🔐
SecWiki
  • Home
  • General
    • Interesting Links
      • Curriculum
    • Pentest Labs, Wargames Sites
      • How To Vulnhub with VirtualBox
  • Network Pentest
    • Courses
      • TCM - Zero to Hero
        • Week 1: Setup
          • ipsweep.sh
        • Week 2: Python 101
          • python101.py
          • bof.py
        • Week 3: Python 102
          • python102.py
          • scanner.py
        • Week 4: Passive OSINT
        • Week 5: Scanning Tools & Tactics
          • nmap
          • Nessus
          • msfconsole
        • Week 6: Enumeration
        • Week 7: Exploitation, Shells, and Some Credential Stuffing
        • Week 8: LLMNR/NBT-NS Poisoning
        • Week 9: NTLM
        • Week 10: MS17-010, GPP/cPasswords, and Kerberoasting
        • Week 11: File Transfers, Pivoting, Reporting
        • Commands
      • Penetration Testing Student (PTS)
      • OSCP Study
    • Recon
      • OSINT
    • Enumeration
      • Samba Shares
      • ProFtpd
    • Gaining Access
      • Reverse Shells
    • Privilege Escalation
      • Meterpreter
      • Spawning a TTY Shell
      • Reverse Shell Cheat Sheet
      • Cracking Hashes
      • Restricted Linux Shell Escape
      • Linux Privilege Escalation
        • lxd
        • sytemctl
      • Windows Privilege Escalation
        • Active Directory
          • What is AD?
        • User Enumeration
    • Post Exploitation
      • Cleanup
      • Maintaining Access
      • Pivoting
      • File Transfers
      • Covering Tracks
    • Vulnerabilities Checklist
    • Report Writing
  • Web App Pentest
    • Tools
      • Burp Suite
      • THC-Hydra BruteForce
    • Injection
      • SQL Injection
    • Broken Authentication
    • Sensitive Data Exposure
      • SQLite3
    • XML External Entity
      • XML Background
      • XPath Injection
    • Broken Access Control
    • Security Misconfiguration
    • Upload/Download
      • Download Bypass: Poison Null Byte
    • XSS
      • DOMXSS
      • Persistent XSS
      • Reflected (Client-side) XSS
      • Data URLs
    • Insecure Deserialization
    • Components with Known Vulnerabilities
    • Insufficient Logging and Monitoring
    • Server-Side Request Forgery (SSRF)
  • CTF
    • Intro to CTF
    • Forensics
      • Challenges
    • Steganography
    • Reverse Engineering
    • Tools
  • Network Security
    • Courses
      • Sec+
      • IBM Cybersecurity Analyst Professional Certificate
      • ISCI CNSS Course
        • Introduction to Network Security
          • Network Basics
          • Basic Network Utilities
          • The OSI Model
          • Threat Classification
          • Security Terminology
          • Approaches of Network Security
          • Law and Network Security
        • Types of Attacks
          • Denial of Service Attacks
          • Buffer Overflow Attacks
          • IP Spoofing
          • Session Hijacking
        • Fundamentals of Firewalls
          • What is a Firewall
          • Firewall Types
          • Firewall Implementation
          • Proxy Servers
          • Windows Firewalls
          • Linux Firewalls
        • Intrusion-Detection Systems
          • IDS Concepts
          • Components and Processes of IDS
          • Implementing IDS
          • Honeypots
        • Fundamentals of Encryption
          • The History of Encryption
          • Modern Encryption Methods
          • Windows and Linux Encryption
          • Hashing
          • Cracking Passwords
        • Virtual Private Networks (VPN)
          • Introduction to VPN
          • VPN Protocols
          • IPSec
          • SSL/TLS
          • VPN Solutions
        • Operating System Hardening
          • Configuring Windows
          • Configuring Linux
          • Operating System Patches
        • Virus Attacks and How to Defend
          • Virus Types and Attacks
          • Virus Scanners
          • Antivirus
          • Virus Infection and Identification
          • Trojan Horses
          • Spyware or Adware
        • Security Policies
          • User Policies Definition
          • System Administration Policies
          • Access Control
        • Assessing System Security
          • Risk Assessment
          • Conducting an Initial Assessment
          • Probing the Network
          • Vulnerabilities
          • Documenting Security
        • Security Standards
          • ISO Standards
          • NIST Standards
          • General Data Protection Regulation (GDPR)
          • PCI DSS
        • Physical Security and Recovery
          • Physical Security
          • Disaster Recovery
          • Fault Tolerance
        • Attackers Techniques
          • Hacking Preparation
          • The Attack Phase
          • Hacking Wi-Fi
    • The Web
    • The OSI Model
    • Malware Traffic Analysis with Wireshark
  • Digital Forensics
    • Autopsy - open-source digital forensics platform
  • Exploit Dev/Analysis
    • Code Review
      • Tools
    • Buffer Overflows
    • Static Analysis
      • Antivirus Scanning
      • Hashing
      • File strings
      • Packed and Obfuscated Malware
        • Demo: UPX
      • Portable Executable File Format (PE)
        • Tools
        • Linked Libraries and Functions
        • PE File Headers and Sections
  • Shell
    • ./missing-semester
      • Course overview + the shell
      • Shell Tools and Scripting
      • Editors (Vim)
      • Data Wrangling
      • Command-line Environment
    • Bash Tricks
    • .bashrc
    • Random Commands
      • sed
  • Hardware
    • NAND2Tetris
      • Boolean Functions and Gate Logic
      • Boolean Arithmetic and the ALU
      • Memory
      • Machine Language
      • Computer Architecture
      • Assembler
  • Other
    • K8s
      • Chapter 1: From Monolith to Microservices
      • Chapter 2: Container Orchestration
      • Chapter 3: Kubernetes
      • Chapter 4: Kubernetes Architecture
Powered by GitBook
On this page
  • Introduction to Cybersecurity Tools & Cyber Attacks
  • Cybersecurity Roles, Processes & Operating System Security
  • Cybersecurity Compliance Framework & System Administration
  • Network Security & Database Vulnerabilities
  • Penetration Testing, Incident Response and Forensics
  • Cyber Threat Intelligence
  • Threat Intelligence
  • Data Loss Prevention and Mobile Endpoint Protection
  • Scanning
  • Application and Security Testing
  • SIEM Platforms
  • Threat Hunting
  • Cybersecurity Capstone: Breach Response Case Studies
  • Incident Management Response and Cyberattack Frameworks
  • Phishing Scams
  • Point of Sale Breach
  • 3rd Party Breach
  • Ransomware

Was this helpful?

  1. Network Security
  2. Courses

IBM Cybersecurity Analyst Professional Certificate

Coursera Courses | Note: These courses have a lot of spelling errors.

Introduction to Cybersecurity Tools & Cyber Attacks

  • Which of the following statements is True?

    • Passive attacks are easy to detect because of the latency created by the interception and second forwarding.

      Passive attacks are hard to detect because the original message is never delivered so the receiving does not know they missed anything.

      Passive attacks are hard to detect because the original message is delivered unchanged and can pass an integrity check.

      Passive attacks are easy to detect because the original message wrapper must be modified by the attacker before it is forwarded on to the intended recipient.

  • The purpose of security services includes which three (3) of the following?

    • Are intended to counter security attacks.

      Enhance security of data processing systems and information transfer.

      Often replicate functions found in physical documents

      Includes any component of your security infrastructure that has been outsourced to a third-party

  • Which statement best describes access control?

    • Protection against denial by one of the parties in communication

      Protection against the unauthorized disclosure of data

      Assurance that the communicating entity is the one claimed

      Prevention of unauthorized use of a resource

  • The International Telecommunication Union (ITU) X.800 standard addresses which three (3) of the following topics?

    • Transmission cost sharing between member countries

      Data transmission speeds

      Authentication

      Access Control

      Data Confidentiality

  • Protocol suppression, ID and authentication are examples of which?

    • Security Architecture

      Security Mechanism

      Business Policy

      Security Policy

  • The motivation for more security in open systems is driven by which three (3) of the following factors?

    • New requirements from the WTO, World Trade Organization

      The appearence[sic] of data protection legislation in several countries.

      The desire by a number of organizations to use OSI recommendations.

      Society's increasing dependance[sic] on computers.

  • True or False: The accidental disclosure of confidential data by an employee is considered a legitimate organizational threat.

    • True

  • True or False: The accidental disclosure of confidential information by an employee is considered an attack.

    • True

  • A replay attack and a denial of service attack are examples of which?

    • Security architecture attack

      Passive attack

      Masquerade attack

      Origin attack

  • True or False: An application that runs on your computer without your authorization but does no damage to the system is not considered malware.

    • False

  • How would you classify a piece of malicious code designed to cause damage, can self-replicate and spreads from one computer to another by attaching itself to files?

    • Worm

  • How would you classify a piece of malicious code designed to cause damage and spreads from one computer to another by attaching itself to files but requires human actions in order to replicate?

    • Virus

  • How would you classify a piece of malicious code designed collect data about a computer and its users and then report that back to a malicious actor?

    • Spyware

  • A large scale Denial of Service attack usually relies upon which of the following?

    • A botnet

  • Antivirus software can be classified as which form of threat control?

    • Technical controls

  • Which of the following measures can be used to counter a mapping attack?

    • Record traffic entering the network

      Look for suspicious activity like IP addresses or ports being scanned sequentially.

      Use a host scanner and keep an inventory of hosts on your network.

      All of the above.

  • In order for a network card (NIC) to engage in packet sniffing, it must be running in which mode?

    • Promiscuous mode

  • Which countermeasure can be helpful in combating an IP Spoofing attack?

    • Ingress filtering

      Enable IP Packet Authentication filtering

      Keep your certificates up-to-date

      Enable the IP Spoofing feature available in most commercial antivirus software.

      All of the above.

  • Which two (2) measures can be used to counter a Denial of Service (DOS) attack?

    • Enable the DOS Filtering option now available on most routers and switches.

      Implement a filter to remove flooded packets before they reach the host.

      Use traceback to identify the source of the flooded packets.

      Enable packet filtering on your firewall.

  • Which countermeasure should be used against a host insertion attack?

    • Maintain an accurate inventory of of computer hosts by MAC address.

      Use a host scanning tool to match a list of discovered hosts against known hosts.

      Investigate newly discovered hosts.

      All of the above.

  • Which is not one of the phases of the intrusion kill chain?

    • Installation

      Activation

      Command and Control

      Delivery

  • Which social engineering attack involves a person instead of a system such as an email server?

    • Vishing

      Spectra

      Phishing

      Cyberwarfare

  • Which of the following is an example of a social engineering attack?

    • Logging in to the Army's missle[sic] command computer and launching a nuclear weapon.

      Calling an employee and telling him you are from IT support and must observe him logging into his corporate account.

      Setting up a web site offering free games, but infecting the downloads with malware.

      Sending someone an email with a Trojan Horse attachment.

  • True or False: While many countries are preparing their military for a future cyberwar, there have been no "cyber battles" to-date.

    • False

  • Which tool did Javier say was crucial to his work as a SOC analyst?

    • SIEM (Security Information and Event Management): Tools like QRadar SIEM are crucial to Javier since he can use it to perform advanced corrolations and threat intelligence integration.

  • Which hacker organization hacked into the Democratic National Convension[sic] and released Hillery[sic] Clinton's emails?

    • Fancy Bears[sic]

  • What challenges are expected in the future?

    • Enhanced espionage from more countries

      Far more advanced malware

      New consumer technology to exploit

  • Why are cyber attacks using SWIFT so dangerous?

    • Cyber attacks using SWIFT are so dangerous as the protocol used by all banks to transfer money which risks confidential customer data

      Explanation:

      • SWIFT used by banking institutions, where the entire banking operation is connected to a messaging network with the help of data which originally aimed at making communications between banks easier.

      • Although the Government had taken various measures to prevent Cyber attacks are common occurrences that steal customer data and fetch money from their account.

      • Hence, SWIFT, which relies on the internet and networking might backfire and be a major threat to the people.

  • Which statement best describes Authentication?

    • Assurance that a resource can be accessed and used

    • Assurance that the communicating entity is the one claimed

    • Protection against denial by one of the parties in communication

    • Prevention of unauthorized use of a resource

  • Trusted functionality, security labels, event detection, security audit trails and security recovery are all examples of which type of security mechanism?

    • Contingent security mechanism

      Active security mechanism

      External security mechanism

      Passive security mechanism

  • If an organization responds to an intentional threat, that threat is now classified as what?

    • An attack

      -An active threat

      A malicious threat

      An open case

  • An attack that is developed particularly for a specific customer and occurs over a long period of time is a form of what type of attack?

    • -Water Hole

      Advanced Persistent Threat

      Spectra

      Denial of Service (DOS)

  • Which of three (3) these approaches could be used by hackers as part of a Business Email Compromise attack?

    • Account compromise

      Attorney impersonation

      Request to make a payment

      CEO Fraud, where CEO sends email to an employee

  • Which type of actor was not one of the four types of actors mentioned in the video A brief overview of types of actors and their motives?

    • Black Hats

  • A political motivation is often attributed to which type of actor?

    • Hacktivist

  • Which type of actor hacked the 2016 US Presidential Elections?

    • Government

  • True or False: Passive attacks are easy to detect because the original messages are usually alterned or undelivered.

  • Cryptography, digital signatures, access controls and routing controls considered which?

    • -Pervasive security mechanisms

    • security policy

  • Which type of attack can be addressed using a switched Ethernet gateway and software on every host on your network that makes sure their NICs is not running in promiscuous mode.

    • Packet Sniffing

  • True or False: An individual hacks into a military computer and uses it to launch an attack on a target he personally dislikes. This is considered an act of cyberwarfare.

  • True or False: A tornado threatening a data center can be classified as an attack.

  • Traffic flow analysis is classified as which?

    • Passive attack

  • Botnets can be used to orchestrate which form of attack?

    • Distribution of Spam

      -DDoS attacks

      Phishing attacks

      Distribution of Spyware

      As a Malware launchpad

      All of the above

  • Policies and training can be classified as which form of threat control?

    • -Administrative controls

    • Passive Controls

  • Encrypting your email is an example of addressing which aspect of the CIA Triad?

    • Confidentiality

      Integrity

      Availability

  • Trudy changes the meeting time in a message she intercepts from Alice before she forwards it on to Bob. This is a violation of which aspect of the CIA Triad?

    • Confidentiality

      Integrity

      Availability

  • You fail to backup your files and then drop your laptop breaking it into many small pieces. You have just failed to address which aspect of the CIA Triad?

    • Confidentiality

      Integrity

      Availability

  • The use of digital signatures is an example of which concept?

    • Non-repudiation

      Confidentiality

      Integrity

      Availability

  • Managers in the Singapore office at your company can access documents that managers in other offices cannot access, nor can nonmanager employees in the Singapore office. Which 2 access criterial types were likely involved in setting this up?

    • Groups: Managers would be in a managers group.

      Timeframe

      Transaction type

      Physical location: Location is used as an access control factor.

  • In incident management, an event that has a negative impact on some aspect of the network or data is called what?

    • Event

      Attack

      Incident: an event with impact

      Threat

  • In incident management, a data inventory, data classification and data management process are part of which key concept?

    • Automated system

      Business Continuity Plan & Disaster Recovery

      E-Discovery: It is crucial to have an automated inventory of systems and data so you can know if anything changes or does not belong.

      Post-Incident Activities

  • Which of the phase of the Incident Response Process do steps like Identify cyber security incident, Define objectives and investigate situation and Take appropriate action fall into?

    • Phase 1: Prepare

      Phase 2: Respond

      Phase 3: Follow Up]

  • In the context of security standards and compliance, which two (2) of these items are goals of frameworks and best practices?

    • They seek to improve performance, controls and metrics.

      They are rules to follow for a specific industry.

      They serve as an enforcement mechanism for government, industry or clients.

      They help translate the business needs into technical or operational needs.

  • A company document that says employees may not do online shopping while at work would be which of the following?

    • Strategic Plan

      Tactical Plan

      Procedure

      Policy

  • Which three (3) of these are compliance standards that must be adhered to by companies is some industries / countries?

    • HIPAA

      PCI/DSS

      OCTAVE

      SOX

  • A method of evaluating computer and network security by simulating an attack on a computer system or network from external or internal threats is know as which of the following?

    • A threat

      A white hat

      A hack

      A pentest

  • The OWASP “Top 10” provides guidance on what?

    • The top 10 malware exploits reported each year.

      The top 10 network vulnerabilities reported each year.

      The top 10 cybercrimes reported each year.

      The top 10 application vulnerabilities reported each year.

  • Which two (2) key components are part of incident response? (Select 2)

    • Response team

      Threat

      Investigation

      Attack

  • Which is not part of the Sans Institutes Audit process?

    • Deliver a report.

      Define the audit scope and limitations.

      Help to translate the business needs into technical or operational needs.

      Feedback based on the findings.

  • Which key concept to understand incident response is defined as "data inventory, helps to understand the current tech status, data classification, data management, we could use automated systems. Understand how you control data retention and backup."

    • E-Discovery

  • Which is not included as part of the IT Governance process?

    • Tactical Plans

      Procedures

      Audits

      Policies

  • A hash is a mathematical algorithm that helps assure which aspect of the CIA Triad?

    • Integrity

  • A successful DOS attack against your company’s servers is a violation of which aspect of the CIA Triad?

    • Availability

  • Which of these is an example of the concept of non-repudiation?

    • Alice sends a message to Bob with certainty that it was not altered while in route by Trudy.

      Alice sends a message to Bob with certainty that it will be delivered.

      Alice sends a message to Bob and Bob knows for a certainty that it came from Alice and no one else.

      Alice sends a message to Bob and Alice is certain that it was not read by Trudy.

  • You have been asked to establish access to corporate documents in such a way that they can be read from anywhere, but only modified while the employees are in the office. Which 2 access criteria types were likely involved in setting this up?

    • Groups

      Physical location

      Transaction type

      Timeframe

  • In incident management, an observed change to the normal behavior of a system, environment or process is called what?

    • Event

  • In incident management, tools like SIEM, SOA and UBA are part of which key concept?

    • Automated system

      BCP & Disaster Recovery

      Post-Incident Activities

      E-Discovery

  • Which phase of the Incident Response Process do steps like Carry out a post incident review and Communicate and build on lessons learned fall into?

    • Respond

      Follow Up

      Prepare

  • In the context of security standards and compliance, which two (2) of these are considered normative and compliance items?

    • They seek to improve performance, controls and metrics.

      They are rules to follow for a specific industry.

      They help translate the business needs into technical or operational needs.

      They serve as an enforcement mechanism for government, industry or clients.

  • A company document that details how an employee should request Internet access for her computer would be which of the following?

    • Procedure

      Strategic Plan

      Policy

      Tactical Plan

  • Which of these is a methodology by which to conduct audits?

    • SOX

      HIPAA

      PCI/DSS

      OCTAVE

  • Mile 2 CPTE Training teaches you how to do what?

    • Conduct a pentest.

      Advanced network management tasks

      Conduct a Ransomware attack

      Construct a botnet

  • Which three (3) statements about OWASP are True?

    • OWASP stands for Open Web Application Security Project

      OWASP provides tools and guidance for mobile applications.

      OWASP Top 10 only lists the top 10 web application vulnerabilities but you must engage an OWASP certified partner to learn how to fix them.

      OWASP provides guidance and tools to help you address web application vulnerabilities on their Top 10 list.

  • Firewalls contribute to the security of your network in which three (3) ways?

    • Prevent unauthorized modifications to internal data from an outside actor.

      Allow only authorized access to inside the network.

      Prevent an internal user from downloading data she is not authorized to access.

      Prevent Denial of Service (DOS) attacks.

  • Which packets are selected for inspection by a packet filtering firewall?

    • Every packet entering or leaving a network.

      The first packet of every transmission but only subsequent packets when “high risk” protocols are used.

      Every packet entering the network but no packets leaving the network.

      The first packet in any transmission, whether entering or leaving.

  • True or False: Application Gateways are an effective way to control which individuals can establish telnet connections through the gateway.

  • Why are XML gateways used?

    • XML packet headers are different from that of other protocols and often “confuse” conventional firewalls.

      Conventional firewalls attempt to execute XML code as instructions to the firewall.

      XML traffic cannot pass through a conventional firewall.

      XML traffic passes through conventional firewalls without inspection.

  • Which three (3) things are True about Stateless firewalls?

    • They filter packets based upon Layer 3 and 4 information only (IP address and Port number)

      They are faster than Stateful firewalls.

      They maintain tables that allow them to compare current packets with previous packets.

      They are also known as packet-filtering firewalls.

  • True or False: Most Antivirus/Antimalware software works by comparing each file encountered on your system against a compressed (zipped) version of known malware maintained by the vendor on the local host.

  • How many unique encryption keys are required for 2 people to exchange a series of messages using asymmetric public key cryptography?

    • 4

  • What is Cryptographic Strength?

    • Relies on math, not secrecy

      Ciphers that have stood the test of time are public algorithms.

      Exclusive Or (XOR) is the “secret sauce” behind modern encryption.

      All of the above.

  • What is the primary difference between Symmetric and Asymmetric encryption?

    • The same key is used to both encrypt and decrypt the message.

  • Which type of cryptographic attack is characterized by an attack based upon trial an error where many millions of keys may be attempted in order to break the encrypted message?

    • brute-force

  • What is the correct sequence of steps required for Alice to send a message to Bob using asymmetric encryption?

    • Alice requests Bob’s public key and uses it to encrypt her message. Alice then sends the encrypted message to Bob who decrypts it using his private key.

  • A skilled penetration tester wants to show her employer how smart she is in hopes of getting a promotion. Without obtaining permission, she hacks into the company’s new online store to see if there are any weaknesses that can be hardened before the system goes live. She does not do any damage and writes a useful report which she sends over her boss’s head to the CISO. What color hat was she wearing?

    • A White Hat

      A Gray Hat

      A Black Hat

      A Pink Hat

      A Rainbow Hat

  • Which three (3) are resources that are available to help guide penetration testing efforts by cybersecurity specialists?

    • General Data Protection Regulation (GDPR)

      Open Source Security Testing Methodology Manual (OSSTMM).

      NIST SP 800-42 Guidelines on Network Security Testing.

      Information Systems Security Assessment Framework (ISSAF)

  • According to the Vulnerability Assessment Methodology, Potential Impacts are determined by which 2 factors?

    • Identify Indicators and Exposure

      Exposure and Sensitivity

      Potential Impacts and Adaptive Capacity

      Sensitivity and Adaptive Capacity

  • In digital forensics, the term Chain of Custody refers to what?

    • This is a digital “chain” that isolated digital evidence from being disturbed until it can be analyzed by the police or other authorities.

      This is a physical chain that is place around a crime scene to protect the evidence from being disturbed.

      The record that documents the sequence of custody, control, transfer, analysis, and disposition of physical or electronic evidence.

      This chain of custody is simply a written record of who possessed the evidence as it moves from collection to analysis to presentation in a court of law.

  • What is the primary function of a firewall?

    • Scans the system and search for matches against the malware definitions.

      Secures communication that may be understood by the intended recipient only.

      Filter traffic between networks.

      Uses malware definitions.

  • What is Locard's exchange principle?

    • The perpetrator of a crime will bring something into the crime scene and leave with something from it, and that both can be used as forensic evidence.

  • Which two (2) are types of firewall?

    • Protocol-filtering

      Packet-filtering

      Statutory

      Application-level

  • Which type of data does a packet-filtering firewall inspect when it decides whether to forward or drop a packet?

    • Source and destination IP addresses.

      TCP/UDP source and destination port numbers.

      ICMP message type.

      TCP SYN and ACK bits.

      All of the above.

  • Which three (3) of the following are limitations of Application gateways?

    • Application gateways are susceptible to IP spoofing.

      Each application to be managed needs its own gateway.

      Client software must be “smart” and know to contact the gateway.

      Application gateways are not good and understanding protocols such as telnet.

  • Which type of firewall inspects XML packet payloads for things like executable code, a target IP address that make sense, and a known source IP address?

    • An XML Gateway.

      An application-level firewall.

      A packet-filtering firewall.

      All of the above.

  • Which statement about Stateful firewalls is True?

    • They have state tables that allow them to compare current packets with previous packets.

      They are less secure in general than Stateless firewalls.

      They are faster than Stateless firewalls.

      All of the above.

  • True or False: Most Antivirus/Antimalware software works by comparing a hash of every file encountered on your system against a table of hashes of known virus and malware previously made by the antivirus/antimalware vendor.

  • Which type of cryptographic attack is characterized by comparing a captured hashed password against a table of many millions of previously hashed words or strings?

    • Social Engineering

      Brute force

      Rainbow Tables

      Known Plaintext

      Known Ciphertext

  • What are two (2) drawbacks to using symmetric key encryption?

    • A modern supercomputer can break even the most advanced symmetric key in a matter of minutes.

      The sender and recipient must find a secure way to share the key itself.

      Symmetric key encryption is slower than asymmetric key encryption.

      You need to use a different encryption key with everyone you communicate with, otherwise anyone who has ever received an encrypted message from you could open any message you sent to anyone else using that key.

Cybersecurity Roles, Processes & Operating System Security

  • The statement: “The protection of computer systems from theft or damage to the hardware, software or information on them, as well as from disruption or misdirection of the services they provide.” Is a good definition for what?

    • IT Security

  • When looking at security standard and compliance, which three (3) are characteristics of best practices, baselines and frameworks?

    • They are rules to follow for a specific industry.

      They seek to improve performance, controls and metrics.

      They enforce government, industry or client regulations.

      They are used to improved controls, methodologies and governance for the IT department.

      They help translate the business needs into technical or operational needs.

  • Which three (3) of these roles would likely exist in an Information Security organization?

    • Regional Sales Executive

      Product Development Manager

      CISO, Chief Information Security Officer

      Vulnerability Assessor

      Director of Human Resources

      Information Security Architect

  • In the video Introduction to Process, which three (3) items were called out as critical to the success of a Security Operations Center (SOC)?

    • People

      Process

      Tools

      Uninterruptible Power Supplies for all critical systems.

      Bandwidth

      Faraday Cages

  • Process performance metrics typically measure items in which four (4) categories?

    • Rework

      Parts Inventory on hand

      Backlog of pending orders

      Quality (defect rate)

      Injuries

      Cost

      Cycle time

  • Service Portfolio Management, Financial Management, Demand Management and Business Relationship Management belong to which ITIL Service Lifecycle Phase?

    • Service Design

      Service Improvement

      Service Operations

      Service Strategy

      Service Transition

  • Log, Assign, Track, Categorize, Prioritize, Resolve and Close are all steps in which ITIL process?

    • Change Management

      Problem Management

      Incident Management

      Event Management

  • What critical item is noted when discussing process roles?

    • Separation of duties is critical; the approver should not be the requester.