Exam Questions and CORRECT Answers
Reconnaissance - CORRECT ANSWER - Reconnaissance is the process of gathering
information about an organization, including:
System hardware information
Network configuration
Individual user information
Social Engineering - CORRECT ANSWER - Social engineering is the process of
manipulating others to give you sensitive information such as:
Intimidation
Sympathy
Technical - CORRECT ANSWER - A technical approach is using software or utilities to
find vulnerabilities in a system.
Port scan
Ping sweep
Breach - CORRECT ANSWER - A breach is the penetration of system defenses, achieved
through information gathered by reconnaissance to penetrate the system defenses and gain
unauthorized access.
Escalate Privileges - CORRECT ANSWER - Escalating privileges is one of the primary
objectives of an attacker and can be achieved by configuring additional (escalated) rights to do
more than just breaching the system.
Create a Backdoor - CORRECT ANSWER - Creating a backdoor is an alternative method
of accessing an application or operating system for troubleshooting. Hackers often create
backdoors to exploit a system without being detected.
,Stage - CORRECT ANSWER - Staging a computer involves preparing it to perform
additional tasks in the attack, such as installing software designed to attack other systems. This is
an optional step.
Exploit - CORRECT ANSWER - An exploitation takes advantage of known
vulnerabilities in software and systems. Types of exploitation include:
Stealing information
Denying services
Crashing systems
Modifying/Altering information
Layering - CORRECT ANSWER - Layering involves implementing multiple security
strategies to protect the same asset. Defense in depth or security in depth is the premise that no
single layer is completely effective in securing the assets. The most secure system/network has
many layers of security and eliminates single points of failure.
Principle of Least Privilege - CORRECT ANSWER - The principle of least privilege
states that users or groups are given only the access they need to do their job and nothing more.
When assigning privileges, be aware that it is often easier to give a user more access when they
need it than to take away privileges that have already been granted.
Variety - CORRECT ANSWER - Defensive layers should have variety and be diverse;
implementing multiple layers of the exact same defense does not provide adequate strength
against attacks.
Randomness - CORRECT ANSWER - Randomness in security is the constant change in
personal habits and passwords to prevent anticipated events and exploitation.
Simplicity - CORRECT ANSWER - Security measures should provide protection, but not
be so complex that you do not understand and use them.
,Sophisticated Attacks - CORRECT ANSWER - Sophisticated attacks are complex,
making them difficult to detect and thwart. Sophisticated attacks:
Use common internet tools and protocols, making it difficult to distinguish an attack from
legitimate traffic.
Vary their behavior, making the same attack appear differently each time.
Proliferation of Attack Software - CORRECT ANSWER - A wide variety of attack tools
are available on the internet, allowing anyone with a moderate level of technical knowledge to
download the tools and run an attack.
Attack Scale and Velocity - CORRECT ANSWER - The scale and velocity of an attack
can grow to millions of computers in a matter of minutes or days due to its ability to proliferate
on the internet. Because modern attacks are not limited to user interactions, such as using a
floppy disk, to spread an attack from machine to machine, the attacks often affect very large
numbers of computers in a relatively short amount of time.
Confidentiality - CORRECT ANSWER - Ensures that data is not disclosed to unintended
persons. This is provided through encryption, which converts the data into a form that makes it
less likely to be usable by an unintended recipient.
Integrity - CORRECT ANSWER - ensures that data is not modified or tampered with.
This is provided through hashing.
Availability - CORRECT ANSWER - which ensures the uptime of the system so that data
is available when needed
Non-repudiation - CORRECT ANSWER - provides validation of a message's origin. For
example, if a user sends a digitally signed email, they cannot claim later that the email was not
sent. Non-repudiation is enforced by digital signatures.
CIA of Security - CORRECT ANSWER - refers to confidentiality, integrity, and
availability. These are often identified as the three main goals of security.
, Physical security - CORRECT ANSWER - which includes all hardware and software
necessary to secure data, such as firewalls and antivirus software.
Users and administrators - CORRECT ANSWER - which are the people who use the
software and the people who manage the software, respectively.
Policies - CORRECT ANSWER - which are the rules an organization implements to
protect information.
Risk management - CORRECT ANSWER - is the process of identifying security issues
and deciding which countermeasures to take in reducing risk to an acceptable level. The main
objective is to reduce the risk for an organization to a level that is deemed acceptable by senior
management.
asset - CORRECT ANSWER - something that has value to the person or organization,
such as sensitive information in a database.
threat - CORRECT ANSWER - an entity that can cause the loss of an asset or any
potential danger to the confidentiality, integrity, or availability of information or systems, such as
a data breach that results in a database being stolen.
threat agent - CORRECT ANSWER - (sometimes known as an attacker) is an entity that
can carry out a threat, such as a disgruntled employee who copies a database to a thumb drive
and sells it to a competitor.
vulnerability - CORRECT ANSWER - is a weakness that allows a threat to be carried out,
such as a USB port that is enabled on the server hosting the database or a server room door that
is frequently left ajar. USB devices pose the greatest threat to the confidentiality of data in most
secure organizations. There are so many devices that can support file storage that stealing data
has become easy, and preventing it is difficult.