Cybersecurity Final Exam
QUESTIONS AND VERIFIED
CORRECT ANSWERS
GRADED A+ LATEST 100%
GUARANTEED PASS
Inheritance - CORRECT ANSWER-Physical characteristic unique to the individual - fingerprint,
retinal scan, facial recognition
Need to Know - CORRECT ANSWER-The user is cleared, but does this user need this info?
Timeliness - CORRECT ANSWER-Does the user need to know now?
Penetration Test (Pen Test) - CORRECT ANSWER-A legal hack to find and exploit vulnerabilities in
a computer or system performed with the organization's permission.
Virtual Machine - CORRECT ANSWER-Software, generally called an image, which behaves like an
actual computer. Demonstrated in class were Oracle's open source Virtual Box and LMU's
Virtual Desktop.
Vulnerabilities - CORRECT ANSWER-Flaws in software, firmware, or hardware that can be
exploited by an attacker to perform unauthorized actions in a system. They can be caused by
software programming errors. Attackers take advantage of these to infect computers with
malware or perform other malicious activity.
,Malicious Code (aka Malware) - CORRECT ANSWER-Unwanted programs that can harm a
computer or compromise stored data. Various classifications of malicious code include viruses,
worms, and Trojan horses. Can deploy if you open an email attachment or visit a particular
webpage. Can spread without user intervention and typically starts by exploiting a software
vulnerability. Once the targeted computer has been infected, they may attempt to locate and
infect other computers, propagating via email, websites, or network-based software.
Sandbox - CORRECT ANSWER-An isolated virtual emulation of an end-user operating
environment, used to safely test and execute suspicious code without risking harm to the host
device or network. Virtual Machines can used as these. If the test goes wrong, the VM operating
system can be deleted, without affecting the rest of the computer or network.
Virtual Private Network (VPN) - CORRECT ANSWER-A secure and encrypted tunnel that sends
your web traffic through a server controlled by a provider, and from there, onto the web. These
mask your internet protocol (IP) address so your online actions are virtually untraceable, as long
as your provider doesn't retain logs of user traffic.
Encryption - CORRECT ANSWER-Scrambling data so people without a key cannot read it
Backdoor - CORRECT ANSWER-Access to a computer system or encrypted data that bypasses
the system's normal security or operation.
Wi-Fi Pineapple - CORRECT ANSWER-A modified router used for Wi-Fi hacking/auditing
primarily on public networks. The device acts as a man in the middle (MiM). It is transparent to
the user's device which shows it connecting to a previously used and trusted Wi-Fi network.
Honeypot - CORRECT ANSWER-A lure that appears to be a legitimate target or device, but is
instead a decoy. In an enterprise environment, it is isolated and closely monitored. Since there
is no reason for legitimate users to access a honeypot, any attempts to communicate with it are
considered to be hostile.
, USB Rubber Ducky - CORRECT ANSWER-Looking like a standard drive, it registers itself as a USB
keyboard (to avoid triggering any users access prompts), then initiates keystroke payloads (such
as installing backdoors, exfiltrating documents, or capturing credentials)
Man-In-The-Middle Attack - CORRECT ANSWER-An attack that intercepts a communication
between two systems without detection.
ToR (The Onion) Browser - CORRECT ANSWER-An open source browser a web browser that
anonymizes your web traffic using the Tor network, thereby protecting identity online. It began
as a worldwide network of servers developed with the U.S. Navy that enabled people to browse
the internet anonymously.
Firewall - CORRECT ANSWER-A network security device that monitors incoming and outgoing
network traffic and permits only authorized data packets based on a set of security rules.
Data at Rest - CORRECT ANSWER-Data not currently being accessed that is stored in a physical
or logical medium (Ex. Files stored on hard disks, USB drives, cloud storage, servers, databases).
Data in Transit - CORRECT ANSWER-Data in motion, travelling from one location to another (Ex.
Data travelling through an email, web, collaborative work app, or any public or private
communication channel. Includes Gmail, LMU Mail, Zoom, Teams, Slack, WordPress, Remote
Desktop).
Data in Use - CORRECT ANSWER-Data currently being accessed by users or one or more
applications. This includes the files used by the applications themselves (Ex. Data created or
modified by local apps such as Adobe Reader, MS Office, or the operating system).
Data at Rest Protection - CORRECT ANSWER-DAR Encryption
Data in Transit Protection - CORRECT ANSWER-Encryption, network security measures like
firewalls and network access control to protect from malware attacks or intrusions. Choose data
QUESTIONS AND VERIFIED
CORRECT ANSWERS
GRADED A+ LATEST 100%
GUARANTEED PASS
Inheritance - CORRECT ANSWER-Physical characteristic unique to the individual - fingerprint,
retinal scan, facial recognition
Need to Know - CORRECT ANSWER-The user is cleared, but does this user need this info?
Timeliness - CORRECT ANSWER-Does the user need to know now?
Penetration Test (Pen Test) - CORRECT ANSWER-A legal hack to find and exploit vulnerabilities in
a computer or system performed with the organization's permission.
Virtual Machine - CORRECT ANSWER-Software, generally called an image, which behaves like an
actual computer. Demonstrated in class were Oracle's open source Virtual Box and LMU's
Virtual Desktop.
Vulnerabilities - CORRECT ANSWER-Flaws in software, firmware, or hardware that can be
exploited by an attacker to perform unauthorized actions in a system. They can be caused by
software programming errors. Attackers take advantage of these to infect computers with
malware or perform other malicious activity.
,Malicious Code (aka Malware) - CORRECT ANSWER-Unwanted programs that can harm a
computer or compromise stored data. Various classifications of malicious code include viruses,
worms, and Trojan horses. Can deploy if you open an email attachment or visit a particular
webpage. Can spread without user intervention and typically starts by exploiting a software
vulnerability. Once the targeted computer has been infected, they may attempt to locate and
infect other computers, propagating via email, websites, or network-based software.
Sandbox - CORRECT ANSWER-An isolated virtual emulation of an end-user operating
environment, used to safely test and execute suspicious code without risking harm to the host
device or network. Virtual Machines can used as these. If the test goes wrong, the VM operating
system can be deleted, without affecting the rest of the computer or network.
Virtual Private Network (VPN) - CORRECT ANSWER-A secure and encrypted tunnel that sends
your web traffic through a server controlled by a provider, and from there, onto the web. These
mask your internet protocol (IP) address so your online actions are virtually untraceable, as long
as your provider doesn't retain logs of user traffic.
Encryption - CORRECT ANSWER-Scrambling data so people without a key cannot read it
Backdoor - CORRECT ANSWER-Access to a computer system or encrypted data that bypasses
the system's normal security or operation.
Wi-Fi Pineapple - CORRECT ANSWER-A modified router used for Wi-Fi hacking/auditing
primarily on public networks. The device acts as a man in the middle (MiM). It is transparent to
the user's device which shows it connecting to a previously used and trusted Wi-Fi network.
Honeypot - CORRECT ANSWER-A lure that appears to be a legitimate target or device, but is
instead a decoy. In an enterprise environment, it is isolated and closely monitored. Since there
is no reason for legitimate users to access a honeypot, any attempts to communicate with it are
considered to be hostile.
, USB Rubber Ducky - CORRECT ANSWER-Looking like a standard drive, it registers itself as a USB
keyboard (to avoid triggering any users access prompts), then initiates keystroke payloads (such
as installing backdoors, exfiltrating documents, or capturing credentials)
Man-In-The-Middle Attack - CORRECT ANSWER-An attack that intercepts a communication
between two systems without detection.
ToR (The Onion) Browser - CORRECT ANSWER-An open source browser a web browser that
anonymizes your web traffic using the Tor network, thereby protecting identity online. It began
as a worldwide network of servers developed with the U.S. Navy that enabled people to browse
the internet anonymously.
Firewall - CORRECT ANSWER-A network security device that monitors incoming and outgoing
network traffic and permits only authorized data packets based on a set of security rules.
Data at Rest - CORRECT ANSWER-Data not currently being accessed that is stored in a physical
or logical medium (Ex. Files stored on hard disks, USB drives, cloud storage, servers, databases).
Data in Transit - CORRECT ANSWER-Data in motion, travelling from one location to another (Ex.
Data travelling through an email, web, collaborative work app, or any public or private
communication channel. Includes Gmail, LMU Mail, Zoom, Teams, Slack, WordPress, Remote
Desktop).
Data in Use - CORRECT ANSWER-Data currently being accessed by users or one or more
applications. This includes the files used by the applications themselves (Ex. Data created or
modified by local apps such as Adobe Reader, MS Office, or the operating system).
Data at Rest Protection - CORRECT ANSWER-DAR Encryption
Data in Transit Protection - CORRECT ANSWER-Encryption, network security measures like
firewalls and network access control to protect from malware attacks or intrusions. Choose data
