GRACEAMELIA 2024/2025 ACADEMIC YEAR ©2024. ALL RIGHTS
RESERVED. FIRST PUBLISH OCTOBER, 2024
CDS348 Final Exam Study Guide with
Complete Solutions
One of the more commonly seen and most easily avoided incidents is the "blank" attack, where
employees are bombarded with numerous attempts to convince them to activate a link
embedded in an e-mail or respond to a request for communications with an unknown outside
party, often masquerading as a known entity - Ans:✔✔-Phishing
a staffed control room where key security technologies, networks, and critical systems are
monitored for incidents is known as a(n) - Ans:✔✔-security operations center
if an intruder can blank a device, then no electronic protection can deter the loss of information
- Ans:✔✔-physical access
A(n) blank may signal an adverse event is under way and provide a notification of an incident
candidate - Ans:✔✔-indicator
blank is the organized research and investigation of Internet addresses owned or controlled by a
target organization - Ans:✔✔-footprinting
a series of steps that follow the stages of a cyberattack from early reconnaissance to the
exfiltration of data is known as the blank - Ans:✔✔-cyber kill chain
Page 1/15
, GRACEAMELIA 2024/2025 ACADEMIC YEAR ©2024. ALL RIGHTS
RESERVED. FIRST PUBLISH OCTOBER, 2024
A(n) blank may signal an incident that could occur in the future - Ans:✔✔-precursor
the theft of organizational data, either physically or by extraction through the owners' networks
is called data blank - Ans:✔✔-exfiltration
NIST SP 800-61, Rev. 1 provides a five category classification scheme for a network-based
incidents that includes each of these except - Ans:✔✔-all of these are NIST incident
classification
a set of software functionalities with capabilities that different clients can reuse for different
purposes is called a(n) blank - Ans:✔✔-service
which of the following is not a "probable indicator" of an incident - Ans:✔✔-presence or
execution of unknown programs or processes
the failure of a technical control to react to the intended stimulus so that it goes unreported is
called a blank - Ans:✔✔-false negative
gathering information on and identifying network assets is known as fingerprinting - Ans:✔✔-
true
the most common detection of ransomware is via a message to a user that they have been
locked out of their computer system, and that their files and data have been encrypted -
Ans:✔✔-true
Page 2/15
RESERVED. FIRST PUBLISH OCTOBER, 2024
CDS348 Final Exam Study Guide with
Complete Solutions
One of the more commonly seen and most easily avoided incidents is the "blank" attack, where
employees are bombarded with numerous attempts to convince them to activate a link
embedded in an e-mail or respond to a request for communications with an unknown outside
party, often masquerading as a known entity - Ans:✔✔-Phishing
a staffed control room where key security technologies, networks, and critical systems are
monitored for incidents is known as a(n) - Ans:✔✔-security operations center
if an intruder can blank a device, then no electronic protection can deter the loss of information
- Ans:✔✔-physical access
A(n) blank may signal an adverse event is under way and provide a notification of an incident
candidate - Ans:✔✔-indicator
blank is the organized research and investigation of Internet addresses owned or controlled by a
target organization - Ans:✔✔-footprinting
a series of steps that follow the stages of a cyberattack from early reconnaissance to the
exfiltration of data is known as the blank - Ans:✔✔-cyber kill chain
Page 1/15
, GRACEAMELIA 2024/2025 ACADEMIC YEAR ©2024. ALL RIGHTS
RESERVED. FIRST PUBLISH OCTOBER, 2024
A(n) blank may signal an incident that could occur in the future - Ans:✔✔-precursor
the theft of organizational data, either physically or by extraction through the owners' networks
is called data blank - Ans:✔✔-exfiltration
NIST SP 800-61, Rev. 1 provides a five category classification scheme for a network-based
incidents that includes each of these except - Ans:✔✔-all of these are NIST incident
classification
a set of software functionalities with capabilities that different clients can reuse for different
purposes is called a(n) blank - Ans:✔✔-service
which of the following is not a "probable indicator" of an incident - Ans:✔✔-presence or
execution of unknown programs or processes
the failure of a technical control to react to the intended stimulus so that it goes unreported is
called a blank - Ans:✔✔-false negative
gathering information on and identifying network assets is known as fingerprinting - Ans:✔✔-
true
the most common detection of ransomware is via a message to a user that they have been
locked out of their computer system, and that their files and data have been encrypted -
Ans:✔✔-true
Page 2/15
