Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ UDemy > Section 1 > Flashcards

Section 1 Flashcards

1
Q

The following describes what?

Act of protecting data and information from unauthorized access,
unlawful modification and disruption, disclosure, corruption, and
destruction

A

Information Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The following describes what?

Act of protecting the systems that hold and process our critical data

A

Information Systems Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the CIA triad stand for?

A

C - Confidentiality
I - Integrity
A - Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The following describes which part of the CIA triad?

Information has not been disclosed to unauthorized people

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The following describes which part of the CIA triad?

Information has not been modified or altered without proper
authorization

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The following describes which part of the CIA triad?

Information is able to be stored, accessed, or protected at all times

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does the AAA of security stand for?

A

Authentication, Authorization and Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The following describes which triple A of security?

When a person’s identity is established with proof and confirmed by a
system:

● Something you know
● Something you are
● Something you have
● Something you do
● Somewhere you are

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The following describes which triple A of security?

Occurs when a user is given access to a certain piece of data or certain
areas of a building

A

Authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The following describes which triple A of security?

Tracking of data, computer usage, and network resources

A

Accounting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

This occurs when you have proof that someone has taken an action.

A

Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the four security threats?

A

Malware
Unauthorized Access
System Failure
Software Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

This is a short-hand term for malicious software

A

Malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

This occurs when access to computer resources and data occurs without the
consent of the owner

A

Unauthorized Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

This occurs when a computer crashes or an individual application fails

A

System Failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

This is the act of manipulating users into revealing confidential information or
performing other detrimental actions

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

When it comes to mitigation what are some examples of physical controls?

A

Alarm systems, locks, surveillance cameras, identification cards, and
security guards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

When it comes to mitigation what are some examples of technical controls?

A

Smart cards, encryption, access control lists (ACLs), intrusion detection
systems, and network authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

When it comes to mitigation what are some examples of administrative controls?

A

Policies, procedures, security awareness training, contingency planning,
and disaster recovery plans

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the most cost-effective security control to use?

A

User training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are the five types of hackers?

A

White Hats
Black Hats
Gray Hats
Blue Hats
Elites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What kind of hacker is the following describing?

Non-malicious hackers who attempt to break into a company’s
systems at their request

A

White Hats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What kind of hacker is the following describing?

Malicious hackers who break into computer systems and networks
without authorization or permission

A

Black Hats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What kind of hacker is the following describing?

Hackers without any affiliation to a company who attempt to
break into a company’s network but risk the law by doing so

A

Gray Hats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What kind of hacker is the following describing?

Hackers who attempt to hack into a network with permission of
the company but are not employed by the company

A

Blue Hats

26
Q

What kind of hacker is the following describing?

Hackers who find and exploit vulnerabilities before anyone else
does. They are 1 in 10,000.

A

Elites

27
Q

These kind of threat actors have limited skill and only run other people’s exploits and tools

A

Script kiddies

28
Q

What are the four types of threat actors?

A

Script kiddies
Hacktivists
Organized Crime
Advanced Persistent Threats (APT)

29
Q

These are threat actors who are driven by a cause like social change, political agendas, or terrorism

A

Hacktivists

30
Q

These are threat actors who are part of a crime group that is well-funded and highly
sophisticated

A

Organized Crime

31
Q

These threat actors are Highly trained and funded groups of hackers (often by nation states) with covert and open-source intelligence at their disposal

A

Advanced Persistent Threats (APT)

32
Q

What are the four properties of good threat intelligence?

A

Timeliness
Accuracy
Relevancy
Confidence Levels

33
Q

The following describes which threat intelligence?

Property of an intelligence source that ensures it is up-to-date

A

Timeliness

34
Q

The following describes which threat intelligence?

Property of an intelligence source that ensures it matches the use cases intended
for it

A

Relevancy

35
Q

The following describes which threat intelligence?

Property of an intelligence source that ensures it produces effective results

A

Accuracy

36
Q

The following describes which threat intelligence?

Property of an intelligence source that ensures it produces qualified statements
about reliability

A

Confidence levels

37
Q

What are the three kinds of intelligence sources?

A

Open Source
Closed Source
Proprietary

38
Q

The following describes which intelligence source?

Data that is available to use without subscription, which may include threat feeds
similar to the commercial providers and may contain reputation lists and
malware signature databases

A

Open Source

39
Q

The following describes which intelligence source?

Data that is derived from the provider’s own research and analysis efforts, such
as data from honeynets that they operate, plus information mined from its
customers’ systems, suitably anonymized

A

Closed Source

40
Q

The following describes which intelligence source?

Threat intelligence is very widely provided as a commercial service offering,
where access to updates and research is subject to a subscription fee

A

Proprietary

41
Q

Methods of obtaining information about a person or organization through public
records, websites, and social media

A

Open-Source Intelligence (OSINT)

42
Q
  • US-CERT
    ▪ UK’s NCSC
    ▪ AT&T Security (OTX)
    ▪ MISP
    ▪ VirusTotal
    ▪ Spamhaus
    ▪ SANS ISC Suspicious Domains

These are all examples of what?

A

Open Sources

43
Q

What is threat hunting?

A

A cyber security technique designed to detect presence of threat that have not
been discovered by a normal security monitoring

44
Q

True or False: Threat Hunting is potentially less disruptive than penetration testing

A

True

45
Q

To do threat hunting, we start off by establishing what?

A

A hypothesis

46
Q

What is a hypothesis?

A

A hypothesis is derived from the threat modeling and is based on potential
events with higher likelihood and higher impact.

Essentially, we are going to sit around and think… who is going to try to harm us? Who might want to break into our networks? And how might they be able to do that? These questions help us generate a hypothesis.

47
Q

What is the secondary step of threat hunting?

A

Profiling Threat Actors and Activities

48
Q

What is Profiling Threat Actors and Activities?

A

Involves the creation of scenario that show how a prospective attacker might
attempt an intrusion and what their objectives might be

49
Q

Threat hunting relies on the usage of the tools developed for regular security monitoring and incident response. These four tools are:

A
  • Analyze network traffic
    o Analyze the executable process list
    o Analyze other infected host
    o Identify how the malicious process was executed
50
Q

Threat hunting consumes a lot of resources and time to conduct, but can yield a lot of
benefits. What are those benefits?

A
  • Improve detection capabilities
  • integrate intelligence
  • reduces attack surface
  • Block attack vectors
  • identify critical assets
51
Q

What are the three attack frameworks?

A

Kill Chain
MITRE ATT&CK Framework
Diamond Model of Intrusion Analysis

52
Q

The following describes which attack framework?

A model developed by Lockheed Martin that describes the stages by which a
threat actor progresses a network intrusion

A

Kill Chain

53
Q

The following describes which attack framework?

A knowledge base maintained by the MITRE Corporation for listing and
explaining specific adversary tactics, techniques, and common knowledge or
procedures (attack.mitre.org)

A

MITRE ATT&CK Framework

54
Q

The following describes which attack framework?

A framework for analyzing cybersecurity incidents and intrusions by exploring the
relationships between four core features: adversary, capability, infrastructure,
and victim

A

Diamond Model of Intrusion Analysis

55
Q

What is the Kill Chain’s 1st stage?

A

Reconnaissance
● The attacker determines what methods to use to complete the
phases of the attack

56
Q

What is the Kill Chain’s 2nd stage?

A

Weaponization
● The attacker couples payload code that will enable access with
exploit code that will use a vulnerability to execute on the target
system

57
Q

What is the Kill Chain’s 3rd stage?

A

Delivery
● The attacker identifies a vector by which to transmit the
weaponized code to the target environment

58
Q

What is the Kill Chain’s 4th stage?

A

Exploitation
● The weaponized code is executed on the target system by this
mechanism

59
Q

What is the Kill Chain’s 5th stage?

A

Installation
● This mechanism enables the weaponized code to run a remote
access tool and achieve persistence on the target system

60
Q

What is the Kill Chain’s 6th stage?

A

Command & Control (C2)
● The weaponized code establishes an outbound channel to a
remote server that can then be used to control the remote access
tool and possibly download additional tools to progress the attack

61
Q

What is the Kill Chain’s 7th stage?

A

Actions on Objectives
● The attacker typically uses the access he has achieved to covertly
collect information from target systems and transfer it to a remote
system (data exfiltration) or achieve other goals and motives
● Kill chain analysis can be used to identify a defensive
course-of-action matrix to counter the progress
of an attack at each stage

62
Q
A

Security+ UDemy (33 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions