CYBER SECURITY FUNDAMENTALS EXAM 2, Exams of Computer Science

CYBER SECURITY FUNDAMENTALS EXAM 2 CYBER SECURITY FUNDAMENTALS EXAM 2

Typology: Exams

2025/2026

Available from 04/17/2026

Tutornurse
Tutornurse 🇺🇸

3.4

(5)

7.1K documents

1 / 14

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CYBER SECURITY
FUNDAMENTALS EXAM 2
A(n) IDPS is focused on protecting network information
assets. - ANSWERS-Network-based
benchmark and monitor the status of key system files
and detect when an intruder creates, modifies, or deletes monitored
files. - ANSWERS-HIDPSs
Three methods dominate the IDPSs detection methods:
-based approach, statistical anomaly-based
approach or the stateful packet inspection approach. - ANSWERS-
signature
To use a packet sniffer legally, an administrator only needs permission
of the organization's top computing executive. - ANSWERS-False
The Metasploit Framework is a collection of exploits coupled with an
interface that allows the penetration tester to automate the custom
exploitation of vulnerable systems. - ANSWERS-True
Port explorers are tools used by both attackers and defenders to
identify (or fingerprint) the computers that are active on a network, as
well as the ports and services active on those computers, the functions
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe

Partial preview of the text

Download CYBER SECURITY FUNDAMENTALS EXAM 2 and more Exams Computer Science in PDF only on Docsity!

CYBER SECURITY

FUNDAMENTALS EXAM 2

A(n) IDPS is focused on protecting network information assets. - ANSWERS-Network-based benchmark and monitor the status of key system files and detect when an intruder creates, modifies, or deletes monitored files. - ANSWERS-HIDPSs Three methods dominate the IDPSs detection methods:

  • based approach, statistical anomaly-based approach or the stateful packet inspection approach. - ANSWERS- signature To use a packet sniffer legally, an administrator only needs permission of the organization's top computing executive. - ANSWERS-False The Metasploit Framework is a collection of exploits coupled with an interface that allows the penetration tester to automate the custom exploitation of vulnerable systems. - ANSWERS-True Port explorers are tools used by both attackers and defenders to identify (or fingerprint) the computers that are active on a network, as well as the ports and services active on those computers, the functions

and roles the machines are fulfilling, and other useful information.

  • ANSWERS-False Alarm events that are accurate and noteworthy but do not pose significant threats to information security are called noise.
  • ANSWERS-True HIDPSs are also known as system verifiers.
  • ANSWERS-integrity Your organization's operational goals, constraints, and culture should not affect the selection of the IDPS and other security tools and technologies to protect your systems. - ANSWERS-False is the process of attracting attention to a system by placing tantalizing bits of information in key locations. - ANSWERS-enticement A HIDPS can monitor systems logs for predefined events. - ANSWERS-True A vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. - ANSWERS-passive

Some policies may need a(n) indicating their expiration date. - ANSWERS-sunset clause In recent years, NIST has shifted its approach from implementing security controls using a certification and accreditation (C&A) model to one more aligned with industry practices, titled the Risk Management Framework. - ANSWERS-True A(n) sequential roster is activated as the first person calls a few people on the roster, who in turn call a few other people.

  • ANSWERS-False (Hierarchical) A(n) is a scripted description of an incident, usually just enough information so that each individual knows what portion of the IRP to implement, and not enough to slow down the notification process. - ANSWERS-alert message Each policy should contain procedures and a timetable for periodic review. - ANSWERS-True The is based on and directly supports the mission, vision, and direction of the organization and sets the strategic direction, scope, and tone for all security efforts. - ANSWERS-EISP A(n) site is a fully configured computer facility, with all services, communications links, and physical plant operations including heating and air conditioning. - ANSWERS-hot

A(n) is a plan or course of action that conveys instructions from an organization's senior management to those who make decisions, take actions, and perform other duties. - ANSWERS-Policy controls are information security safeguards that focus on the application of modern technologies, systems, and processes to protect information assets.. - ANSWERS-technical The transfer of large batches of data to an off-site facility, usually through leased lines or services, is called. - ANSWERS- electronic vaulting is a strategy for the protection of information assets that uses multiple layers and different types of controls (managerial, operational, and technical) to provide optimal protection. - ANSWERS-Defense in depth Incident is the rapid determination of the scope of the breach of the confidentiality, integrity, and availability of information and information assets during or just following an incident. - ANSWERS-damage assessment ACLs are more specific to the operation of a system than rule-based policies and they may or may not deal with users directly. - ANSWERS-False (Rule based policy are more specific)

is the probability that a specific vulnerability within an organization's assets will be successfully attacked. - ANSWERS-likelihood Residual risk is the risk that that has not been removed, shifted, or planned for after vulnerabilities have been completely resolved. - ANSWERS-False include information and the systems that use, store, and transmit information. - ANSWERS-information assets The plan specifies the actions an organization can and should take while an adverse event (that could result in loss of an information asset or assets, but does not currently threaten the viability of the entire organization) is in progress. - ANSWERS- Incident Response A(n) is an authorization issued by an organization for the repair, modification, or update of a piece of equipment. - ANSWERS- FCO A(n) policy requires that employees secure all information in appropriate storage containers at the end of each day. - ANSWERS-clean desk

Security efforts that seek to provide a superior level of performance in the protection of information are referred to as best business practices.

  • ANSWERS-True When determining the relative importance of each asset, refer to the organization's mission statement or statement of objectives to determine which elements are essential, which are supportive, and which are merely adjuncts. - ANSWERS-True Some information security experts argue that it is virtually impossible to determine the true value of information and information-bearing assets. - ANSWERS-True Organizations should communicate with system users throughout the development of the security program, letting them know that change are coming, and reduce resistance to expected change through communication, education, and involvement. - ANSWERS-True Best business practices are often called recommended practices. - ANSWERS-True Risk defines the quantity and nature of risk that organizations are willing to accept as they evaluate the tradeoffs between perfect security and unlimited accessibility. - ANSWERS- appetite One advantage to benchmarking is that best practices change very little over time. - ANSWERS-False

Overriding an employee's security clearance requires that the employee meet the standard be met. - ANSWERS-Need to know filtering requires that the filtering rules governing how the firewall decides which packets are allowed and which are denied be developed and installed with the firewall. - ANSWERS-static The proxy server is often placed in an unsecured area of the network or is placed in the zone. - ANSWERS-demilitarized The false reject rate describes the number of legitimate users who are denied access because of a failure in the biometric device. - ANSWERS-True The is an intermediate area between a trusted network and an untrusted network. - ANSWERS-Demilitarized Zone (DMZ) A(n) is a combination of hardware and software that filters or prevents specific information from moving between the outside world and the inside world. - ANSWERS-firewall Access control is achieved by means of a combination of policies, programs, and technologies. - ANSWERS-True

The RADIUS system decentralizes the responsibility for authenticating each user, by validating the user's credentials on the NAS server. - ANSWERS-False A(n) intranet is a segment of the DMZ where additional authentication and authorization controls are put into place to provide services that are not available to the general public.

  • ANSWERS-False Port Address Translation assigns non-routing local addresses to the computer systems in the local area network and uses ISP-assigned addresses to communicate with the Internet, on a one-to-one basis.
  • ANSWERS-False A(n) private network is a private and secure network connection between systems that uses the data communication capability of an unsecured and public network. - ANSWERS-virtual A(n) contains a computer chip that can verify and validate several pieces of information instead of just a PIN.
  • ANSWERS-smart card In SESAME, the user is first authenticated to an authentication server and receives a token. The token is then presented to a privilege attribute server as proof of identity to gain a(n). - ANSWERS-PAC

access control is a form of access control in which users are assigned a matrix of authorizations for particular areas of access. - ANSWERS-lattice-based, nondiscretionary Some vulnerability scanners feature a class of attacks called , that are so dangerous they should only be used in a lab environment. - ANSWERS-destructive Under the guise of justice, some less scrupulous administrators may be tempted to , or hack into a hacker's system to find out as much as possible about the hacker. - ANSWERS-back hack Intrusion detection and prevention systems perform monitoring and analysis of system events and user behaviors. - ANSWERS-True When the measured activity is outside the baseline parameters, it is said to exceed the level. - ANSWERS- clipping A(n) IDPS can adapt its reactions in response to administrator guidance over time and circumstances of the current local environment. - ANSWERS-smart Fingerprinting is the organized research of the Internet addresses owned or controlled by a target organization.

  • ANSWERS-False