Cyber OPS Final Exam
Five pillars of cyber security - Answer Confidentiality, Integrity, Authentication, Non-
repudiation, Availability
What is the binary representation of 0x3E4 - Answer 0011 1110 0100
What is the binary representation of the decimal number 110? (long division). - Answer
0110 1110
The first 4 bytes of data for a file are: 0101 0010 0100 1001 0100 0110 0100 0110. -
Answer 0101 0010
What tool would you use to look at the bytes of this file to determine what type of file it
is? - Answer Frhed HEX editor
What is a better indicator of file type - file extensions or file headers? Explain your
answer. - Answer File headers, because they are needed to open the file correctly.
Someone can change the file extension, and the file could still open if the file header
was correct.
Putting on your CSI hat, use at least 3 aspects of the Cyber Domain to explain why it is
difficult to determine exactly who launched a cyber-attack. - Answer 1. Cyber attacks
often take on the persona of someone else online. It is not difficult for an attacker to do.
2. Cyber attackers can change their IP addresses and make it look like they are coming
from a different geographical location.
3. Cyber attacks, often manipulate the circuit aspect to send data across the internet
making it very difficult to trace.
What are the five aspects of the Cyber Domain? - Answer Logic, Persona,
Geographical, Circuit, and Interface
A system administrator for a network at the Naval Academy is deciding how to set up a
new video game service for the Mids. His first thought is to set the game up with
administrator privileges, as this will make it easier for him to add users and make
stylistic changes. From a security standpoint, how should he set the game up for all the
users on the network? Explain your answer. - Answer He should set it up with the least
amount of privilege needed to run the service--- preferably with user privileges and not
administrator privileges. That way, if an attacker were able to take over the service, they
would only have user privileges and not administrator privileges.
What service does an operating system provide? - Answer 1. It provides services to
users and programs
2. It manages all the different storage-related peripherals, like hard drives, flash drives,
DVD's, etc.
, 3. It can manage network connections for users.
What can a normal computer user do to help secure their system? - Answer 1. Decide
not to open an email attachment from someone they don't know.
2. Change passwords frequently, use strong/complex passwords, and don't reuse
passwords across systems/networks.
3. When using WIFI, choose to only use networks that implement WPA2.
In the Estonia use case, the government ultimately decided to shut down the country's
access to the internet until they could mitigate the attacks that were occurring. What
pillar of cyber security did this affect and why was this a drastic measure? - Answer It
affected availability. It was a drastic measure because it cut off the country entirely from
the rest of the world when it came to the internet. This was done as a last resort
because less severe measures (like trying to isolate where the attack came from) were
unsuccessful.
When host A needs to send a packet to host B, it calculates their respective Network
addresses by combining what two values? - Answer IP Address + Subnet Mask
What pillar of cyber security do both symmetric and asymmetric encryption provide AND
what problem with symmetric encryption does asymmetric encryption solve? - Answer
Both types of encryption provide confidentiality. Asymmetric encryption solves the key
exchange problem for symmetric encryption.
Look At firewall diagram. - Answer Just do it.
Port number for:
1. HTTP
2. HTTPS
3. SSH
4. DNS - Answer 80, 443, 22, 53
List the 3 Cyber Security Defensive principles and provide a brief (one sentence)
description of each. - Answer 1. Least Privilege: Gives users and programs the
privileges they need and no more.
2. Defense in Depth: Having multiple lines of defense for networks and hosts.
3. Vigilance: users and administrators need to watch what's happening on their network,
looking for signs of intrusion.
Explain why storing of hashes of passwords is more secure than just storing passwords.
Also explain what adding a salt value provides. - Answer Storing hashes of passwords
obscures what the passwords are if someone were to steal the password file. Adding a
salt to a password ensures that two identical passwords would hash to different values.
Adding salts to passwords helps to prevent dictionary styles of attacks. (Salt
randomizes hashes).
Five pillars of cyber security - Answer Confidentiality, Integrity, Authentication, Non-
repudiation, Availability
What is the binary representation of 0x3E4 - Answer 0011 1110 0100
What is the binary representation of the decimal number 110? (long division). - Answer
0110 1110
The first 4 bytes of data for a file are: 0101 0010 0100 1001 0100 0110 0100 0110. -
Answer 0101 0010
What tool would you use to look at the bytes of this file to determine what type of file it
is? - Answer Frhed HEX editor
What is a better indicator of file type - file extensions or file headers? Explain your
answer. - Answer File headers, because they are needed to open the file correctly.
Someone can change the file extension, and the file could still open if the file header
was correct.
Putting on your CSI hat, use at least 3 aspects of the Cyber Domain to explain why it is
difficult to determine exactly who launched a cyber-attack. - Answer 1. Cyber attacks
often take on the persona of someone else online. It is not difficult for an attacker to do.
2. Cyber attackers can change their IP addresses and make it look like they are coming
from a different geographical location.
3. Cyber attacks, often manipulate the circuit aspect to send data across the internet
making it very difficult to trace.
What are the five aspects of the Cyber Domain? - Answer Logic, Persona,
Geographical, Circuit, and Interface
A system administrator for a network at the Naval Academy is deciding how to set up a
new video game service for the Mids. His first thought is to set the game up with
administrator privileges, as this will make it easier for him to add users and make
stylistic changes. From a security standpoint, how should he set the game up for all the
users on the network? Explain your answer. - Answer He should set it up with the least
amount of privilege needed to run the service--- preferably with user privileges and not
administrator privileges. That way, if an attacker were able to take over the service, they
would only have user privileges and not administrator privileges.
What service does an operating system provide? - Answer 1. It provides services to
users and programs
2. It manages all the different storage-related peripherals, like hard drives, flash drives,
DVD's, etc.
, 3. It can manage network connections for users.
What can a normal computer user do to help secure their system? - Answer 1. Decide
not to open an email attachment from someone they don't know.
2. Change passwords frequently, use strong/complex passwords, and don't reuse
passwords across systems/networks.
3. When using WIFI, choose to only use networks that implement WPA2.
In the Estonia use case, the government ultimately decided to shut down the country's
access to the internet until they could mitigate the attacks that were occurring. What
pillar of cyber security did this affect and why was this a drastic measure? - Answer It
affected availability. It was a drastic measure because it cut off the country entirely from
the rest of the world when it came to the internet. This was done as a last resort
because less severe measures (like trying to isolate where the attack came from) were
unsuccessful.
When host A needs to send a packet to host B, it calculates their respective Network
addresses by combining what two values? - Answer IP Address + Subnet Mask
What pillar of cyber security do both symmetric and asymmetric encryption provide AND
what problem with symmetric encryption does asymmetric encryption solve? - Answer
Both types of encryption provide confidentiality. Asymmetric encryption solves the key
exchange problem for symmetric encryption.
Look At firewall diagram. - Answer Just do it.
Port number for:
1. HTTP
2. HTTPS
3. SSH
4. DNS - Answer 80, 443, 22, 53
List the 3 Cyber Security Defensive principles and provide a brief (one sentence)
description of each. - Answer 1. Least Privilege: Gives users and programs the
privileges they need and no more.
2. Defense in Depth: Having multiple lines of defense for networks and hosts.
3. Vigilance: users and administrators need to watch what's happening on their network,
looking for signs of intrusion.
Explain why storing of hashes of passwords is more secure than just storing passwords.
Also explain what adding a salt value provides. - Answer Storing hashes of passwords
obscures what the passwords are if someone were to steal the password file. Adding a
salt to a password ensures that two identical passwords would hash to different values.
Adding salts to passwords helps to prevent dictionary styles of attacks. (Salt
randomizes hashes).
