Practices Used to Secure a Corporate Environment

This chapter is from the book

CompTIA Cybersecurity Analyst (CySA+) Cert Guide

Learn More Buy

This chapter is from the book

This chapter is from the book 

CompTIA Cybersecurity Analyst (CySA+) Cert Guide

Learn More Buy

Exam Preparation Tasks

As mentioned in the section “Strategies for Exam Preparation” in the Introduction, you have a couple choices for exam preparation: the exercises here, Chapter 15, “Final Preparation,” and the practice exams in the Pearson IT Certification test engine.

Review All Key Topics

Review the most important topics in this chapter, noted with the Key Topics icon in the outer margin of the page. Table 4-2 lists these key topics and the page number on which each is found.

Table 4-2 Key Topics in Chapter 4

Define Key Terms

Define the following key terms from this chapter and check your answers against the glossary:

• penetration testing

• blind test

• double-blind test

• target test

• zero-knowledge test

• partial-knowledge test

• full-knowledge test

• rules of engagement

• reverse engineering

• isolation

• sandboxing

• sheep dip computer

• imaging tools

• file/data analysis tools

• registry/configuration tools

• sandbox tools

• log analyzers

• network capture tools

• Trusted Foundry

• fingerprinting/hashing

• decomposition

• Red team

• Blue team

• White team

• risk evaluation

• risk assessment matrix

• technical control review

• operational control review

Review Questions

1. Which of following attempts to exploit vulnerabilities?

   1. Vulnerability test

   2. Pen test

   3. Risk assessment

   4. Port scan

2. Which of the following is the third step in a pen test?

   1. Analysis and reporting

   2. Vulnerability detection

   3. Penetration attempt

   4. Cleaning up

3. In which type of test are both the testing team and the organization’s security team given maximum information about the network and the type of test that will occur?

   1. Blind test

   2. Double-blind test

   3. Target test

   4. External test

4. In which of the following is the testing team provided with public knowledge regarding the organization’s network?

   1. Zero-knowledge test

   2. Partial-knowledge test

   3. Full-knowledge test

   4. Target test

5. Which of the following rules of engagement includes a list of all devices that are included in the test as well as a description of all testing methodologies to be used?

   1. Timing

   2. Scope

   3. Authorization

   4. Exploitation

6. Which of the following practices places malware where it is safe to probe it and play with it?

   1. Sandboxing

   2. Compartmentalizing

   3. Boundary enforcement

   4. File locks

7. Which of the following is a system that has been isolated from other systems and is used for analyzing suspect files and messages for malware?

   1. Sheep dip computer

   2. Virtual machine

   3. Sandbox

   4. Honeypot

8. Which of the following is a good example of exercising care in ensuring the authenticity and integrity of the components of hardware purchased from a vendor?

   1. Trusted Foundry program

   2. Fingerprinting

   3. Hashing

   4. Decomposition

9. Which of the following is the process of taking a large document or file and, with the use of a hashing algorithm, reducing the file to a character string that can be used to verify the integrity of the file?

   1. Hashing

   2. Decomposing

   3. Sandboxing

   4. Reverse engineering

10. Which of the following helps prioritize the application of resources to the most critical vulnerabilities?

    1. Access control matrix

    2. Risk assessment matrix

    3. PERT chart

    4. Gantt chart