16. A hacker gained access to a network through malicious email attachments. Which one of these is important when talking about methods that allow a hacker to gain this access?
- A 0-day
- An attack surface
- An ACL
- An attack vector
17. Which of these host-based firewall rules help to permit network access from a Virtual Private Network (VPN) subnet?
- Secure Shell (SSH)
- Group Policy Objects (GPOs)
- Access Control Lists (ACLs)
- Active Directory
18. Having detailed logging serves which of the following purposes? Select all that apply.
- Data protection
- Event reconstruction
- Auditing
- Vulnerability detection
19. What model does an antivirus software operate off of?
- Greylist
- Secure list
- Blacklist
- Whitelist
20. If a full disk encryption (FDE) password is forgotten, what can be incorporated to securely store the encryption key to unlock the disk?
- Secure boot
- Application hardening
- Key escrow
- Application policies
21. What does applying software patches protect against? Select all that apply.
- Undiscovered vulnerabilities
- Newly found vulnerabilities
- MITM attacks
- Data tampering
22. Besides software, what other things will also need patches? Select all that apply.
- Infrastructure firmware
- Hardware
- Operating systems
- NFC tags
23. What are the two primary purposes of application software policies? Select all that apply.
- To help educate users on how to use software more securely
- To use a database of signatures to identify malware
- To define boundaries of what applications are permitted
- To take log data and convert it into different formats
24. What is a defining characteristic of a defense-in-depth strategy to IT security?
- Multiple overlapping layers of defense
- Encryption
- Confidentiality
- Strong passwords
25. Why is it important to disable unnecessary components of software and systems?
- Less complexity means less work.
- Less complexity means less expensive.
- Less complexity means less time required.
- Less complexity means less vulnerability.
Shuffle Q/A 1
26. What are Bastion hosts?
- A VPN subnet
- Users that have the ability to change firewall rules and configurations.
- VLANs
- Servers that are specifically hardened and minimized to reduce what’s permitted to run on them.
27. Which of these plays an important role in keeping attack traffic off your systems and helps to protect users? Select all that apply.
- Multiple Attack Vectors
- Full disk encryption (FDE)
- Antimalware measures
- Antivirus software