Cyse 101 final exam - Study guides, Class notes & Summaries

Which of the following is not a reason to use a honeypot? alert us to an attacker's presence release classified or PII data detect, monitor, and sometimes tamper with the activities of an attacker attract the attention of attackers in order to study them and their tools release classified or PII data What is the purpose of a network DMZ? Encrypt the traffic to and from sensitive systems Provide external access to systems that need to be exposed to external networks suc...

How does the principle of least privilege apply to operating system hardening? - Answer- prevents attack actions that require administrator or root privilege What is the difference between a port scanner and a vulnerability assessment tool? - Answer- port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports What does applying a vendor OS update (patch) usually do? - Answer- What does executable space protection do for us and ...

What is access control? A security technique that regulates who or what can view or use resources in a computing environment It enables administrators to manage access at a more granular level Authentication Authentication is the step after identification It is to determine whether the claim of the identity is true Because access control is typically based on the identity of the user who requests access to a resource, authentication is essential to effective security. Wh...

Cybersecurity countermeasures are: the tools and techniques we use to reduce risk One vulnerability in air traffic control system case was unauthenticated messages What does non-repudiation mean? suffuncent evidence exists such taht a user cannot deny an action What is the Parkerian hexad compared to the CIA triad Parkenian has 6 elements including the 3 from the CIA but is not as widely known Why does access control based on the Media Access Control (MAC) address...

List a vector for malware propagation E-mail Exploit framework It is a category of sets of tools. Most provide a variety of tools such as network mapping tools, sniffers, etc. But one of the main tools we can find in exploit frameworks is the exploit. Exploit Small bits of software that exploit (take advantage of) flaws in other software to cause them to behave in ways that were not intended by the creators. Port Scanner can look for open ports and versions of services t...

How does the principle of least privilege apply to operating system hardening? prevents attack actions that require administrator or root privilege What is the difference between a port scanner and a vulnerability assessment tool? port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports What does applying a vendor OS update (patch) usually do? ... What does executable space protection do for us and how? preven...

How does the principle of least privilege apply to operating system hardening? - Answer- prevents attack actions that require administrator or root privilege What is the difference between a port scanner and a vulnerability assessment tool? - Answer- port scanners discover listening ports; vulnerability assessment tools report known vulnerabilities on listening ports What does applying a vendor OS update (patch) usually do? - Answer- What does executable space protection do for us and ...

CYSE 101 Final Exam Jones questions and verified correct answers

For what might we use the tool Kismet? You use the kismet tool in order to find and detect wireless devices. Explain the concept of segmentation and why it might be done. We divide a network into multiple smaller networks each acting as its own small network called a subnet. Here we can control the flow of traffic. We may do this to prevent unauthorized network traffic or attacks from reaching portions of the network we would prefer to prevent access. What risks might be present ...

How does a spear phishing attack differ from a general phishing attack? whether message has embedded javascript or not size of the message number of targets and custom messages whether message has malware attached or not - CORRECT ANS number of targets and custom messages Is it OK to use the same password for all of our accounts? yes because using different passwords is hard to remember no because a compromise of one account leads to a compromise of all accounts using the...