Module 1 - The Danger

Question 1

A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

A type of virus
A type of logic bomb
A type of ransomware
A type of worm

Answer 1

A type of ransomware

Question 2

What is cyberwarfare?

It is an attack only on military targets.
It is an attack on a major corporation.
It is an attack that only involves robots and bots.
It is an attack designed to disrupt, corrupt, or exploit national interests.

Answer 2

It is an attack designed to disrupt, corrupt, or exploit national interests.

Question 3

How can a security information and event management system in an SOC be used to help personnel fight against security threats?

By collecting and filtering data
By filtering network traffic
By authenticating users to network resources
By encrypting communications to remote sites

Answer 3

By collecting and filtering data

Question 4

Which three technologies should be included in an SOC security information and event management system? (Choose three.)

Proxy service
User authentication
Threat intelligence
Security monitoring
Intrusion prevention
Event collection, correlation, and analysis

Answer 4

Security monitoring
Event collection, correlation, and analysis
Threat intelligence

Question 5

What name is given to hackers who hack for a political or social cause?

White hat
Hacker
Hacktivist
Blue hat

Answer 5

Hacktivist

Question 6

Which organization is an international nonprofit organization that offers the CISSP certification?

(ISC)2
IEEE
GIAC
CompTIA

Answer 6

(ISC)2

Question 7

After a security incident is verified in a SOC, an incident responder reviewsthe incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident ticket be escalated?

A cyberoperations analyst for help
An SME for further investigation
An alert analyst for further analysis
The SOC manager to ask for other personnel to be assigned

Answer 7

An SME for further investigation

Question 8

The term Alert Analyst refers to which group of personnel in an SOC?

Tier 1 personnel
Tier 2 personnel
Tier 3 personnel
SOC managers

Answer 8

Tier 1 personnel

Question 9

What is a rogue wireless hotspot?

• It is a hotspot that was set up with outdated devices.
• It is a hotspot that does not encrypt network user traffic.
• It is a hotspot that does not implement strong user authentication mechanisms.
• It is a hotspot that appears to be from a legitimate business but was actually set up by someone without the permission from the business.

Answer 9

It is a hotspot that appears to be from a legitimate business but was actually set up by someone without the permission from the business.

Question 10

What is a potential risk when using a free and open wireless hotspot in a public location?

Too many users trying to connect to the Internet may cause a network traffic jam.
The Internet connection can become too slow when many users access the wireless hotspot.
Network traffic might be hijacked and information stolen.
Purchase of products from vendors might be required in exchange for the Internet access.

Answer 10

Network traffic might be hijacked and information stolen.

Question 11

How does a security information and event management system (SIEM) in a SOC help the personnel fight against security threats?

by integrating all security devices and appliances in an organization
by analyzing logging data in real time
by combining data from multiple technologies
by dynamically implementing firewall rules

Answer 11

by combining data from multiple technologies

Question 12

Which statement best describes a motivation of hacktivists?

They are part of a protest group behind a political cause.
They are curious and learning hacking skills.
They are trying to show off their hacking skills.
They are interested in discovering new exploits.

Answer 12

They are part of a protest group behind a political cause.

Question 13

If a SOC has a goal of 99.999% uptime, how many minutes of downtime a year would be considered within its goal?

Approximately 5 minutes per year.
Approximately 10 minutes per year.
Approximately 20 minutes per year.
Approximately 30 minutes per year.

Answer 13

Approximately 5 minutes per year.

Question 14

If a SOC has a goal of 99% uptime, how many minutes of downtime a year would be considered within its goal?

Approximately 15 minutes per year.
Approximately 20 minutes per year.
Approximately 40 minutes per year.
Approximately 55 minutes per year.

Answer 14

Approximately 15 minutes per year.

Question 15

Why do IoT devices pose a greater risk than other computing devices on a network?

Most IoT devices do not require an Internet connection and are unable to receive new updates.
IoT devices cannot function on an isolated network with only an Internet connection.
Most IoT devices do not receive frequent firmware updates.
IoT devices require unencrypted wireless connections.

Answer 15

Most IoT devices do not receive frequent firmware updates.

Question 16

Which two services are provided by security operations centers? (Choose two.)

managing comprehensive threat solutions
ensuring secure routing packet exchanges
responding to data center physical break-ins
monitoring network security threats
providing secure Internet connections

Answer 16

Which two services are provided by security operations centers? (Choose two.)

managing comprehensive threat solutions
monitoring network security threats

Question 17

Which organization offers the vendor-neutral CySA+ certification?

IEEE
CompTIA
(ISC)²
GIAC

Answer 17

CompTIA

Question 18

What was used as a cyberwarfare weapon to attack a uranium enrichment facility in Iran?

DDoS
SQL injection
PSYOPS
Stuxnet

Answer 18

Stuxnet

Question 19

Which personnel in a SOC is assigned the task of verifying whether an alert triggered by monitoring software represents a true security incident?

SOC Manager
Tier 2 personnel
Tier 3 personnel
Tier 1 personnel

Answer 19

Tier 1 personnel

Question 20

Which three technologies should be included in a SOC security information and event management system? (Choose three.)

firewall appliance
security monitoring
log management
intrusion prevention
proxy service
threat intelligence

Answer 20

log management
security monitoring
threat intelligence

Question 21

Which statement describes cyberwarfare?

Cyberwarfare is an attack carried out by a group of script kiddies.
It is a series of personal protective equipment developed for soldiers involved in nuclear war.
It is simulation software for Air Force pilots that allows them to practice under a simulated war scenario.
It is Internet-based conflict that involves the penetration of information systems of other nations.

Answer 21

It is Internet-based conflict that involves the penetration of information systems of other nations.

Question 22

in the operation of a SOC, which system is frequently used to let an analyst select alerts from a pool to investigate?

syslog server
registration system
ticketing system
security alert knowledge-based system

Answer 22

ticketing system

Question 23

What name is given to an amateur hacker?

red hat
script kiddie
black hat
blue team

Answer 23

script kiddie

Question 24

Which personnel in a SOC are assigned the task of hunting for potential threats and implementing threat detection tools?

Tier 1 Analyst
SOC Manager
Tier 2 Incident Reporter
Tier 3 SME

Answer 24

Tier 3 SME

Question 25

Match the job titles to SOC personnel positions. (Not all options are used.)

Answer 25