



Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
The document 'cyberrookie csx fundamentals' provides an overview of fundamental cybersecurity concepts and principles, covering key topics such as common controls, the NIST framework, incident management, malware, identity management, the OSI model, encryption, penetration testing, system hardening, network management, and vulnerability management.
Typology: Study Guides, Projects, Research
1 / 7
This page cannot be seen from the preview
Don't miss anything!
Three common controls used to protect the availability of information are - Redundancy, backups and access controls Governance has several goals, including - Providing strategic direction, Ensuring that objectives are achieved, Verifying that organizational resources are being used appropriately, Ascertaining whether risk is being managed properly. According to the NIST framework, which of the following are considered key functions necessary for the protection of digital assets? - Protect, Recover, Identify The best definition for cybersecurity? - Protecting information assets by addressing threats to information that is processed, stored or transported by interworked information systems Cybersecurity role that is charged with the duty of managing incidents and remediation?
Patches - are solutions to software programming and coding errors. Identity Management - includes many components such as directory services, authentication and authorization services, and user management capabilities such as provisioning and deprovisioning. The Internet perimeter should - Detect and block traffic from infected internal end points, Eliminate threats such as email spam, viruses and worms, Control user traffic bound toward the Internet, Monitor and detect network ports for rogue activity. Transport layer of the OSI - ensures that data are transferred reliably in the correct sequence Session layer of the OSI - coordinates and manages user connections There key benefits of the DMZ system are - An intruder must penetrate three separate devices, Private network addresses are not disclosed to the Internet, Internal systems do not have direct access to the Internet best states the role of encryption within an overall cybersecurity program - Encryption is an essential but incomplete form of access control The number and types of layers needed for defense in depth are a function of - Asset value, criticality, reliability of each control and degree of exposure. Put the steps of the penetration testing phase into the correct order - Planning, Discovery, Attack, Reporting System hardening should implement the principle of - Least privilege or access control Which of the following are considered functional areas of network management as defined by ISO? - Accounting management, Fault management, Performance management, Security management Virtualization involves - Multiple guests coexisting on the same server in isolation of one another Vulnerability management begins with an understanding of cybersecurity assets and their locations, which can be accomplished by - Maintaining an asset inventory. Arrange the steps of the incident response process into the correct order - Preparation, Detection and analysis, Investigation, Mitigation and recovery, Postincident analysis Which element of an incident response plan involves obtaining and preserving evidence
Which of the following offers the strongest protection for wireless network traffic? - Wireless Protected Access 2 (WPA2) Outsourcing poses the greatest risk to an organization when it involves: - Core business functions Risk assessments should be performed - On a regular basis Maintaining a high degree of confidence regarding the integrity of evidence requires a(n): - Chain of custody A firewall that tracks open connection-oriented protocol sessions is said to be: - Stateful During which phase of the system development lifecycle (SDLC) should security first be considered? - Planning A cybersecurity architecture designed around the concept of a perimeter is said to be: - System-centric A passive network hub operates at which layer of the OSI model? - Physical Updates in cloud-computing environments can be rolled out quickly because the environment is: - Homogeneous During which phase of the six-phase incident response model is the root cause determined? - Eradication The attack mechanism directed against a system is commonly called a(n): - Payload Where should an organization's network terminate virtual private network (VPN) tunnels? - At the perimeter, to allow for effective internal monitoring In practical applications: - Asymmetric key encryption is used to securely obtain symmetric keys Which two factors are used to calculate the likelihood of an event? - Threat and vulnerability What is one advantage of a firewall implemented in software over a firewall appliance? - Flexibility A business continuity plan (BCP) is not complete unless it includes: - Detailed procedures
Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following? - Malicious code An interoperability error is what type of vulnerability? - Emergent Securing Supervisory Control and Data Acquisition (SCADA) systems can be challenging because they - Operate in specialized environments and often have non- standard design elements Virtual systems should be managed using a dedicated virtual local area network (VLAN) because - Insecure protocols could result in a compromise of privileged user credentials Describes the activities required to identify the occurrence of a cybersecurity incident - Security continuous monitoring, detection and evaluating anomalies/incidents This key function ensures that organizational objectives and stakeholder needs are aligned with desired outcomes through effective decision making and prioritization. - Governance The primary objective of cybersecurity is - Protecting a company's digital assets The activity that ensures business processes continue after a security incident - Recovery Which is associated with identifying digital assets - Asset management Responsibilities and/or duties of Governance, Risk Management and Compliance (GRC) - Adherence to required laws and regulations, Implementation of required procedures, Development of internal controls to mitigate risk, Adherence to voluntary contractual requirements. In most information security organizations, which role sets the overall strategic direction
Methods of control can help protect integrity - Logging, Digital Signatures, Hashes, Encryption Which type of documentation records details of information or events in an organized record-keeping system, usually sequenced in the order in which they occurred - Log A week of severe rainstorms has flooded your company's building. All servers have been ruined. It is estimated that business will be down for 3 weeks. This is an example of - Lack of availability When two or more controls work in parallel to protect an asset, it is called - Redundancy Types of backups - Full, incremental and differential A differential backup - Only copies files that have changed since last full backup Potential consequences resulting from lack of availability include - Loss of functionality and operational effectiveness, Loss of productive time, Interference with enterprise's objectives The concept that a message or other piece of information is genuine is called - Nonrepudiation Describe authentication - The act of verifying identity, Verification of the correctness of a piece of data, Designed to protect against fraudulent logon activity, Verifying a user's eligibility to access computerized information Nonrepudiation is implemented through which methods - Transactional logs, Digital signatures The process of converting plaintext messages, applying a mathematical function to them and producing ciphertext messages is called: - Encryption What control mechanism defines authentication and authorization protocols for users? - Access controls