ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
1. which of these is the best definition of a the likelihood of a threat source
security risk
exploiting a vulnerability
2. Fancy Bears and Anonymous are exam- Hacking organizations
ples of what
3. which of the following defines a security Any potential danger capable of
threat
exploiting a weaknesses in a system
4. implement a filter to remove flooded
a denial of service (DoS) attack
packets before they reach the host is a
countermeasure to which form of attack
5. An email message that is encrypted,
Confidentiality and integrity
uses a digital signature and carries a
hash value would address which aspects
of CIA Triad
6. A company wants to prevent employees Technical
from wasting time on social media sites. Administrative
to accomplish this, a document forbidding use of these sites while at work
is written and circulated and then the
firewalls are updated to block access
to Facebook, Twitter and other popular
sites. which 2 types of security controls
has the company just implemented
7. A penetration tester that gains access to black
a system without permission and then
exploits it for a personal gain is said to
wear what color hat
8. Trying to break an encryption key by try- A brute force attack
ing every possible combination of characters is called what
9. Which 3 of the following are key ITIL
processes
1 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
Problem Management
Incident Management
Change Management
10. Which 3 roles are typically found in an
information Security organization
Penetration Tester
Chief information Security Officer (CISO)
Vulnerability Assessor
11. ITIL is best described as what
A collection of IT Service Management best practices
12. Alice sends a message to Bob that is
Trudy changes the message and
intercepted by Trudy. Which scenario de- then forwards it on
scribes an integrity violation
13. In cybersecurity, Authenticity is defined The property of being genuine
as what
and verifiable
14. Which type of access control is based
upon the subjects clearance level and
the objects classification
Mandatory Access Control
(MAC)
15. The encryption and protocols used to
Technical
prevent unauthorized access to data are
examples of which type of access control
16. A windows 10 user has 10 files exactly
the same name. Which statement must
be true for these files
The Files must be in different directories
17. Which component of the Linux operating The kernel
system interacts with your computers
hardware
18. If cost is the primary concern, which type Public cloud
of cloud should be considered first
19.
2 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
Which security concerns follow your
workload even after it is successfully
moved to the cloud
(Data security, Disaster Recovery/Business Continuity Planning, Identity and Access Management, Compliance)
All Of The Above
20. Which of the following is a self-regulat- PCI-DSS
ing standard set up by the credit card
industry in the US
21. Which 2 of the following attack types tar- Spear Phishing
get endpoints
Ad Network
22. If an endpoint Detection and Response The endpoint can be quarantined
(EDR) system detects that an endpoint from all network resources exdoes not have a required patch installed, cept those that allow it to downwhich statement best characterizes the load and install the missing patch
actions it is able to take automatically
23. Granting access to a user account only The principle of least privileges
those privileges necessary to perform its
intended functions is known as what
24. The Windows Security App available in (Virus and threat protection, FireWindows 10 provides uses with which of wall and network protection,
the following protections
Family options - parental controls)
All Of The Above
25. Symmetric key encryption by itself ensures which of the following
Confidentiality only
26. Which of the following practices helps Chose a reliable and proven pubassure the best results when implement- lished algorithm
ing encryption
27. Which of these methods ensures the
Use of Hashing
authentication, non-repudiation and integrity of a digital communication
3 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
28. Why is symmetric key encryption the
It is much faster than asymmetric
most common choice of methods to en- key encryption
cryptic data at rest
29. Which 3 of these are benefits you can re- Allows statistic 1-to-1 mapping of
alize from using a NAT (Network Address local IP addresses to global IP
Translation) router
Addresses
Allows internal IP addresses
to be hidden from outside observers
Allows dynamic mapping of
many local IP addresses to a
smaller number of global IP address only when they are needed
30. Which statement best describes config- Unregistered IP addresses are
uring a NAT router to use dynamic map- mapped to registered IP adping
dresses as they are needed
31. If a computer needs to send a message The networks default gateway
to a system that is not part of the local address
network, where does it send the message
32. Which are properties of a highly available system
Redundancy, failover and monitoring
33. Which 3 of these statements about the
TCP protocol are true
TCP packets are reassembled
by the receiving system in order
in which they are sent
TCP is connection-oriented
TCP is more reliable than UDP
34. Signature-based detection and statisti- An intrusion Prevention System
cal anomaly detection are found on what
type of device
35. If you have to rely upon Metadata to work Structured data
with the data at hand, you are probably
working with which type of data
4 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
36. in reviewing the security logs for a company's headquarters in New York city,
which of these activities should not raise
much of a security concern
An employee has started logging
in from home for an hour or so
during the last 2 weeks of each
quarter
37. Poor user input sanitation and unsafe OS command injection
execution of OS commands leaves a system vulnerable to which form of attack
38. which 2 forms of discovery must be con- Packet sniffing
ducted online
Port scanning
39. A penetration tester involved in a "Black Attempting to penetrate a client's
box" attack would be doing what
system as if she were an external
hacker with no inside knowledge
of the system
40. which incident response team describes Central
a team that runs all incident response
activities for a company
41. Which of the following would be consid- An alert from your anti-virus softered an incident precursor
ware indicating it had detected
malware on your system
42. which of these devices collects the most Intrusion detection system
information on network activity
43. What scripting concept is widely used if-then
across different languages that checks if
a condition is true, and if so, takes action,
and if false, a different action
44. Which 3 of the following are considered Python
scripting languages
Perl
45.
9
5 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
what is the largest number that will
be printed during the execution of this
python while loop
46. Which 2 of these python libraries provides useful statistical functions
Number
Matplotlib
47. Which country had the highest average United States
cost per breach in 2018 at $8.19 M
48. activities performed as part of security
intelligence can be divided into pre-exploit and post-exploit activities. which 2
of these are post- exploit activities
Perform forensic investigation
Gather full situational awareness through advanced security
analysis
49. True or False. internal attacks from trust- True
ed employees represent every bit as significant a threat as external attacks from
professional cyber criminals
50. Which layer of the OSI model do packet Data Link
sniffers operate on
51. Port numbers 1024 through 49151 are
known as what
Registered Ports
52. Security standards do not have the force Sarbanes-Oxley Act (SOX)
of the law, but Security regulations do.
Which one of these is a security regulations
53. Which form of penetration testing allows Gray Box Testing
the testers partial knowledge of the systems they are trying to penetrate in advance of their attack to streamline costs
and focus efforts
54. Which one of the OWASP top 10 applica- Cross-site scripting
tion security risks would be occur when
there are no safe against a user being
6 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
allowed to execute HTML, or Javascript
in the user's browser that can hijack sessions
55. Which 3 of these are Solution Building
Blocks (SBB)
Application Firewall
Spam Filter
Virus Protection
56. SIEM license costs are typically calculat- Events per second (EPS)
ed based upon which 2 factors
Flows per minute (FPM)
57. What do QRadar flow collectors do with Flows are bundled into related
the flows they collect
flow packs and forwarded to the
flow processor
58. True or False. Thorough reconnaissance True
is an important step in developing an
effective cyber kill chain.
59. There is a value brought by each of the Threat Discovery
IBM in EIA use cases. Which one of these
provides immediate alerting on brand
compromises and fraud on the dark web.
60. A Coordinating incident response team Multiple incident response teams
model is characterized by which of the within an organization but one
following
with authority to assure consistent policies and practices are
followed across all teams
61. According to the IRIS Framework, dur- Continue the attack, expand neting which stage of an attack would the work access
attacker attempt to escalate their privileges, move laterally and conduct internal reconnaissance
62. You are the CEO of a tech company and a whale attack
just received an angry email that looks
like it came a big customer it says your
overbilling and ask to examine the in7 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
voice. you do but it's blank and ask for
details. you never hear back but a week
later your security team tells you your
credentials were used to access financial data. what type of attack was it
63. which 3 of these are PCI-DSS requireRestrict access to cardholder
ments for any company handling, pro- data by business need-to-know
cessing or transmitting credit card data Restrict physical access to cardholder data
Assign a unique ID to each person with computer access
64. True or False. The larg majority of stolen False
credit cards are used quickly by the thief
or a member of his/her family
65. True or False. Cloud-based storage or
hosting providers are among the top
sources of third-party breaches
True
66. You are looking very hard on the web
Malicious links
for the lowest mortgage interest load You
can find and you come across a rate that
is so low it could not be possibly be true.
You check out the site to see that the
terms are are and quickly find you are the
victim of a Ransomeware attack. What
was the likely attack vector used by the
bad actors
67. Very provocative articles that come up in Malicious links
the news feeds or Google searches are
sometimes called click-bait these articles often tempt you to link to other sites
that can be infected with malware what
attack vector is used by these click-bait
sites go to get you to go to the really bad
site
8 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
68. A weakness in a system is a/an ____. The vulnerability, threat, exploit
potential danger associated with this is
a/an ____ that becomes a/an ____ when
attacked by a bad actor.
69. Fancy Bears and Anonymous are exam- Hacking organizations
ples of what?
70. What would a piece of malicious code
that gets installed on a computer and
reports back to the controller your keystrokes and other information it can
gather from your system be called?
71. Trudy intercepts a plain text message
Availability
sent by Alice to Bob but in no way interferes with its delivery. Which aspect of
the CIA Triad was violated?
72. Trudy intercepts a romantic plain-text
All of the above
message from Alice to her boyfriend
Sam. The message upsets Trudy so she
forwards it to Bob, making it look like
Alice intended it for Bob from the beginning. Which aspect of the CIA Triad has
Trudy violated?
73. Which position is in charge of testing the Information Security Auditor
security and effectiveness of computer
information systems?
74. Which position conducts information se- Information Security Analyst
curity investigations for organizations to
identify threats that could compromise
the organization?
75. Problem Management, Change Manage- ITIL
ment, and Incident Management are all
key processes of which framework?
9 / 10
ibm cybersecurity
Study online at https://quizlet.com/_9l56mx
76. Alice sends a message to Bob that is
Trudy changes the message and
intercepted by Trudy. Which scenario de- then forwards it on
scribes an integrity violation?
77. In cybersecurity, Authenticity is defined The property of being genuine
as what?
and verifiable
78. Your bank just implemented 2-factor authentication. Before you can access your
account. Which two (2) pairs of factors
would satisfy the "2-factor" criteria? (Select 2)
Your password and fingerprint
scan
Your bank's ATM card and a PIN
number
79. Which three (3) of the following are Phys- Fences
ical Access Controls? (Select 3)
Security guards
Door locks
80. Windows 10 stores 64-bit applications in \Program Files
which directory?
81. Which component of the Linux operating The kernel
system interacts with your computer's
hardware?
82. Which form of Cloud computing combines both public and private clouds?
10 / 10
Hybrid cloud