Module 1

Question 1

A hacker set up an open [blank] wireless hotspot posing as a legitimate wireless network.

Answer 1

Rouge

Question 2

[blank] gathers and encrypts corporate data. The attackers hold the company’s data for ransom until they are paid.

Answer 2

Ransomware

Question 3

• Infiltrated Windows operating system.
• Targeted Step 7 software that controls programmable logic controllers (PLCs) to damage the centrifuges in nuclear facilities.
• Transmitted from the infected USB drives into the PLCs eventually damaging many centrifuges.

Answer 3

Stuxnet Worm

Question 4

• Known as script kiddies.
• Have little or no skill.
• Use existing tools or instructions found on the Internet to launch attacks.

Answer 4

Amateurs

Question 5

Protect against organizations or governments.
- Posts articles and videos.
- Leak information.
- Disrupt web services with DDoS attacks.

Answer 5

Hactivists

Question 6

Much hacking activity is motivated by [blank].

Cybercriminals want to generate cash flow

Answer 6

Financial gain

Question 7

Nation states are also interested in using cyberspace.
- Hacking other countries
- Interfering with internal politics
- Industrial espionage
- Gain significant advantage in international trade

Answer 7

Trade Secrets and Global Politics

Question 8

Connected things to improve quality of life.

Answer 8

Internet of Things (IoT)

Question 9

• Took down many websites.
• Compromised webcams, DVRs, routers, and other IoT devices formed a botnet.
• The hacker controlled botnet created the [blank] attack that disabled essential Internet services.

Answer 9

DDoS attack against domain name provider, Dyn

Question 10

Any information that can be used to positively identify an individual

Answer 10

Personally identifiable information (PII)

Question 11

Creates and maintains electronic medical records (EMRs)

Answer 11

Protected Health Information (PHI)

Question 12

Provides a broad range of services:
- Monitoring
- Management
- Comprehensive threat solutions
- Hosted security

Answer 12

Security Operations Centers (SOCs)

Question 13

Major elements of a SOC

Answer 13

People, Processes, Technology

Question 14

Begins with monitoring security alert queues

Verifies if an alert triggered in the ticketing software represents a true security incident

The incident can be forwarded to investigators, or resolved as a false alarm

Answer 14

Tier 1 Alert Analyst

Question 15

Deep Investigator

Advises remediation

Answer 15

Tier 2 Incident Responder

Question 16

In-depth knowledge

Threat hunting

Preventive measures

Answer 16

Tier 3 Subject Matter Expert (SME)/Hunter

Question 17

Manages all the resources of the SOC and serves as the point of contact for the larger organziation of customer

Answer 17

SOC Manager

Question 18

These professionals have expert-level skill in network, endpoint, threat intelligence, and malware reverse engineering

Answer 18

Tier 3 Subject Matter Expert (SME)/Hunter

Question 19

These professionals are responsible for deep investigation of incidents and advise remediation or action to be taken

Answer 19

Tier 2 Incident Responder

Question 20

A “five nines” uptime means that the network is up 99.999% of the time (or down for no more than [blank])

Answer 20

5 minutes a year

Question 21

Provides a valuable first step in acquiring the knowledge and skills needed to work with a SOC team

Answer 21

CCNA Cyber Ops

Question 22

A vendor neutral IT professional certification

Answer 22

CompTIA Cybersecurity Analyst Certification (CSA+)

Question 23

An international non-profit organization that offers the highly acclaimed CISSP certification

Answer 23

(ISC)^2 Information Security Certifications