Implementing A Security Awareness Training Program Would Be An Example of Which Type of Control

Question 1 1 / 1 point
Implementing a Security Awareness training program would be an example of which type of control?
Administrative control
Correct!
Putting locks on a door is an example of which type of control?
Preventative
Correct!
What would a piece of malicious code that gets installed on a computer and reports back to the controller your
keystrokes and other information it can gather from your system be called?
Spyware
Correct!
Suspicious activity, like IP addresses or ports being scanned sequentially, is a sign of which type of attack?
A mapping attack
A denial of service (DoS) attack
A phishing attack
An IP spoofing attack
Incorrect, this material was covered in the course Introduction to Cybersecurity Tools & Cyber Attacks, Week 2 - A brief
overview of types of actors and their motives
An email message that is encrypted, uses a digital signature and carries a hash value would address which aspects of the
CIA Triad?
Confidentiality and Integrity
Confidentiality and Availability
Integrity and Availability
Confidentiality, Integrity and Availability
A company wants to prevent employees from wasting time on social media sites. To accomplish this, a document
forbidding use of these sites while at work is written and circulated and then the firewalls are updated to block access to
Facebook, Twitter and other popular sites. Which two (2) types of security controls has the company just implemented?
(Select 2)
Operational
Incorrect, this material was covered in the course Introduction to Cybersecurity Tools & Cyber Attacks, Week 3 - An
overview of key security concepts
Administrative
Physical
Technical
A penetration tester that gains access to a system without permission and then exploits it for personal gain is said to
wear what color hat?
Black
What is an advantage symmetric key encryption has over asymmetric key encryption?
Symmetric key encryption is faster than asymmetric key encryption
Correct!
Which position is in charge of testing the security and effectiveness of computer information systems?
Information Security Analyst
Chief Information Officer (CIO)
Information Security Architect
Information Security Auditor
Incorrect, this material was covered in the course Cybersecurity Roles, Processes & Operating System Security, Week 1 -
People Process & Technology
Which three (3) roles are typically found in an Information Security organization? (Select 3)
Vulnerability Assessor
Chief Information Security Officer (CISO)
Penetration Tester
Problem Management, Change Management, and Incident Management are all key processes of which framework?
ITIL
Trudy changes the message and then forwards it on

Correct!
What does the "A" in the CIA Triad stand for?
Availability
Correct!
Which type of access control is based upon the subject's clearance level and the objects classification?
Mandatory Access Control (MAC)
Correct!
Ali must grant access to any individual or group he wants to allow access to the files he owns. Which access control type
is in use in Ali's organization?
Mandatory Access Control (MAC)
Hierarchical Access Control (HAC)
Role Based Access Control (RBAC)
Discretionary Access Control (DAC)
Authentication and Access Control
If you are setting up a Windows 10 laptop with a 32Gb hard drive, which two (2) file system could you select? (Select 2)
FAT32
NTFS
Which three (3) permissions can be set on a file in Linux? (Select 3)
write
read
execute
If cost is the primary concern, which type of cloud should be considered first?
Hybrid cloud
Universal cloud
Private cloud
Public cloud
Overview of Virtualization
Consolidating and virtualizing workloads should be done when?
After moving the workloads to the cloud but before they are open to users
It does not matter; these steps require approximately the same amount of work no matter when you elect to do them
Gradually as you generate usage metrics
Before moving the workloads to the cloud
Overview of Virtualization
Which of the following is a self-regulating standard set up by the credit card industry in the US?
PCI-DSS
Correct!
Island hopping is an attack method commonly used in which scenario?
Supply Chain Infiltration
Correct!
If an Endpoint Detection and Response (EDR) system detects that an endpoint does not have a required patch installed,
which statement best characterizes the actions it is able to take automatically?
The endpoint can be quarantined from all network resources except those that allow it to download and install the
missing patch
No actions can be taken directly on the endpoint but the endpoint's owner can be notified of the actions he/she is
expected to take
The endpoint can be either allowed access to all network resources or quarantined and denied access to all network
resources
Nothing can be done directly to the endpoint but a system administrator can be alerted to handle the problem with the
system owner
Incorrect, this material was covered in the course Cybersecurity Compliance Framework & System Administration, Week
2 - Client System Administration, Endpoint Protection and Patching
Which statement about drivers running in Windows kernel mode is true?
The Windows Virtual Address Manager protects processes in the kernel from interfering with each other’s assigned
memory space
Only critical processes are permitted to run in kernel mode since there is nothing to prevent a misbehaving driver from
impacting other processes that are also sharing the same memory space
The Windows Process Director prevents processes running in the kernel from interfering with each other’s operations
Each process running in kernel mode is assigned its own dedicated virtual address space, so it is safe to load any driver
into the kernel for faster execution
3 - Server and User Administration
The Windows Security App available in Windows 10 provides uses with which of the following protections?
All of the above
Correct!
Public key encryption incorporating digital signatures ensures which of the following?
Confidentiality and Integrity
Confidentiality, Integrity and Availability
Confidentiality and Availability
Confidentiality only
4 - Cryptography and Compliance Pitfalls
Which statement is True of Hash functions?
Hashing is a reliable way to assure the integrity of a message
Correct!
Which of the following statements about hashing is True?
The original message can be retrieved from the hash if you have the encryption key
A weakness of hashing is that the hash is proportional in length to the original message
Hashing uses algorithms that are known as “one-way” functions
If you have two hashes that differ only by a single character, you can infer that the original messages also differed very
little
Which statement about encryption is True about data in use.
Data in active memory registers are not at risk of being stolen
Short of orchestrating a memory dump from a system crash, there is no practical way for malware to get at the data
being processed, so dump logs are your only real concern
It is vulnerable to theft and should be decrypted only for the briefest possible time while it is being operated on
Data should always be kept encrypted since modern CPUs are fully capable of operating directly on encrypted data
For added security you decide to protect your network by conducting both a stateless and stateful inspection of
incoming packets. How can this be done?
You must install 2 firewalls in series, so all packets pass through the stateless firewall first and then the stateless firewall
Install a single firewall that is capable of conducting both stateless and stateful inspections
Install a stateful firewall only These advanced devices inspect everything a stateless firewall inspects in addition to state
related factors
This cannot be done The network administrator must choose to run a given network segment in either stateful or
stateless mode, and then select the corresponding firewall type
Incorrect, this material was covered in the course Network Security & Database Vulnerabilities, Week 1 - TCP/IP
Framework
Which statement best describes configuring a NAT router to use dynamic mapping?
The organization will need as many registered IP addresses as it has computers that need Internet access
Unregistered IP addresses are mapped to registered IP addresses as they are needed
The NAT router uses each computer's IP address for both internal and external communication
Many registered IP addresses are mapped to a single registered IP address using different port numbers
Framework
Which address type does a computer use to get a new IP address when it boots up?
To the system's MAC address
The network's default gateway address

The network's DHCP server address
The network's DNS server address
To the system's domain name
To the system's IP address
Framework
In IPv4, how many of the 4 octets are used to define the network portion of the address in a Class B network?
Correct!
Which three (3) of these statements about the TCP protocol are True? (Select 3)
TCP is connection-oriented
TCP is more reliable than UDP
TCP packets are reassembled by the receiving system in the order in which they were sent
Signature-based detection and statistical anomaly detection are found on what type of device?
An Intrusion Prevention System (IPS)
Correct!
If you have to rely upon metadata to work with the data at hand, you are probably working with which type of data?
Semi-structured data
Unstructured data
Meta-structured data
Structured data
Incorrect, this material was covered in the course Network Security & Database Vulnerabilities, Week 3 - Introduction to
Databases
In reviewing the security logs for a company's headquarters in New York City, which of these activities should not raise
much of a security concern?
An employee has started logging in from home for an hour or so during the last 2 weeks of each quarter
Correct!
Poor user input sanitation and unsafe execution of OS commands leaves a system vulnerable to which form of attack?
OS Command Injection
Correct!
An employee calls the IT Helpdesk and admits that maybe, just possibly, the links in the email he clicked on this morning
were not from the real Lottery Commission. What is the first thing you should tell the employee to do?
Run an antivirus scan
Start searching his hard drive for unusual files or folders
Run a vulnerability scan
Run a Port scan
Incorrect, this material was covered in the course Penetration Testing, Incident Response and Forensics, Week 1 -
Penetration Testing
Which portion of the pentest report would cover the risk ranking, recommendations and roadmap?
Executive Summary
Recommendations for Remediation
Rules of Engagement
Technical Review
Penetration Testing
Which Incident Response Team model describes a team that runs all incident response activities for a company?
Coordinating
Central
Distributed
Control
Incident Response
Which Post Incident activity would be concerned with maintaining the proper chain-of-custody?
Lessons learned meeting

Utilizing collected data
Evidence retention
Documentation review & update
Incident Response
True or False. Digital forensics is effective in solving cyber crimes but is not considered effective in solving violent crimes
such as rape and murder.
True
False
Incorrect, this material was covered in the course Penetration Testing, Incident Response and Forensics, Week 3 - Digital
Forensics
In digital forensics documenting the chain of custody of evidence is critical. Which of these should be included in your
chain of custody log?
The names of every person who has physical custody of any piece of evidence
Documenting the actions that are performed on the evidence and at what time
Documenting how the evidence was stored when not in use
All of the above
Incorrect, this material was covered in the course Penetration Testing, Incident Response and Forensics, Week 3 - Digital
Forensics
What scripting concept will repeatedly execute the same block of code while a specified condition remains true?
Loops
Correct!
Which two (2) statements about Python are true? (Select 2)
Python code is considered very readable by novice programmers
Python code is considered easy to debug compared with other popular programming languages
Python is not considered portable, running only on Linux and Windows machines
Python code is written at a very low level to better integrate with operating system functions
Introduction to Scripting
In the Python statement
pi="3"
What data type is the data type of the variable pi?
str
bool
float
int
Introduction to Scripting
Which two (2) of these Python libraries provides useful statistical functions? (Select 2)
NumPy
Scikit-learn
Seaborn
StatsModels
Pandas
Matplotlib
According to the Crowdstrike model, CISOs, CTOs and executive boards belong in which intelligence area?
Control
Incorrect, this material was covered in the course Cyber Threat Intelligence, Week 1 - Threat Intelligence
Activities performed as a part of security intelligence can be divided into pre-exploit and post-exploit activities. Which
two (2) of these are post-exploit activities? (Select 2)
Detect deviations from the norm that indicate early warnings of APTs
Incorrect, this material was covered in the course Cyber Threat Intelligence, Week 1 - Threat Intelligence
Gather full situational awareness through advanced security analytics
Prioritize vulnerabilities to optimize remediation processes and close critical exposures
Perform forensic investigation
Which three (3) of these are among the top 12 capabilities that a good data security and protection solution should
provide? (Select 3)
Vulnerability assessment
Tokenization
Real-time alerting
True or False. For iOS and Android mobile devices, users must interact with the operating system only through a series
of applications, but not directly.
True
Correct!
All industries have their own unique data security challenges. Which of these industries has a particular concern with
PCI-DSS compliance while having a large number of access points staffed by low-level employees who have access to
payment card data?
Financial
Retail
Transportation
Healthcare
Incorrect, this material was covered in the course Cyber Threat Intelligence, Week 3 - Data Loss Prevention and Mobile
Endpoint Protection
True or False. WireShark has an impressive array of features and is distributed free of charge.
True
Correct!
What organization managers the assignment and registration of port numbers?
Internet Assigned Numbers Authority (IANA)
Correct!
The Decommission step in the DevSecOps Release, Deploy & Decommission phase contains which of these activities?
IAM controls to regulate authorization
Correct!
Which form of penetration testing allows the testers partial knowledge of the systems they are trying to penetrate in
advance of their attack to streamline costs and focus efforts?
Black Box Testing
Red Box Testing
White Box testing
Gray Box Testing
Incorrect, this material was covered in the course Cyber Threat Intelligence, Week 5 - Application Security and Testing
Which one of the OWASP Top 10 Application Security Risks would be occur when an application's API exposes financial,
healthcare or other PII data?
Sensitive data exposure
Correct!
Why should you always look for common patterns before starting a new security architecture design?
All of the above
Correct!
SIEM license costs are typically calculated based upon which two (2) factors? (Select 2)
The MSU capacity of the system running the SIEM
Incorrect, this material was covered in the course Cyber Threat Intelligence, Week 6 - SIEM Platforms
Flows per minute (FPM)
Events per second (EPS)
Number of users with access to the SIEM
What do QRadar flow collectors do with the flows they collect?
They convert the flow data to a standard QRadar flow format and forward it to the centralized flow processor
Correct!
True or False. Thorough reconnaissance is an important step in developing an effective cyber kill chain.
True
Correct!
True or False. One of the primary challenges in cyber threat hunting is a lack of useful tools sold by too few vendors.
False
Correct!
True or False. A large company has a data breach involving the theft of employee personnel records but no customer
data of any kind. Since no external data was involved, the company does not have to report the breach to law
enforcement.
False
Correct!
According to the IRIS Framework, during which stage of an attack would the attacker attempt to escalate their privileges,
move laterally and conduct internal reconnaissance?
Attack objective execution
Continuous phases occur
Attack beginnings
Continue the attack, expand network access
Launch and execute the attack
Incorrect, this material was covered in the course Cybersecurity Capstone: Breach Response Case Studies, Week 1 -
Incident Management Response and Cyberattack Frameworks
Which three (3) of these statistics about phishing attacks are real? (Select 3)
Phishing attempts tripled between 2017 and 2018
Phishing Scams
Around 15 million new phishing sites are created each month
30% of phishing messages are opened by their targeted users
Phishing accounts for nearly 20% of data breaches
Which of these statements about the PCI-DSS requirements for any company handling, processing or transmitting credit
card data is true?
Cardholder data must be encrypted if it is sent across open or public networks
Correct!
Which three (3) are malware types commonly used in PoS attacks to steal credit card data? (Select 3)
vSkimmer
BlackPOS
Alina
According to a 2018 Ponemon study third party risk management, which three (3) of these were identified as best
practices? (Select 3)
An inventory of all third parties with whom you share information
Frequent review of third-party management policies and programs
Evaluation of the security and privacy practices of all third parties
You get a phone call from a technician at the "Windows company" who tells you that they have detected a problem with
your system and would like to help you resolve it. In order to help, they need you to go to a web site and download a
simple utility that will allow them to fix the settings on your computer. Since you only own an Apple Mac, you are
suspicious of this caller and hang up. What would the attack vector have been if you had downloaded the "simple utility"
as asked?
Remote Desktop Protocol (RDP)
Correct!
Very provocative articles that come up in news feeds or Google searches are sometimes called "click-bait". These articles
often tempt you to link to other sites that can be infected with malware. What attack vector is used by these click-bait
sites to get you to go to the really bad sites?
Software Vulnerabilities
Remote Desktop Protocol (RDP)
Phishing
Malicious Links
Ransomware

Implementing A Security Awareness Training Program Would Be An Example of Which Type of Control

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Implementing A Security Awareness Training Program Would Be An Example of Which Type of Control

Uploaded by

Copyright:

Available Formats

Question 1 1 / 1 point

Putting locks on a door is an example of which type of control?

A denial of service (DoS) attack

Confidentiality and Integrity

Confidentiality and Availability

Integrity and Availability

Confidentiality, Integrity and Availability

Symmetric key encryption is faster than asymmetric key encryption

Information Security Analyst

Chief Information Officer (CIO)

Information Security Architect

Information Security Auditor

Chief Information Security Officer (CISO)

Trudy changes the message and then forwards it on

What does the "A" in the CIA Triad stand for?

Mandatory Access Control (MAC)

Mandatory Access Control (MAC)

Hierarchical Access Control (HAC)

Role Based Access Control (RBAC)

Discretionary Access Control (DAC)

Which three (3) permissions can be set on a file in Linux? (Select 3)

Consolidating and virtualizing workloads should be done when?

Gradually as you generate usage metrics

Before moving the workloads to the cloud

Island hopping is an attack method commonly used in which scenario?

Supply Chain Infiltration

All of the above

Confidentiality and Integrity

Confidentiality, Integrity and Availability

Confidentiality and Availability

Which statement is True of Hash functions?

Hashing is a reliable way to assure the integrity of a message

Which of the following statements about hashing is True?

Hashing uses algorithms that are known as “one-way” functions

Which statement about encryption is True about data in use.

Data in active memory registers are not at risk of being stolen

Unregistered IP addresses are mapped to registered IP addresses as they are needed

To the system's MAC address

The network's default gateway address

The network's DNS server address

To the system's domain name

To the system's IP address

TCP is more reliable than UDP

An Intrusion Prevention System (IPS)

Run an antivirus scan

Start searching his hard drive for unusual files or folders

Run a vulnerability scan

Run a Port scan

Recommendations for Remediation

Lessons learned meeting

Documentation review & update

Documenting how the evidence was stored when not in use

All of the above

Which two (2) statements about Python are true? (Select 2)

Python code is considered very readable by novice programmers

In the Python statement

What data type is the data type of the variable pi?

Gather full situational awareness through advanced security analytics

Prioritize vulnerabilities to optimize remediation processes and close critical exposures

Perform forensic investigation

What organization managers the assignment and registration of port numbers?

Internet Assigned Numbers Authority (IANA)

IAM controls to regulate authorization