ibm cybersecurity Study online at https://quizlet.com/_9l56mx 1. which of these is the best definition of a the likelihood of a threat source security risk exploiting a vulnerability 2. Fancy Bears and Anonymous are exam- Hacking organizations ples of what 3. which of the following defines a security Any potential danger capable of threat exploiting a weaknesses in a system 4. implement a filter to remove flooded a denial of service (DoS) attack packets before they reach the host is a countermeasure to which form of attack 5. An email message that is encrypted, Confidentiality and integrity uses a digital signature and carries a hash value would address which aspects of CIA Triad 6. A company wants to prevent employees Technical from wasting time on social media sites. Administrative to accomplish this, a document forbidding use of these sites while at work is written and circulated and then the firewalls are updated to block access to Facebook, Twitter and other popular sites. which 2 types of security controls has the company just implemented 7. A penetration tester that gains access to black a system without permission and then exploits it for a personal gain is said to wear what color hat 8. Trying to break an encryption key by try- A brute force attack ing every possible combination of characters is called what 9. Which 3 of the following are key ITIL processes 1 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx Problem Management Incident Management Change Management 10. Which 3 roles are typically found in an information Security organization Penetration Tester Chief information Security Officer (CISO) Vulnerability Assessor 11. ITIL is best described as what A collection of IT Service Management best practices 12. Alice sends a message to Bob that is Trudy changes the message and intercepted by Trudy. Which scenario de- then forwards it on scribes an integrity violation 13. In cybersecurity, Authenticity is defined The property of being genuine as what and verifiable 14. Which type of access control is based upon the subjects clearance level and the objects classification Mandatory Access Control (MAC) 15. The encryption and protocols used to Technical prevent unauthorized access to data are examples of which type of access control 16. A windows 10 user has 10 files exactly the same name. Which statement must be true for these files The Files must be in different directories 17. Which component of the Linux operating The kernel system interacts with your computers hardware 18. If cost is the primary concern, which type Public cloud of cloud should be considered first 19. 2 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx Which security concerns follow your workload even after it is successfully moved to the cloud (Data security, Disaster Recovery/Business Continuity Planning, Identity and Access Management, Compliance) All Of The Above 20. Which of the following is a self-regulat- PCI-DSS ing standard set up by the credit card industry in the US 21. Which 2 of the following attack types tar- Spear Phishing get endpoints Ad Network 22. If an endpoint Detection and Response The endpoint can be quarantined (EDR) system detects that an endpoint from all network resources exdoes not have a required patch installed, cept those that allow it to downwhich statement best characterizes the load and install the missing patch actions it is able to take automatically 23. Granting access to a user account only The principle of least privileges those privileges necessary to perform its intended functions is known as what 24. The Windows Security App available in (Virus and threat protection, FireWindows 10 provides uses with which of wall and network protection, the following protections Family options - parental controls) All Of The Above 25. Symmetric key encryption by itself ensures which of the following Confidentiality only 26. Which of the following practices helps Chose a reliable and proven pubassure the best results when implement- lished algorithm ing encryption 27. Which of these methods ensures the Use of Hashing authentication, non-repudiation and integrity of a digital communication 3 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx 28. Why is symmetric key encryption the It is much faster than asymmetric most common choice of methods to en- key encryption cryptic data at rest 29. Which 3 of these are benefits you can re- Allows statistic 1-to-1 mapping of alize from using a NAT (Network Address local IP addresses to global IP Translation) router Addresses Allows internal IP addresses to be hidden from outside observers Allows dynamic mapping of many local IP addresses to a smaller number of global IP address only when they are needed 30. Which statement best describes config- Unregistered IP addresses are uring a NAT router to use dynamic map- mapped to registered IP adping dresses as they are needed 31. If a computer needs to send a message The networks default gateway to a system that is not part of the local address network, where does it send the message 32. Which are properties of a highly available system Redundancy, failover and monitoring 33. Which 3 of these statements about the TCP protocol are true TCP packets are reassembled by the receiving system in order in which they are sent TCP is connection-oriented TCP is more reliable than UDP 34. Signature-based detection and statisti- An intrusion Prevention System cal anomaly detection are found on what type of device 35. If you have to rely upon Metadata to work Structured data with the data at hand, you are probably working with which type of data 4 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx 36. in reviewing the security logs for a company's headquarters in New York city, which of these activities should not raise much of a security concern An employee has started logging in from home for an hour or so during the last 2 weeks of each quarter 37. Poor user input sanitation and unsafe OS command injection execution of OS commands leaves a system vulnerable to which form of attack 38. which 2 forms of discovery must be con- Packet sniffing ducted online Port scanning 39. A penetration tester involved in a "Black Attempting to penetrate a client's box" attack would be doing what system as if she were an external hacker with no inside knowledge of the system 40. which incident response team describes Central a team that runs all incident response activities for a company 41. Which of the following would be consid- An alert from your anti-virus softered an incident precursor ware indicating it had detected malware on your system 42. which of these devices collects the most Intrusion detection system information on network activity 43. What scripting concept is widely used if-then across different languages that checks if a condition is true, and if so, takes action, and if false, a different action 44. Which 3 of the following are considered Python scripting languages Perl 45. 9 5 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx what is the largest number that will be printed during the execution of this python while loop 46. Which 2 of these python libraries provides useful statistical functions Number Matplotlib 47. Which country had the highest average United States cost per breach in 2018 at $8.19 M 48. activities performed as part of security intelligence can be divided into pre-exploit and post-exploit activities. which 2 of these are post- exploit activities Perform forensic investigation Gather full situational awareness through advanced security analysis 49. True or False. internal attacks from trust- True ed employees represent every bit as significant a threat as external attacks from professional cyber criminals 50. Which layer of the OSI model do packet Data Link sniffers operate on 51. Port numbers 1024 through 49151 are known as what Registered Ports 52. Security standards do not have the force Sarbanes-Oxley Act (SOX) of the law, but Security regulations do. Which one of these is a security regulations 53. Which form of penetration testing allows Gray Box Testing the testers partial knowledge of the systems they are trying to penetrate in advance of their attack to streamline costs and focus efforts 54. Which one of the OWASP top 10 applica- Cross-site scripting tion security risks would be occur when there are no safe against a user being 6 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx allowed to execute HTML, or Javascript in the user's browser that can hijack sessions 55. Which 3 of these are Solution Building Blocks (SBB) Application Firewall Spam Filter Virus Protection 56. SIEM license costs are typically calculat- Events per second (EPS) ed based upon which 2 factors Flows per minute (FPM) 57. What do QRadar flow collectors do with Flows are bundled into related the flows they collect flow packs and forwarded to the flow processor 58. True or False. Thorough reconnaissance True is an important step in developing an effective cyber kill chain. 59. There is a value brought by each of the Threat Discovery IBM in EIA use cases. Which one of these provides immediate alerting on brand compromises and fraud on the dark web. 60. A Coordinating incident response team Multiple incident response teams model is characterized by which of the within an organization but one following with authority to assure consistent policies and practices are followed across all teams 61. According to the IRIS Framework, dur- Continue the attack, expand neting which stage of an attack would the work access attacker attempt to escalate their privileges, move laterally and conduct internal reconnaissance 62. You are the CEO of a tech company and a whale attack just received an angry email that looks like it came a big customer it says your overbilling and ask to examine the in7 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx voice. you do but it's blank and ask for details. you never hear back but a week later your security team tells you your credentials were used to access financial data. what type of attack was it 63. which 3 of these are PCI-DSS requireRestrict access to cardholder ments for any company handling, pro- data by business need-to-know cessing or transmitting credit card data Restrict physical access to cardholder data Assign a unique ID to each person with computer access 64. True or False. The larg majority of stolen False credit cards are used quickly by the thief or a member of his/her family 65. True or False. Cloud-based storage or hosting providers are among the top sources of third-party breaches True 66. You are looking very hard on the web Malicious links for the lowest mortgage interest load You can find and you come across a rate that is so low it could not be possibly be true. You check out the site to see that the terms are are and quickly find you are the victim of a Ransomeware attack. What was the likely attack vector used by the bad actors 67. Very provocative articles that come up in Malicious links the news feeds or Google searches are sometimes called click-bait these articles often tempt you to link to other sites that can be infected with malware what attack vector is used by these click-bait sites go to get you to go to the really bad site 8 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx 68. A weakness in a system is a/an ____. The vulnerability, threat, exploit potential danger associated with this is a/an ____ that becomes a/an ____ when attacked by a bad actor. 69. Fancy Bears and Anonymous are exam- Hacking organizations ples of what? 70. What would a piece of malicious code that gets installed on a computer and reports back to the controller your keystrokes and other information it can gather from your system be called? 71. Trudy intercepts a plain text message Availability sent by Alice to Bob but in no way interferes with its delivery. Which aspect of the CIA Triad was violated? 72. Trudy intercepts a romantic plain-text All of the above message from Alice to her boyfriend Sam. The message upsets Trudy so she forwards it to Bob, making it look like Alice intended it for Bob from the beginning. Which aspect of the CIA Triad has Trudy violated? 73. Which position is in charge of testing the Information Security Auditor security and effectiveness of computer information systems? 74. Which position conducts information se- Information Security Analyst curity investigations for organizations to identify threats that could compromise the organization? 75. Problem Management, Change Manage- ITIL ment, and Incident Management are all key processes of which framework? 9 / 10 ibm cybersecurity Study online at https://quizlet.com/_9l56mx 76. Alice sends a message to Bob that is Trudy changes the message and intercepted by Trudy. Which scenario de- then forwards it on scribes an integrity violation? 77. In cybersecurity, Authenticity is defined The property of being genuine as what? and verifiable 78. Your bank just implemented 2-factor authentication. Before you can access your account. Which two (2) pairs of factors would satisfy the "2-factor" criteria? (Select 2) Your password and fingerprint scan Your bank's ATM card and a PIN number 79. Which three (3) of the following are Phys- Fences ical Access Controls? (Select 3) Security guards Door locks 80. Windows 10 stores 64-bit applications in \Program Files which directory? 81. Which component of the Linux operating The kernel system interacts with your computer's hardware? 82. Which form of Cloud computing combines both public and private clouds? 10 / 10 Hybrid cloud