Module 1-6

Question 1

What is the goal of a SQL injection attack?

Answer 1

The goal of a SQL injection attack is to exfiltrate data from a SQL database.

Question 2

What is Modbus?

Answer 2

A network communication protocol for transmitting information between devices on a SCADA system.

Question 3

What is supervisory control and data acquisition (SCADA)?

Answer 3

A system for managing multiple ICSs.

Question 4

system on a chip (SoC)

Answer 4

A chip that combines all the required electronic circuits of the various computer components on a single IC chip.

Question 5

Industrial control systems (ICSs)

Answer 5

A system that controls devices locally or at remote locations by collecting, monitoring, and processing real-time data so that machines can directly control devices such as valves, pumps, and motors without the need for human intervention.

Question 6

Ricardo is reviewing the different types of XSS attacks. Which attack only impacts the user who entered the text on the website?

Answer 6

In a Reflected XSS attack, the user enters input into a web application that is then immediately displayed back (“reflected”) to that user to initiate the attack.

Question 7

Which area of computer memory is dynamic memory for the programmer to allocate as necessary?

Answer 7

The heap

Question 8

What is Somewhere you are and Something you are?

Answer 8

Restricted military base

Fingerprint reader

Question 9

What is Something you have and Someone you know?

Answer 9

RFID card

Adriano knows Li

Question 10

What is Something you exhibit, Something you can do, and Something you know ?

Answer 10

Red hair

Signature

Keys pressed on a keypad

Question 11

Persistent XSS

Answer 11

A threat actor enters input into a blog post or forum that is stored (“persistent”) and an unsuspecting user later displays it to initiate the attack.

Question 12

Document Object Model XSS

Answer 12

A web application writes data to the Document Object Model on the web server without proper sanitization and the attacker manipulates this data to include XSS content on the webpage.

Question 13

Aiko has been asked by her friend if she should download and install an app that allows her to circumvent the built-in limitations on her Android smartphone. What is this called?

Answer 13

Rooting

Question 14

What is the network used in vehicles for communications?

Answer 14

The controller area network (CAN) bus network is used for sending and receiving data in vehicles.

Question 15

Why is credential stuffing effective?

Answer 15

Because users repeat their passwords on multiple accounts, attackers use these passwords in their attacks with a high probability of success and this is known as credential stuffing.

Question 16

What is tethering?

Answer 16

A mobile device with an active Internet connection can be used to share that connection with other mobile devices through Bluetooth or Wi-Fi.

Question 17

What is USB On-the-Go (OTG)?

Answer 17

An OTG mobile device with a USB connection can function as either a host (to which other devices may be connected such as a USB flash drive) for external media access or as a peripheral (such as a mass storage device) to another host.

Question 18

What is pretexting?

Answer 18

Obtaining private info via impersonation

Question 19

An ____ _______ is computer hardware and software contained within a larger system designed for a specific function.

Answer 19

embedded system

Question 20

_____ ______ ______ enables the exchange of cyber threat indicators between parties through computer-to-computer communication, not email communication.

Answer 20

Automated Indicator Sharing

Question 21

This Principle of Influence is enacted to persuade a target by mentioning people we ___

Answer 21

like.

Question 22

What is MITRE ATT&CK?

Answer 22

MITRE ATT&CK is a knowledge base of attacker techniques that have been broken down and contain classification in detail.

Question 23

What is Shadow IT?

Answer 23

Shadow IT is when employees start installing their own equipment or resources without consulting the IT department. Sometimes this may be personal technology while other times it may include a department purchasing software or cloud-based solutions.

Question 24

Bernard is a security administrator for a large company that uses certain network statistics to determine whether malicious activity is occurring. In which of the following is there evidence of when these network statistics point to malicious activity occurring?

Answer 24

When key risk indicators (KRIs) fall below or surge above certain thresholds, these are evidence of an indicator of compromise (IoC).

Question 25

Diamond Model of Intrusion Analysis

Answer 25

A framework for examining network intrusion events.

Question 26

Cyber Kill Chain™

Answer 26

A framework that outlines the steps of an attack.

Question 27

attack frameworks

Answer 27

Models of the thinking and actions of today’s threat actors.

Question 28

What source of Threat Intelligence consists of a location where victims of an attack can upload malicious files and software code that can then be examined by others to learn more about these attacks and craft their defenses?

Answer 28

File and code repositories

Question 29

What are the four Diamond Model of Intrusion Analysis components?

​

Answer 29

adversary, capabilities, infrastructure, and victims.

Question 30

What is a KRI (key risk indicator)?

Answer 30

A key risk indicator (KRI) is a metric of the upper and lower bounds of specific indicators of normal network activity.

Question 31

What is Cybersecurity Information Sharing Act (CISA)

Answer 31

requires a non-federal entity to remove any information from a cyber threat indicator that it knows at the time of sharing to be personal information of a specific individual or information that identifies a specific individual that is not directly related to a cybersecurity threat.

Question 31

What is Freedom of Information Act (FOIA)

Answer 31

Although federal agencies are required to disclose any information requested, there are nine exemptions, one of which protects interests such as personal privacy.

Question 32

What is Traffic-Light Protocol (TLP)

Answer 32

uses four colors (red, amber, green, and white) to indicate the expected sharing limitations to be applied by the recipients.

Question 33

What is Protected Critical Infrastructure Information (PCII)?

Answer 33

To qualify for these protections, information must be related to the security of the critical infrastructure, voluntarily submitted, and not submitted in place of compliance with a regulatory requirement.

Question 34

Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE)

Answer 34

The threat modeling methodology is designed for assessing non-technical organizational risks that may result from compromised data.

Question 35

Trike

Answer 35

An open-source threat modeling process that is designed to satisfy the security auditing process from a cyber risk management perspective.

Question 36

Process for Attack Simulation and Threat Analysis (PASTA)

Answer 36

The threat modeling provides a seven-step process for risk analysis that does not depend upon which platform is being used.

Question 37

Spoofing Tampering Repudiation Information Message Disclosure Denial of Service and Elevation of Privilege (STRIDE)

Answer 37

The goal of this threat modeling is to ensure that an application meets the security properties of Confidentiality, Integrity, and Availability (CIA), along with Authorization, Authentication, and Non-Repudiation.

Question 37

Visual, Agile, and Simple Threat modeling (VAST)

Answer 37

The founding principle is that threat modeling must scale across the infrastructure and entire application development (DevOps) library and provide actionable, accurate, and consistent outputs for developers, security teams, and senior executives.

Question 38

what is an internal function of the programming language C that can be used to copy a string to a destination buffer without checking the length of the destination buffer

Answer 38

strcpy

Question 39

What is a memorandum of understanding?

Answer 39

describes an agreement between two or more parties. It demonstrates a “convergence of will” between the parties so that they can work together. Not legal, but formal.

Question 40

What is NIPS?

Answer 40

Detects network intrusions in real time.

Question 41

What is a service level agreement?

Answer 41

a service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service.

Question 42

The ____of a vulnerability scan defines the target devices to be scanned.

Answer 42

scope

Question 43

Race condition

Answer 43

occurs when two concurrent threads of execution access a shared resource simultaneously, resulting in unintended consequences.

Question 44

What are the data classification levels?

Answer 44

Public- Data that is the least sensitive and would cause only a small amount of harm if disclosed, such as the number of current employees

Proprietary- Data that is disclosed outside the company on only a limited basis to trusted third parties; an unexpected disclosure could reduce the company’s competitive advantage, such as the nontechnical specifications for a new product

Private- Data that, while it may not harm the company itself, could cause damage to others, such as human resources data of employees

Confidential- Data that is used internally within the company, but a public disclosure would cause significant harm to the organization, such as an impending merger or acquisition

Sensitive- Data that could cause catastrophic harm to the company if disclosed, such as the technical specifications for a new product

Question 45

Loide is a cybersecurity analyst and is looking for a vulnerability scanner that will pull updates from a web-based feed so that it constantly has the latest information about new vulnerabilities as they’re discovered. Which of the following might be a good source of data for the scanner?

Answer 45

National Vulnerability Database

Question 46

insecure object reference

Answer 46

A condition that occurs when an application externally exposes a reference to an internal object.

Question 47

What is an NDA?

Answer 47

a legal contract between parties that specifies how confidential material will be shared between the parties but restricted to others.

Question 48

Kiah, a cybersecurity analyst for the government, is setting up a new Linux server and needs to configure the data classification labels to be used for the new application. What are valid labels for U.S. government systems?

Answer 48

Confidential, secret, top secret

Question 49

Extracting data on an asset to be used in a vulnerability scan.

Answer 49

enumeration

Question 50

Building a picture of an endpoint and network through enumeration.

Answer 50

mapping

Question 51

legacy systems

Answer 51

Older systems with specialized software that cannot be easily replaced.

Question 52

What is a serverless infrastructure?

Answer 52

A serverless infrastructure is one in which the capacity planning, installation, setup, and management are all invisible to the user because they are handled by the cloud provider.

Question 53

What provides random input to a program to attempt to trigger exceptions, such as memory corruption, program crashes, or security breaches?

Answer 53

fuzzing

Question 54

A popular and highly regarded infrastructure vulnerability scanning tool.

Answer 54

Nessus

Question 55

A full-featured vulnerability scanner that currently includes more than 50,000 vulnerability tests.

Answer 55

OpenVAS

Question 56

A scanner that can detect vulnerabilities on virtually any networked assets, including servers; network devices such as routers, switches, and firewalls; peripherals, and endpoints.

Answer 56

Qualys

Question 57

In cybersecurity, _____ is the process of extracting a list of usernames, machine names, network resources, shares, and services from a network system.

Answer 57

enumeration

Question 58

A third-party network tool that is a command-line TCP/IP packet assembler and analyzer.

Answer 58

hping

Question 59

A tool for capturing wireless packets and attacking wireless networks.

Answer 59

Aircrack-ng

Question 60

A tool that can be used to crack password hashes.

Answer 60

Hashcat

Question 61

A third-party network tool that can manipulate name resolution services to uncover sensitive information.

Answer 61

responder

Question 62

A tool for cracking Wi-Fi Protected Setup (WPS) PINs.

Answer 62

Reaver

Question 63

A cloud computing model of hosted software environment.

Answer 63

Software as a Service (SaaS)

Question 64

A cloud computing model of a software platform on which the enterprise or users can build their own applications and then host them.

Answer 64

Correct: Platform as a Service (PaaS)

Question 65

A cloud computing model that provides unlimited “raw” computing, storage, and network resources that the enterprise can use to build its own virtual infrastructure in the cloud.

Answer 65

Correct: Infrastructure as a Service (IaaS)

Question 66

A serverless approach to executing modular pieces of code.

Answer 66

Correct: Function as a Service (FaaS)

Question 67

Nikto

Answer 67

Correct: A web application vulnerability diagnostic tool that is a command-line open source tool.

Question 68

What process enables software developers to order the needed infrastructure from the cloud service provider by executing a script?

Answer 68

Infrastructure as Code (IaC)

Question 69

decompiler

Answer 69

A decompiler creates source code from machine language.

Question 70

A command-line tool for diagnosing vulnerabilities in services using the AWS cloud. It looks at cloud configurations and compares them with more than 150 cloud security best practices.

Answer 70

Prowler

Question 71

What would an administrator use to access a server in a DMZ?

Answer 71

A jump box | this is a minimally configured administrator server (either physical or virtual) within the DMZ. Running only essential protocols and ports.

Question 72

Vince wants to configure a firewall on the perimeter of his organization’s network to block all unsolicited incoming traffic. However, he still needs servers behind the firewall to be able to access the Internet for patching purposes. Which of the following types of firewalls might he decide to install?

Answer 72

Stateful firewall

Question 73

What is subnetting?

Answer 73

A method of subdividing a larger network into smaller subnetworks that will not be able to communicate without a specifically configured route between them.

Question 74

What is a publicly accessible centralized directory of digital certificates that can be used to view the status of a digital certificate?

Answer 74

A certificate repository (CR)

Question 75

What is a list of preapproved applications?

Answer 75

Whitelisting

Question 76

What is the process of dividing a network into small elements to provide the controls of separation and quarantining.

Answer 76

system isolation

Question 77

Mandatory Access Control (MAC)

Answer 77

Assigning users’ access controls strictly according to the data custodian’s desires.

Question 78

Role-Based Access Control (RBAC)

Answer 78

Assigning users’ access controls based on job roles.

Question 79

A hardware security module (HSM) provides what?

Answer 79

cryptographic services and is external to the device

Question 80

Boot mode that verifies parts of the process with another trusted sever.

Answer 80

Measured Boot

Question 81

Which model uses a sequential design process?

Answer 81

waterfall model, after each stage is fully completed, the developers move on to the next stage.

Question 82

What is UEFI (Unified Extensible Firmware Interface)?

Answer 82

An improved version of the firmware interface developed to replace the BIOS.

Question 83

parameterized query

Answer 83

Using predefined variables or prepared statements as placeholders for parameters

Question 84

Marilla is creating an application that will be installed on all client computers in her organization. Which of the following processes involves examining the application for bugs and vulnerabilities before the software is compiled?

Answer 84

Static code analysis is the close examination and testing of software before the source code is compiled.

Question 85

What is atomic execution?

Answer 85

permits a processor to read from a memory location or write to a location during the same data operation.