AI-Powered Cybersecurity Bootcamp – Week 1

Welcome to Week 1 of our Cybersecurity+ training! Dive into foundational and advanced topics including security frameworks, attack vectors, cryptographic protocols, and certification-level test content. Study deeply using NSA.gov and CompTIA.org.

πŸ” Read, Learn, and Answer

Encryption Protocols

Diffie-Hellman is a method of securely exchanging cryptographic keys over a public channel. It uses asymmetric encryption, meaning it relies on a key pair: one public and one private. This makes it ideal for initial key exchange in secure communications.

Question: Which protocol uses asymmetric encryption for secure key exchange?

AES
Diffie-Hellman
SHA-256
MD5
βœ… Correct Answer: Diffie-Hellman
Web Application Threats

XSS (Cross-Site Scripting) is an attack that injects malicious code into websites viewed by other users. It’s one of the top threats according to OWASP. XSS attacks are prevented by properly sanitizing user inputs and using frameworks with built-in protection.

Question: What attack involves injecting malicious code into a dynamic input field of a web application?

Cross-Site Request Forgery
Cross-Site Scripting (XSS)
Privilege Escalation
Race Condition
βœ… Correct Answer: Cross-Site Scripting (XSS)
Security Strategy

Defense in Depth is a multi-layered security strategy. It uses a combination of technical, physical, and administrative controls like firewalls, antivirus, monitoring, and user training to protect systems at multiple levels.

Question: Which of the following best describes the concept of "Defense in Depth"?

Using antivirus on every endpoint
Firewalls layered with biometrics
A layered approach to security using multiple control mechanisms
Encrypting every piece of data twice
βœ… Correct Answer: A layered approach to security using multiple control mechanisms
Password Policies

Strong password policies are essential for reducing attack vectors. Best practices include minimum length (e.g., 12 characters), complexity (mix of characters), expiration policies, and multi-factor authentication (MFA).

Question: Which of these is the most secure configuration for password policies?

Require 6-character passwords
Enforce password rotation every 180 days
Enable multi-factor authentication and 12-character complexity requirements
Only allow numeric passwords
βœ… Correct Answer: Enable multi-factor authentication and 12-character complexity requirements
Network Security Zones

A DMZ (Demilitarized Zone) in cybersecurity separates external-facing systems (like web servers) from internal networks. This way, public access doesn't compromise sensitive internal resources.

Question: What is the purpose of a DMZ in network security?

To store sensitive internal company data
To isolate publicly accessible resources from the internal network
To hide DNS records from attackers
To act as a firewall for mobile devices
βœ… Correct Answer: To isolate publicly accessible resources from the internal network