Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
cybersec f1
| Question | Answer |
|---|---|
| Which of the following passwords would most likely take the longest for an attacker to guess or break? Group of answer choices mk$$cittykat104# drninjaphd 10characters super3secret2password1 | mk$$cittykat104# |
| What is the definition of vulnerability? | a susceptibility or flaw that exposes a target to potential exploitation or attack. |
| Which three types of sensitive records are most attractive to cyber criminals? Group of answer choices rock food medical game education flight employment | medical education employment |
| What does BYOD stand for? Group of answer choices bring your own disaster buy your own disaster bring your own device bring your own decision | bring your own device |
| 'Today, there are single security appliances that will solve all the network security needs of an organization.’ Is this statement true or false? True False | false |
| What name is given to a device that controls or filters traffic going in or out of the network? Router Firewall IPS VPN | Firewall |
| Where is cryptocurrency stored? On the blockchain On an exchange In a wallet In a bank account | In a wallet |
| Which of the following passwords would most likely take the longest for an attacker to guess or break? mk$$cittykat104# super3secret2password1 10characters drninjaphd | mk$$cittykat104# |
| What is a security playbook? | A collection of repeatable queries or reports that outline a standardized process for incident detection and response |
| Can you identify why each of the following organizations might be interested in your online identity? next mo madami eh | |
| Internet service providers | They may be legally required to share your online information with government surveillance agencies or authorities |
| Advertisers | To monitor your online activities and send targeted ads your way |
| Social media platforms | To gather information based on your online activity, which is then shared with or sold to advertisers for a profit |
| Websites | To track your activities using cookies in order to provide a more personalized experience |
| Social media platforms | To gather information based on your online activity, which is then shared with or sold to advertisers for a profit |
| Which of the following should be carried out to address known software vulnerabilities of a specific application? Install a security patch Change the software Remove the application Change the hardware | Install a security patch |
| Which of the following tools can be used to provide a list of open ports on network devices? Whois Tracert Nmap Ping | Nmap |
| Which of the following is a requirement of a strong password? Use a dictionary word or a common statement that you’ll remember Use special characters such as ! @ or $ Use at least six characters | Use special characters such as ! @ or $ |
| Can you identify the software vulnerability from the following descriptions? next uli | |
| Buffer overflow | Occurs when data is written beyond the limits of memory areas that are allocated to an application |
| Race condition | Occurs when an ordered or timed set of processes is disrupted or altered by an exploit |
| Access control | Occurs through the improper use of practices that manage equipment, data or applications |
| You are looking to print photos that you have saved on a cloud storage account using a third-party online printing service. After successfully logging into the cloud account, you are automatically given access to the third-party online printing servic | The cloud storage service is an approved application for the online printing service |
| Individuals who engage in unauthorized digital intrusions motivated by ideological or social convictions are colloquially termed _________ white hat hactivist blue hat hacker | hactivist |
| What does IoE stand for? Internet of Everything Internet of Everyday Intelligence on Everything Insight into Everything | Internet of Everything |
| What type of attack overwhelms a target's resources using multiple systems, rendering it inaccessible? ping sweep spoof DDoS DoS | DDoS |
| What is the definition of vulnerability? a potential threat that a hacker creates a computer that contains sensitive information a susceptibility or flaw that exposes a target to potential exploitation or attack. | a susceptibility or flaw that exposes a target to potential exploitation or attack. |
| What Workforce Framework category involves analyzing and assessing cybersecurity data to determine its intelligence value? Protect and Defend Securely Provision Oversight and Development Analyze | Analyze |
| Which two methods help prevent cyber criminal activities? exchanging cyber threat data changing operating systems implementing proactive alert systems shutting down the network hiring hackers | exchanging cyber threat data implementing proactive alert systems |
| What is an example of an Internet data domain? | |
| Which type of technology can prevent malicious software from monitoring user activities, collecting personal information and producing unwanted pop-up ads on a user computer? Firewall Password manager Antispyware Two factor authentication | Antispyware |
| How can you ensure information remains confidential? (Choose three) Implementing two-factor authentication Version control systems Regular backups Setting file access permissions Encrypting sensitive data | Implementing two-factor authentication Setting file access permissions Encrypting sensitive data |
| Why do IoT devices pose a greater security risk than other computing devices on a network? | Most IoT devices do not receive frequent software updates |
| Which configuration on a wireless router is not considered to be adequate security for a wireless network? | Preventing the broadcast of an SSID |
| The risk management process consists of four steps. Can you put these in the right order? Assess the risk Monitor the risk Frame the risk Respond to the risk | Step 1 Frame the risk Step 2 Assess the risk Step 3 Respond to the risk Step 4 Monitor the risk |
| What is the most common goal of search engine optimization (SEO) poisoning? | To increase web traffic to malicious sites |
| You have stored your data on a local hard disk. Which method would secure this data from unauthorized access? Data encryption Duplication of the hard drive Two factor authentication Deletion of sensitive files | Data encryption |
| Behavior-based analysis involves using baseline information to detect what? | Anomalies |
| What type of attack overwhelms a computer's resources, crippling it through excessive memory usage or CPU strain? exhaustion DDoS APT algorithm | algorithm (this is correct but parang mali |
| What term describes an inexperienced or novice hacker? blue team script kiddie red hat black hat | script kiddie |
| What protocol is used to collect information about traffic traversing a network? Telnet HTTPS NAT NetFlow | NetFlow |
| What was the primary objective of the Stuxnet malware? Computer hijacking and control Physical damage to computer-controlled equipment Harm to nuclear plant workers | Physical damage to computer-controlled equipment |
| Which of the following is considered personally identifiable information (PII)? (Choose three) Professional title Social security number Driver's license number Birthdate and location IP address (in some jurisdictions) | ??????????? |
| Which technology removes direct equipment and maintenance costs from the user for data backups? Network attached storage A tape An external hard drive A cloud service | A cloud service |
| What is the difference between a hacker and a cybersecurity professional? | Cybersecurity professionals must work within legal boundaries |
| You are having difficulty remembering passwords for all of your online accounts. What should you do? | Save the passwords in a centralized password manager program |
| What is the best method to prevent Bluetooth from being exploited? | Always disable Bluetooth when it is not being used |
| What type of attack overwhelms a target's resources using multiple systems, rendering it inaccessible? | DDoS |
| What type of attack overwhelms a computer's resources, crippling it through excessive memory usage or CPU strain? | algorithm |
| Which of the following security vulnerabilities could result in the receipt of malicious information that could force a program to behave in an unintended way? | Non-validated input |
| What motivates a white-hat attacker? Operating system research Network optimization Illegal financial gain Improving cybersecurity | Improving cybersecurity |
| A set of changes done to any program or application with the aim of updating, fixing or improving it is often referred to as what? A patch An install A hack A fix | A patch |
| 'Today, there are single security appliances that will solve all the network security needs of an organization.’ Is this statement true or false? True False | false |
| What should you do in order to make sure that people you live with do not have access to your secure data? Turn on a firewall Set up password protection Increase the privacy settings on your browser Install antivirus software | Set up password protection |
| What is the purpose of a rootkit? To replicate itself independently of any other programs To deliver advertisements without user consent To gain privileged access to a device while concealing itself To masquerade as a legitimate program | To gain privileged access to a device while concealing itself |
| How can you keep your personal browsing history hidden from other users on a shared computer? | Operate the web browser in private browser mode |
| What is the main aim of a Cyber Security Incident Response Team (CSIRT)? | To help ensure organization, system and data preservation by performing investigations into computer security incidents |
| ‘With careful planning and consideration, some risks can be completely eliminated.’ Is this statement true or false? | False |
| An individual's social media profile is an example of a(n) ______ identity. | Digital (online) |
| What is the correct definition of risk management? | The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities |
| What can the skills developed by cybersecurity professionals be used for? | Cybersecurity professionals develop many skills that can be used for good or evil |
| How is data integrity typically verified? Via authentication protocols Using hashes or checksums By encrypting data Through backups | Using hashes or checksums |
| What is the last stage of a pen test? Analysis and reporting Gathering target information Maintaining access Scanning | Analysis and reporting |
| What is the most common goal of search engine optimization (SEO) poisoning? | To increase web traffic to malicious sites |
| Which of the following is an example of two factor authentication? | ✅ Your fingerprint and your password. |
| Does having no social media and only browsing the Internet mean no online identity exists? | no |
| Which technology removes direct equipment and maintenance costs from the user for data backups? | A cloud service |
| You are looking to print photos that you have saved on a cloud storage account using a third-party online printing service. After successfully logging into the cloud account, you are automatically given access to the third-party online printing service. | The cloud storage service is an approved application for the online printing service |
| What was the primary objective of the Stuxnet malware? | Physical damage to computer-controlled equipment |
| What are the core principles for securing information systems according to the McCumber Cube? (Select three) | CIA |
| What type of attack allows an attacker to use a brute-force approach? | Password cracking |
| Which of the following tools can be used to provide a list of open ports on network devices? | Nmap |
| Who is responsible for overseeing a blockchain electronic ledger? | Anyone belonging to the blockchain network |
| What type of attack overwhelms a target's resources using multiple systems, rendering it inaccessible? | DDoS |
| What does IoE stand for? | Internet of everything |
| What Workforce Framework category involves analyzing and assessing cybersecurity data to determine its intelligence value? | Analyze |
| Which two methods help prevent cyber criminal activities? | implementing proactive alert systems, exchanging cyber threat data |
| What term describes an inexperienced or novice hacker? | script kiddie |
| What does BYOD stand for? | bring your own device |
| Which three types of sensitive records are most attractive to cyber criminals? | medical, education, Employment |
| What type of attack overwhelms a computer's resources, crippling it through excessive memory usage or CPU strain? | algorithm |
| What is an example of an Internet data domain? | |
| Individuals who engage in unauthorized digital intrusions motivated by ideological or social convictions are colloquially termed _________? | Hactivist |
| An individual's social media profile is an example of a(n) ______ identity. | Digital (online) |
| Which of the following characteristics describe a worm? (Select two correct answers) | Is self-replicating, Travels to new computers without any intervention or knowledge of the user |
| How can you prevent others from eavesdropping on network traffic when operating a PC on a public Wi-Fi hotspot? | Connect with a VPN service |
| What is the best method to prevent Bluetooth from being exploited? | Always disable Bluetooth when it is not being used |
| Why are internal security threats more damaging? | Internal attackers have direct infrastructure access |
| Why do IoT devices pose a greater security risk than other computing devices on a network? | Most IoT devices do not receive frequent software updates |
| What motivates a white-hat attacker? | Improving cybersecurity |
| What protocol is used to collect information about traffic traversing a network? | NetFlow |
| What is the definition of vulnerability? | a susceptibility or flaw that exposes a target to potential exploitation or attack. |
| What is the primary goal of a DoS attack? | To prevent the target server from being able to handle additional requests |
| Where is cryptocurrency stored? | In a wallet |
| Which of the following examples effectively illustrates how malware can be cleverly concealed? | An email is sent to the employees of an organization with an attachment that looks like an antivirus update, but the attachment actually consists of spyware |
| How can you keep your personal browsing history hidden from other users on a shared computer? | Operate the web browser in private browser mode |
| Can you identify why each of the following organizations might be interested in your online identity? | Internet service providers: – They may be legally required to share your info Advertisers: – To monitor your online activities Social media platforms: – To gather information based on your online act Websites: – To track your activities using cookies |
| What characterizes cyberwarfare? | |
| What can the skills developed by cybersecurity professionals be used for? | Cybersecurity professionals develop many skills that can be used for good or evil |
| Which of the following should be carried out to address known software vulnerabilities of a specific application? | Install a security patch |
| ‘Securing physical access to target equipment is an organization’s best defense against a cyber attack.’ Is this true or false? | True |
| Which of the following security vulnerabilities could result in the receipt of malicious information that could force a program to behave in an unintended way? | Non-validated input |
| What is the difference between a hacker and a cybersecurity professional? | Cybersecurity professionals must work within legal boundaries |
| What should you do in order to make sure that people you live with do not have access to your secure data? | Set up password protection |
| You have stored your data on a local hard disk. Which method would secure this data from unauthorized access? | Data encryption |
| Which of the following passwords would most likely take the longest for an attacker to guess or break? | mk$$cittykat104 |
| How can you ensure information remains confidential? (Choose three) | Implementing two-factor authentication, Setting file access permissions, Encrypting sensitive data |
| Which configuration on a wireless router is not considered to be adequate security for a wireless network? | Preventing the broadcast of an SSID |
| The risk management process consists of four steps. Can script kiddie | F A R M |
| What is the correct definition of risk management? | The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities |
| What is the only way of ensuring that deleted files on your computer are irrecoverable? | Physically destroying your computer’s hard drive |
| How do Cisco ISE and TrustSec work? | They enforce access to network resources by creating role-based access control policies |
| What cyber protection level applies to each? | Your online identity – Personal; A customer database – Organizational; Economic stabilty – Government |
| What tool can identify malicious traffic by comparing packet contents to known attack signatures? | IDS |
| Which of the following tools can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks? | Snort |
| Which type of technology can prevent malicious software from monitoring user activities, collecting personal information and producing unwanted pop-up ads on a user computer? | firewall |
| What name is given to a device that controls or filters traffic going in or out of the network? | Firewall |
| What is a security playbook? | A collection of repeatable queries or reports that outline a standardized process for incident detection and response |
| Which of the following is a requirement of a strong password? | Use special characters such as ! @ or $ |
| Behavior-based analysis involves using baseline information to detect what? | Anomalies |
| Which of the following is considered personally identifiable information (PII)? | ✅ Social security number, ✅ Driver's license number, ✅ Birthdate and location |
| You are having difficulty remembering passwords for all of your online accounts. What should you do? | Save the passwords in a centralized password manager program |
| A set of changes done to any program or application with the aim of updating, fixing or improving it is often referred to as what? | A patch |
| 'Today, there are single security appliances that will solve all the network security needs of an organization.’ Is this statement true or false? True False | false |
| What is the purpose of a rootkit? | To gain privileged access to a device while concealing itself |
| How is data integrity typically verified? | Using hashes or checksums |
| What is the last stage of a pen test? | Analysis and reporting |
Created by:
f3xo