Cyber Security Questions and Answers 100% Solved
Containment, Eradication, and Recovery
reports the cause and cost of the incident and the steps to prevent future incidents in cyber security
Detection and Analysis
mitigates the impact of an incident
Post-Incident Activity
Evaluate...
Containment, Eradication, and Recovery - answer reports the cause and cost of the
incident and the steps to prevent future incidents in cyber security
Detection and Analysis - answer mitigates the impact of an incident
Post-Incident Activity - answer Evaluates incident indicators to determine whether they
are legitimate attacks and alerts the organization of the incidents
Preparation - answer Establishes an incident response capability to ensure that
organizational assets are sufficiently secure
You have an ACL configured for inbound traffic.
Which type of entry should you add to the ACL to prevent spoofing of the internal
network? - answer An entry to block traffic from private address spaces
A cybersecurity analyst is investigating an unknown executable file discovered on a
Linux desktop computer. The analyst enters the Is -I command in the terminal. What is
the purpose of the command? - answer to display the file permissions and file
ownership
You need to transfer configuration files to a router across an unsecured network. Which
protocol should you use to encrypt the files in transit? – answer SSH
Vulnerability Management Process diagram - answer Discover - Nmap, Nessus
Scanner
Prioritize - CVSS
Remediate - Windows Auto Update, Patch Management Software
Your organization's SIEM system alerts you that users are connecting to an unusual
URL. you need to determine whether the URL is malicious and what type of threat it
represents. What should you do? - answer Submit the URL to a threat intelligence portal
for analysis
Which activity is an example of active reconnaissance performed during a penetration
test? - answer Performing an Nmap port scan
, Customers of an online shopping store are complaining that they cannot visit the
website. The website keeps crashing. What type of cybersecurity threat should you
investigate? - answerDenial of Service
You are working with the senior administration to learn to identify which risks are
acceptable. Which phase of risk management are you in? - answermeasuring residual
risk
A security analyst discovers that a hacker was able to gain root access to an enterprise
Linux server. The hacker accessed the server as a guest, used a program to bypass the
root password, and then killed essential server processes as the root user. Which type
of endpoint attack is this? - answerprivilege escalation
You are reviewing company remote access procedures and notice that telnet is being
used to connect to the corporate database server to check on inventory levels. Which
two actions should you take immediately? - answerDisable telnet access on the server
and implement SSH access on the server
You need to mitigate a worm attack. In which order should you complete the steps? -
answerInoculation > Quarantine > Containment > Treatment
Three authentication factors that are valid for use in a multi-factor authentication
scenario. - answerSomething you know, something you have and something you are
Two private IPv4 addresses that would be blocked on the internet to prevent security
and performance issues. - answer172.16. 0.0/12 IP addresses and 192.168. 0.0/16 IP
addresses
Preventative Measures - answeraverts the occurrence of an event
Corrective Measures - answerrestores a system after an event
You get an email wanting you to register for a webinar hosted by the government, but
the link sends you to an unknown party - answerspear phishing
enables the network security team to keep track of the operating system versions,
security updates, and patches, on end user's devices - answerAsset management
A company hires a group of experienced cyber criminals to create a prolonged and in-
depth presence on the network of a competitor. This presence will allow the corporation
to steal or sabotage sensitive data from their company. What type of attack does this
scenario describe? - answerAPT
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller julianah420. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.
