CCNA final answers

What is an example of early warning systems that can be used to thwart cybercriminals?

ISO/IEC 27000 program

CVE database

Correct!

Honeynet project

Infragard

Refer to curriculum topic: 1.2.2
Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.

A specialist in the HR department is invited to promote the cybersecurity program in community schools. Which three topics would the specialist emphasize in the presentation to draw students to this field? (Choose three.)

a job with routine, day-to-day tasks

Correct!

service to the public

Correct!

a career-field in high-demand

Correct!

high earning potential

the CompTIA A+ certification provides an adequate knowledge base for the field

a field requiring a PhD degree

Refer to curriculum topic: 1.2.2
The increased demand for cybersecurity specialists offers several unique career opportunities.

A cybersecurity specialist is asked to identify the potential criminals known to attack the organization. Which type of hackers would the cybersecurity specialist be least concerned with?

script kiddies

Correct!

white hat hackers

black hat hackers

gray hat hackers

Refer to curriculum topic: 1.2.1
Hackers are classified by colors to help define the purpose of their break-in activities.

Which technology can be implemented as part of an authentication system to verify the identification of employees?

a Mantrap

Correct!

a smart card reader

SHA-1 hash

a virtual fingerprint

Refer to curriculum topic: 2.2.1
A cybersecurity specialist must be aware of the technologies available that support the CIA triad.

A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?

Implement intrusion detection systems.

Implement RAID.

Correct!

Implement a firewall.

Implement a VLAN.

Refer to curriculum topic: 2.4.1
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.

What are three states of data during which data is vulnerable? (Choose three.)

Correct!

data in-process

data decrypted

data encrypted

purged data

Correct!

stored data

Correct!

data in-transit

Refer to curriculum topic: 2.3.1
A cybersecurity specialist must be aware of each of the three states of data to effectively protect data and information. Purged data was stored data. Encrypted and decrypted data can be in any of the three states.

Which data state is maintained in NAS and SAN services?

data in-process

data in-transit

encrypted data

Correct!

stored data

Refer to curriculum topic: 2.3.1
A cybersecurity specialist must be familiar with the types of technologies used to store, transmit, and process data.

Which framework should be recommended for establishing a comprehensive information security management system in an organization?

Correct!

ISO/IEC 27000

CIA Triad

ISO OSI model

NIST/NICE framework

Refer to curriculum topic: 2.5.1
A cybersecurity specialist needs to be familiar with the different frameworks and models for managing information security.

Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

DoS attack

man-in-the-middle attack

Correct!

ransomeware

Trojan horse

Refer to curriculum topic: 3.1.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What type of attack will make illegitimate websites higher in a web search result list?

Correct!

SEO poisoning

spam

browser hijacker

DNS poisoning

Refer to curriculum topic: 3.1.2
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What is an impersonation attack that takes advantage of a trusted relationship between two systems?

Correct!

spoofing

man-in-the-middle

sniffing

spamming

Refer to curriculum topic: 3.3.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?

Correct!

Look for unauthorized accounts.

Look for usernames that do not have passwords.

Look for policy changes in Event Viewer.

Scan the systems for viruses.

Refer to curriculum topic: 3.1.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

An executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?

familiarity

trusted partners

Correct!

intimidation

urgency

Refer to curriculum topic: 3.2.1
Social engineering uses several different tactics to gain information from victims.

Which statement describes a distributed denial of service attack?"

One computer accepts data packets based on the MAC address of another computer.

Correct!

An attacker builds a botnet comprised of zombies.

An attacker sends an enormous quantity of data that a server cannot handle.

An attacker views network traffic to learn authentication credentials.

Refer to curriculum topic: 3.3.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What is a nontechnical method that a cybercriminal would use to gather sensitive information from an organization?

ransomeware

man-in-the-middle

Correct!

social engineering

pharming

Refer to curriculum topic: 3.2.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What happens as the key length increases in an encryption application?

Keyspace increases proportionally.

Keyspace decreases exponentially.

Keyspace decreases proportionally.

Correct!

Keyspace increases exponentially.

Refer to curriculum topic: 4.1.4
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?

RSA

Correct!

AES

DES

3DES

Refer to curriculum topic: 4.1.4
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

Which access control should the IT department use to restore a system back to its normal state?

Correct!

corrective

detective

compensative

preventive

Refer to curriculum topic: 4.2.7
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

The IT department is tasked to implement a system that controls what a user can and cannot do on the corporate network. Which process should be implemented to meet the requirement?

user login auditing

a biometric fingerprint reader

observations to be provided to all employees

Correct!

a set of attributes that describes user access rights

Refer to curriculum topic: 4.2.5
Access control prevents unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

Smart cards and biometrics are considered to be what type of access control?

Correct!

logical

physical

administrative

technological

Refer to curriculum topic: 4.2.1
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?

ECC

Diffie-Hellman

Correct!

3DES

RSA

Refer to curriculum topic: 4.1.4
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

What is the most difficult part of designing a cryptosystem?

encryption algorithm

key length

reverse engineering

Correct!

key management

Refer to curriculum topic: 4.1.1
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

In which situation would a detective control be warranted?

when the organization cannot use a guard dog, so it is necessary to consider an alternative

after the organization has experienced a breach in order to restore everything back to a normal state

Correct!

when the organization needs to look for prohibited activity

when the organization needs to repair damage

Refer to curriculum topic: 4.2.7
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

Alice and Bob are using a digital signature to sign a document. What key should Alice use to sign the document so that Bob can make sure that the document came from Alice?

public key from Bob

Correct!

private key from Alice

username and password from Alice

private key from Bob

Refer to curriculum topic: 5.2.2
Alice and Bob are used to explain asymmetric cryptography used in digital signatures. Alice uses a private key to encrypt the message digest. The message, encrypted message digest, and the public key are used to create the signed document and prepare it for transmission.

An organization has determined that an employee has been cracking passwords on administrative accounts in order to access very sensitive payroll information. Which tools would you look for on the system of the employee? (Choose three)

Correct!

reverse lookup tables

algorithm tables

Correct!

lookup tables

password digest

rouge access points

Correct!

rainbow tables

Refer to curriculum topic: 5.1.2
Tables that contain possible password combinations are used to crack passwords.

What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?

asymmetric encryption

Correct!

digital certificate

salting

digital signature

Refer to curriculum topic: 5.2.2
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

What is a feature of a cryptographic hash function?

The output has a variable length.

The hash input can be calculated given the output value.

Correct!

The hash function is a one-way mathematical function.

Hashing requires a public and a private key.

Refer to curriculum topic: 5.1.1
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used to ensure data integrity.

What technique creates different hashes for the same password?

HMAC

SHA-256

Correct!

salting

CRC

Refer to curriculum topic: 5.1.2
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.

An organization just completed a security audit. Your division was cited for not conforming to X.509 requirements. What is the first security control you need to examine?

data validation rules

Correct!

digital certificates

VPNs and encryption services

hashing operations

Refer to curriculum topic: 5.3.2
Digital certificates protect the parties involved in secure communications.

What kind of integrity does a database have when all its rows have a unique identifier called a primary key?

Correct!

entity integrity

referential integrity

domain integrity

user-defined integrity

Refer to curriculum topic: 5.4.1
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.

You have been asked to work with the data collection and entry staff in your organization in order to improve data integrity during initial data entry and data modification operations. Several staff members ask you to explain why the new data entry screens limit the types and size of data able to be entered in specific fields. What is an example of a new data integrity control?

data encryption operations that prevent any unauthorized users from accessing sensitive data

Correct!

a validation rule which has been implemented to ensure completeness, accuracy, and consistency of data

a limitation rule which has been implemented to prevent unauthorized staff from entering sensitive data

data entry controls which only allow entry staff to view current data

Refer to curriculum topic: 5.4.2
Data integrity deals with data validation.

What is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?

asset identification

asset classification

Correct!

asset standardization

asset availability

Refer to curriculum topic: 6.2.1
An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.

An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?

limiting access to the data on these systems

Correct!

improving reliability and uptime of the servers

remote access to thousands of external users

stronger encryption systems

Refer to curriculum topic: 6.1.1
System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.

What approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?

diversity

limiting

Correct!

layering

obscurity

Refer to curriculum topic: 6.2.2
Defense in depth utilizes multiple layers of security controls.

What approach to availability involves using file permissions?

obscurity

layering

Correct!

limiting

simplicity

Refer to curriculum topic: 6.2.2
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.

What are two incident response phases? (Choose two.)

confidentiality and eradication

Correct!

detection and analysis

Correct!

containment and recovery

mitigation and acceptance

prevention and containment

risk analysis and high availability

Refer to curriculum topic: 6.3.1
When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.

Being able to maintain availability during disruptive events describes which of the principles of high availability?

single point of failure

uninterruptible services

Correct!

system resiliency

fault tolerance

Refer to curriculum topic: 6.1.1
High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.

The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?

qualitative analysis

protection analysis

loss analysis

Correct!

quantitative analysis

Refer to curriculum topic: 6.2.1
A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.

Which technology would you implement to provide high availability for data storage?

Correct!

RAID

software updates

hot standby

N+1

Refer to curriculum topic: 6.2.3
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to provide redundancy.

An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?

asset identification

Correct!

asset classification

asset standardization

asset availability

Refer to curriculum topic: 6.2.1
One of the most important steps in risk management is asset classification.

Which of the following products or technologies would you use to establish a baseline for an operating system?

MS Baseliner

SANS Baselining System (SBS)

Correct!

Microsoft Security Baseline Analyzer

CVE Baseline Analyzer

Refer to curriculum topic: 7.1.1
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.

Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)

Correct!

802.11i

Correct!

WPA2

802.11q

Correct!

WPA

WEP

TKIP

Refer to curriculum topic: 7.3.1
Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.

Mutual authentication can prevent which type of attack?

wireless poisoning

Correct!

man-in-the-middle

wireless IP spoofing

wireless sniffing

Refer to curriculum topic: 7.1.2
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

In a comparison of biometric systems, what is the crossover error rate?

rate of false positives and rate of acceptability

Correct!

rate of false negatives and rate of false positives

rate of rejection and rate of false negatives

rate of acceptability and rate of false negatives

Refer to curriculum topic: 7.4.1
In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.

What describes the protection provided by a fence that is 1 meter in height?

It offers limited delay to a determined intruder.

Correct!

It deters casual trespassers only.

The fence deters determined intruders.

It prevents casual trespassers because of its height.

Refer to curriculum topic: 7.4.1
Security standards have been developed to assist organizations in implementing the proper controls to mitigate potential threats. The height of a fence determines the level of protection from intruders

Which wireless standard made AES and CCM mandatory?

WPA

Correct!

WPA2

WEP

WEP2

Refer to curriculum topic: 7.1.2
Wireless security depends on several industry standards and has progressed from WEP to WPA and finally WPA2.

Which utility uses the Internet Control Messaging Protocol (ICMP)?

RIP

NTP

DNS

Correct!

ping

Refer to curriculum topic: 7.3.1
ICMP is used by network devices to send error messages.

Which law was enacted to prevent corporate accounting-related crimes?

Import/Export Encryption Act

Gramm-Leach-Bliley Act

Correct!

Sarbanes-Oxley Act

The Federal Information Security Management Act

Refer to curriculum topic: 8.2.2
New laws and regulations have come about to protect organizations, citizens, and nations from cybersecurity attacks.

HVAC, water system, and fire systems fall under which of the cybersecurity domains?

device

user

network

Correct!

physical facilities

Refer to curriculum topic: 8.1.6
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization.

Which cybersecurity weapon scans for use of default passwords, missing patches, open ports, misconfigurations, and active IP addresses?

password crackers

packet analyzers

packet sniffers

Correct!

vulnerability scanners

Refer to curriculum topic: 8.2.4
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.

Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?

packet forgery

DNS spoofing

rogue Wi-Fi AP

packet sniffing

Refer to curriculum topic: 1.3.1
Cybersecurity specialists need to be familiar with the characteristics of various attacks.

Technologies like GIS and IoE contribute to the growth of large data stores. What are two reasons that these technologies increase the need for cybersecurity specialists? (Choose two.)

They require 24-hour monitoring.

They contain personal information.

They collect sensitive information.

They require more equipment.

They make systems more complicated.

They increase processing requirements.

Refer to curriculum topic: 1.1.1
The types of information collected by these technologies have increased the need for data protection.

Which type of cybercriminal is the most likely to create malware to compromise an organization by stealing credit card information?

white hat hackers

black hat hackers

gray hat hackers

script kiddies

Refer to curriculum topic: 1.2.1
Malware is a tool used by certain types of hackers to steal information.

Which technology can be implemented as part of an authentication system to verify the identification of employees?

a smart card reader

a virtual fingerprint

SHA-1 hash

a Mantrap

Refer to curriculum topic: 2.2.1
A cybersecurity specialist must be aware of the technologies available that support the CIA triad.

A cybersecurity specialist is working with the IT staff to establish an effective information security plan. Which combination of security principles forms the foundation of a security plan?

encryption, authentication, and identification

technologies, policies, and awareness

secrecy, identify, and nonrepudiation

confidentiality, integrity, and availability

Refer to curriculum topic: 2.1.1
The CIA Triad is the foundation upon which all information management systems are developed.

An organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted?

SHS

VLANS

RAID

VPN

Refer to curriculum topic: 2.4.1
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.

Which technology can be used to ensure data confidentiality?

identity management

encryption

RAID

hashing

Refer to curriculum topic: 2.2.1
A cybersecurity specialist must be aware of the technologies available which support the CIA triad.

Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus?

wired networks

sneaker net

virtual networks

wireless networks

Refer to curriculum topic: 2.3.2
A cybersecurity specialist must be familiar with the types of technologies used to store, transmit, and process data.

Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network?

virus

spam

phishing

worm

Refer to curriculum topic: 3.1.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What is an impersonation attack that takes advantage of a trusted relationship between two systems?

sniffing

spamming

spoofing

man-in-the-middle

Refer to curriculum topic: 3.3.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

A cyber criminal sends a series of maliciously formatted packets to the database server. The server cannot parse the packets and the event causes the server crash. What is the type of attack the cyber criminal launches?

SQL injection

packet Injection

DoS

man-in-the-middle

Refer to curriculum topic: 3.3.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?

spoofing

spamming

phishing

sniffing

Refer to curriculum topic: 3.3.1
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What type of application attack occurs when data goes beyond the memory areas allocated to the application?

SQL injection

RAM Injection

buffer overflow

RAM spoofing

Refer to curriculum topic: 3.3.3
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.

What are the two most effective ways to defend against malware? (Choose two.)

Implement strong passwords.

Install and update antivirus software.

Update the operating system and other application software.

Implement RAID.

Implement network firewalls.

Implement a VPN.

Refer to curriculum topic: 3.1.1
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

An executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?

trusted partners

urgency

familiarity

intimidation

Refer to curriculum topic: 3.2.1
Social engineering uses several different tactics to gain information from victims.

Alice and Bob use a pre-shared key to exchange a confidential message. If Bob wants to send a confidential message to Carol, what key should he use?

the public key of Bob

a new pre-shared key

the private key of Carol

the same pre-shared key he used with Alice

Refer to curriculum topic: 4.1.2
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

What happens as the key length increases in an encryption application?

Keyspace increases proportionally.

Keyspace decreases proportionally.

Keyspace increases exponentially.

Keyspace decreases exponentially.

Refer to curriculum topic: 4.1.4
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

Before data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?

steganography

data masking substitution

steganalysis

software obfuscation

Refer to curriculum topic: 4.3.1
Technologies exist to confuse attackers by changing data and using techniques to hide the original data.

An organization has implemented antivirus software. What type of security control did the company implement?

recovery control

deterrent control

compensative control

detective control

Refer to curriculum topic: 4.2.7
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.

A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?

ECC

RSA

Diffie-Hellman

3DES

Refer to curriculum topic: 4.1.4
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

Which access control strategy allows an object owner to determine whether to allow access to the object?

MAC

DAC

RBAC

ACL

Refer to curriculum topic: 4.2.2
Access control prevents unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

The IT department is tasked to implement a system that controls what a user can and cannot do on the corporate network. Which process should be implemented to meet the requirement?

user login auditing

a biometric fingerprint reader

a set of attributes that describes user access rights

observations to be provided to all employees

Refer to curriculum topic: 4.2.5
Access control prevents unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.

What is the most difficult part of designing a cryptosystem?

encryption algorithm

key length

reverse engineering

key management

Refer to curriculum topic: 4.1.1
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

The X.509 standards defines which security technology?

biometrics

security tokens

digital certificates

strong passwords

Refer to curriculum topic: 5.3.2
Digital certificates protect the parties involved in a secure communication

What technique creates different hashes for the same password?

SHA-256

CRC

salting

HMAC

Refer to curriculum topic: 5.1.2
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.

What is a feature of a cryptographic hash function?

Hashing requires a public and a private key.

The hash function is a one-way mathematical function.

The hash input can be calculated given the output value.

The output has a variable length.

Refer to curriculum topic: 5.1.1
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used to ensure data integrity.

What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?

digital signature

salting

digital certificate

asymmetric encryption

Refer to curriculum topic: 5.2.2
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.

An organization just completed a security audit. Your division was cited for not conforming to X.509 requirements. What is the first security control you need to examine?

data validation rules

digital certificates

hashing operations

VPNs and encryption services

Refer to curriculum topic: 5.3.2
Digital certificates protect the parties involved in secure communications.

Which hashing technology requires keys to be exchanged?

MD5

AES

HMAC

salting

Refer to curriculum topic: 5.1.3
The difference between HMAC and hashing is the use of keys.

What kind of integrity does a database have when all its rows have a unique identifier called a primary key?

domain integrity

entity integrity

referential integrity

user-defined integrity

Refer to curriculum topic: 5.4.1
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.

You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?

AES

SHA-256

SHA-1

MD5

Refer to curriculum topic: 5.1.1
MD5 and SHA are the two most popular hashing algorithms. SHA-256 uses a 256-bit hash, whereas MD5 produces a 128-bit hash value.

The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can be used to identify specific details about vulnerabilities?

NIST/NICE framework

CVE national database

Infragard

ISO/IEC 27000 model

Refer to curriculum topic: 6.2.1
A cybersecurity specialist needs to be familiar with the resources such as the CVE database, Infragard, and the NIST/NISE framework. All can be used to help plan and implement effective an information security management system.

Which risk mitigation strategies include outsourcing services and purchasing insurance?

acceptance

transfer

avoidance

reduction

Refer to curriculum topic: 6.2.1
Risk mitigation lessens the exposure of an organization to threats and vulnerabilities by transferring, accepting, avoiding, or taking an action to reduce risk.

Which two values are required to calculate annual loss expectancy? (Choose two.)

exposure factor

frequency factor

annual rate of occurrence

single loss expectancy

asset value

quantitative loss value

Refer to curriculum topic: 6.2.1
Single loss expectancy, annualized rate of occurrence, and annualized loss expectancy are used in a quantitative risk analysis

An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?

limiting access to the data on these systems

remote access to thousands of external users

improving reliability and uptime of the servers

stronger encryption systems

Refer to curriculum topic: 6.1.1
System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.

An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?

asset classification

asset identification

asset standardization

asset availability

Refer to curriculum topic: 6.2.1
One of the most important steps in risk management is asset classification.

What approach to availability involves using file permissions?

layering

obscurity

simplicity

limiting

Refer to curriculum topic: 6.2.2
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.

The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?

loss analysis

quantitative analysis

qualitative analysis

protection analysis

Refer to curriculum topic: 6.2.1
A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.

Your risk manager just distributed a chart that uses three colors to identify the level of threat to key assets in the information security systems. Red represents high level of risk, yellow represents average level of threat and green represents low level of threat. What type of risk analysis does this chart represent?

loss analysis

qualitative analysis

exposure factor analysis