Certiport CyberSecurity Certification (ANSWERED
CORRECTLY )
Diamond Model of Intrusion Analysis - Correct Answer Is an approach employed by several information
security professionals to authenticate and track cyber threats. According to this, every incident can be
depicted as a diamond.
Adversary - Correct Answer An adversary is an organization or threat actor responsible for leveraging a
capability against a victim to fulfill its goals.
Capability - Correct Answer Refers to the tools and techniques used by an adversary in an event.
Infrastructure - Correct Answer Includes the physical or logical communication structures such as IP or
e-mail addresses, domain names, and others, employed by an adversary to deliver a capability.
Victim - Correct Answer A target against whom attacks are initiated, vulnerabilities are exploited, or
capabilities are used. It can be organizations, people, or assets, such as target email or IP addresses,
domains, and so on.wep
Reasons for Successful Attacks - Correct Answer -Widespread Vulnerabilities
-Configuration Issues
-Poorly Designed Software
-Hardware Limitations
-Enterprise-Based Issues
Threat Actor - Correct Answer A person or element with power to carry out a threat. An individual or
entity responsible for cyber incidents against the technology equipment or enterprises and users.
Information Security - Correct Answer The tasks of securing information that is in a digital format:
- Manipulated by a microprocessor / In Processing
,-Preserved on a storage device / At Rest
- Transmitted over a network / In Transmit
BYOD - Correct Answer Allows users to use their own personal mobile devices for business purposes.
Corporate owned, personally enabled (COPE) - Correct Answer Employees choose from a selection of
company-approved devices.
Choose Your Own Device (CYOD) - Correct Answer Employees choose from a limited selection of
approved devices but the employee pays the upfront cost of the device while the business owns the
contract.
Virtual Desktop Infrastructure (VDI) - Correct Answer Stores sensitive applications and data on a remote
server that is accessed through a smartphone
Corporate-owned - Correct Answer Device is purchased and owned by the enterprise
Common Vulnerabilities and Exposures (CVE) - Correct Answer A tool that identifies vulnerabilities in
operating systems and application software. The CVE identifies vulnerabilities in operating systems and
application software.
Application Layer - Correct Answer The seventh layer of the OSI model. Application layer protocols
enable software programs to negotiate formatting, procedural, security, synchronization, and other
requirements with the network. Protocols Consists of FTP, HTTP, HTTPS, POP3, SMTP, IMAP. Device:
Computer
Presentation Layer - Correct Answer The sixth layer of the OSI model. Protocols in the Presentation layer
translate between the application and the network. Here, data are formatted in a schema that the
network can understand, with the format varying according to the type of network used. The
Presentation layer also manages data encryption and decryption, such as the scrambling of system
passwords. Protocols: Compression, encryption
, Session Layer - Correct Answer The fifth layer in the OSI model. This layer establishes and maintains
communication between two nodes on the network. It can be considered the "traffic cop" for network
communications. Protocols: Logon/logoff, NetBIOS, Negotiation
Transport Layer - Correct Answer The fourth layer of the OSI model. In this layer protocols ensure that
data are transferred from point A to point B reliably and without errors. this layer services include flow
control, acknowledgment, error correction, segmentation, reassembly, and sequencing. Protocols: TCP,
UDP
Network Layer - Correct Answer The third layer in the OSI model. Protocols in this layer translate
network addresses into their physical counterparts and decide how to route data from the sender to the
receiver. Protocols: IP, ICMP, ARP, RIP, IPX.
Device: Router
Data Link Layer - Correct Answer The second layer in the OSI model. This layer bridges the networking
media with the Network layer. Its primary function is to divide the data it receives from the Network
layer into frames that can then be transmitted by the Physical layer. Protocols: Ethernet, MAC, Frames,
CRC. Devices: NIC, Switch, Bridge, WAPS
Physical Layer - Correct Answer The lowest, or first, layer of the OSI model. Protocols in this layer
generate and detect signals so as to transmit and receive data over a network medium. These protocols
also set the data transmission rate and monitor data error rates, but do not provide error correction.
Protocols: 100baseT, 1000BaseT. Devices: Hubs, RJ45, Repeater
TCP Protocol - Correct Answer Connection-based protocol and guarantees delivery
UDP Protocol - Correct Answer Connection-less protocol and uses best attempt delivery
All People Seem To Need Data Processing - Correct Answer Application, Presentation, Session, Transport,
Network, Data Link, Physical
host-based intrusion detection system (HIDS) - Correct Answer A type of cybersecurity solution that
monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated
either with human users or applications that could be a sign of a security breach or attempted attack.
