CDS 348 Final Exam | Questions with Verified Answers
11 views 0 purchase
Course
CDS 348
Institution
CDS 348
CDS 348 Final Exam | Questions with Verified Answers One of the more commonly seen and most easily avoided incidents is the "blank" attack, where employees are bombarded with numerous attempts to convince them to activate a link embedded in an e-mail or respond to a request for communications wi...
One of the more commonly seen and most easily avoided incidents is the "blank"
attack, where employees are bombarded with numerous attempts to convince them to
activate a link embedded in an e-mail or respond to a request for communications with
an unknown outside party, often masquerading as a known entity
Phishing
a staffed control room where key security technologies, networks, and critical systems
are monitored for incidents is known as a(n)
security operations center
if an intruder can blank a device, then no electronic protection can deter the loss of
information
physical access
A(n) blank may signal an adverse event is under way and provide a notification of an
incident candidate
Indicator
blank is the organized research and investigation of Internet addresses owned or
controlled by a target organization
footprinting
a series of steps that follow the stages of a cyberattack from early reconnaissance to
the exfiltration of data is known as the blank
cyber kill chain
A(n) blank may signal an incident that could occur in the future
Precursor
the theft of organizational data, either physically or by extraction through the owners'
networks is called data blank
exfiltration
NIST SP 800-61, Rev. 1 provides a five category classification scheme for a network-
based incidents that includes each of these except
all of these are NIST incident classification
a set of software functionalities with capabilities that different clients can reuse for
different purposes is called a(n) blank
service
, which of the following is not a "probable indicator" of an incident
presence or execution of unknown programs or processes
the failure of a technical control to react to the intended stimulus so that it goes
unreported is called a blank
false negative
gathering information on and identifying network assets is known as fingerprinting
true
the most common detection of ransomware is via a message to a user that they have
been locked out of their computer system, and that their files and data have been
encrypted
true
the most common detection of denial of service attack is a message to a user that they
have been locked out of their computer system, and that their files and data have been
encrypted
false
software designed to penetrate security controls, identify valuable content, and then
encrypt files and data in order to extort payment for the key needed to unlock the
encryption is known as blackmail
false
an example of a possible indicator is if a business partner or another connected
organization reports an attack from your computing system
false
an indicator is an activity in progress that may signal an incident could occur in the
future
false
only those with advanced technical skills within a certain set of hardware and software
can manually detect signs of a(n) blank through reviews of logs, systems performance,
user feedback, and system processes and tasks
intrusion
the use of IDPS sensors and analysis systems can be quite complex. One very
common approach is to use an open source software program called blank running on a
UNIX or Linux system that can be managed and queried from a desktop computer using
a client interface
snort
which is the most important factor when selecting a SIEM solution
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Jumuja. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.