Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
intro to cyber F4
| Question | Answer |
|---|---|
| Why is WEP considered insecure for modern wireless networks? | highly vulnerable to hacking |
| Why is WPA2 better than WPA? | mandatory use of AES algorithms |
| What three types of threats are classified as malware? | virus keylogger Trojan horse |
| To investigate potential unauthorized nighttime access, which logs would you activate? | audit |
| Following the security audit, what three best practices should be recommended to secure privileged accounts compromised by excessive access? | Protect passwords with robust encryption and secure storage. Assign privileges based on minimal necessary access. Streamline and minimize privileged accounts. |
| What type of biometric error occurs when an unauthorized individual is incorrectly identified as a legitimate user? | Type II |
| What benefits does implementing a patch management solution provide to an organization? | Administrators have control over patch approval and rejection. Updates are mandatory and cannot be bypassed. Updates can be instantly enforced across systems. |
| To identify potential vulnerabilities, what baseline should the user compare the current operating system state against? | a baseline |
| A user reports an issue with a newly installed application failing to connect to the Internet, despite successful browsing. What's the probable root cause? | computer firewall |
| What two requirements are necessary to implement Windows BitLocker for full-disk encryption on company laptops? | at least two volumes TPM |
| What two key resources are typically available on the Internet Storm Center website? | InfoSec job postings InfoSec reports |
| What cloud-based service would be most suitable for hosting commercial software to reduce deployment costs? | SaaS |
| What three vulnerabilities might an auditor identify as potential threats to a company's Local Area Network (LAN)? | Unprotected network equipment. Firewall configuration errors. Unauthorized network surveillance. |
| What are three exceptions to the Freedom of Information Act (FOIA) that allow for withholding certain information? | Proprietary business data Sensitive law enforcement files Classified national security and foreign policy information |
| Under which federal law is student information protected from unauthorized disclosure? | FERPA |
| What industry-specific regulation governs the protection of credit card data in the event of a breach? | PCI DSS |
| What are the three main categories of roles within the field of information security? | definers monitors builders |
| What are two common risks facing application security? | unauthorized access data loss |
| What three strategic suggestions can be proposed to effectively mitigate device-related security threats within the organization? | Implement automatic virus scanning. Restrict user administrative privileges. Activate automatic screen locking |
| What are the three primary services offered by the Computer Emergency Response Team (CERT)? | Design solutions for digital forensic analysis. Develop vulnerability assessment tools and methodologies. Remediate software vulnerabilities. |
| A user reports frequent, unexpected changes to the wireless network password. What could be causing this issue? | rogue access point |
| What additional steps can be taken to further secure and harden a newly set up PC after installing patches and updating antivirus software? | Disable or uninstall unused applications and services. |
| How does disk cloning benefit desktop support by reducing workstation downtime? | |
| A new intern is tasked with configuring local workstation password policies. Which tool is ideal for this purpose? | secpol.msc |
| What three compelling reasons can be used to justify implementing a patch management service? | comprehensive reporting capabilities for system visibility enforced consistency, preventing users from bypassing essential updates centralized scheduling and management of update deployments |
| To identify potential vulnerabilities, what baseline should the user compare the current operating system state against? | a baseline |
| Which operational center typically handles network infrastructure-related issues? | NOC |
| Following the security audit, what three best practices should be recommended to secure privileged accounts compromised by excessive access? | Protect passwords with robust encryption and secure storage. Assign privileges based on minimal necessary access. Streamline and minimize privileged accounts. |
| What protocol is recommended for secure and flexible remote server access? | Secure Shell |
| What service translates a website's domain name into its corresponding IP address? | DNS |
| What three power-related problems should a technician be aware of? | blackout brownout spike |
| Why is WEP considered insecure for modern wireless networks? | highly vulnerable to hacking |
| A user reports an issue with a newly installed application failing to connect to the Internet, despite successful browsing. What's the probable root cause? | computer firewall |
| How do Host-based Intrusion Detection Systems (HIDS) differ from firewalls? | HIDS oversees host computer operating systems and file activity, whereas firewalls regulate traffic between systems. |
| What secure technology can provide an encrypted communication channel for telecommuting employees to access company resources remotely? | VPN |
| Under which federal law is student information protected from unauthorized disclosure? | FERPA |
| What industry-specific regulation governs the protection of credit card data in the event of a breach? | PCI DSS |
| What method can be employed to assign severity scores to threats, prioritizing critical vulnerabilities? | NVD |
| What key principle should security professionals grasp to guide their ethical judgment when handling sensitive information and assets? | laws governing the data |
| What two security measures can be implemented to prevent unauthorized individuals from entering the office building? | Educate employees on security best practices through regular awareness training. Develop and enforce clear guidelines for visitor access and management. |
| What legislation safeguards employees' personal information and allows them to opt-out of sharing it with external parties? | GLBA |
| What tool would a security professional utilize to conduct a vulnerability assessment and identify security risks within the company's network? | vulnerability scanner |
| To mitigate user-based security risks, what three measures could the company implement to control unauthorized software downloads, website access, and personal device usage? | Conduct regular employee security education. Enable web content filtering. Restrict peripheral device usage. |
| Which federal law applies to individuals who intentionally access government computers without authorization? | CFAA |
| What three security measures can be taken to safeguard a private cloud infrastructure from potential threats? | |
| Why is Kali Linux widely used for network penetration testing and vulnerability assessments? | t's a comprehensive, open-source Linux distribution featuring over 300 security tools |
Created by:
jxxnixx