Home > Articles > Security Principles

Security Principles

Contents

  1. "Do I Know This Already?" Quiz
  2. Foundation Topics
  3. Exam Preparation Tasks

Chapter Description

In this sample chapter from CCNA Cyber Ops SECFND #210-250 Official Cert Guide, explore principles of the defense-in-depth strategy, risk assessments, and more.

Exam Preparation Tasks

Review All Key Topics

Review the most important topics in the chapter, noted with the Key Topic icon in the outer margin of the page. Table 3-2 lists a reference of these key topics and the page numbers on which each is found.

key_topic.jpg

Table 3-2 Key Topics

Key Topic Element

Description

Page

Summary

Describe what are vulnerabilities

166

Summary

Define what are threats

167

Summary

Define threat actors

168

Summary

Describe what is threat intelligence and why is it useful

168

Summary

Define what are exploits

170

Summary

Describe confidentiality, integrity, and availability

171

Summary

Describe risk and risk analysis

171

Summary

Define and provides examples of PII

173

Summary

Define and provides examples of PHI

174

Summary

Decribe the principle of least privilege

174

Summary

Define what is a security operations center

175

Summary

Describe runbook automation

176

Summary

Define and describe chain of custody

177

Summary

Describe what is reverse engineering

178

Define Key Terms

Define the following key terms from this chapter, and check your answers in the glossary:

  • Vulnerabilities

  • threats

  • threat actors

  • exploits

Q&A

The answers to these questions appear in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes and Q&A Questions.” For more practice with exam format questions, use the exam engine on the website.

  1. Which of the following statements are true about vulnerabilities?

    1. A vulnerability is a threat on a system.

    2. A vulnerability is an exploitable weakness in a system or its design.

    3. Vulnerabilities can be found in protocols, operating systems, applications, hardware, and system designs.

    4. Vulnerabilities are exploits that are discovered every day in software and hardware products.

  2. On which of the following can exploit kits be run from?

    1. Web servers

    2. Email servers

    3. NTP servers

    4. Firewalls

  3. Which of the following are examples of exploit kits?

    1. Angler

    2. Mangler

    3. Blackhole

    4. Black ICE

  4. Which of the following describe what a threat is?

    1. Threats and vulnerabilities are the same.

    2. A threat is an exploit against a patched vulnerability.

    3. A threat is any potential danger to an asset.

    4. A threat is a piece of software aimed at exploiting a vulnerability.

  5. What is an IoC?

    1. An indicator of compromise

    2. An indicator of containment

    3. An intrusion operating control

    4. An intrusion of compromise

  6. Which of the following are provided by threat intelligence feeds?

    1. Indicators of compromise

    2. IP addresses of attacking systems

    3. The overall risk score of all vulnerabilities in the corporate network

    4. The overall risk score of threats in the corporate network

  7. The way you document and preserve evidence from the time you start the cyber forensics investigation to the time the evidence is presented in court is referred to as which of the following?

    1. Chain of compromise

    2. Custody of compromise

    3. Chain of forensics

    4. Chain of custody

  8. What are decompilers?

    1. Programs that take an executable binary file and attempt to produce readable high-level language code from it

    2. Programs that take a non-executable binary file and attempt to produce compiled code from it

    3. Programs that take a non-executable binary file and attempt to produce encrypted code from it

    4. Programs that execute a binary file and attempt to crack the encryption of it

  9. Which of the following are metrics that can measure the effectiveness of a runbook?

    1. Mean time to repair (MTTR)

    2. Mean time between failures (MTBF)

    3. Mean time to discover a security incident

    4. All of the above

  10. What is PHI?

    1. Protected HIPAA information

    2. Protected health information

    3. Personal health information

    4. Personal human information

There are currently no related articles. Please check back later.