CYSA EXAM REVISED QUESTIONS AND ANSWERS VERIFIED 100% CORRECT

CYSA EXAM REVISED QUESTIONS AND ANSWERS VERIFIED 100% CORRECT Network Access Control (NAC) - ANSWER Limits network access to only authorized individual and systems Ensures the systems connecting to the network meet basic security requirement 802.1 x - ANSWER most common standard from NAC Agent-based NAC - ANSWER Applies policy rules through a software based agent to enforce the controls. Like 802.1x Agentless NAC - ANSWER A network access control (NAC) agent that is not installed on an endpoint device but is embedded within a Microsoft Windows Active Directory domain controller. Like Wireless at a hotel, and coffee shops In-Band NAC - ANSWER Use dedicated appliances placed between the devices and the services they are requesting • Example: Hotel networks that require you to enter your name and room number before gaining access Out-of-Band NAC - ANSWER Relies on existing network and has device communicate to authentication servers (like 802.1x) NAC Approval Criteria - ANSWER Time of Day Role of the User Location of user System health status Honeypot - ANSWER System designed to look like a lucrative target due to the types of services being run or vulnerabilities contained are designed to falsely appear vulnerable and to fool malicious attackers to waste time going after them simulate successful attacks and allow us to monitor attacker techniques DNS Sinkhole - ANSWER Provide false DNS information to malicious software Hardening System Configuration - ANSWER Make it as resistant to attack as possible Disabling unnesccary services Disabling unnecessary ports Verifying secure congiuration Centrallycontrolling device security settings Patch Management - ANSWER the process of regularly applying patches and updates to software like SCCM Compensating Controls - ANSWER control procedures that compensate for the deficiency in other controls WannaCry outbreak required disabling SMBv1, but thiscould break an file share Point ofSale or embeddedsystems can be updated without possiblity of breaking GPO (Group Policy Object) - ANSWER Provides admins an efficient way to manage system and security configuration settings acrossmany devices Ex. Require the use a firewall on all hosts Mappping to a share drive on login Run scripts at login to verify compliance Endpoint Security Software - ANSWER Softeare should report to a centralized management system for cyber security analysts to view and analyze - Anti-malware - Antivirus - Anti-spyware - Spam filters - Patch management - HIPS/HIDS - Data loss prevention - Host-based firewalls - Log monitoring MAC (Mandatory Access Control) - ANSWER All security permissions centrally and the user cannot change permission DAC (Discretionary Access Control) - ANSWER allows the owners of a file or resoure to control the permission on that resource PenTest - ANSWER simulate a cyber attack against your organization resources using the same information, tools, and techniques abailable to an attacker Gain access Red Team - ANSWER participates as the attackers Blue team - ANSWER particiates as the defenders Secures the network and attempts to keep red team out through the use of security controls White Team - ANSWER participates as the referee PenTest phases - ANSWER Planning Discovery Attack Reporting NIST SP 800-115 - ANSWER Technical Guide to Information Security Testing and Assessment. Divides pentesting into 4 phases Planning -PenTest - ANSWER No technical work is preformed. Timing, scope, and authorization is gained. Always get authorizations Discovery -PenTest - ANSWER Testers conduct recon and gather as much information on the network, system, users, and applications Ex. Open source research