A "Expanscape" construiu um protótipo de um computador portátil com 7 monitores chamado "Aurora 7" . Estes monitores desdobram e deslizam por trás do monitor principal para revelar mais monitores, que permite transformar o computador portátil como um centro de operações, utilizando múltiplos monitores para mostrar informações que o operador necessita manter visível.
Isto é apenas a fase de protótipo para demonstrar o conceito da empresa, algumas partes dos monitores ainda são seguras com fita preta. Mas há vários outros fabricantes a experimentar laptops com 2 e 3 monitores, mas um conceito com tantos monitores é direcionado para casos muito específicos, como implantar rapidamente um centro de operações no terreno em casos de emergência.
O conceito de laptops com múltiplos monitores irá pegar quando a tecnologia de displays em películas desdobráveis evoluir mais, e o peso adicional ser mínimo, permitindo ao utilizador facilmente puxar/desenrolar uma película para ter temporariamente um ecrã adicional no computador, porque o "Aurora 7" pesa 12 Kg.
Has the latest features, fully support CPU overclocking, and must be used with a "K" (unlocked) processor.
High end motherboards that give the best performance for gamers and productivity.
They support completely different CPUs, X is for LGA 2011, and Z is for LGA 1050/1055.
A consumer with an i5-4690K can choose between a Z97, H97, B85, or Q87 motherboard, but not a X99.
H
Slightly trimmed down version of the Z, that is a good option if you don't want to pay the premium cost.
Q
Model between the H and Z. It's for high-end business or low-end workstations, and it's the only one where Intel officially supports VT-d, but not made for audio.
B
Is for "business", a cheaper motherboard for office, school or home.
Specifications
X
- Fully support CPU overclocking natively. - higher power delivery. - extra water pump headers. - allow tweak of pump speed in BIOS and OS. - better audio with sepparations for electrical interferance. - solid capacitors. - reinforced PCIe slots. - protecting metal back plate. - rgb header. - nvme m.2 slots.
Z
- Fully support CPU overclocking natively. - higher power delivery. - extra water pump headers. - allow tweak of pump speed in BIOS and OS. - better audio with sepparations for electrical interferance. - solid capacitors. - reinforced PCIe slots. - protecting metal back plate. - rgb header. - nvme m.2 slots.
To access the
boot menu on the startup of the computer, you need to press a key when the
computer system is starting. But the specific key you need to press, will
depend on the manufacturer of the motherboard. Each motherboard has it’s own
firmware implemented on the chipset, and each manufacturer will assign a key to
access that special menu.
Below I
will show you keys manufacturer use to enter the boot menu on their computers,
either on laptops or desktops, or on mobile systems such as tablets and smartphones,
for Acer, Asus, Dell, HP, Intel, Lenovo or Samsung.
Demonstration of the exercises of the Cisco "Cybersecurity Essentials" course. Lab exercices of Packet Tracer and Linux Operating System.
1.5.3.5 Creating a Cyber World (Packet Tracer Lab Exercise)
Objectives Part 1: Configure the FTP Server Part 2: Configure the Web Server Part 3: Configure the Email Server Part 4: Configure the DNS Server Part 5: Configure the NTP Server Part 6: Configure the AAA Server
Background / Scenario: In this activity, you will configure basic server components. The IP addressing configuration is already complete. You will use the Services tab on multiple servers to deploy FTP, Web, Email, DNS, NTP, and AAA services.
1.5.3.6 Communicating in a Cyber World (Packet Tracer)
Objectives Part 1: Send Email between Users Part 2: Upload and Download Files using FTP Part 3: Remotely Access an Enterprise Router using Telnet Part 4: Remotely Access an Enterprise Router using SSH
Background / Scenario: In this activity, you will communicate across remote networks using common network services. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to connect to both servers and other client devices.
2.5.2.5 Authentication, Authorization and Accounting (Linux Operating System)
Objectives • Given a scenario, select the appropriate authentication, authorization, or access control. • Install and configure security controls when performing account management, based on best practices. Part 1: Adding Groups, Users, and Passwords on a Linux System. Part 2: Verify Users, Groups, and Passwords. Part 3: Using Symbolic Permissions. Part 4: Absolute Permissions.
Background / Scenario: You will be conducting host security practices using the Linux command line by performing the following tasks: Adding Groups, Users, and Passwords, Verifying Groups, Users, and Passwords, Setting Symbolic Permissions, Setting Absolute Permissions.
3.3.1.9 Detecting Threats and Vulnerabilities (Linux Operating System)
Objectives: Use Nmap, a port scanner and network mapping tool to detect threats and vulnerabilities on a system.
Background / Scenario: Network Mapper, or Nmap, is an open source utility used for network discovery and security auditing. Administrators also use Nmap for monitoring hosts or managing service upgrade schedules. Nmap determines what hosts are available on a network, what services are running, what operating systems are running, and what packet filters or firewalls are running.
Objectives Part 1: Configure WEP for Healthcare at Home Part 2: Configure WPA2 PSK for Gotham Healthcare Branch Part 3: Configure WPA2 RADIUS for Metropolis Bank HQ
Background / Scenario: In this activity, you will configure WiFi networks for all three geographic sites. This activity will utilize WEP, WPA2 PSK, and WPA2 RADIUS to demonstrate the varying configuration of WiFi networks and their security considerations. Healthcare at Home will be setup using WEP. Gotham Healthcare Branch will be configured with WPA2 PSK and Metropolis Bank HQ will be using WPA2 Radius. The IP addressing, network configuration, and service configurations are already complete. You will use the wireless routers and client devices in the differing geographic regions to setup multiple secure wireless networks.
4.3.2.3 Using Steganography (Linux Operating System)
Objectives: Use steganography to hide a document within a JPEG file.
Background / Scenario: Steghide is an open source steganography program that hides data in various types of files such as audio and image files. You are going to hide a data file within an image file.
4.3.3.3 Configuring VPN Transport Mode (Packet Tracer)
Objectives Part 1: Sending Unencrypted FTP Traffic Part 2: Configuring the VPN Client within Metropolis Part 3: Sending Encrypted FTP Traffic
Background / Scenario: In this activity, you will observe the transfer of unencrypted FTP traffic between a client and a remote site. You will then configure a VPN client to connect to the Gotham Healthcare Branch site and send encrypted FTP traffic. The IP addressing, network configuration, and service configurations are already complete. You will use a client device within Metropolis Bank HQ to transfer unencrypted and encrypted FTP data.
Objectives Part 1: Sending Unencrypted FTP Traffic Part 2: Configuring the VPN Tunnel between Metropolis and Gotham Part 3: Sending Encrypted FTP Traffic
Background / Scenario: In this activity, you will observe the transfer of unencrypted FTP traffic between two geographic sites. You will then configure a VPN tunnel between two geographic sites and send encrypted FTP traffic. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to transfer FTP data securely and insecurely
Objectives: Use a password cracking tool to recover a user’s password.
Background / Scenario: There are four user accounts, Alice, Bob, Eve, and Eric, on a Linux system. You will recover these passwords using John the Ripper, an open source password cracking tool.
6.2.3.8 Router and Switch Redundancy (Packet Tracer)
Objectives Part 1: Observe a Network Failover with Redundant Routers. Part 2: Observe a Network Failover with Redundant Switches.
Background / Scenario: In this activity, you will observe the successful failover of the Metropolis network utilizing multiple routers to provide default gateway redundancy. Afterwards across the world, you will observe the successful network failover of the Gotham network utilizing multiple switches to provide redundant network pathways. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to test the pathways before and after successful network failover.
6.2.4.4 Router and Switch Resilience (Packet Tracer)
Objectives Part 1: Hardening the IOS Configuration Part 2: Activating the Cisco IOS Resilient Configuration Feature
Background / Scenario: In this activity, you will harden the IOS configuration of a router within the Metropolis network. Afterwards, you will enable the IOS resiliency feature on a Cisco router. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the Metropolis network to deploy the IOS resiliency configuration.
7.1.1.6 Hardening a Linux System (Linux Operating System)
Objectives: Demonstrate the use of a security auditing tool to harden a Linux system.
Background / Scenario: Auditing a system for potential misconfigurations or unprotected services is an important aspect of system hardening. Lynis is an open source security auditing tool with an automated set of scripts developed to test a Linux system.
7.4.2.4 Server Firewalls and Router ACLs (Packet Tracer)
Objectives Part 1: Connect to the Web Server Part 2: Prevent Unencrypted HTTP Sessions Part 3: Access the Firewall on the Email Server
Background / Scenario: In this activity, you will access a user within the Metropolis site and connect using HTTP and HTTPS to a remote Web Server. The IP addressing, network configuration, and service configurations are already complete. You will use a client device in the Metropolis site to test connectivity to a remote Web Server and then secure the Metropolis site by preventing unencrypted web sessions from connecting to the outside world.
Objectives Upload a file to the FTP/Web server using FTP. Connect a computer via a client-to-site VPN. Download a file via ftp using a VPN connection. Configure and secure a wireless router. Activate the Cisco IOS resilient configuration feature. Configure a banner motd message. Connect a laptop to the wireless network.
Background / Scenario: You will configure a wireless router, upload and download files using FTP, connect securely to a remote site using a VPN, and secure a Cisco IOS router.
How to solve the Lab exercice 8.3.1.3 Skills Integrated Challenge
Objectives Upload a file to the FTP/Web server using FTP. Connect a computer via a client-to-site VPN. Download a file via ftp using a VPN connection. Configure and secure a wireless router. Activate the Cisco IOS resilient configuration feature. Configure a banner motd message. Connect a laptop to the wireless network.
Background / Scenario: You will configure a wireless router, upload and download files using FTP, connect securely to a remote site using a VPN, and secure a Cisco IOS router.
How to solve the Lab exercice 7.4.2.4 Server Firewalls and Router ACLs
Objectives Part 1: Connect to the Web Server Part 2: Prevent Unencrypted HTTP Sessions Part 3: Access the Firewall on the Email Server
Background / Scenario: In this activity, you will access a user within the Metropolis site and connect using HTTP and HTTPS to a remote Web Server. The IP addressing, network configuration, and service configurations are already complete. You will use a client device in the Metropolis site to test connectivity to a remote Web Server and then secure the Metropolis site by preventing unencrypted web sessions from connecting to the outside world.
How to solve the Lab exercice 7.1.1.6 Hardening a Linux System
Objectives: Demonstrate the use of a security auditing tool to harden a Linux system.
Background / Scenario: Auditing a system for potential misconfigurations or unprotected services is an important aspect of system hardening. Lynis is an open source security auditing tool with an automated set of scripts developed to test a Linux system.
How to solve the Lab exercice 6.2.4.4 Router and Switch Resilience
Objectives Part 1: Hardening the IOS Configuration Part 2: Activating the Cisco IOS Resilient Configuration Feature
Background / Scenario: In this activity, you will harden the IOS configuration of a router within the Metropolis network. Afterwards, you will enable the IOS resiliency feature on a Cisco router. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the Metropolis network to deploy the IOS resiliency configuration.
How to solve the Lab exercice 6.2.3.8 Router and Switch Redundancy
Objectives Part 1: Observe a Network Failover with Redundant Routers. Part 2: Observe a Network Failover with Redundant Switches.
Background / Scenario In this activity, you will observe the successful failover of the Metropolis network utilizing multiple routers to provide default gateway redundancy. Afterwards across the world, you will observe the successful network failover of the Gotham network utilizing multiple switches to provide redundant network pathways. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to test the pathways before and after successful network failover.
How to solve the Lab exercice 5.1.2.4 Password Cracking
Objectives: Use a password cracking tool to recover a user’s password.
Background / Scenario: There are four user accounts, Alice, Bob, Eve, and Eric, on a Linux system. You will recover these passwords using John the Ripper, an open source password cracking tool.
How to solve the Lab exercice 4.3.3.4 Configuring VPN Tunnel Mode
Objectives Part 1: Sending Unencrypted FTP Traffic Part 2: Configuring the VPN Tunnel between Metropolis and Gotham Part 3: Sending Encrypted FTP Traffic
Background / Scenario In this activity, you will observe the transfer of unencrypted FTP traffic between two geographic sites. You will then configure a VPN tunnel between two geographic sites and send encrypted FTP traffic. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to transfer FTP data securely and insecurely
How to solve the Lab exercice 4.3.3.3 Configuring VPN Transport Mode
Objectives Part 1: Sending Unencrypted FTP Traffic Part 2: Configuring the VPN Client within Metropolis Part 3: Sending Encrypted FTP Traffic
Background / Scenario In this activity, you will observe the transfer of unencrypted FTP traffic between a client and a remote site. You will then configure a VPN client to connect to the Gotham Healthcare Branch site and send encrypted FTP traffic. The IP addressing, network configuration, and service configurations are already complete. You will use a client device within Metropolis Bank HQ to transfer unencrypted and encrypted FTP data.
How to solve the Lab exercice 4.3.2.3 Using Steganography
Objectives: Use steganography to hide a document within a JPEG file.
Background / Scenario: Steghide is an open source steganography program that hides data in various types of files such as audio and image files. You are going to hide a data file within an image file.
How to solve the Lab exercice 3.3.2.7 WEP/WPA2 PSK/WPA2 RADIUS
Objectives Part 1: Configure WEP for Healthcare at Home Part 2: Configure WPA2 PSK for Gotham Healthcare Branch Part 3: Configure WPA2 RADIUS for Metropolis Bank HQ
Background / Scenario In this activity, you will configure WiFi networks for all three geographic sites. This activity will utilize WEP, WPA2 PSK, and WPA2 RADIUS to demonstrate the varying configuration of WiFi networks and their security considerations. Healthcare at Home will be setup using WEP. Gotham Healthcare Branch will be configured with WPA2 PSK and Metropolis Bank HQ will be using WPA2 Radius. The IP addressing, network configuration, and service configurations are already complete. You will use the wireless routers and client devices in the differing geographic regions to setup multiple secure wireless networks.
How to solve the Lab exercice 3.3.1.9 Detecting Threats and Vulnerabilities
Objectives: Use Nmap, a port scanner and network mapping tool to detect threats and vulnerabilities on a system.
Background / Scenario: Network Mapper, or Nmap, is an open source utility used for network discovery and security auditing. Administrators also use Nmap for monitoring hosts or managing service upgrade schedules. Nmap determines what hosts are available on a network, what services are running, what operating systems are running, and what packet filters or firewalls are running.
How to solve the Lab exercice 2.5.2.5 Authentication, Authorization and Accounting
Objectives • Given a scenario, select the appropriate authentication, authorization, or access control. • Install and configure security controls when performing account management, based on best practices. Part 1: Adding Groups, Users, and Passwords on a Linux System. Part 2: Verify Users, Groups, and Passwords. Part 3: Using Symbolic Permissions. Part 4: Absolute Permissions.
Background / Scenario: You will be conducting host security practices using the Linux command line by performing the following tasks: Adding Groups, Users, and Passwords, Verifying Groups, Users, and Passwords, Setting Symbolic Permissions, Setting Absolute Permissions.
How to solve the Lab exercice 1.5.3.6 Communicating in a Cyber World
Objectives Part 1: Send Email between Users Part 2: Upload and Download Files using FTP Part 3: Remotely Access an Enterprise Router using Telnet Part 4: Remotely Access an Enterprise Router using SSH
Background / Scenario In this activity, you will communicate across remote networks using common network services. The IP addressing, network configuration, and service configurations are already complete. You will use the client devices in the differing geographic regions to connect to both servers and other client devices.
How to solve the Lab exercice 1.5.3.5 Creating a Cyber World
Objectives Part 1: Configure the FTP Server Part 2: Configure the Web Server Part 3: Configure the Email Server Part 4: Configure the DNS Server Part 5: Configure the NTP Server Part 6: Configure the AAA Server
Background / Scenario: In this activity, you will configure basic server components. The IP addressing configuration is already complete. You will use the Services tab on multiple servers to deploy FTP, Web, Email, DNS, NTP, and AAA services.
All questions and answers to study for the Final Quiz / Final Exam of the Cisco "Cybersecurity Essentials" course
Watch the video to learn about the questions, answers and the explanations of the answer.
All questions and answers to study for the Final Quiz
Final Quiz / Final Exam
A cybersecurity specialist is asked to identify the potential criminals known to attack the organization. Which type of hackers would the cybersecurity specialist be least concerned with?
white hat hackers black hat hackers script kiddies gray hat hackers
Which type of cybercriminal is the most likely to create malware to compromise an organization by stealing credit card information?
black hat hackers gray hat hackers script kiddies white hat hackers
Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?
packet forgery packet sniffing DNS spoofing rogue Wi-Fi AP
Which technology can be used to ensure data confidentiality?
encryption hashing identity management RAID
Which technology can be implemented as part of an authentication system to verify the identification of employees?
a smart card reader SHA-1 hash a Mantrap a virtual fingerprint
Which data state is maintained in NAS and SAN services?
stored data data in-transit data in-process encrypted data
Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus?
wireless networks wired networks virtual networks sneaker net
A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?
Implement a firewall Implement intrusion detection systems. Implement RAID. Implement a VLAN.
What are the two most effective ways to defend against malware? (Choose two.)
Install and update antivirus software. Update the operating system and other application software. Implement strong passwords. Implement network firewalls. Implement a VPN. Implement RAID.
Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?
Ransomware DoS attack Trojan horse Man-in-the-middle attack
Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network?
worm spam virus phishing
A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?
Look for unauthorized accounts Look for policy changes in Event Viewer. Look for usernames that do not have passwords. Scan the systems for viruses.
What type of attack will make illegitimate websites higher in a web search result list?
SEO poisoning spam DNS poisoning browser hijacker
What is an impersonation attack that takes advantage of a trusted relationship between two systems?
spoofing spamming sniffing man-in-the-middle
What type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?
sniffing phishing spamming spoofing
What is the most difficult part of designing a cryptosystem?
Alice and Bob use a pre-shared key to exchange a confidential message. If Bob wants to send a confidential message to Carol, what key should he use?
a new pre-shared key the public key of Bob the private key of Carol the same pre-shared key he used with Alice
A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?
3DES Diffie-Hellman ECC RSA
Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?
AES 3DES DES RSA
Which access control strategy allows an object owner to determine whether to allow access to the object?
DAC MAC RBAC ACL
Which access control should the IT department use to restore a system back to its normal state?
corrective preventive compensative detective
In which situation would a detective control be warranted?
when the organization needs to look for prohibited activity after the organization has experienced a breach in order to restore everything back to a normal state when the organization needs to repair damage when the organization cannot use a guard dog, so it is necessary to consider an alternative
Which method is used by steganography to hide text in an image file?
least significant bit data obfuscation data masking most significant bit
What is a feature of a cryptographic hash function?
The hash function is a one-way mathematical function The hash input can be calculated given the output value. Hashing requires a public and a private key. The output has a variable length.
You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?
SHA-256 AES SHA-1 MD5
Technicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)
The systems use different hashing algorithms One system uses hashing and the other uses hashing and salting One system uses symmetrical hashing and the other uses asymmetrical hashing. Both systems use MD5. Both systems scramble the passwords before hashing.
A VPN will be used within the organization to give remote users secure access to the corporate network. What does IPsec use to authenticate the origin of every packet to provide data integrity checking?
HMAC CRC password salting
Which hashing technology requires keys to be exchanged?
HMAC salting AES MD5
What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?
digital certificate salting asymmetric encryption digital signature
The X.509 standards defines which security technology?
digital certificates strong passwords security tokens biometrics
An organization just completed a security audit. Your division was cited for not conforming to X.509 requirements. What is the first security control you need to examine?
digital certificates hashing operations data validation rules VPNs and encryption services
There are many environments that require five nines, but a five nines environment may be cost prohibitive. What is one example of where the five nines environment might be cost prohibitive?
the New York Stock Exchange the front office of a major league sports team department stores at the local mall the U.S. Department of Education
An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?
improving reliability and uptime of the servers stronger encryption systems limiting access to the data on these systems remote access to thousands of external users
Being able to maintain availability during disruptive events describes which of the principles of high availability?
system resiliency fault tolerance single point of failure uninterruptible services
The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?
quantitative analysis loss analysis protection analysis qualitative analysis
Which two values are required to calculate annual loss expectancy? (Choose two.)
single loss expectancy annual rate of occurrence asset value exposure factor quantitative loss value frequency factor
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can be used to identify specific details about vulnerabilities?
CVE national database Infragard ISO/IEC 27000 model NIST/NICE framework
Which risk mitigation strategies include outsourcing services and purchasing insurance?
transfer reduction avoidance acceptance
Which technology would you implement to provide high availability for data storage?
RAID software updates hot standby N+1
What are two incident response phases? (Choose two.)
detection and analysis containment and recovery confidentiality and eradication prevention and containment mitigation and acceptance risk analysis and high availability
Which of the following products or technologies would you use to establish a baseline for an operating system?
Microsoft Security Baseline Analyzer (MBSA) CVE Baseline Analyzer MS Baseliner SANS Baselining System (SBS)
Mutual authentication can prevent which type of attack?
man-in-the-middle wireless sniffing wireless poisoning wireless IP spoofing
What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?
Local Security Policy tool Computer Management Active Directory Security tool Event Viewer security log
Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)
802.11i WPA WPA2 802.11q TKIP WEP
Which utility uses the Internet Control Messaging Protocol (ICMP)?
ping DNS NTP RIP
Which technology can be used to protect VoIP against eavesdropping?
What describes the protection provided by a fence that is 1 meter in height?
It deters casual trespassers only It offers limited delay to a determined intruder. It prevents casual trespassers because of its height. The fence deters determined intruders.
HVAC, water system, and fire systems fall under which of the cybersecurity domains?
physical facilities user device network
Which website offers guidance on putting together a checklist to provide guidance on configuring and hardening operating systems?
The National Vulnerability Database website CERT Internet Storm Center The Advanced Cyber Security Center
Which national resource was developed as a result of a U.S. Executive Order after a ten-month collaborative study involving over 3,000 security professionals?
NIST Framework the National Vulnerability Database (NVD) ISO OSI model ISO/IEC 27000
Chapter 1: Cybersecurity - A World of Experts and Criminals
What name is given to a amateur hacker?
script kiddie black hat red hat blue team
What type of attack uses many systems to flood the resources of a target, thus making the target unavailable?
DoS ping sweep spoof DDoS
What is an example of an Internet data domain?
Linkedin Palo Alto Cisco Juniper
Thwarting cyber criminals includes which of the following? (Choose two.)
establishing early warning systems sharing cyber Intelligence information shutting down the network changing operating systems hiring hackers
What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?
algorithm exhaustion DDoS APT
What name is given to hackers who hack for a cause?
hactivist blue hat hacker white hat
What does the term vulnerability mean?
a weakness that makes a target susceptible to an attack a potential threat that a hacker creates a method of attack to exploit a target a computer that contains sensitive information a known target or victim machine
What does the acronym IoE represent?
Internet of Everything Insight into Everything Internet of Everyday Intelligence on Everything
What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?
Analyze Oversight and Development Securely Provision Protect and Defend
What does the term BYOD represent?
bring your own device bring your own decision bring your own disaster buy your own disaster
Chapter 2: The Cybersecurity Cube
What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?
What three design principles help to ensure high availability? (Choose three.)
detect failures as they occur provide for reliable crossover eliminate single points of failure ensure confidentiality check for data consistency use encryption
What two methods help to ensure system availability? (Choose two.)
equipment maintenance up-to-date operating systems system backups system resiliency integrity checking fire extinguishers
What are two methods that ensure confidentiality? (Choose two.)
What name is given to a storage device connected to a network?
NAS DAS SAN Cloud RAID
What is a secure virtual network called that uses the public network?
VPN MPLS IPS Firewall IDS NAC
What three tasks are accomplished by a comprehensive security policy? (Choose three.)
sets rules for expected behavior defines legal consequences of violations gives security staff the backing of management vagueness useful for management is not legally binding
What service determines which resources a user can access along with the operations that a user can perform?
What mechanism can organizations use to prevent accidental changes by authorized users?
version control hashing backups encryption SHA-1
What is identified by the first dimension of the cybersecurity cube?
goals safeguards rules tools knowledge
Chapter 3: Cybersecurity Threats, Vulnerabilities, and Attacks
An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?
bluesnarfing smishing bluejacking RF jamming
What occurs on a computer when data goes beyond the limits of a buffer?
a buffer overflow an SQL injection cross-site scripting a system exception
What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose two.)
urgency intimidation compassion integrity honesty
What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?
phishing trojan social engineering backdoor vishing
What does a rootkit modify?
operating system Microsoft Word screen savers Notepad programs
What is the term used to describe an email that is targeting a specific person employed at a financial institution?
A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?
spyware virus adware phishing
What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?
Cross-site scripting buffer overflow SQL injection XML injection
Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?
smishing impersonation spam grayware
Which two reasons describe why WEP is a weak protocol? (Choose two.)
The key is transmitted in clear text The key is static and repeats on a congested network Everyone on the network uses a different key. WEP uses the same encryption features as Bluetooth. The default settings cannot be modified.
A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?
a type of ransomware a type of virus a type of logic bomb a type of worm
What is the name for the type of software that generates revenue by generating annoying pop-ups?
adware trackers pop-ups spyware
What is the meaning of the term logic bomb?
a malicious program that uses a trigger to awaken the malicious code a malicious worm a malicious virus a malicious program that hides itself in a legitimate program
What type of attack targets an SQL database using the input field of a user?
SQL injection XML injection buffer overflow Cross-site scripting
What is the difference between a virus and a worm?
Worms self-replicate but viruses do not Viruses self-replicate but worms do not. Worms require a host file but viruses do not. Viruses hide in legitimate programs but worms do not.
What is the name given to a program or program code that bypasses normal authentication?
backdoor virus worm ransomware Trojan
What are two common indicators of spam mail? (Choose two.)
The email has misspelled words or punctuation errors or both The email has no subject line The email is from a friend. The email has an attachment that is a receipt for a recent purchase. The email is from your supervisor. The email has keywords in it.
Chapter 4: The Art of Protecting Secrets
Which two terms are used to describe cipher keys? (Choose two.)
key length key space key randomness keylogging
What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?
ECC IDEA AES RSA El-Gamal
Which term describes the technology that protects software from unauthorized access or modification?
watermarking copyright trademark access control
What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?
symmetric hash asymmetric one-time pad
What encryption algorithm uses one key to encrypt data and a different key to decrypt data?
asymmetric symmetric transposition one-time pad
What is the term used to describe the science of making and breaking secret codes?
Which type of cipher is able to encrypt a fixed-length block of plaintext into a 128-bit block of ciphertext at any one time?
block symmetric hash transform stream
Which three devices represent examples of physical access controls? (Choose three.)
video cameras locks swipe cards routers servers firewalls
What term is used to describe the technology that replaces sensitive information with a nonsensitive version?
masking whiteout retracting hiding blanking
Which asymmetric algorithm provides an electronic key exchange method to share the secret key?
Diffie-Hellman WEP DES hashing RSA
What is the name of the method in which letters are rearranged to create the ciphertext?
transposition substitution enigma one-time pad
Match the description with the correct term.
obfuscation - making a message confusing so it is harder to understand steganalysis - discovering that hidden information exists within a graphic file social steganography - creating a message that says one thing but means something else to a specific audience steganography - hiding data within an audio file
Which three processes are examples of logical access controls? (Choose three.)
biometrics to validate physical characteristics firewalls to monitor traffic intrusion detection system (IDS) to watch for suspicious network activity swipe cards to allow access to a restricted area fences to protect the perimeter of a building guards to monitor security screens
What are three examples of administrative access controls? (Choose three.)
policies and procedures hiring practices background checks encryption intrusion detection system (IDS) guard dogs
Which 128-bit block cipher encryption algorithm does the US government use to protect classified information?
AES Skipjack Vignere 3DES Caesar
A warning banner that lists the negative outcomes of breaking company policy is displayed each time a computer user logs in to the machine. What type of access control is implemented?
deterrent preventive masking detective
What term is used to describe concealing data in another file such as a graphic, audio, or other text file?
steganography obfuscation hiding masking
What type of cipher encrypts plaintext one byte or one bit at a time?
stream enigma hash elliptical block
Which three protocols use asymmetric key algorithms? (Choose three.)
Pretty Good Privacy (PGP) Secure Sockets Layer (SSL) Secure Shell (SSH) Telnet Secure File Transfer Protocol (SFTP)
Chapter 5: The Art of Ensuring Integrity
What is the purpose of CSPRNG?
to generate salt to prevent a computer from being a zombie to secure a web site to process hash lookups
A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger in proceeding with this transaction?
The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear The certificate from the site has expired, but is still secure. The user is using the wrong browser to perform the transaction. Ad blocker software is preventing the security bar from working properly, and thus there is no danger with the transaction.
What are three type of attacks that are preventable through the use of salting? (Choose three.)
What is the step by step process for creating a digital signature?
Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document Create a SHA-1 hash; encrypt the hash with the private key of the sender; and bundle the message, encrypted hash, and public key together to signed document. Create a message; encrypt the message with a MD5 hash; and send the bundle with a public key. Create a message digest; encrypt the digest with the public key of the sender; and bundle the message, encrypted digest, and public key together to sign the document.
Which method tries all possible passwords until a match is found?
brute force cloud dictionary cryptographic rainbow tables birthday
Alice and Bob use the same password to login into the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?
salting peppering pseudo-random generator RSA
A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?
HMAC MD5 ISAKMP SHA256
A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?
digital signature code recognition valid ID source code
An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?
The data in the image is an exact copy and nothing has been altered by the process The data is all there. The investigator found a USB drive and was able to make a copy of it. An exact copy cannot be made of a device.
A recent email sent throughout the company stated that there would be a change in security policy. The security officer who was presumed to have sent the message stated the message was not sent from the security office and the company may be a victim of a spoofed email. What could have been added to the message to ensure the message actually came from the person?
digital signature non-repudiation hashing asymmetric key
Identify three situations in which the hashing function can be applied. (Choose three.)
PKI CHAP IPsec DES PPoE WPA
A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?
poor input validation weak encryption bad usernames lack of operating system patching
What are three NIST-approved digital signature algorithms? (Choose three.)
RSA DSA ECDSA SHA256 MD5 SHA1
A user is evaluating the security infrastructure of a company and notices that some authentication systems are not using best practices when it comes to storing passwords. The user is able to crack passwords very fast and access sensitive data. The user wants to present a recommendation to the company on the proper implementation of salting to avoid password cracking techniques. What are three best practices in implementing salting? (Choose three.)
A salt should be unique for each password A salt must be unique A salt should not be reused The same salt should be used for each password. Salts should be short. Salts are not an effective best practice.
A user is instructed by a boss to find a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?
secret key and message digest symmetric key and asymmetric key message digest and asymmetric key IPsec and checksum
What are three validation criteria used for a validation rule? (Choose three.)
format size range type key encryption
A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?
Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded Install the program on individual computers. Turn off antivirus on all the computers. Encrypt the program and require a password after it is downloaded. Distribute the program on a thumb drive.
What is the standard for a public key infrastructure to manage digital certificates?
x.509 x.503 NIST-SP800 PKI
What is a strength of using a hashing function?
It is a one-way function and not reversible It is not commonly used in security. It can take only a fixed length message. It has a variable length output. Two different files can be created that have the same output.
A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every table must have a primary key and that the column or columns chosen to be the primary key must be unique and not null. Which integrity requirement is the user implementing?
A user is asked to perform a risk analysis of a company. The user asks for the company asset database that contains a list of all equipment.The user uses this information as part of a risk analysis. Which type of risk analysis could be performed?
quantitative qualitative hardware exposure factor
A user is evaluating the network infrastructure of a company. The user noted many redundant systems and devices in place, but no overall evaluation of the network. In a report, the user emphasized the methods and configurations needed as a whole to make the network fault tolerant. What is the type of design the user is stressing?
resilient spanning tree comprehensive availability
The CEO of a company is concerned that if a data breach should occur and customer data is exposed, the company could be sued. The CEO makes the decision to buy insurance for the company. What type of risk mitigation is the CEO implementing?
transference mitigation avoidance reduction
A user is asked to evaluate the data center to improve availability for customers. The user notices that there is only one ISP connection, some of the equipment is out of warranty, there are no spare parts, and no one was monitoring the UPS which was tripped twice in one month. Which three deficiencies in high availability has the user identified? (Choose three.)
single points of failure failure to design for reliability failure to detect errors as they occur failure to protect against poor maintenance failure to identify management issues failure to prevent security incidents
A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?
A team has been asked to create an incident response plan for security incidents. In what phase of an incident response plan does the team get management approval of the plan?
A user is asked to create a disaster recovery plan for a company. The user needs to have a few questions answered by management to proceed. Which three questions should the user ask management as part of the process of creating the plan? (Choose three.)
Who is responsible for the process Where does the individual perform the process? What is the process? How long does the process take? Does the process require approval? Can the individual perform the process?
A user is asked to evaluate the security posture of a company. The user looks at past attempts to break into the company and evaluates the threats and exposures to create a report. Which type of risk analysis could the user perform?
qualitative opinion objective subjective
A company is concerned with traffic that flows through the network. There is a concern that there may be malware that exists that is not being blocked or eradicated by antivirus. What technology can be put in place to detect potential malware traffic on the network?
IDS firewall NAC IPS
A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?
layered attack based structured risk based
A user has completed a six month project to identify all data locations and catalog the location. The next step is to classify the data and produce some criteria on data sensitivity. Which two steps can the user take to classify the data? (Choose two.)
Identify sensitivity of the data Establish the owner of the data Determine how often data is backed up. Treat all the data the same. Determine the user of the data. Determine permissions for the data.
A user needs to add redundancy to the routers in a company. What are the three options the user can use? (Choose three.)
VRRP HSRP GLBP IPFIX RAID STP
A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offer a better solution to provide fault tolerance during a drive failure. Which solution is best?
RAID tape backup offsite backup UPS
A user was hired as the new security officer. One of the first projects was to take inventory of the company assets and create a comprehensive database. Which three pieces of information would the user want to capture in an asset database? (Choose three.)
hardware network devices workstations operating systems groups users passwords
A user is purchasing a new server for the company data center. The user wants disk striping with parity on three disks. Which RAID level should the user implement?
5 0 1 1+0
A user is a consultant who is hired to prepare a report to Congress as to which industries should be required to maintain five nine availability. Which three industries should the user include in a report? (Choose three.)
healthcare public safety finance food service retail education
A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network?
Spanning Tree Protocol HSRP VRRP GLBP
Chapter 7: Protecting a Cybersecurity Domain
The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.)
easier to deploy new computers within the organization can provide a full system backup ensures a clean imaged machine ensures system compatibility creates greater diversity cuts down on number of staff needed
A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)
the ability to control when updates occur no opportunities for users to circumvent updates the ability to obtain reports on systems the likelihood of storage savings the need for systems be directly connected to the Internet the ability of users to select updates
A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?
rogue access point password policy user error weak password user laptop
A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)
Administrators can approve or deny patches Updates cannot be circumvented Updates can be forced on systems immediately Computers require a connection to the Internet to receive patches. Patches can be chosen by the user. Patches can be written quickly.
A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem?
computer firewall need for a system reboot corrupt application permissions
A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?
Type II CER Type I false rejection
Why is WPA2 better than WPA?
mandatory use of AES algorithms reduced processing time supports TKIP reduced keyspace
The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?
VPN PPP T1 fiber modem
Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible?
NOC SOC HVAC HR
What are three types of power issues that a technician should be concerned about? (Choose three.)
spike brownout blackout fuzzing flicker spark
An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?
secpol.msc system administration account policy password policy grpol.msc
Which service will resolve a specific web address into an IP address of the destination web server?
DNS NTP ICMP DHCP
The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?
audit operating system Windows syslog
A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?
Remove unnecessary programs and services Disconnect the computer from the network. Remove the administrator account. Turn off the firewall. Give the computer a nonroutable address. Install a hardware firewall.
Why should WEP not be used in wireless networks today?
easily crackable its age its lack of encryption its lack of support its use of clear text passwords
After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)
Secure password storage Reduce the number of privileged accounts Enforce the principle of least privilege Only the CIO should have privileged access. Only managers should have privileged access. No one should have privileged access.
What is the difference between an HIDS and a firewall?
An HIDS monitors operating systems on host computers and processes file system activity. Firewalls allow or deny traffic between the computer and other systems An HIDS works like an IPS, whereas a firewall just monitors traffic. An HIDS blocks intrusions, whereas a firewall filters them. A firewall performs packet filtering and therefore is limited in effectiveness, whereas an HIDS blocks intrusions. A firewall allows and denies traffic based on rules and an HIDS monitors network traffic.
An administrator of a small data center wants a flexible, secure method of remotely connecting to servers.Which protocol would be best to use?
Secure Shell Remote Desktop Secure Copy Telnet
A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities?
a baseline a blacklist a pentest a vulnerability scan a whitelist
The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution? (Choose two.)
at least two volumes TPM password management USB stick EFS backup
Chapter 8: Becoming a Cybersecurity Specialist
An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)
a misconfigured firewall unauthorized port scanning and network probing unlocked access to network equipment complex passwords locked systems the acceptable use policy
A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?
FERPA HIPPA COPPA CIPA
Why is Kali Linux a popular choice in testing the network security of an organization?
It is an open source Linux security distribution and contains over 300 tools It is a network scanning tool that prioritizes security risks. It can be used to test weaknesses by using only malicious software. It can be used to intercept and log network traffic.
A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?
A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?
SaaS RaaS PaaS IaaS
What three services does CERT provide? (Choose three.)
resolve software vulnerabilities develop tools, products, and methods to conduct forensic examinations develop tools, products, and methods to analyze vulnerabilities develop attack tools create malware tools enforce software standards
What are three disclosure exemptions that pertain to the FOIA? (Choose three.)
national security and foreign policy information confidential business information law enforcement records that implicate one of a set of enumerated concerns public information from financial institutions non-geological information regarding wells information specifically non-exempt by statue
As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?
laws governing the data potential gain partnerships cloud providers potential bonus
As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?
GLBA SOX FIRPA PCI
A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)
Disable administrative rights for users Enable screen lockout Enable automated antivirus scans Remove content filtering. Enforce strict HR policies. Enable media devices.
Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)
Establish policies and procedures for guests visiting the building Conduct security awareness training regularly Lock cabinets. Prohibit exiting the building during working hours.
If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?
CFAA GLBA ECPA SOX
A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?
PCI DSS GLBA ECPA SOX
An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)
Update devices with security fixes and patches Test inbound and outbound traffic Disable ping, probing, and port scanning Hire a consultant. Disable firewalls. Grant administrative rights.
What can be used to rate threats by an impact score to emphasize important vulnerabilities?
NVD ISC ACSC CERT
What are two items that can be found on the Internet Storm Center website? (Choose two.)
InfoSec reports InfoSec job postings current laws historical information
What are the three broad categories for information security positions? (Choose three.)
builders definers monitors creators doers seekers
A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)
Disable CD and USB access Provide security awareness training Use content filtering Change to thin clients. Implement disciplinary action. Monitor all activity by the users.
What are two potential threats to applications? (Choose two.)
unauthorized access data loss social engineering power interruptions