Cybersecurity Compliance Framework & System Administration

Cybersecurity Compliance Framework & System Administration | Coursera

Enroll Course

---

Module 1 – Compliance Frameworks and Industry Standards

Compliance and Regulations for Cybersecurity

1. Which of the bad guys are described as “They are “in” an organization but are human and make mistakes”?

• Malicious Insiders
• Inadvertant Actor
• Employees
• Outsiders

2. Which is NOT one of the security controls?

• Testing
• Technical
• Physical
• Operational

3. What year did the European Union start enforcing GDPR?

• 2018
• 2017
• 2016
• 2014

4. Which three (3) of these obligations are part of the 5 key GDPR obligations?

• Accountability of Compliance
• Security of Public Data
• Consent
• Rights of EU Data Subject

System and Organization Controls Report (SOC) Overview

1. Which is the foundational principle that everyone will get during a SOC audit?

• Privacy
• Availability
• Security
• Confidentiality

Industry Standards

1. The HIPAA security rule requires covered entites to maintain which two (2) reasonable safeguards for protecting e-PHI?

• Informational
• Technical
• Operational
• Physical

2. HIPAA Administrative safeguards include which two (2) of the following?

• Security Personnel
• Workforce Training and Management
• Access Controls
• Integrity Controls

3. PCI includes 264 requirements grouped under how many main requirements?

• 5
• 10
• 12
• 20

CIS Critical Security Controls

1. If you are a mature organization, which CIS Controls Implementation Group would you use?

• Implementation Group 3
• Implementation Group 1
• Do not need a controls implementation group due to maturity of my organization
• Implementation Group 2

Compliance Frameworks and Industry Standards

1. A security attack is defined as which of the following?

• An event on a system or network detected by a device.
• An event that has been reviewed by analysts and deemed worthy of deeper investigation.
• An event that has been identified by correlation and analytics tools as a malicious activity.
• All cybersecurity events.

2. Which order does a typical compliance process follow?

• Readiness assessment, establish scope, testing/auditing, management reporting, gap remediation
• Establish scope, readiness assessment, testing/auditing, management reporting, gap remediation
• Readiness assessment, establish scope, gap remediation, testing/auditing, management reporting
• Establish scope, readiness assessment, gap remediation, testing/auditing, management reporting

3. Under GDPR, who determines the purpose and means of processing of personal data?

• Controller
• Analyst
• Processor
• Data Subject

4. Under the International Organization for Standardization (ISO), which standard focuses on Privacy?

• ISO 27003
• ISO 27018
• ISO 27017
• ISO 27001

5. Which SOC report is closest to an ISO report?

• Type 1
• Type 2
• Type 1 and Type 2
• Type 3

6. What is an auditor looking for when they test the control for implementation over an entire offering with no gaps?

• Completeness
• Accuracy
• Timeliness
• Consistency

7. Who is the governing entity for HIPAA?

• Cyber Security and Infrastructure Security Agency (CISA)
• Department of Homeland Security
• US Department of Health and Human Services Office of Civil Rights
• US Legislature

8. One PCI Requirement is using an approved scanning vendor to scan at what frequency?

• Weekly
• Monthly
• Quarterly
• Annually

9. In which CIS control category will you find Incident Response and Management?

• Advanced
• Basic
• Organizational
• Foundational

Module 2 – Client System Administration, Endpoint Protection and Patching

Client System Administration and Endpoint Protection

1. Which is NOT an example of a client?

• Cellphone
• Laptop
• Personal Computer
• e-mail Server

2. Which three (3) threat key factors should be considered when looking at an Endpoint Security Solution?

• threat hunting
• detection response
• basic operations
• user education

3. Your organization uses Xcitium OpenEDR for endpoint protection and response (EDR). You want to know the number of each type of endpoint device, such as smartphones, tablets, and PCs. You also want to know the number of corporate-owned devices versus personal devices. Where in the Xcitium Enterprise Platform’s cloud manager can you find an overview of this information?

• Enrollment Options pane
• Audit pane
• Software Inventory pane
• Endpoint Security pane

Patching

1. A patch is a set of changes to a computer program or its data designed for which three (3) functions?

• delete
• improve
• update
• fix

2. Which two types of updates do most organizations patch as soon as possible after testing?

• Critical and Software
• Security and Service Paks
• Critical and Service Paks
• Security and Critical

Client System Administration, Endpoint Protection and Patching

1. Which three (3) are common Endpoint attack types?

• SQL Injection
• Whale hunting
• Spear Phishing
• Ad Network

2. Endpoint detection and response includes which three (3) of these key technologies?

• One-Time patching process.
• Automatic policy creation for endpoints.
• Continuous monitoring.
• Zero-day OS updates.

3. Which common endpoint attack is targeted at supply chain infiltration?

• Island Hopping
• Ransomware
• Water Hole
• Spear Phishing

4. What two windows security updates do most organizations always patch?

• important and moderate
• high and important
• critical and important
• critical and high

5. How frequent will most organizations distribute patches?

• Monthly
• Weekly
• Annually
• As soon as patches are released

6. Your organization uses Xcitium OpenEDR for endpoint protection and response (EDR). You want to confirm that a specific endpoint has the most recent versions of third-party applications such as VLC media player. Where can you find this information in the Xcitium Enterprise Platform’s cloud manager?

• Summary page
• File List page
• Patch Management page
• Logs page

Module 3 – Server and User Administration

Windows Administration

1. Which three (3) objects are typically managed by active directory?

• Network User
• Local Accounts
• Services
• Volumes

2. Which type of group within Active Directory is used to assign permissions to shared resources?

• Service groups
• Data groups
• Distribution groups
• Security groups

3. Kerberos Authentication provides several benefits including which three (3) of the following?

• single sign on
• delegated authentication
• distributed authentication
• interoperability

4. Which of the nine different kinds of Windows events that can be audited is used to see when someone has shutdown or restarted the computer or when a program tries to do something it does not have permission to do?

• Policy change
• Privilege Use
• System events
• Process tracking

Linux Basics

1. True or False:  Internal commands are built into the shell program and are shell dependent?

• False
• True

2. Which Linux Run Level shuts down all services when the system is being rebooted?

• Run Level 0: Halt
• Run Level 1:  Single User
• Run Level 5:  Graphical
• Run Level 6:  Reboot

Server and User Administration

1. Which Windows directory folder stores per-user application data and settings?

• \Users
• \Program Files
• \System
• \AppData

2. Which is NOT an example of a default Windows local user account?

• Guest
• HelpAssistant
• Administrator
• Network Service

3. Which feature allows Active Directory to be shared by multiple servers?

• A Set of rules
• A query and index mechanism
• A replication services
• A global catalog

4. What tool can an administrator use to manage servers on private networks that are not connected to the Internet?

• AWS Active Directory
• Windows Admin Center
• Network Admin Center
• Privileged Admin Center

5. Which of the nine different kind of Windows events that can be audited is used to see each instance of a user logging on to and logging off from another computer?

• Directory service access
• Object access
• Account management
• Account logon

6. Which of these commands does not shutdown the Linux operating system?

• reboot
• grep
• shutdown -r
• init 6

7. Which Linux commands are totally shell-independent and usually found in any Linux distribution?

• Internal commands
• External commands

 

Module 4 – Cryptography and Compliance Pitfalls

Cryptography Basics

1. Which of the cryptography basics ensures authentication, non-repudiation and integrity?

• Hashing
• Digital Signatures
• Public key encryption
• Symmetric key encryption

2. Complete the following statement. Data can be encrypted_____

• at rest only.
• in use only.
• in transit only.
• at rest, in use, and in transit.

3. Which is NOT a pitfall of encryption?

• Missing encryption of data and communications
• Implementing a reliable and proven cryptography
• Using hardcoded/predictable weak keys
• Relying on algorithms being secret

4. True or False: Internal commands are built into the shell program and are shell dependent.

• True
• False

5. You are using the command line in Kali Linux. An encrypted file named topsecret.cpt is in your present working directory, and you used ccrypt to encrypt this file. You want to view the file’s plaintext content while leaving the file’s encryption intact. Which command should you use?

• ccrypt -decrypt topsecret.cpt
• ccrypt -x topsecret.cpt
• ccat topsecret.cpt
• ccencrypt topsecret.cpt

Openpgp

1. In what way does OpenPGP encryption protect email communication?

• Prevents attackers from reading an email’s contents
• Prevents attackers from intercepting an email
• Prevents attackers from blocking the transmission of the message
• Prevents attackers from performing replay attacks

2. You and a friend have each set up Mailvelope to encrypt your email communications. What must you use to decrypt encrypted messages that your friend sends you?

• Your public key
• Your private key password
• Your email account password
• Your friend’s public key

Cryptography and Compliance Pitfalls

1. True or False: A whole branch of hacking – Reverse Engineering – is devoted to discovering hidden algorithms and data.

• True
• False

2. Which is not a key takeaway of best practices of cryptography?

• Do use hard to guess keys and store them correctly.
• Do rely on your own encryption algorithms.
• Do encrypt all sensitive data, at rest, in use, and in transit.
• Do rely on proven algorithms.

3. What is the recommendation to avoid the encrypting data at rest pitfall “Using hardcoded/easily guessed keys”?

• Select cryptographically-random keys, do not reuse keys for different installs.
• Use a new random initialization vectors every time.
• Phase them out
• Store keys in secure keystores.

4. You are using the command line in Kali Linux. An encrypted file named confidential.cpt is in your present working directory, and you used ccrypt to encrypt this file. You just learned that the file’s encryption key is compromised, so you should change it for security purposes. Which command can you use to change the file’s encryption key?

• ccrypt -K confidential.cpt
• ccrypt -c confidential.cpt
• ccrypt -u confidential.cpt
• ccrypt -x confidential.cpt

5. You need to send your coworker an encrypted message through email. For encryption, you will both use an OpenPGP-compliant program such as Mailvelope. Which key must you use to encrypt the message?

• Your public key
• Your coworker’s private key
• Your coworker’s public key
• Your private key

Related Articles