1. After a security incident is verified in a SOC, an incident responder reviews the incident but cannot identify the source of the incident and form an effective mitigation procedure. To whom should the incident ticket be escalated?
- a SME for further investigation
- a cyberoperations analyst for help
- an alert analyst for further analysis
- the SOC manager to ask for other personnel to be assigned
2. Which three technologies should be included in a SOC security information and event management system? (Choose three.)
- proxy service
- threat intelligence
- security monitoring
- user authentication
- intrusion prevention
- event collection, correlation, and analysis
3. What name is given to hackers who hack for a politcal or social cause?
- white hat
- blue hat
4. What is cyberwarfare?
- It is an attack only on military targets.
- It is an attack designed to disrupt, corrupt, or exploit national interests.
- It is an attack on a major corporation.
- It is an attack that only involves robots and bots.
5. The term cyber operations analyst refers to which group of personnel in a SOC?
- SOC managers
- Tier 1 personnel
- Tier 2 personnel
- Tier 3 personnel
6. Match the job titles to SOC personnel positions. (Not all options are used.)
- Tier 1 Alert Analyst —> monitors incoming alerts & verifies that a true incident has occured
- Tier 2 Incident Responder –> involved in deep investigation of incident
- Tier 3 Subject Matter Expert –> involved in hunting for potential threads & implements thread detection tools
- (not use) –> serve as the point of contact for the large organitazion
7. What is a rogue wireless hotspot?
- It is a hotspot that was set up with outdated devices.
- It is a hotspot that does not encrypt network user traffic.
- It is a hotspot that does not implement strong user authentication mechanisms.
- It is a hotspot that appears to be from a legitimate business but was actually set up by someone without the permission from the business.
8. How can a security information and event management system in a SOC be used to help personnel fight against security threats?
- by filtering network traffic
- by collecting and filtering data
- by authenticating users to network resources
- by encrypting communications to remote sites
9. Which organization is an international nonprofit organization that offers the CISSP certification?
10. A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?
- a type of virusou Answered
- a type of logic bomb
- a type of worm
- a type of ransomware
11. Fill in the blank.
- A vurnerability is a flaw or weakness in a computer operating system that can be exploited by an attacker.
12. Which net command is used on a Windows PC to establish a connection to a shared directory on a remote server?
- net use
- net start
- net share
- net session
13. When a user makes changes to the settings of a Windows system, where are these changes stored?
- Control Panel
14. Two pings were issued from a host on a local network. The first ping was issued to the IP address of the default gateway of the host and it failed. The second ping was issued to the IP address of a host outside the local network and it was successful. What is a possible cause for the failed ping?
- The default gateway device is configured with the wrong IP address.
- Security rules are applied to the default gateway device, preventing it from processing ping requests.
- The default gateway is not operational.
- The TCP/IP stack on the default gateway is not working properly.
15. True or False?
For ease of administration, it is recommended that the Everyone group in Windows have
Full Control permissions.
16. Which Windows version was the first to introduce a 64-bit Windows operating system?
- Windows NT
- Windows XP
- Windows 7
- Windows 10
17. Which type of startup must be selected for a service that should run each time the computer is booted?
18. How much RAM is addressable by a 32-bit version of Windows?
- 4 GB
- 8 GB
- 16 GB
- 32 GB
19. What contains information on how hard drive partitions are organized?
- Windows Registry
20. A user creates a file with .ps1 extension in Windows. What type of file is it?
- PowerShell script
- PowerShell cmdlet
- PowerShell function
- PowerShell documentation
21. What is the purpose of the cd\ command?
- changes directory to the root directory
- changes directory to the next highest directory
- changes directory to the previous directory
- changes directory to the next lower directory
22. How can a user prevent specific applications from accessing a Windows computer over a network?
- Enable MAC address filtering.
- Disable automatic IP address assignment.
- Block specific TCP or UDP ports in Windows Firewall.
- Change default usernames and passwords.
23. Fill in the blank.
- When a restrictive security policy is implemented on a firewall, only certain required ports are opened. The rest are closed.
24. What utility is used to show the system resources consumed by each user?
- Task Manager
- User Accounts
- Device Manager
- Event Viewer
25. Which command is used to manually query a DNS server to resolve a specific host name?
- ipconfig /displaydns