Foundations of Cybersecurity Module 2

Question 1

____________ is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Answer 1

Phishing

Question 1

A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage.

Answer 1

Business Email Compromise (BEC)

Question 2

A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source.

Answer 2

Spear phishing

Question 3

A form of spear phishing. Threat actors target company executives to gain access to sensitive data.

Answer 3

Whaling

Question 4

The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source.

Answer 4

Vishing

Question 5

The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

Answer 5

Smishing

Question 6

__________is software designed to harm devices or networks. There are many types of malware. The primary purpose of malware is to obtain money, or in some cases, an intelligence advantage that can be used against a person, an organization, or a territory.

Answer 6

Malware

Question 7

Malicious code written to interfere with computer operations and cause damage to data and software. A virus needs to be initiated by a user (i.e., a threat actor), who transmits the virus via a malicious attachment or file download. When someone opens the malicious attachment or download, the ________ hides itself in other files in the now infected system. When the infected files are opened, it allows the ______ to insert its own code to damage and/or destroy data in the system.

Answer 7

Viruses

Question 8

Malware that can duplicate and spread itself across systems on its own. In contrast to a _______ , a ______does not need to be downloaded by a user. Instead, it self-replicates and spreads from an already infected computer to other devices on the same network.

Answer 8

Worms

Question 9

A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.

Answer 9

Ransomware

Question 10

Malware that’s used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

Answer 10

Spyware

Question 11

___________ is a manipulation technique that exploits human error to gain private information, access, or valuables. Human error is usually a result of trusting someone without question. It’s the mission of a threat actor, acting as a ____________, to create an environment of false trust and lies to exploit as many people as possible.

Answer 11

Social engineering

Question 12

A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.

Answer 12

Social media phishing

Question 13

A threat actor attacks a website frequently visited by a specific group of users.

Answer 13

Watering hole attack

Question 14

A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network.

Answer 14

USB baiting

Question 15

A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.

Answer 15

Physical social engineering

Question 16

Threat actors impersonate individuals with power. This is because people, in general, have been conditioned to respect and follow authority figures.

Answer 16

Authority

Question 17

Threat actors use bullying tactics. This includes persuading and intimidating victims into doing what they’re told.

Answer 17

Intimidation

Question 18

Because people sometimes do things that they believe many others are doing, threat actors use others’ trust to pretend they are legitimate. For example, a threat actor might try to gain access to private data by telling an employee that other people at the company have given them access to that data in the past.

Answer 18

Consensus/Social proof

Question 19

A tactic used to imply that goods or services are in limited supply.

Answer 19

Scarcity

Question 20

Threat actors establish a fake emotional connection with users that can be exploited.

Answer 20

Familiarity

Question 21

Threat actors establish an emotional relationship with users that can be exploited over time. They use this relationship to develop trust and gain personal information.

Answer 21

Trust

Question 22

A threat actor persuades others to respond quickly and without questioning.

Answer 22

Urgency

Question 23

A ____________ is an attempt to access password-secured devices, systems, networks, or data. Some forms of ________ that you’ll learn about later in the certificate program are:

Brute force

Rainbow table

__________ fall under the communication and ‘network security domain’.

Answer 23

Password Attack

Question 24

____________ is a manipulation technique that exploits human error to gain private information, access, or valuables. Some forms of social engineering attacks that you will continue to learn about throughout the program are:

Phishing

Smishing

Vishing

Spear phishing

Whaling

Social media phishing

Business Email Compromise (BEC)

Watering hole attack

USB (Universal Serial Bus) baiting

Physical social engineering

_____________ attacks are related to the ‘security and risk management domain’.

Answer 24

Social engineering

Question 25

A _____________ is a security incident that affects not only digital but also physical environments where the incident is deployed. Some forms of physical attacks are:

Malicious USB cable

Malicious flash drive

Card cloning and skimming

_____________ fall under the ‘asset security domain’.

Answer 25

Physical Attack

Question 26

______________________ is a technique that manipulates
artificial intelligence and machine learning technology to conduct attacks more efficiently.____________________ falls under both the ‘communication and network security’ and the ‘identity and access management’ domains.

Answer 26

Adversarial artificial intelligence

Question 27

A ______________ targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed. Because every item sold undergoes a process that involves third parties, this means that the security breach can occur at any point in the supply chain. These attacks are costly because they can affect multiple organizations and the individuals who work for them. ______________________ can fall under several domains, including but not limited to the ‘security and risk management’, ‘security architecture and engineering’, and ‘security operations’ domains.

Answer 27

Supply-Chain Attack

Question 28

A __________________ affects secure forms of communication between a sender and intended recipient. Some forms of cryptographic attacks are:

Birthday

Collision

Downgrade

__________________ fall under the “communication and network security” domain.

Answer 28

Cryptographic Attack

Question 29

______________________ have significant expertise accessing an organization’s network without authorization. APTs tend to research their targets (e.g., large corporations or government entities) in advance and can remain undetected for an extended period of time. Their intentions and motivations can include:

Damaging critical infrastructure, such as the power grid and natural resources

Gaining access to intellectual property, such as trade secrets or patents

Answer 29

Advanced persistent threats (APTs)

Question 30

___________________ abuse their authorized access to obtain data that may harm an organization. Their intentions and motivations can include:

Sabotage

Corruption

Espionage

Unauthorized data access or leaks

Answer 30

Insider Threats

Question 31

___________________ are threat actors that are driven by a political agenda. They abuse digital technology to accomplish their goals, which may include:

Demonstrations

Propaganda

Social change campaigns

Fame

Answer 31

Hacktivists

Question 32

CISSP - 1st Domain

___________________ focuses on defining security goals and objectives, risk mitigation, compliance, business continuity, and the law. For example, security analysts may need to update company policies related to private health information if a change is made to a federal compliance regulation such as the Health Insurance Portability and Accountability Act, also known as HIPAA.

Answer 32

Security and risk management

Question 33

CISSP - 2nd Domain

This domain focuses on securing digital and physical assets. It’s also related to the storage, maintenance, retention, and destruction of data. When working with this domain, security analysts may be tasked with making sure that old equipment is properly disposed of and destroyed, including any type of confidential information.

Answer 33

Asset Security

Question 34

CISSP - 3rd Domain

This domain focuses on optimizing data security by ensuring effective tools, systems, and processes are in place. As a security analyst, you may be tasked with configuring a firewall. A firewall is a device used to monitor and filter incoming and outgoing computer network traffic. Setting up a firewall correctly helps prevent attacks that could affect productivity.

Answer 34

Security Architecture and Engineering

Question 35

CISSP - 4th Domain

This domain focuses on managing and securing physical networks and wireless communications. As a security analyst, you may be asked to analyze user behavior within your organization.

Answer 35

Communication and Network Security

Question 36

CISSP - 5th Domain

_________________________ focuses on keeping data secure, by ensuring users follow established policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications. Validating the identities of employees and documenting access roles are essential to maintaining the organization’s physical and digital security. For example, as a security analyst, you may be tasked with setting up employees’ keycard access to buildings.

Answer 36

identity and access management

Question 37

CISSP - 6th Domain

This domain focuses on conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities. Security analysts may conduct regular audits of user permissions, to make sure that users have the correct level of access. For example, access to payroll information is often limited to certain employees, so analysts may be asked to regularly audit permissions to ensure that no unauthorized person can view employee salaries.

Answer 37

security assessment and testing

Question 38

CISSP - 7th Domain

This domain focuses on conducting investigations and implementing preventative measures. Imagine that you, as a security analyst, receive an alert that an unknown device has been connected to your internal network. You would need to follow the organization’s policies and procedures to quickly stop the potential threat.

Answer 38

security operations

Question 39

CISSP - 8th Domain

This domain focuses on using secure coding practices, which are a set of recommended guidelines that are used to create secure applications and services. A security analyst may work with software development teams to ensure security practices are incorporated into the software development life-cycle. If, for example, one of your partner teams is creating a new mobile app, then you may be asked to advise on the password policies or ensure that any user data is properly secured and managed.

Answer 39

software development security