Security+ Practice Tests 6-10 Flashcards

1
Q

Which of the following does NOT refer to an email communication threat vector?

Skimming
Malicious attachment
Social engineering
Malicious URL
Phishing

A

Skimming

Skimming is collecting PII from a payment card.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following mitigates the risk of supply chain attacks?

DRP (Disaster Recovery Plan)
Vendor/intermediary checks
BCP (Business Continuity Plan)
IRP (Incident Response Plan)

A

Vendor/intermediary checks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A comprehensive security screening of a potential third-party vendor before forming a partnership.

A

VDD (Vendor Due Diligence)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DRP stands for

A

Disaster Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

BCP stands for

A

Business Continuity Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IRP stands for

A

Incident Response Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A detailed strategy and set of systems for ensuring an organization’s ability to prevent or rapidly recover from a significant disruption to its operations.

A

BCP (Business Continuity Plan)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

A

IRP (Incident Response Plan)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks and any other disruptive events.

A

DRP (Disaster Recovery Plan)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Examples of social media threat vectors include:

PII harvesting
social engineering
identity/account theft
malicious URLs
all of the above

A

All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Threat intelligence gathered from publicly available sources

A

OSINT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

OSINT stands for

A

Open Source Intelligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Insight gained from processing and analyzing public data sources such as broadcast TV and radio, social media, and websites. These sources provide data in text, video, image, and audio formats.

A

OSINT (Open-Source Intelligence)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

RFC stands for

A

Request for Comments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A formal standards-track document developed in working groups within the Internet Engineering Task Force (IETF). Contains specifications and organizational notes about topics related to the internet and computer networking, such as routing, addressing and transport technologies.

A

RFC (Request for Comments)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. Provides advanced searching features.

A

NVD (National Vulnerability Database)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

NVD stands for

A

National Vulnerability Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

CVE stands for

A

Common Vulnerabilities and Exposures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A publicly available catalog of cybersecurity vulnerabilities. Contains a list of records each containing an identification number, a description, and at least one public reference. Feeds NVD.

A

CVE (Common Vulnerabilities and Exposures)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is CVE/NVD?

A

Two different programs that publicly disclose known cybersecurity vulnerabilities. They are both set up for a user to search by OS, platform, etc.

The CVE was launched by the MITRE Corporation as a community effort.

The NVD was launched by the NIST (National Institute of Standards and Technology).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

NIST stands for

A

National Institute of Standards and Technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following refer to vulnerability databases? (Select 2)

DBA
CVE
DBaaS
NVD
AIS

A

CVE (Common Vulnerabilities and Exposures)

NVD (National Vulnerability Database)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

DBA stands for

A

Database Administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

DBaaS stands for

A

Database as a Service
AKA managed database service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

AIS stands for

A

Automated Indicator Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

A service the CISA provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public, federal, and private-sector organizations.

A

AIS (Automated Indicator Sharing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

CVSS stands for

A

Common Vulnerability Scoring System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A public framework for rating the severity of security vulnerabilities in software.

A

CVSS (Common Vulnerability Scoring System)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

TTP stands for

A

Tactics, Techniques, and Procedures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

This acronym describes the behavior of a threat actor in three levels – the “why,” the “what,” and the “how.”

A

TTP (Tactics, Techniques, and Procedures)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A common language for describing cyber threat information

A

STIX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

STIX stands for

A

Structured Threat Information eXpression

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A standardized XML programming language for conveying data about cybersecurity threats in a common language that can be easily understood by humans and security technologies.

A

STIX (Structured Threat Information eXpression)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

TAXII stands for

A

Trusted Automated eXchange of Indicator Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

A dedicated transport mechanism for cyber threat information

A

TAXII (Trusted Automated eXchange of Indicator Information)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

A suite of communication protocols used to interconnect network devices on the internet or private networks (intranet or extranet).

A

TCP/IP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

S/MIME stands for

A

Secure/Multipurpose Internet Mail Extensions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

A widely accepted protocol for sending digitally signed and encrypted messages (including email).

A

S/MIME

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

A specification extending the format of email to support sending images, audio/video files, archives, etc. Expands upon SMTP.

A

MIME

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

GitHub is an example of:

Digital media store
Virtualization software
File/code repository
Social media site

A

File/code repository

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

A type of formal document that describes the specifications for a particular technology

A

RFC (Request for Comments)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

PII stands for

A

Personally Identifiable Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

RFQ stands for

A

Request for Quote

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

RFI stands for

A

Request for Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

RFP stands for

A

Request for Proposal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

A formal process for gathering information from potential suppliers of a good or service.

A

RFI (Request for information)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

A business document that announces a project, describes it, and solicits bids from qualified contractors to complete it. Goals and objectives are defined to give vendors a good idea of the requirements.

A

RFP (Request for Proposal)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

A solicitation for goods or services in which a company invites vendors to submit price quotes and bid on the job.

A

RFQ (Request for Quote)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

IPS stands for

A

Intrusion Prevention System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

SIEM stands for

A

Security Information and Event Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

A solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

A

SIEM (Security Information and Event Management)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

IDPS stands for

A

Intrusion Detection Prevention System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

A network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur.

A

IPS (Intrusion Prevention System)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:

A

Zero-day attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

A type of attack in which an attacker crafts a TCP packet with the Urgent, Push, and Fin header flags set, and injects it into the network. This can cause receiving devices to slow down (DoS), reboot, or behave in inconvenient ways.

A

Xmas tree attack
AKA Christmas tree attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

A word used to describe encryption protocols that contain weak implementations and cannot be considered secure anymore.

A

Deprecated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Which of the following is a deprecated encryption protocol?

SSH
TLS
S/MIME
SSL
IPsec
PGP

A

SSL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

What do FTP, HTTP, IMAP, POP, and SMTP have in common?

A

They are all cleartext network protocols.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Vulnerability scanning: (select all that apply)

Identifies lack of security controls
Actively tests security controls
Identifies common misconfigurations
Exploits vulnerabilities
Passively tests security controls

A

Identifies lack of security controls
Identifies common misconfigurations
Passively tests security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

A special isolated folder on a machine’s hard disk where the suspicious files detected by Antivirus and Antimalware protection are placed to prevent further spread of threats.

A

Quarantine

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

SOAR stands for

A

Security, Orchestration, Automation, and Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

A stack of compatible software programs that enables an organization to collect data about security threats and respond to security events with little or no human assistance.

A

SOAR

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Difference between SOAR and SIEM?

A

SIEM aggregates data from multiple security systems to generate alerts.
SIEM uses pattern matching to generate alerts that the IT team can investigate. It does NOT take action itself when it identifies a threat.

SOAR acts as the response engine to those alerts generated by the SIEM.
SOAR can also collect data from external applications.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

A server used for collecting diagnostic and monitoring data from networked devices.

A

Syslog server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

A server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and performance in the process.

A

Proxy server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

UC stands for

A

Unified Communications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

An umbrella term for the integration of multiple enterprise communication tools – such as voice calling, video conferencing, instant messaging, presence, content sharing, etc. – into a single, streamlined interface, with the goal of improving user experience and productivity.

A

UC (Unified Communications)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

AV stands for

A

Audio Visual

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

ICS stands for

A

Internet Connection Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

A feature that allows a device with internet access to act as a host or access point for other devices to connect to the web.

A

ICS (Internet Connection Sharing)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called:

A

SIEM (Security Information and Event Management)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Which tool enables automated response to security incidents?

A

SOAR (Security, Orchestration, Automation, Response)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

Penetration testing: (Select all that apply)

Bypass security controls
Only identifies lack of security controls
Actively tests security controls
Exploits vulnerabilities
Passively tests security controls

A

Bypasses security controls
Actively tests security controls
Exploits vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

NIDS stands for

A

Network Intrusion Detection System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

HIDS stands for

A

Host-based Intrusion Detection System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

Cybersecurity solution that monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated either with human users or applications that could be a sign of a security breach or attempted attack.

This solution operates on an individual host system.

A

HIDS (Host-based Intrusion Detection System)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

HIPS stands for

A

Host Intrusion Prevention System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

An installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host.

In case of attempted major changes by a hacker or malware, this software blocks the action and alerts the user so an appropriate decision about what to do can be made.

A

HIPS (Host Intrusion Prevention System)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

An internet standard protocol used to monitor and manage network devices via agents. This protocol collects, organizes, and sends data from various devices for network monitoring assisting with fault identification and isolation.

A

SNMP (Simple Network Management Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

A penetration test performed by an authorized professional with the full prior knowledge on how the system that is to be tested works is called:

A

White-box testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

A penetration test of a computer system performed without the prior knowledge on how the system that is to be tested works is called:

A

Black-box testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

A penetration test in which the person conducting the test has a limited access to information on the internal workings of the targeted system is called:

A

Gray-box testing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

In penetration testing, this type of reconnaissance relies on gathering information on the targeted system with the use of various non-invasive software tools and techniques, such as pinging, port scanning, or OS fingerprinting.

A

Active reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

In penetration testing, this type of reconnaissance involves gathering any type of publicly available information that can be used later for exploiting vulnerabilities found in the targeted system.

A

Passive reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

An optimal Wireless Access Point (WAP) antenna placement provides a countermeasure against:

War chalking
Spoofing
War driving
Insider threat

A

War driving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

When people draw symbols in areas to indicate the presence of an open Wi-Fi network. The symbols used typically say something about the access point.

A

War chalking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

Attackers searching for wireless networks with vulnerabilities while moving around an area in a moving vehicle.

A

War driving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

Which statement applies to the concept of OSINT?

Gaining advantage over competitors
Passive reconnaissance
Preparation before launching a cyberattack
Active reconnaissance

A

Passive reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

In cybersecurity exercises, the attacking team

A

Red team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

In cybersecurity exercises, the defending team

A

Blue team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

In cybersecurity exercises, the event overseer (referee)

A

White team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

In cybersecurity exercises, a collaborative approach that involves the blue and red teams working together to improve an organization’s security

A

Purple team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

T/F: A physical network diagram contains information on hardware devices and physical links between them.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

T/F: A logical network diagram describes the actual traffic flow on a network and provides information related to IP addressing schemes, subnets, device roles, or protocols that are in use on the network.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information?

DRP
DHE
DLP
DEP

A

DLP (Data Loss Prevention)

96
Q

DLP stands for

A

Data Loss Prevention

97
Q

EDR stands for

A

Endpoint Detection and Response

98
Q

EDTR stands for

A

Endpoint Detection and Threat Response

99
Q

An endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like ransomware and malware.

A

EDR (Endpoint Detection and Response)

AKA EDTR (Endpoint Detection and Threat Response)

100
Q

Difference between EDR and HIPS

A

EDR offers more capabilities than HIPS.

Unlike HIPS products which typically use an old-school standalone engine for detection/response, EDR products simultaneously run on the endpoint device (host), and are managed by either an on-premises server engine, or a cloud computing management back-end.

EDR harnesses the threat detection/response capabilities of the vendor’s global threat intelligence database, which is further enhanced with machine learning capabilities.

Although HIPS products are good for detection/prevention of breaches, they generally don’t have the variety of features of EDR, nor the server-side/cloud-based intelligence engines managing them from afar.

101
Q

The 3 states of digital data

A

At rest

In transit/motion

In processing

102
Q

Which of the 3 states of digital data requires data to be processed in an unencrypted form?

A

In processing

103
Q

The process of replacing sensitive data with nonsensitive information which holds a reference to the original data and enables its processing but has no value when breached.

A

Tokenization

104
Q

DRP stands for

A

Disaster Recovery Plan

105
Q

DHE stands for

A

Diffie-Hellman key exchange

106
Q

This method allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure channel. This key can then be used to encrypt subsequent communications using a symmetric-key cipher.

A

DHE (Diffie-Hellman key exchange)

107
Q

DEP stands for

A

Data Execution Prevention

108
Q

A technology built into Windows that helps protect you from executable code launching from places it’s not supposed to. It does that by marking some areas of your PC’s memory as being for data only, no executable code or apps will be allowed to run from those areas of memory.

A

DEP (Data Execution Prevention)

109
Q

Any function that can be used to map data of arbitrary size to fixed-size values

A

Hash function

110
Q

T/F: A hash function allows for mapping large amount of data content to a small string of characters.

The result of hash function provides the exact “content in a nutshell” (in the form of a string of characters) derived from the original data content. In case there is any change to the data after the original hash was taken, the next time when hash function is applied, the resulting hash value calculated after content modification will be different from the original hash.

A

True

111
Q

A duplicate of the original site, with fully operational computer systems as well as near-complete backups of user data. Used in disaster recovery.

A

Hot site

112
Q

A disaster recovery facility that provides only the physical space for recovery operations is called

A

Cold site

113
Q

Which alternate site allows for fastest disaster recovery?

Cold site
Hot site
Warm site

A

Hot site

114
Q

A disaster recovery site that features an equipped data center but no customer data. In other words, it is “ready to go,” but still needs some data moved over. It might need some cables plugged in or some systems updated or configured.

A

Warm site

115
Q

A website or set of files on a computer server that has been copied to another computer server so that the site or files are available from more than one place. It has its own URL, but is otherwise identical to the principal site.

Used to make site access faster when the original site may be geographically distant from those accessing it.

A

Mirror site

116
Q

A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker’s attention from the actual network is known as:

A

Honeypot

117
Q

A customized login page that users must address before connecting to a public (or free) Wi-Fi network. It presents the user with terms of service, which they must agree to before accessing the WiFi hotspot.

A

Captive portal

118
Q

Hardware or software that tie together network security features into one simple-to-use, easy-to-manage appliance.

A

UTM appliance

119
Q

UTM stands for

A

Unified Threat Management

120
Q

Which of the following is an example of fake telemetry?

OSINT
Bluejacking
DNS sinkhole
Replay attack

A

DNS sinkhole

121
Q

Data collected from a network environment that can be analyzed to monitor the health and performance, availability, and security of the network and its components, allowing network administrators to respond quickly and resolve network issues in real-time.

Examples include:

CPU power Utilization - peaks, averages, over-utilization, and under-utilization.

Server memory utilization.

Disk space utilization.

User requests and user activity.

A

Telemetry

122
Q

Files in a honeypot host. If accessed, they will send an alert.

A

Honeyfiles

123
Q

Information that cybercriminals send to a machine engaging in Machine Learning to trick the antimalware software from recognizing actual malware code.

A

Fake telemetry

124
Q

A DNS that hands out an incorrect/invalid IP address when given a FQDN

A

DNS sinkhole
AKA DNS blackhole
AKA IP blackhole

125
Q

How to use a DNS sinkhole for good

A

Compromised hosts often access certain known malicious websites. So a DNS sinkhole can be configured to instead route to a site inside of the organization to send an alert instead of the malicious website. This way, network admins are alerted that the particular host is compromised.

126
Q

Deliberately incorrect/invalid data is also known as

A

Fake telemetry

127
Q

A cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software?

A

IaaS

128
Q

Which cloud service model would provide the best solution for a web developer intending to create a web app?

XaaS
SaaS
PaaS
IaaS

A

PaaS

129
Q

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called:

A

SaaS

130
Q

A cloud computing deployment model in which the cloud infrastructure is provisioned for open use by the general public

A

Public cloud

131
Q

A cloud computing environment dedicated to a single organization.

A

Private cloud

132
Q

A cloud infrastructure in which multiple organizations share resources and services based on common operational and regulatory requirements.

A

Community cloud

133
Q

A mixed cloud computing environment where applications are run using a combination of computing, storage, and services in different environments

A

Hybrid cloud

134
Q

A cloud service model in which the third party manages the networking, storage, servers, and virtualization.

The client manages the OS, middleware, runtime, data, and applications.

Enables end users to scale and shrink resources on an as-needed basis. Offers essential compute, storage, and networking resources.

A

IaaS

135
Q

A cloud service model in which the third party manages the networking, storage, servers, virtualization, OS, middleware, and runtime.

The client manages the data and applications.

Used for developing, running, and managing applications.

A

PaaS

136
Q

A cloud service model in which the third party manages everything, and the client manages nothing.

The consumer typically pays a subscription fee to use this.

A

SaaS

137
Q

A transport protocol that supports transferring STIX insights over HTTPS

A

TAXII (Trusted Automated eXchange of Intelligence Information)

138
Q

Difference between a race condition and TOCTOU?

A

The race condition is the malfunction itself

TOCTOU is the vulnerability that arises from the malfunction

139
Q

An attack in which the attacker sends many packets with fake MAC addresses to a switch to overflow the switch’s address table, causing it to become full and unable to process traffic

A

MAC flooding

140
Q

T/F: A cloud deployment model consisting of two or more interlinked cloud infrastructures (private, community, or public) is referred to as a hybrid cloud.

A

True

141
Q

Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel?

MSA
MaaS
MSP
MSSP

A

MSP (Managed Service Provider)

142
Q

MSP stands for

A

Managed Service Provider

143
Q

IT professionals that deliver IT services such as server management, network support cybersecurity, application implementation, and infrastructure management via regularly scheduled IT support.

A

MSP (Managed Service Provider)

144
Q

MSSP stands for

A

Managed Security Service Provider

145
Q

A third-party service provider that focuses exclusively on security services

A

MSSP (Managed Security Service Provier)

146
Q

MSA stands for

A

Master Service Agreement

147
Q

A contractual agreement between the service provider and the customer that outlines responsibilities and expectations between the MSSP and the client.

A

MSA (Master Service Agreement)

148
Q

Difference between MSP and MSSP

A

MSP provides IT and security services.

MSSP provides ONLY security services.

149
Q

A service that integrates various forms of transport and transport-related services into a single, comprehensive, and on-demand mobility service.

A

MaaS (Mobility as a Service)

150
Q

MaaS stands for

A

Mobility as a Service

151
Q

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer)

MSP
MaaS
MSA
MSSP

A

MSSP (Managed Security Service Provider)

152
Q

T/F: The term “Fog computing” refers to a local network infrastructure between IoT devices and the cloud designed to speed up data transmission and processing.

A

True

153
Q

A decentralized computing infrastructure in which data, compute, storage and applications are located somewhere between the data source and the cloud. It brings the advantages and power of the cloud closer to where data is created and acted upon.

A

Fog computing

154
Q

A compute layer between the cloud and the edge. Where edge computing might send huge streams of data directly to the cloud, this type of computing can receive the data from the edge layer before it reaches the cloud and then decide what is relevant and what isn’t. The relevant data gets stored in the cloud, while the irrelevant data can be deleted or analyzed at this layer for remote access or to inform localized learning models.

A

Fog computing

155
Q

What is the difference between edge computing and fog computing?

A

They are basically the same, except edge computing means that the storage and processing devices are either at the same place or extremely near to the devices that are connecting to them.

Fog computing sits between the edge and the cloud. Some data may get saved into the cloud, while other data is either erased or processed in the fog network.

Edge computing helps devices get FASTER results.

Fog computing helps in FILTERING information before it gets saved into the cloud.

156
Q

Which of the following solutions would be best suited for situations where response time in data processing is of critical importance?

A

Edge computing

157
Q

Which is faster: fog computing or edge computing?

A

Edge computing

Edge computing helps get FASTER results.

Fog computing helps FILTER data before it gets saved into the cloud.

158
Q

Which of the following devices best illustrates the concept of edge computing?

Router
Smartwatch
Thin client
Server

A

Smartwatch

Remember that edge computing receives information from devices and quickly gives processing results back.

159
Q

T/F: In client-server model, the term “Thin client” refers to a networked computer equipped with the minimum amount of hardware and software components. As opposed to thick client, which runs applications locally from its own hard drive, thin client relies on network resources provided by a remote server performing most of the data processing and storage functions.

A

True

160
Q

Which of the following terms refers to the concept of virtualization on an application level?

Serverless architecture
Containerization
SoC (System on a Chip)
Infrastructure as code

A

Containerization

161
Q

A way to build and run applications and services without having to manage infrastructure or configuration. It is very similar to PaaS, but it involves granular control, automatic scaling, and usage-based payment, rather than a flat-fee like PaaS.

A

Serverless architecture

162
Q

The packaging of software code with just the OS libraries and dependencies required to run the code to create a single lightweight executable that runs consistently on any infrastructure. It is an OS-level virtualization method used to deploy and run distributed applications without launching an entire virtual machine.

A

Containerization

163
Q

An IC that integrates most or all components of a computer or other electronic system on a single chip.

A

SoC (System on a Chip)

164
Q

SoC stands for

A

System on a Chip

165
Q

IC stands for

A

Integrated Circuit

166
Q

An assembly of electronic components in which hundreds to millions of transistors, resistors, and capacitors are interconnected and built up on a thin substrate to form a small chip or wafer.

A

IC (Integrated Circuit)

167
Q

T/F: In software engineering, the term “Microservice” describes independent and self-contained code components that can be put together to form an application.

A

True

168
Q

Independent and self-contained code components (services) that can be put together to form an application.

A

Microservice

169
Q

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers)

SDP
SSP
SDV
SEH
SDN

A

SDV (Software-Defined Visibility)
SDN (Software-Defined Networking)

170
Q

Used to describe a hardware or service component that is improved or completely managed by software

A

Software-defined

171
Q

The capability to clearly see all aspects of an organization’s digital footprint as well as the risks and vulnerabilities within it. Also includes the ability to view security controls and the gaps created by inadequate controls.

A

Security visibility

172
Q

A security solution that automates security visibility through a software framework.

A

SDV (Software-Defined Visibility)

173
Q

SDP stands for

A

Software-Defined Perimeter

174
Q

A security technique that controls access to resources based on identity and forms a virtual boundary around networked resources.

It hides Internet-connected infrastructure so that external parties cannot see it, but internal authorized users can.

A

SDP (Software-Defined Perimeter)

175
Q

SSP stands for

A

System Security Plan

176
Q

A formal document that provides an overview of the security requirements for an information system and describes the security controls in place or planned for meeting those requirements.

A

SSP (System Security Plan)

177
Q

SEH stands for

A

Structured Exception Handling

178
Q

Code in a program that takes over when programs throw an exception due to a hardware or software issue.

A

SEH (Structured Exception Handling)

179
Q

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to:

WAN
VPC
SAN
VLAN

A

VPC (Virtual Private Cloud)

180
Q

VPC stands for

A

Virtual Private Cloud

181
Q

A secure, isolated private cloud hosted within a public cloud.

A

VPC (Virtual Private Cloud)

182
Q

SAN stands for

A

Storage Area Network

183
Q

A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.

A

SAN (Storage Area Network)

184
Q

WAN stands for

A

Wide Area Network

185
Q

A large network of LANs that is not tied to a single location.

A

WAN (Wide Area Network)

186
Q

VLAN stands for

A

Virtual Local Area Network

187
Q

A type of network used to share the physical network while creating virtual/logical segmentations to divide specific groups

A

VLAN

188
Q

A term used to describe a situation in which large number of deployed virtual machines lack proper administrative controls.

A

VM sprawl

189
Q

The process of breaking out of the boundaries of a guest operating system installation to access the primary hypervisor controlling all the virtual machines on the host machine.

A

VM escape

190
Q

The audit of use and consumption of network resources

A

Usage audit

191
Q

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)

Patch management
Usage audit
Physical security controls
Sandboxing
Asset documentation

A

Usage audit
Asset documentation

192
Q

A cybersecurity practice where you run, analyze, and observe code in a safe, isolated environment that mimics end-user operating environments.

A

Sandboxing

193
Q

What are the countermeasures against VM escape? (Select 2 answers)

Group policy
Sandboxing
User training
Patch management
Asset documentation

A

Sandboxing
Patch management

194
Q

Which programming aspects are critical for secure application development process? (Select 2 answers)

Patch management
Input validation
Password protection
Error and exception handling
Application whitelisting

A

Input validation
Error and exception handling

195
Q

The approach of restricting the usage of any tools or applications only to those that are already vetted and approved

A

Application whitelisting
AKA application allowlisting

196
Q

The approach used to prevent certain applications or executables from running in a network

A

Application blacklisting
AKA application blocklisting

197
Q

The process of removing redundant entries from a database is known as:

A

Normalization

198
Q

What are the countermeasures against SQL injection attacks? (Select 2 answers)

Code obfuscation
Database normalization
Stored procedures
Code signing
Input validation

A

Stored procedures
Input validation

199
Q

A prepared SQL code that you can save so the code can be reused over and over again.

A

Stored procedure

200
Q

How do stored procedures prevent SQL injection?

A

They allow the users to only access your database by using the procedures that you have already defined. Users cannot write their own code.

201
Q

T/F: Code obfuscation techniques rely on encryption to protect the source code against unauthorized access.

A

False

While encryption is part of obfuscating source code, it is not a reliable way to protect the entire source code.

Programmers use multiple ways simultaneously throughout the code to obfuscate it. These techniques include using alternate code forms (binary, replacing a function with a table lookup, etc), changing up data storage methods to hide the data, randomizing aggregation patterns, and encrypting small strings in order to make the code hard to read.

202
Q

A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:

A

Dead code

203
Q

Code that can never be executed in a running program because the code surrounding it makes it impossible.

A

Dead code

204
Q

Any lines of code that are added in the body of a program.

Also refers to lines of code within the program in contrast to a routine that is external to the program, and called for as needed.

A

Inline code

205
Q

Program code that is unnecessarily long, slow, or otherwise wasteful of resources

A

Code bloat

206
Q

A repetition of a line or a block of code in the same file or sometimes in the same local environment.

A

Duplicate code

207
Q

T/F: In web application programming, the term “Backend” typically refers to the part of a computer system or application that is not directly accessed by the user (for example a web server). On the opposite side, “Frontend” means software that can be accessed by the user locally (an example of this would be user’s web browser). Code execution and input validation that take place in the backend are referred to as server-side operations, the frontend equivalent of this is known as client-side operations.

A

True

208
Q

A collection of commonly used programming functions designed to speed up software development process is known as:

A

Library

209
Q

A component that can be loaded into the MMC (Microsoft Management Console) to provide a specific management capability for a device.

A

Snap-in

210
Q

A place where all of an organization’s data is stored and can be analyzed.

A

Data repository

211
Q

A lightweight software package containing an application’s code, its libraries, and other dependencies.

A

Container

212
Q

A heavy software package that provides complete emulation of low-level hardware devices like CPU, disk, and networking devices.

A

Virutal machine

213
Q

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?

GUI
SDLC
API
SDK

A

SDK (Software Development Kit)

214
Q

SDK stands for

A

Software Development Kit

215
Q

GUI stands for

A

Graphical User Interface

216
Q

SDLC stands for

A

Software Development Life Cycle

217
Q

API stands for

A

Application Programming Interface

218
Q

A set of definitions and protocols for building and integrating application software. It simplifies how developers integrate new application components into existing architecture and enables services/applications to communicate with each other.

A

API (Application Programming Interface)

219
Q

Difference between SDK and API

A

SDK is a suite of software development tools and pieces of code to create applications.

API is a set of definitions and protocols to allow programmers to integrate new applications with existing architecture.

220
Q

A nonprofit organization focused on software security

A

OWASP (Open Worldwide Application Security Project)

221
Q

OWASP stands for

A

Open Worldwide Application Security Project

222
Q

CSIRT stands for

A

Computer Security Incident Response Team

223
Q

A team charged with incident response, handling all security incidents affecting an organization within a timely manner.

A

CSIRT (Computer Security Incident Response Team)

AKA CERT (Computer Emergency Response Team)

AKA CIRT (Computer Incident Response Team)

224
Q

IETF stands for

A

Internet Engineering Task Force

225
Q

An SDO for the internet and is responsible for the technical standards that make up the TCP/IP suite.

A

IETF (Internet Engineering Task Force)

226
Q

SDO stands for

A

Standards Development Organization

227
Q

CERT stands for

A

Computer Emergency Response Team

228
Q

CIRT stands for

A

Computer Incident Response Team

229
Q

T/F: CSIRT, CERT, and CIRT are used interchangeably

A

True

230
Q

A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into a binary executable file is referred to as:

A

Compiled code

231
Q

The process of transforming a computer program written in a given language (usually high-level programming language) into a set of instructions in another format or language (usually low-level programming language).

A

Compiling

232
Q

An example of a low-level programming language

A

Binary code

233
Q

Examples of high-level programming languages

A

Python, Ruby, C#, Java, etc.

234
Q

What does it mean when code “doesn’t compile”?

A

When the compiler was checking for correct syntax, it found errors and the translation into machine code wasn’t successful.

235
Q

The final phase of the program lifecycle in which the machine executes the program’s code

A

Runtime

236
Q

Code used to automated processes that would otherwise need to be executed step-by-step by a web developer.

A

Script

237
Q

A network transit hub that you can use to interconnect your virtual private clouds (VPCs) and on-premises networks.

A

Transit gateway