Module 4 - 01-2

Question 1

What are two commonly used types of Programming Languages?

Answer 1

1) Python
2) SQL

Question 2

What does OS stand for?

Answer 2

Operating System

Question 3

Define operating system (OS)

Answer 3

The interface between computer hardware and the user.

Question 4

What are three examples of an Operating System?

Answer 4

1) Linux
2) MacOS
3) Windows

Question 5

Define Programming

Answer 5

Used to create a specific set of instructions for a computer to execute tasks

Question 6

How does programming benefit security analysts?

Answer 6

Programming allows analysts to complete repetitive tasks and processes with a high degree of accuracy and efficiency.
It also helps reduce the risk of human error, and can save hours or days compared to performing the work manually.

Question 7

Define Linux

Answer 7

An open-source, or publicly available, operating system

Question 8

Define Open Source

Answer 8

The code is available to the public and allows people to make contributions to improve the software

Question 9

What does Linux rely on as the primary user interface?

Answer 9

Linux relies on a command line as the primary user interface.
Linux itself is not a programming language, but it does allow for the use of text-based commands between the user and the operating system.

Question 10

Define Command

Answer 10

An instruction telling the computer to do something

Question 11

What doe CLI stand for?

Answer 11

Command Line Interface (CLI)

Question 12

Define Command-Line Interface

Answer 12

A text-based user interface that uses commands to interact with the computer

Question 13

What does GUI stand for?

Answer 13

Graphical User Interface (GUI)

Question 14

Explain how Linux, in the past and now, interacts with common computer systems?

Answer 14

Linux traditionally relied on the CLI, but modern distributions typically come with a graphical user interface (GUI), which allows users to interact with the system using windows, icons, and menus, similar to Windows or macOS.

Question 15

What does SQL stand for?

Answer 15

Structured Query Language (SQL)

Question 16

Define SQL

Answer 16

A programming language used to create, interact with, and request information from a database

Question 17

Define Database

Answer 17

An organized collection of information or data

Question 18

Define Data Point

Answer 18

A specific piece of information

Question 19

Define Python

Answer 19

Used to perform tasks that are repetitive and time-consuming and that require a high level of detail and accuracy

Question 20

Which of the following can be used to perform repetitive, time-consuming tasks and/or request information from a database? Select two answers.

• SQL
• Python
• Linux
• CIA

Answer 20

• SQL
• Python

Python and SQL can be used to perform repetitive, time-consuming tasks and/or request information from a database.

Question 21

Define Automation

Answer 21

The use of technology to reduce human and manual effort in performing common and repetitive tasks.
Automation also helps reduce the risk of human error.

Question 22

Define Web Vulnerability

Answer 22

A unique flaw in a web application that a threat actor could exploit by using malicious code or behavior, to allow unauthorized access, data theft, and malware deployment

Question 23

What does OWASP stand for?

Answer 23

Open Web Application Security Project (OWASP)

Question 24

Define OWASP

Answer 24

A non-profit organization focused on improving software security

Question 25

What is another name for Antivirus Software?

Answer 25

Anti-Malware

Question 26

Define Antivirus Software (Anti-Malware)

Answer 26

A software program used to prevent, detect, and eliminate malware and viruses

Question 27

What does IDS stand for?

Answer 27

Intrusion Detection System (IDS)

Question 28

Define IDS

Answer 28

An application that monitors system activity and alerts on possible intrusions

Question 29

Explain how an IDS works

Answer 29

The system scans and analyzes network packets, which carry small amounts of data through a network. The small amount of data makes the detection process easier for an IDS to identify potential threats to sensitive data. Other occurrences an IDS might detect can include theft and unauthorized access.

Question 30

Define Encryption

Answer 30

The process of converting data from a readable format to a cryptographically encoded format

Question 31

Define Cryptographic Encoding

Answer 31

Converting plaintext into secure ciphertext

Question 32

Define Plaintext

Answer 32

Unencrypted information

Question 33

Define Secure Ciphertext

Answer 33

The result of encryption

Question 34

Define Encoding

Answer 34

The use of a public conversion algorithm to enable systems that use different data representations to share information

Question 35

What is another name for Penetration Testing?

Answer 35

Pen Testing

Question 36

Define Penetration Testing (Pen Testing)

Answer 36

The act of participating in a simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes

It is a thorough risk assessment that can evaluate and identify external and internal threats as well as weaknesses

Question 37

What do security professionals use to interact with and request information from a database?

• Linux
• Confidentiality, integrity, availability (CIA) triad
• Python
• Structured Query Language (SQL)

Answer 37

Structured Query Language (SQL)

Security professionals use Structured Query Language (SQL) to interact with and request information from a database.

Question 38

What is programming typically used for? Select two answers.

• Record events that occur within an organization’s systems
• Complete repetitive tasks and processes
• Enable open-source operations
• Create a specific set of instructions for a computer to execute tasks

Answer 38

• Complete repetitive tasks and processes
• Create a specific set of instructions for a computer to execute tasks

Programming is typically used to complete repetitive tasks and processes and create a specific set of instructions for a computer to execute tasks.

Question 39

Linux is an open-source _____ that can be used to examine logs.

• algorithm
• database
• programming language
• operating system

Answer 39

operating system

Linux is an open-source operating system that can be used to examine logs.

Question 40

True or False?
A playbook is a manual that only provides details about how to respond to an incident.

Answer 40

False

A playbook is a manual that provides details about any operational action, including incident response, security or compliance reviews, access management, and many other organizational tasks that require a documented process from beginning to end.

Question 41

What is a portfolio?

Answer 41

Cybersecurity professionals use portfolios to demonstrate their security education, skills, and knowledge.

Question 42

Why is a portfolio necessary?

Answer 42

Professionals typically use portfolios when they apply for jobs to show potential employers that they are passionate about their work and can do the job they are applying for. Portfolios are more in depth than a resume, which is typically a one-to-two page summary of relevant education, work experience, and accomplishments.

Question 43

What may be included but not limited in a portfolio?

Answer 43

• Drafting a professional statement
• Conducting a security audit
• Analyzing network structure and security
• Using Linux commands to manage file permissions
• Applying filters to SQL queries
• Identifying vulnerabilities for a small business
• Documenting incidents with an incident handler’s journal
• Importing and parsing a text file in a security-related scenario
• Creating or revising a resume

Question 44

Define Professional Statement

Answer 44

An introduction to prospective employers that briefly describes who you are as a person and potential employee, and it allows them to understand what you care about and the value you can bring to the organization.

Question 45

Example 1 of a Professional Statement

Answer 45

My name is Daniel. I am driven and passionate about safeguarding people’s security, including their financial well being. I enjoy working with technology and analyzing and solving complex problems.

Question 46

Example 2 of a Professional Statement

Answer 46

I am a highly motivated and detail-oriented cybersecurity analyst. I actively work to identify and analyze potential risks, threats, and vulnerabilities to security and ensure the confidentiality, integrity, and availability of assets, to help safeguard organizations and people alike.

Question 47

Example 3 of a Professional Statement

Answer 47

I am enthusiastic about information security and enjoy finding solutions that can positively impact an organization and the people it serves. I place a high value on maintaining a strong security posture to help protect sensitive information and mitigate risk.