D488 Cybersecurity Architecture and Engineering - Set 3 - Part 1

Correct Answer: To filter and control incoming and outgoing network traffic

A firewall acts as a barrier between trusted and untrusted networks, allowing or blocking data packets based on predefined security rules.

Correct Answer: Regularly updating software and security patches

Keeping software up to date ensures that known vulnerabilities are patched, reducing the risk of data breaches.

Correct Answer: Manipulating individuals to gain confidential information

Social engineering exploits human psychology to trick individuals into revealing sensitive information or performing actions that compromise security.

Correct Answer: Denial of Service (DoS)

A DoS attack aims to make a service unavailable by overwhelming it with traffic, disrupting legitimate users' access.

Correct Answer: To provide an additional layer of security

2FA requires two forms of identification, making it harder for unauthorized users to gain access to accounts.

Correct Answer: Requests for sensitive information through email

Phishing attempts often involve unsolicited emails asking users to provide sensitive information.

Correct Answer: Limiting user access to only what is necessary for their roles

The principle of least privilege minimizes potential security risks by ensuring that users have the minimum necessary permissions.

Correct Answer: Ransomware

Ransomware locks users out of their files, demanding payment for the decryption key to restore access.

Correct Answer: To detect and alert on suspicious activities within a network

IDS monitors network traffic for signs of malicious activity, providing alerts to system administrators.

Correct Answer: AES

AES (Advanced Encryption Standard) is widely used for securing wireless networks and data transmission.

Correct Answer: To identify and evaluate security weaknesses in a system

Vulnerability assessments help organizations discover and address potential security flaws before they can be exploited.

Correct Answer: Running untested code in a controlled environment

Sandboxing isolates code execution to minimize the risk of damaging effects on the broader system.

Correct Answer: A combination of letters, numbers, and symbols

A strong password includes diverse characters, making it harder for attackers to guess.

Correct Answer: To monitor and remove malware from devices

Antivirus software scans for and eliminates malicious software to protect users' systems.

Correct Answer: To protect data confidentiality

Data encryption transforms information into a secure format, making it unreadable without the proper decryption key.

Correct Answer: Implementing user access controls

User access controls limit who can view or modify sensitive information, enhancing data security.

Correct Answer: To collect, analyze, and report on security data

SIEM systems aggregate and analyze security data from multiple sources to detect and respond to incidents.

Correct Answer: Intercepting communications between two parties without their knowledge

In a man-in-the-middle attack, the attacker secretly relays and possibly alters the communication between two parties.

Correct Answer: To outline an organization’s security objectives and procedures

A cybersecurity policy provides guidelines for protecting the organization's information assets and responding to security incidents.

Correct Answer: Flooding a server with excessive traffic

A DoS attack overwhelms a server with traffic, rendering it unable to respond to legitimate requests.