and audio streaming data.
True
False
Which of the answers listed below refer to the concept of data isolation? (Select 2 answers)
A. DLP
B. SDN
C. EFS
D. SWG
E. EDR
Which of the following provides active network security breach response on an individual computer system?
A. NIDS
B. HIDS
C. NIPS
D. HIPS
A Host Intrusion Prevention System (HIPS) is a security mechanism that can detect and take action against threats to maintain the integrity of a computer system. It monitors various aspects like memory, kernel, network state, and process execution to prevent unauthorized access and attacks.
The importance of changing default usernames and passwords can be illustrated on the example of certain network devices (such as routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.
True
False
The process of securing networking devices should include the practice of disabling unused physical and logical ports.
True
False
The term “Hybrid cloud” refers to a mixed computing environment that can include different cloud service models like public and private clouds, as well as on-premises infrastructure.
True
False
A type of document outlining the shared responsibilities between a CSP and its customers for securing and managing data and resources is known as: (Select best answer)
A. Service level agreement
B. Acceptable use policies
C. Cloud responsibility matrix
D. Master Service agreement
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution.
Which of the terms listed below refers to a method for managing infrastructure resources through scripts and templates?
A. IaaS
B. ML
C. IaC
D. SDN
A serverless architecture allows developers to create apps and services without having to manage the required infrastructure resources (such as servers, databases, and storage systems), which are handled by:
A. CSP
B. ISP
C. MSP
D. IdP
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft, to site defacement, to malware distribution.
In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.
True
False
Which of the following provides isolation from external computer networks?
A. Network segmentation
B. Air gap
C. Hardware firewall
D. Protected cable distribution
An air gap is a security measure that involves isolating a computer or network and preventing it from establishing an external connection.
Which of the answers listed below refers to a means for logical network segmentation?
A. Switch
B. VLAN
C. Screened subnet
D. Router
VLANs function by offering network segmentation, which can enhance management, security, and performance. VLANs can increase security by preventing unwanted access to critical data and network resources by segregating network traffic and limiting access to particular network resources.
Which of the following answers refers to software technology designed to simplify network infrastructure management?
A. SDN
B. SaaS
C. VDI
D. SNMP
Software-Defined Network security (SDN) involves virtualizing security functions from the traditional hardware they tend to operate on. They enforce virtual network functions, with data and monitoring accessible through one intuitive interface.
Which of the answers listed below refers to the process of packaging an application and its dependencies into a single, self-contained unit, which can run across different computing environments?
A. Edge computing
B. Containerization
C. Virtualization
D. Cloud computing
Container security is the practice of protecting containerized applications and their infrastructure from threats. It includes processes, policies, and tools that ensure the safety and integrity of containers throughout their lifecycle.
Which of the following answers refers to a solution that allows multiple OSs to work simultaneously on the same hardware?
A. Clustering
B. Hyperthreading
C. Multitasking
D. Virtualization
Which of the answers listed below refers to a network of interconnected devices equipped with sensors (such as wearable tech or home automation devices) that can interact with each other to perform various tasks and functions?
A. ICS
B. PAN
C. IoT
D. SoC
Which of the following refers to a broad term that encompasses various control and automation systems used in industrial settings to control and monitor physical processes and machinery?
A. ICS
B. PLC
C. SCADA
D. HMI
Industrial control system (ICS) security focuses on ensuring the security and safe function of industrial control systems. This includes the hardware and software the system and its operators use.
Which of the answers listed below refers to a specific type of ICS?
A. SoC
B. CMS
C. SCADA
D. RTOS
A Supervisory Control And Data Acquisition system involves monitoring and controlling processes from a central location. The system is intended for remote monitoring and management of complex processes, making it susceptible to ransomware, malware, and other cyberthreats.
Which of the following answers refers to an OS type characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems?
A. Unix-like OS
B. SoC
C. Firmware
D. RTOS
A Real-Time Operating system (RTOS) is an operating system with two key features: predictability and determinism.
In an RTOS, repeated tasks are performed within a tight time boundary, while in a general-purpose operating system, this is not necessarily so.
Which of the answers listed below refer(s) to embedded systems? (Select all that apply)
A. Often designed to operate in real-time or with low latency.
B. Typically equipped with constrained computing resources and storage
C. Designed to perform a single task or a few closely related tasks within a larger system.
D. Often integrated with hardware components like sensors and actuators
Which of the following terms can be used to describe a system designed to aim for minimized downtime and uninterrupted operation?
A. ICS
B. HA
C. RTOS
D. SoC
Which of the answers listed below refers to a device failure mode in which maintaining service availability is prioritized over security?
A. Fail-safe
B. Fail-close
C. Fail-open
D. Fail-secure
A security, fail-open is a configuration that allows a system to continue operating when a failure occurs, instead of shutting down. This is in contrast to fail-closed, which means the system stops working when a failure occurs
Which failure mode prioritizes security over availability, ensuring that no potentially malicious traffic can get through the device?
A. Fail-soft
B. Fail-through
C. Fail-safe
D Fail-close
Fail-closed, also known as fail-secure, is a security concept that means a device or system will prevent access or data from falling into the wrong hands if it fails. It’s often used when security concerns are more important than the need for access.
Which of the following answers refer to passive network monitoring techniques? (Select 2 answers)
A. Network tap
B. Trunk port
C. Port mirroring
D. SNMP trap
E. Registered port
A type of hardened server used as a secure gateway for remote administration of devices placed in a different security zone is called:
A. C2 server
B. Jump server
C. UC server
D. Proxy server
Which of the following answers can be used to describe technical security controls? (Select 3 answers)
A. Focused on protecting material assets
B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
D. Also known as administrative controls
E. Implemented with technology
F. Primarily implemented and executed by people (as opposed to computer systems)
Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)
A. Security audits
B. Encryption
C. Organizational security policy
D. IDSs
E. Configuration management
F. Firewalls
Which of the answers listed below refer to examples of technical security controls? (Select 3 answers)
A. Security audits
B. Encryption
C. Organizational security policy
D. IDSs
E. Configuration management
F. Firewalls
Which of the following answers can be used to describe technical security controls? (Select 3 answers)
A. Focused on protecting material assets
B. Sometimes called logical security controls
C. Executed by computer systems (instead of people)
D. Also known as administrative controls
E Implemented with technology
F Primarily implemented and executed by people (as opposed to computer systems)
Which of the following answers refer to the characteristic features of managerial security controls? (Select 3 answers)
A. Also known as administrative controls
B. Sometimes referred to as logical security controls
C. Focused on reducing the risk of security incidents
D. Executed by computer systems (instead of people)
E. Documented in written policies
F. Focused on protecting material assets
Examples of managerial security controls include: (Select 3 answers)
A. Configuration management
B. Data backups
C. Organizational security policy
D. Risk assessments
E. Security awareness training
Which of the answers listed below can be used to describe operational security controls (Select 3 answers)
A. Also known as administrative controls
B. Focused on the day-to-day procedures of an organization
C. Executed by computer systems (instead of people)
D. Used to ensure that the equipment continues to work as specified
E. Focused on managing risk
F. Primarily implemented and executed by people (as opposed to computer systems)
Which of the following examples fall into the category of operational security controls? (Select 3 answers)
A. Risk assessments
B. Configuration management
C. System backups
D. Authentication protocols
E. Patch management
Which of the answers listed below refers to security controls designed to deter, detect, and prevent unauthorized access, theft, damage, or destruction of material assets?
A. Managerial security controls
B. Physical security controls
C. Technical security controls
D. Operational security controls
Which of the following examples do not fall into the category of physical security controls? (Select 3 answers)
A. Lighting
B. Access control vestibules
C. Data backups
D. Fencing/Bollards/Barricades
E. Firewalls
F. Security guards
G. Asset management
What are the examples of preventive security controls? (Select 3 answers)
A. Encryption
B. IDS
C. Sensors
D. Firewalls
E. Warning signs
F. AV software
Examples of deterrent security controls include: (Select 3 answers)
A. Warning signs
B. Sensors
C. Lighting
D. Video surveillance
E. Security audits
F. Fencing/Bollards
Which of the answers listed below refer(s) to detective security control(s)? (Select all that apply)
A. Lighting
B. Log monitoring
C. Sandboxing
D. Security audits
E. CCTV
F. IDS
G. Vulnerability scanning
Which of the following answers refer(s) to corrective security control(s)? (Select all that apply)
A. Recovering data from backup copies
B. Applying software updates and patches to fix vulnerabilities
C. Developing and implementing IRPs to respond to and recover from security incidents
D. Regularly reviewing logs for anomalies or patterns indicative of attacks
E. Activating and executing DRPs to restore operations after a major incident
Which of the answers listed below refer(s) to compensating security control(s)? (Select all that apply)
A. Backup power systems
B. Video surveillance
C. MFA
D. Application sandboxing
E. Network segmentation
The term “Directive security controls” refers to the category of security controls that are implemented through policies and procedures.
True
False
Which of the following terms fall into the category of directive security controls? (Select 2 answers)
A. IRP
B. AUP
C. IDS
D. MFA
E. IPS
An Incident Response Plan is a written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.
An Acceptable Use Policy (AUP) is a set of rules that outline how to use an organization’s technology resources, such as the computer network, website, or other devices.
