Module 1 Flashcards

1
Q

A hacker set up an open [blank] wireless hotspot posing as a legitimate wireless network.

A

Rouge

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

[blank] gathers and encrypts corporate data. The attackers hold the company’s data for ransom until they are paid.

A

Ransomware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • Infiltrated Windows operating system.
  • Targeted Step 7 software that controls programmable logic controllers (PLCs) to damage the centrifuges in nuclear facilities.
  • Transmitted from the infected USB drives into the PLCs eventually damaging many centrifuges.
A

Stuxnet Worm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  • Known as script kiddies.
  • Have little or no skill.
  • Use existing tools or instructions found on the Internet to launch attacks.
A

Amateurs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Protect against organizations or governments.
- Posts articles and videos.
- Leak information.
- Disrupt web services with DDoS attacks.

A

Hactivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Much hacking activity is motivated by [blank].

Cybercriminals want to generate cash flow

A

Financial gain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Nation states are also interested in using cyberspace.
- Hacking other countries
- Interfering with internal politics
- Industrial espionage
- Gain significant advantage in international trade

A

Trade Secrets and Global Politics

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Connected things to improve quality of life.

A

Internet of Things (IoT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • Took down many websites.
  • Compromised webcams, DVRs, routers, and other IoT devices formed a botnet.
  • The hacker controlled botnet created the [blank] attack that disabled essential Internet services.
A

DDoS attack against domain name provider, Dyn

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Any information that can be used to positively identify an individual

A

Personally identifiable information (PII)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Creates and maintains electronic medical records (EMRs)

A

Protected Health Information (PHI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Provides a broad range of services:
- Monitoring
- Management
- Comprehensive threat solutions
- Hosted security

A

Security Operations Centers (SOCs)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Major elements of a SOC

A

People, Processes, Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Begins with monitoring security alert queues

Verifies if an alert triggered in the ticketing software represents a true security incident

The incident can be forwarded to investigators, or resolved as a false alarm

A

Tier 1 Alert Analyst

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Deep Investigator

Advises remediation

A

Tier 2 Incident Responder

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

In-depth knowledge

Threat hunting

Preventive measures

A

Tier 3 Subject Matter Expert (SME)/Hunter

17
Q

Manages all the resources of the SOC and serves as the point of contact for the larger organziation of customer

A

SOC Manager

18
Q

These professionals have expert-level skill in network, endpoint, threat intelligence, and malware reverse engineering

A

Tier 3 Subject Matter Expert (SME)/Hunter

19
Q

These professionals are responsible for deep investigation of incidents and advise remediation or action to be taken

A

Tier 2 Incident Responder

20
Q

A “five nines” uptime means that the network is up 99.999% of the time (or down for no more than [blank])

A

5 minutes a year

21
Q

Provides a valuable first step in acquiring the knowledge and skills needed to work with a SOC team

A

CCNA Cyber Ops

22
Q

A vendor neutral IT professional certification

A

CompTIA Cybersecurity Analyst Certification (CSA+)

23
Q

An international non-profit organization that offers the highly acclaimed CISSP certification

A

(ISC)^2 Information Security Certifications