Cybersecurity

Question 1

What is the primary function of an advanced cloud sandbox in cybersecurity?

Answer 1

It provides a safe, isolated virtual environment for opening suspicious files, running untrusted programs, or downloading URLs without affecting local devices or the company network.

Question 2

What is a key advantage of cloud sandboxing over on-premise sandboxing for remote workers?

Answer 2

Cloud sandboxing can protect users both on and off the corporate network, unlike on-premise solutions that run on physical appliances.

Question 3

Why is cloud sandboxing considered superior to appliance-based sandboxing for inspecting SSL traffic?

Answer 3

Cloud sandboxing offers the ability to inspect SSL traffic, a frequent hiding place for malware, which many physical appliances cannot do effectively.

Question 4

A _____ is a deep-packet inspection firewall that adds application-level inspection and intrusion prevention.

Answer 4

next generation firewall (NGFW)

Question 5

What fundamental capability distinguishes a Next-Generation Firewall (NGFW) from a traditional firewall?

Answer 5

An NGFW’s ability to filter packets based on applications, not just ports and protocols.

Question 6

What is the term for intercepting SSL/TLS encrypted internet communication between a client and server, a technique also used in man-in-the-middle (MiTM) attacks?

Answer 6

SSL/TLS Inspection or HTTPS Interception.

Question 7

Define an Advanced Persistent Threat (APT).

Answer 7

An attack where an unauthorized person gains access to a network and stays there undetected for a prolonged period.

Question 8

In an APT, what is the role of the command-and-control (C&C) servers?

Answer 8

The malware is in regular communication with C&C servers to send stolen data or receive new instructions.

Question 9

What is the purpose of Advanced Threat Protection (ATP) solutions?

Answer 9

They defend against sophisticated malware or attacks that are designed to evade traditional security protections like antivirus and firewalls.

Question 10

What is the function of anti-virus protection as defined in the glossary?

Answer 10

It checks files downloaded from the internet against a database of known malicious files.

Question 11

The practice of allocating available bandwidth to optimize performance for mission-critical applications over recreational ones is known as _____.

Answer 11

Bandwidth Control

Question 12

What is a botnet?

Answer 12

A number of internet-capable devices that have been hijacked by malicious users and infected with code without the owners’ knowledge.

Question 13

What is the goal of Branch Transformation in IT?

Answer 13

To enable traffic in a branch office to be routed directly and securely to the internet, rather than backhauling through a central data center.

Question 14

How does browser isolation enhance security?

Answer 14

It separates browsing activity from the endpoint hardware by loading webpages on a remote browser and streaming only pixels to the user, preventing malicious code download.

Question 15

What is a Content Delivery Network (CDN)?

Answer 15

A distributed system of servers that copies and delivers web content to users based on their geographic location to speed up page loads.

Question 16

In cloud terminology, what does ‘the cloud’ generically refer to?

Answer 16

Any software and services that run on servers in data centers, as opposed to running on a user’s local computer.

Question 17

What is the main distinction between a public cloud and a private cloud?

Answer 17

A public cloud is a multi-tenant environment shared by many organizations, while a private cloud is a single-tenant environment dedicated to a single organization.

Question 18

What is Cloud Application Visibility?

Answer 18

The ability to see all the cloud applications being used throughout an organization, enabling control and data protection.

Question 19

Cloud architecture consists of a front-end and a back-end. What does the back-end encompass?

Answer 19

It consists of all the infrastructure required for the cloud service, including servers, data storage, virtual machines, and security mechanisms.

Question 20

What are the three main categories of cloud computing?

Answer 20

Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).

Question 21

What is a cloud firewall?

Answer 21

A firewall that provides network security and application control features delivered from the cloud, without requiring physical hardware.

Question 22

How is cloud security different from traditional on-premise security?

Answer 22

Cloud security is delivered from the cloud, unlike traditional security which uses stacks of appliances at the gateway to scan traffic.

Question 23

A _____ is an incident where sensitive data has potentially been viewed, stolen, or used by an unauthorized individual.

Answer 23

data breach

Question 24

What is the primary goal of Data Loss Prevention (DLP) systems?

Answer 24

To prevent end users from sending sensitive information to unauthorized devices or recipients based on administrator-set policies.

Question 25

How does a Distributed Denial-of-Service (DDoS) attack work?

Answer 25

Hundreds or thousands of hijacked computers (a botnet) are used to overwhelm a single system or network with traffic, making its services unavailable.

Question 26

The adoption of digital technologies across an organization to improve flexibility, speed, and efficiency is broadly described as _____.

Answer 26

Digital Transformation

Question 27

How does a Denial of Service (DoS) attack differ from a Distributed Denial of Service (DDoS) attack?

Answer 27

A DoS attack originates from a single compromised computer, while a DDoS attack uses an army of remotely controlled computers (a botnet).

Question 28

In Data Loss Prevention, what does Exact Data Match (EDM) allow an organization to do?

Answer 28

It allows 'fingerprinting' of sensitive information from a structured data source to identify and prevent it from being shared inappropriately.

Question 29

What do the terms 'elasticity' and 'scalability' mean in the context of cloud computing?

Answer 29

Elasticity means resource allocation can change on demand, which enables scalability to handle peak loads and lighter demand.

Question 30

Why do many organizations leave SSL inspection turned off despite its security benefits?

Answer 30

Because it is compute-intensive and can negatively impact network performance.

Question 31

What is 'fingerprinting' as a data security technique?

Answer 31

A technique that maps large data items to short, identifiable text strings (fingerprints) to track sensitive information across a network.

Question 32

HTTPS is an aggregate of HTTP and which security protocol?

Answer 32

The Secure Sockets Layer (SSL)/Transport Layer Security (TLS) protocol.

Question 33

What type of environment uses a combination of on-premises, public, and private cloud platforms?

Answer 33

A hybrid cloud.

Question 34

The interconnection of a wide range of devices like thermostats and security cameras, each with a unique IP address, is known as the _____.

Answer 34

Internet of Things (IoT)

Question 35

What is the term for monitoring, detecting, and preventing attempts to interrupt or gain control of an application or service?

Answer 35

Intrusion Detection and Prevention.

Question 36

What is malware?

Answer 36

Any program or file, such as a virus or spyware, that is designed to compromise a computer or network.

Question 37

What is the purpose of micro-segmentation in network security?

Answer 37

It logically divides a data center into distinct security segments, down to the individual workload level, to apply granular security controls.

Question 38

An architecture in which multiple systems or applications from different enterprises are hosted on the same physical hardware is called _____.

Answer 38

Multi-tenancy

Question 39

What is the primary goal of Network Transformation?

Answer 39

To move away from traditional hub-and-spoke architectures to new, secure direct-to-cloud architectures for better efficiency and user experience.

Question 40

An NGFW is a hardware- or software-based network security system that enforces security policies at the application level as well as at the _____ and _____ level.

Answer 40

port, protocol

Question 41

In security, what is a 'payload'?

Answer 41

The part of the malware that is delivered to a victim's system and carries out malicious activities.

Question 42

What is the recommended first step in preventing ransomware delivered via email, besides user training?

Answer 42

Implementing multi-layered security with tools to block malicious traffic, decrypt and scan messages, and prevent C&C contact.

Question 43

What is a Software-Defined Wide Area Network (SD-WAN)?

Answer 43

A technology that applies software-defined networking (SDN) principles to WAN connections, used to connect enterprise networks over large distances.

Question 44

A _____ prevents users from accessing infected websites and prevents unwanted traffic from entering an organization’s internal network.

Answer 44

Secure Web Gateway

Question 45

What is Security as a Service (SECaaS or SaaS)?

Answer 45

A model for delivering security technologies, traditionally deployed as hardware, as a cloud service.

Question 46

In Deep Security, how do child policies relate to their parent policies?

Answer 46

Child policies inherit their settings from their parent policies, allowing for the creation of a hierarchical structure with progressively specific rules.

Question 47

What is a Software-Defined Perimeter (SDP)?

Answer 47

A cloud-based approach to secure access that mediates the connection between users and internal applications without placing users directly on the network.

Question 48

What is the purpose of the SSL protocol?

Answer 48

To provide secure, encrypted communications over a computer network.

Question 49

How does an Intrusion Protection System (IPS) act as a first line of defense?

Answer 49

It is proactive and inspects the payload of network traffic for known malicious code or irregularities before it reaches the system.

Question 50

What is a major limitation of antivirus (AV) software?

Answer 50

It is reactive and lacks the capacity to stop zero-day malware, modified exploits, and targeted attacks that have no known signature.

Question 51

What is the function of a TLS Decryption Service?

Answer 51

It decrypts incoming encrypted packets, allowing other security functions like IDS and antivirus to inspect the content for threats.

Question 52

The process of screening and blocking access to web content that is deemed inappropriate or malicious is called _____.

Answer 52

URL Filtering

Question 53

What is a Unified Threat Management (UTM) system?

Answer 53

A single system that combines multiple security features, such as a firewall, malware detection, and intrusion prevention, into one appliance.

Question 54

What is a Virtual Private Network (VPN)?

Answer 54

A connection that establishes a secure network between a user and the internet, routing all traffic through an encrypted virtual tunnel.

Question 55

The _____ security model is built around the idea that enterprises should never inherently trust any user on or off the network.

Answer 55

Zero Trust

Question 56

What is the core principle of Zero Trust Network Access (ZTNA)?

Answer 56

Access is granted on a 'need-to-know,' least-privileged basis defined by granular policies, where trust is never implicit.

Question 57

ZTNA is also known by another name, which is _____.

Answer 57

Software-Defined Perimeter (SDP)