Defense in Depth

16. A hacker gained access to a network through malicious email attachments. Which one of these is important when talking about methods that allow a hacker to gain this access?

  • A 0-day
  • An attack surface
  • An ACL
  • An attack vector

17. Which of these host-based firewall rules help to permit network access from a Virtual Private Network (VPN) subnet?

  • Secure Shell (SSH)
  • Group Policy Objects (GPOs)
  • Access Control Lists (ACLs)
  • Active Directory

18. Having detailed logging serves which of the following purposes? Select all that apply.

  • Data protection
  • Event reconstruction
  • Auditing
  • Vulnerability detection

19. What model does an antivirus software operate off of?

  • Greylist
  • Secure list
  • Blacklist
  • Whitelist

20. If a full disk encryption (FDE) password is forgotten, what can be incorporated to securely store the encryption key to unlock the disk?

  • Secure boot
  • Application hardening
  • Key escrow
  • Application policies

21. What does applying software patches protect against? Select all that apply.

  • Undiscovered vulnerabilities
  • Newly found vulnerabilities
  • MITM attacks
  • Data tampering

22. Besides software, what other things will also need patches? Select all that apply.

  • Infrastructure firmware
  • Hardware
  • Operating systems
  • NFC tags

23. What are the two primary purposes of application software policies? Select all that apply.

  • To help educate users on how to use software more securely
  • To use a database of signatures to identify malware
  • To define boundaries of what applications are permitted
  • To take log data and convert it into different formats

24. What is a defining characteristic of a defense-in-depth strategy to IT security?

  • Multiple overlapping layers of defense
  • Encryption
  • Confidentiality
  • Strong passwords

25. Why is it important to disable unnecessary components of software and systems?

  • Less complexity means less work.
  • Less complexity means less expensive.
  • Less complexity means less time required.
  • Less complexity means less vulnerability.

Shuffle Q/A 1

26. What are Bastion hosts?

  • A VPN subnet
  • Users that have the ability to change firewall rules and configurations.
  • VLANs
  • Servers that are specifically hardened and minimized to reduce what’s permitted to run on them.

27. Which of these plays an important role in keeping attack traffic off your systems and helps to protect users? Select all that apply.

  • Multiple Attack Vectors
  • Full disk encryption (FDE)
  • Antimalware measures
  • Antivirus software

Devendra Kumar

Project Management Apprentice at Google

Leave a Reply