WGU's D430 Flashcards

1
Q

A tornado destroyed a data center. Which side of the CIA triad is most affected?
Authenticity
Availability
Utility
Integrity

A

Availability ensures authorized users have access to resources when needed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What element of the Parkerian Hexad is concerned with usefulness?
Integrity
Confidentiality
Utility
Availability

A

Utility refers to how useful the data is.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which attribute of the Parkerian hexad allows for proper attribution of the owner of a dataset?
Possession
Availability
Authenticity
Integrity

A

Authenticity is the process of ensuring and confirming that the identity of the user is genuine and legitimate. Proving who you are.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type of attack category is an attack against confidentiality?
Interception.
Modification.
Fabrication.
Interruption.

A

Interception attacks allow unauthorized users to access data, applications, or environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which two attributes are included in the concept of risk? Choose two answers.
Threats
Frequency
Vulnerabilities
Impacts

A

A threat is something that has the potential to cause harm.
Vulnerabilities are weaknesses that can be used to cause harm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which phase of the incident response (IR) process includes putting the system back better than the original state?
Post-incident activity.
Containment.
Recovery.
Detection and Analysis

A

The goal of the recovery phase is to recover to a better state than prior to the incident. This may include activities such as restoring devices or data from backups, rebuilding systems, reloading applications, and mitigating the attack vectors that were used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which concept refers to adding layers of security to our networks?
Administrative control depth.
Defense in depth.
Physical control depth.
Logical control depth.

A

Defense in depth is the coordinated use of multiple layers of security countermeasures to protect the integrity of the information assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which concept refers to adding layers of security to our networks?
Administrative control depth.
Defense in depth.
Physical control depth.
Logical control depth.

A

Defense in depth is the coordinated use of multiple layers of security countermeasures to protect the integrity of the information assets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which combination of factors demonstrates multi-factor authentication?
Fingerprint and voice print
Password and Pin
Password and fingerprint
Voice print and weight

A

These two items include “something you know” and “something you are.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the name of the process where the client authenticates the server and the server authenticates the client?

Token-based authentication

Mutual authentication

Two-factor authentication

Multifactor authentication

A

Mutual authentication is an authentication mechanism where both parties authenticate each other at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is an example of identification?

Text to cell phone

Employee Number

Update Access

Fingerprint

A

Identification is the process of ascribing a user identifier (ID) to a human being or to another computer or network component.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is an example of authentication?

Username

First Car

Read Only

Pin

A

Authentication refers to the verification of a process or user. A pin can be used to verify a user or process after successful identification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an objective for performing an audit?

To ensure a company can respond effectively to a disaster.

To ensure compliance and detect misuse.

To ensure potential risks are identified and analyzed.

To ensure proper access is granted to resources.

A

Audits are performed to ensure compliance with applicable laws, policies, and other administrative controls is being accomplished as well as detecting misuse.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are two common values for a network access control list (ACL)? Choose two answers.

Accept

Agree

Disagree

Deny

Allow

A

Permissions in network ACLs tend to be binary in nature, consisting of deny or allow. Deny does not permit access to defined resources. Allow permits access to defined resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are two common types of access control lists (ACLs)? Choose two answers.

File system

Allow

Network

Deny

Database system

A

Access to files and directories is managed through access control lists (ACLs). It ensures that only authorized users get access to directories and files.
Access to network resources is managed through access control lists (ACLs). It ensures that only authorized users get access to network resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which access control model allows access to be determined by the owner of the resource?

Mandatory access control (MAC)

Attribute-based access control (ABAC)

Role-based access control (RBAC)

Discretionary access control (DAC)

A

Discretionary access control (DAC) is an access control model based on access being determined by the owner of the resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which form of access control uses CAPTCHAs?

Attribute-based access control (ABAC)

Rule-based access control (RBAC)

Media access control (MAC)

Discretionary Access Control (DAC)

A

Attribute-based access control is based on the attributes of a particular person, resources, or environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the disadvantage of logging?

Highly configurable

Resources

Reactive tool

History of activities

A

“logging” refers to the process of recording events, processes, and activities within a system, application, or any information technology environment.

Being “a reactive tool” refers to a system, process, or tool that responds to events or incidents after they have occurred, rather than preventing them proactively.

Resources: It takes up storage space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which cryptographic algorithm is obsolete?

Hash functions

Asymmetric key cryptography

Caeser cypher

Symmetric key cryptography

A

This was an early form of encryption named after Julius Caesar that’s easily breakable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which two laws protect the privacy of medical records and electronic health care information? Choose two answers.

HIPAA

PCI-DSS

HITECH

SOX

GLBA

A

HIPAA: The Health Insurance Portability and Accountability Act of 1996 is a U.S. law designed to protect patients’ medical records and other health information provided to health plans, doctors, hospitals, and other healthcare providers. It sets standards for the protection of health information privacy and the security of electronic health records.

HITECH: The Health Information Technology for Economic and Clinical Health Act, enacted as part of the American Recovery and Reinvestment Act of 2009, aims to promote the adoption and meaningful use of health information technology. It strengthens the data privacy and security protections established by HIPAA, especially for electronic health records, and introduces stricter enforcement measures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What jurisdiction does the General Data Protection Regulation regulate?

China

Russia

The European Union

The United States

A

Developed by the EU for data privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which act regulates the United States department of education?

GLBA

FERPA

GDPR

FISMA

A

FERPA protects student privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which act regulates federal departments in the United States?

GLBA

SOX

GDPR

FISMA

A

FISMA

Correct: Mandates government agencies to protect information systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which act regulates customer privacy in the finance industry?

GLBA

SOX

GDPR

FISMA

A

The GLBA requires financial institutions to explain information sharing practices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which act regulates reporting of publicly traded companies?

CFAA

SOX

GDPR

FOIA

A

SOX mandates certain practices for financial record keeping.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

In the context of information security, the three states of data are:

A

Data at Rest: Data that is stored on physical or digital media, not actively moving from device to device or network to network. It’s often protected by encryption and access controls.

Data in Motion (or Data in Transit): Data actively moving through networks, such as the internet or private networks, from one location to another, such as from a local storage device to a cloud server. It’s protected by secure transmission protocols like SSL/TLS.

Data in Use: Data being processed or used by applications, often residing in computer memory (RAM). Protecting it involves measures like access controls and runtime encryption.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which type of algorithm is a symmetric key?
DES
ECC
RSA
SHA

A

DES is a block cipher symmetric algorithm.

Incorrect:
ECC is an asymmetric algorithm.
RSA is an asymmetric algorithm.
SHA is a hashing algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which type of algorithm is an asymmetric key?

ECC

MD5

SHA

DES

A

It’s an example of public key cryptography based on elliptic curves over infinite fields.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which two types of algorithms are hashing algorithms? Choose two answers.

MD5

3DES

SHA

ECC

AES

RC4

A

MD5 is an example of a hashing algorithm.
SHA is an example of a hashing algorithm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which algorithm supports encryption for email?

ECC

AES

PGP

DES

A

PGP is an email program that supports encryption (Pretty Good Privacy).

31
Q

What describes competitive intelligence?

The codename for a study conducted to curtail unauthorized passing of information.

The practice of managing the range of intelligence-gathering activities that are being directed at an organization.

The process that prevents sensitive information from getting into the wrong hands.

The process of intelligence gathering and analysis to support business decisions.

A

Competitive intelligence is the process of intelligence gathering and analysis to support business decisions.

32
Q

The first law of operations security states:

A

“If you don’t know the threat, how do you know what to protect?”

33
Q

Which law of operations security discusses the need to evaluate our information assets and determine what exactly we might consider to be our critical information?

The first law of operations security.

The second law of operations security.

The third law of operations security.

The fourth law of operations security.

A

The second law of operations security states, “If you don’t know what to protect, how do you know you are protecting it?”

34
Q

The third law of operations security states:

A

“If you are not protecting it (the information)…THE DRAGON WINS!”

35
Q

Which term refers to the practice of managing information gathering activities directed at an organization?

Purple Dragon

Competitive Counterintelligence

Operational Security

Competitive Intelligence

A

Correct: Competitive counterintelligence is the practice of managing the range of intelligence-gathering activities directed at an organization.

Incorrect: Operational Security is a security and risk management process that prevents sensitive information from getting into the wrong hands.

36
Q

What describes risk assessment?

Identification of when there is a threat and a vulnerability that the threat can exploit.

Identification of what harm to the company can occur if important information is released.

Identifications of weaknesses that can harm a company.

Identification of information on which the company is based and everything depends.

A

Risk occurs when there is a matching threat and vulnerability. A risk assessment determines which risks require concern during the operations security process.
“what harm to the company can occur if important information is released” describes the potential impact assessment of a security breach.

37
Q

Responsibility of the National Security Agency (NSA)

A

Present leaders with critical security information they need to defend our country.

38
Q

Responsibility of the SysAdmin, Audit, Network, and Security (SANS) Institute.

A

Provide access to information technology research and education around the world.

39
Q

Lead the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.

A

Responsibility of the Cybersecurity and Infrastructure Security Agency (CISA).

40
Q

What is the responsibility of the Interagency OpSec Support Staff (IOSS)?

Provide access to information technology research and education around the world.

Present leaders with critical security information they need to defend our country.

Lead the national effort to understand, manage, and reduce risk to our cyber and physical infrastructure.

Provide multiple agencies with a wide variety of security awareness and training.

A

The Interagency OPSEC Support Staff (IOSS) is responsible for a wide variety of OPSEC awareness and training efforts.

41
Q

Which type of social engineering attack utilizes credible scenarios to lure people into disclosing sensitive information?

Pretexting

Whaling

Baiting

Tailgating

A

Pretexting is a type of social engineering attack that utilizes credible scenarios to lure people into disclosing sensitive information.

42
Q

Which social engineering technique uses electronic communications to carry out an attack that is broad in nature?

Masquerading

Tailgating

Baiting

Phishing

A

Phishing is an attack against a company, organization, or person carried out by an electronic means, such as email or text messages, to carry out an attack that is broad in nature.

43
Q

Shodan Disclosure

A

Shodan is a search engine that scans the internet for various types of devices connected to the internet, such as servers, webcams, printers, routers, and other devices that are part of the Internet of Things (IoT). Unlike traditional search engines that index web content, Shodan indexes information related to the devices themselves, including their types, locations, operating systems, and open ports. This information can be invaluable for security research and analysis, helping to identify potentially vulnerable devices and networks.

A “Shodan disclosure” typically refers to the act of revealing vulnerabilities, exposed devices, or sensitive information found through searches conducted on Shodan.

44
Q

Which set of policies and procedures outlines the steps an organization will take during a state of emergency to replace IT infrastructure?

Data protection directive

Business continuity

Disaster recovery

Data security standard

A

Disaster recovery planning refers to policies and procedures that are put in place to prepare for and respond to a state of emergency in the event some or all of an organization’s IT infrastructure is destroyed.

45
Q

Which type of security control is a video surveillance system?

Proactive

Detective

Preventive

Deterrent

A

Detective controls such as video surveillance systems and burglar alarms, serve to detect and report undesirable events.

46
Q

DMZ

A

A Demilitarized Zone (DMZ) in network security is a strategically implemented subnetwork that serves as an additional layer of protection, combining the use of security mechanisms like firewalls with network architecture practices such as segmentation. Its primary function is to restrict, monitor, and control the flow of traffic between the internet and an organization’s internal network. By doing so, it creates a controlled interface for external access to publicly available services—such as web and email servers—while safeguarding the internal network from unauthorized access, attacks, and exposure.

47
Q

Proxy servers

A

Proxy servers are a specialized variant of a firewall that provide security and performance features by filtering traffic for attacks or undesirable content.

48
Q

Deep packet

A

Deep packet inspection firewalls analyze the content of traffic and can reassemble the content to determine what will be delivered to the destination application.

49
Q

Which type of firewall monitors and defends a system based on traffic patterns over a given connection?

Proxy servers

Deep packet

DMZ

Stateful packet

A

Stateful packet inspection firewalls defend networks by monitoring traffic patterns at a granular level over a given connection.

50
Q

What is a wireless protocol?

RC4

WPA3

POP3

AES

A

WPA3 is a wireless protocol that uses AES encryption.

51
Q

RC4

A

RC4 is a symmetric algorithm.

52
Q

What is attack surface?

A

In information security, the “attack surface” refers to the sum total of all possible points (vulnerable spots or attack vectors) where an unauthorized user (the attacker) can try to enter or extract data from an environment. Essentially, it encompasses all the different ways an information system can be breached or compromised by an attacker.

53
Q

What is “to perform system hardening”?

A

To perform system hardening means to take steps to reduce the attack surface of a system by securing its configurations, updating software to eliminate vulnerabilities, removing unnecessary services and applications, and enforcing the principle of least privilege. This process involves a comprehensive set of actions designed to protect against threats and minimize potential attack vectors.

54
Q

When should updates be performed?

Semi-annually

After testing and vetting

After a system has been in production for many years

Immediately upon publication

A

It is prudent to test software updates thoroughly before installing them without delaying the process for very long.

55
Q

Which port service needs to be removed when running a webserver?

80

22

53

443

A

Port 53 is typically blocked on webservers to prevent Domain Name System (DNS) servers from divulging critical information to attackers.

56
Q

Which action is considered a significant event that should be included in the logging process?

A password change

A successful logon

An application closing

Administrative privilege

A

The use of administrative privileges is considered a significant event that should be closely monitored.

57
Q

Which buffer size creates an entry point for a cyberattack when the buffer reaches 8 bytes?

16 bytes

12 bytes

8 bytes

4 bytes

A

A buffer overflow occurs when a program or process attempts to write more data to a fixed-length block of memory, or buffer, than the buffer is allocated to hold. At 8 bytes, the established buffer size has been exceeded.

58
Q

Which tool is categorized as an exploit framework?

TCPdump

Nikto

OpenVas

Core Impact

A

Core Impact is a centralized penetration testing tool that enables security teams to conduct advanced, multi-phased penetration tests. It is a type of tool categorized as an exploit framework. Exploit frameworks include pre-packaged sets of exploits.

59
Q

TCPdump

A

TCPdump is a data-network packet analyzer computer program that runs under a command line interface. It is not a type of tool categorized as an exploit framework.

60
Q

Nikto

A

Nikto is an open-source Web server analysis tool that checks for common vulnerabilities. It is not a type of tool categorized as an exploit framework.

61
Q

OpenVas

A

The OpenVAS scanner is a comprehensive vulnerability assessment system that can detect security issues in all manner of servers and network devices. It is not a type of tool categorized as an exploit framework.

62
Q

Which symmetric encryption algorithm is the standard encryption algorithm used by the US Federal government?

DES

SHA-2

AES

RSA

A

AES is the standard encryption algorithm used by the US Federal government.

63
Q

RSA

widely used for?

A

RSA is a widely used asymmetric encryption method used for many transactions including in the Secure Sockets Layer (SSL) protocol used to secure Web and email traffic.

64
Q

SHA-2

used for wha?

A

SHA-2 is a hash function that is commonly used to validate and sign digital security certificates and documents.

65
Q

XSS

A

Cross-site scripting (XSS) is a security vulnerability typically found in web applications. It allows attackers to inject malicious scripts into content that other users see and interact with.

66
Q

What describes a database security issue?

Denial of Service

Unauthenticated access to functionality

Buffer overflows

Cross-site scripting

A

Allowing a user or process the opportunity to interact with the database without supplying a set of credentials creates potential database issues.

67
Q

Which type of packet sniffer is used to monitor web traffic?

Fuzzer

Honeypot

Wireshark

Nessus

A

Wireshark is a sniffer that is capable of intercepting and troubleshooting traffic from both wired and wireless sources.

68
Q

Nessus

A

Nessus will identify open ports and determine the services and versions of service running on those ports.
Also used to find and report network services on hosts that have known vulnerabilities.

69
Q

Fuzzer

A

A fuzzer is a software testing tool used to find security vulnerabilities or bugs in software. It works by automatically generating and sending a wide range of invalid, unexpected, or random data as inputs to a computer program.

70
Q

Which tools is used to perform web assessment and analysis?

Nessus

Burp Suite

Kismet

Hping3

A

Burp Suite is a web assessment and analysis tool that looks for issues on websites such as cross-site scripting or SQL injection flaws.

71
Q

Burp Suite

A

A popular integrated platform used for testing the security of web applications. It offers a variety of tools for performing different security tests, including scanning for vulnerabilities, intercepting and modifying network traffic, and identifying weak points within an application.

72
Q

Kismet

A

Kismet is a tool commonly used to detect wireless access points.

73
Q

What are SSL and TLS, and how do they function in securing information transmitted over networks and the internet, particularly in relation to email protocols like IMAP and POP?

A

SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols designed to secure information sent over networks, including the internet. They provide encryption, authentication, and integrity of data in transit, ensuring that any data sent between the client and server is protected from eavesdropping and tampering. SSL and TLS operate in conjunction with other protocols, such as the Internet Message Access Protocol (IMAP) and the Post Office Protocol (POP), which are used for email communication. By integrating with these email protocols, SSL and TLS help safeguard email data as it travels across the network, protecting sensitive information from unauthorized access.