To effectively mitigate insider threats, organizations should focus on both technological solutions and fostering a culture of _______.
- Access Control
- Least Privilege
- Security Awareness
- Vulnerability Scanning
Organizations should focus on fostering a culture of "Security Awareness" to mitigate insider threats. This involves educating employees about security best practices and encouraging a shared responsibility for protecting the organization's data and systems.
SFTP and SCP both use which protocol as their underlying method for secure communication?
- HTTPS
- SSH
- SSL
- TLS
Both SFTP (SSH File Transfer Protocol) and SCP (Secure Copy Protocol) use the SSH (Secure Shell) protocol for secure communication. SSH provides secure authentication and encrypted data transfer over an insecure network.
Sarah, a web security analyst, receives a report that a certain page on the company's website is vulnerable to an XSS attack. She decides to implement a CSP. Which of the following directives should she prioritize to mitigate this specific threat?
- font-src
- img-src
- media-src
- script-src
To mitigate the threat of XSS (Cross-Site Scripting) attacks, Sarah should prioritize the script-src directive when implementing a CSP. This directive controls which scripts are allowed to execute on a web page, and by restricting this, she can mitigate the risk of malicious script execution.
An organization is looking to secure its sensitive data transmissions over the internet. They decide to use a system where both the sender and the receiver have a set of keys, one public and one private. Which encryption system are they likely implementing?
- AES
- DES
- RSA
- SHA-256
They are likely implementing the RSA (Rivest-Shamir-Adleman) encryption system. RSA is a widely used public-key encryption system where each participant has a pair of keys: a public key for encryption and a private key for decryption. This ensures secure data transmission and is often used in secure communications and digital signatures.
Which encryption algorithm, once considered very secure, is now deemed vulnerable due to advances in computing power?
- AES
- DES (Data Encryption Standard)
- RSA
- SHA-1
DES (Data Encryption Standard) is an encryption algorithm that was once considered very secure but is now deemed vulnerable due to advances in computing power. It has been replaced by more secure algorithms like AES.
Which of the following is not typically a part of an effective incident response plan?
- Communication plan
- Data backup plan
- Incident classification and prioritization
- Security awareness training
Security awareness training is not typically a direct part of an incident response plan but rather a proactive measure to educate employees about security best practices. An incident response plan focuses on how to react to and mitigate security incidents after they occur.
An attacker sets up a rogue wireless access point with the same SSID as a legitimate network to trick users into connecting to it. What is this type of attack called?
- Brute Force Attack
- Denial-of-Service Attack
- Man-in-the-Middle Attack
- Phishing Attack
This is a "Man-in-the-Middle Attack" where the attacker intercepts communication between a user and a legitimate network by positioning themselves between them.
The _______ protocol of IPsec ensures authentication and data integrity but not confidentiality.
- AH (Authentication Header)
- DNS (Domain Name System)
- ESP (Encapsulating Security Payload)
- IKE (Internet Key Exchange)
The AH (Authentication Header) in IPsec provides authentication and data integrity, but it doesn't offer confidentiality.
An organization implements a new software solution and within a week receives a message on their server stating that their data has been encrypted and will only be released upon payment. Which type of cybersecurity threat is this scenario depicting?
- Data Breach
- Phishing Attack
- Ransomware Attack
- Zero-Day Exploit
This scenario depicts a ransomware attack. Ransomware is a type of malware that encrypts a victim's data and demands a ransom for the decryption key. It is a serious cybersecurity threat that can lead to data loss and financial losses.
In the context of operating systems, what is the primary purpose of a security policy?
- Control system updates
- Define rules and guidelines for system security
- Manage user accounts
- Optimize system performance
In the context of operating systems, a security policy's primary purpose is to define rules and guidelines for system security. It outlines what actions are allowed and what is prohibited, helping to protect the system from unauthorized access, data breaches, and other security threats. Security policies are crucial for maintaining the integrity and confidentiality of a computer system.