Download Certified Incident Handler Test With Correct Answers. and more Exams Advanced Education in PDF only on Docsity!
Certified Incident Handler Test With
Correct Answers
Information Security - ANSWER a state of well-being of information and infrastructure in which the possibility of theft, tampering, and disruption of information and services is kept low or tolerable
Confidentiality - ANSWER Assurance that the information is accessible only to those authorized to have access
Authenticity - ANSWER Trustworthiness of data or resources in terms of preventing improper and unauthorized changes
Availability - ANSWER Assurance that the systems are accessible when required by the authorized users
Integrity - ANSWER Characteristic of a document, communication or any data that ensures the quality of being genuine
Non-repudiation - ANSWER Guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message
CIA Triad - ANSWER Confidentiality, Integrity, Availability
What element keeps secrets secret? - ANSWER Confidentiality
What element is associated with a hashing algorithm? - ANSWER Integrity
What element prevents or protects against improper modification? - ANSWER Integrity
What is different about a digital signature? - ANSWER The hashing algorithm is encrypted with an asymmetric encryption key
What element is associated with Denial of Service attacks? - ANSWER Availability
What two elements are associated with asymmetric cryptography? - ANSWER Authenticity and Non-repudiation
What is the ACI triad? - ANSWER Availability, Confidentiality, Integrity
When you maintain data, what must you also do? - ANSWER Protect it
Information is a ______ and a _____ process - ANSWER Business
What is the first rule of thumb when protecting data? - ANSWER Know how sensitive it is to determine the value of protecting it
What are the 5 characteristics of information? - ANSWER An asset; Requires time, cost, skill and resource to build; loss of data affects the org; part of the corporate identity; data is considered confidential and proprietary
What is Defense-in-Depth? - ANSWER A security paradigm where security is implemented at multiple layers within a system. These layers include the physical layer, network layer, system layer, and data layer.
What are the layers of Defense-in-Depth? - ANSWER Physical, Primary, Network, Host, Application, Data
Defense-in-Depth can be both - ANSWER physical and logical
What are Information Security Policies? - ANSWER Foundation of the security infrastructure that defines the basic security requirements and rules to be implemented in order to protect and secure an organization's information
Passwords Policy - ANSWER Provides guidelines for using strong password protection on organization's resources
User-Account Policies - ANSWER Defines the account creation process, and authority, rights, and responsibilities of user accounts
Information-Protection Policy - ANSWER Defines the sensitivity levels of information, who may have access, how it is stored and transmitted, and how it should be deleted from storage media
Special-Access Policy - ANSWER Defines the terms and conditions of granting special access to system resources
Email Security Policy - ANSWER It is created to govern the proper usage of corporate email
Acceptable-Use Policy - ANSWER Defines the acceptable use of system resources
Attacks - ANSWER A motive or reason, coupled with a method or exploit, coupled with the vulnerability
Vulnerabilities - ANSWER Weaknesses in the design or implementation of a system
What is the attack equation? - ANSWER Motive + Method + Vulnerability
Method/Exploit - ANSWER a step-by-step breach of security
Cloud Computing Threat Biggest Issue - ANSWER Flaws in one client's app can allow attackers to access other client's data
APT - ANSWER Advanced Persistent Threat
Advanced Persistent Threat (APT) - ANSWER An organized group of attackers
who are highly motivated, skilled, and patient. They are often sponsored by a government, are focused on a specific target, and will continue attacking for a very long time until they achieve their goal.
Viruses and Worms - ANSWER Spreads within a computer network and can multiply. Can be halted by anti-virus software. Most prevalent network attack.
Ransomware - ANSWER Software that encrypts programs and data until a ransom is paid to remove it.
Mobile Threats - ANSWER Focus of attackers has shifted to mobile devices due to increased adoption of mobile devices for business and personal purposes and comparatively lesser security controls
Botnet - ANSWER a huge network of the compromised systems used by an intruder to perform various network attacks
Insider Attack - ANSWER Someone within an organisation exploits their network access to steal information
Phishing - ANSWER An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an
Script Kiddies - ANSWER find hacking code on the internet and click-and-point their way into systems to cause damage or spread viruses (MOTIVE= Chaos)
Organized Hackers - ANSWER These criminals include organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers. (MOTIVE= PROFIT)
Hacktivists - ANSWER Hackers who are driven by a cause like social change, political agendas, or terrorism (MOTIVE= social change)
State-Sponsored attackers - ANSWER Attacker commissioned by governments to attack enemies' information systems. (MOTIVE= Politics)
Insider Threat - ANSWER A threat to an organization that comes from employees, contractors, and anyone else that may have willingly been given insider knowledge.
Cyber Terrorists - ANSWER seek to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction
Recreational Hackers - ANSWER Someone who enjoys exploring and learning about computer technology but may put an organization's network at risk by bringing in unapproved software, experimenting on the network, or just trying an exploit to "see if it works."
Suicide Hackers - ANSWER Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about facing jail terms or any other kind of punishment
Industrial Spies - ANSWER People who use illegal means to obtain trade secrets from competitors
What is the ultimate impact of a security attack? - ANSWER Loss of Revenue
Information Warfare - ANSWER use of information technologies to corrupt or destroy an enemy's information and industrial infrastructure
Defensive Information Warfare - ANSWER Involves all strategies and actions to defend against attacks on ICT assets.
Offensive Information Warfare - ANSWER involves attacks against ICT assets of an opponent
taking organized and careful steps when reacting to a security incident or cyberattack
Vulnerability - ANSWER A flaw or weakness that allows a threat agent to bypass security.
What is always the weakest link in the security chain? - ANSWER Users
Vulnerability research - ANSWER the process of discovering vulnerabilities and design flaws that will open an operating system and its applications to attack or misuse
Vulnerability Assessment - ANSWER A systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, or any other entity that is a potential harm.
Active Assessment - ANSWER Uses a network scanner to find hosts, services, and vulnerabilities
External Assessment - ANSWER Assesses the network from a hacker's point of view to find out what exploits and vulnerabilities are accessible to the outside world
Host-Based Assessment - ANSWER Determines the vulnerabilities in a specific workstation or server by performing configuration-level check through the command line
Application Assessments - ANSWER tests the web infrastructure for any misconfiguration and known vulnerabilities
Passive Assessment - ANSWER A technique used to sniff the network traffic to find out active systems, network services, applications, and vulnerabilities present
Internal Assessment - ANSWER A technique to scan the internal infrastructure to find out the exploits and vulnerabilities
Network Assessment - ANSWER Determines the possible network security attacks that may occur on the organization's systems
Wireless Network Assessments - ANSWER Determines the vulnerabilities in the organization's wireless networks
What is the benefit of active assessment? - ANSWER Gives you more
Threat Attribution - ANSWER the identification of a threat actor for an exploit
Group Attribution - ANSWER It deals with attributing based on the common group or association of multiple malicious actors and their attack methodologies
Campaign Attributes - ANSWER It deals with attributing based on the malware or the campaign strategy of specific malware
Intrusion-set Attribution - ANSWER It deals with attributing the attacker based on intrusion patterns
True Attribution - ANSWER It deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target
Nation-state Attribution - ANSWER it deals with the attribution of attacks that are sponsored by any nation against another nation
What is Risk? - ANSWER the degree of uncertainty or expectation of
potential damage that an adverse event may cause to the system or resources under specified conditions
What is the Risk Formula? - ANSWER Risk = Threat X Vulnerability
Risk Management - ANSWER a set of policies to identify, assess, prioritize, minimize, and control risks
Risk Assessment - ANSWER the process of measuring risk, identification of risks, estimation of impact
Risk Mitigation - ANSWER A risk response strategy whereby the project team acts to reduce the probability of occurrence or impact of a risk.
