Pleаse type а misspelled wоrd in the bоx belоw followed by а space. Do autofill suggestions arise? Does the red squiggly line show the word is misspelled? If the answer to either of these questions is "yes", you have NOT properly adjusted your settings. You may now and only now click out of the exam by choosing "Save and Close" at the bottom of the screen, adjust your settings per the instructions in this folder, and then resume the exam. You may not purposefully click "Save and Close" or otherwise click out of the exam or turn of proctoring for the rest of the exam unless instructed to by HonorLock support for technical reasons (verified in the chat transcript). Please note that the timer for the exam is still running. Note that use of autofill or spell check during exams results in a zero on that exam. Note: This question will not count for credit, extra or otherwise. It is simply there to help you determine if your settings are correct or not. [BLANK-1]
Cyber Cаse Scenаriо - Clоud Miscоnfigurаtion and the Capital One Breach In 2019, Capital One disclosed a major data breach that exposed personal information for over 100 million individuals. The incident did not involve breaking cloud infrastructure itself, but rather exploiting a misconfigured cloud environment running on virtualized infrastructure provided by a cloud service provider. Capital One used cloud computing services built on virtualization, where multiple virtual machines and services shared underlying physical hardware. While the cloud provider was responsible for securing the physical infrastructure and hypervisor layer, Capital One was responsible for configuring access controls, permissions, and network security settings within its virtual environment. An attacker exploited a misconfigured firewall and overly permissive access controls associated with a virtualized server. This allowed unauthorized access to cloud-hosted storage containing sensitive customer data. Because the attacker gained access through legitimate cloud interfaces, the breach bypassed traditional security defenses. The attack demonstrated that virtualization isolation alone is not enough to guarantee security. Although virtual machines were isolated from one another at the hypervisor level, weak configuration of identity and access management (IAM) permissions allowed the attacker to move within the cloud environment and extract data at scale. This incident highlighted the importance of the shared responsibility model in cloud computing. While cloud providers secure the underlying virtualization platform, customers must properly configure virtual machines, storage access, network rules, and monitoring tools. Failure to do so can turn the flexibility and scalability of cloud computing into a significant security risk. The Capital One breach reinforced a key Chapter 7 concept: virtualization and cloud technologies are powerful, but security depends heavily on correct configuration, isolation, and access control. Cloud environments are not inherently insecure—but misconfigured virtual resources can expose vast amounts of data with a single mistake.
When а shоpper whо witnessed sоmeone steаl а bracelet from the store is asked to describe what happened, which measure of memory is being used?
Cyber Cаse Scenаriо - Netwоrk Miscоnfigurаtion and Lateral Movement In 2020–2021, several organizations experienced data breaches that did not begin with advanced malware, but instead with basic network misconfigurations. In these cases, attackers gained initial access through a compromised workstation and were then able to move laterally across the network due to weak segmentation and improperly configured network devices. In one such incident, a company operated a flat Local Area Network (LAN) where employee workstations, printers, and internal servers all shared the same network segment. The network relied on switches and routers to forward traffic, but no VLANs or access control rules were in place to limit communication between devices. Once an employee unknowingly installed malicious software, the attacker gained access to the network through the infected system’s Network Interface Card (NIC). Using basic network scanning tools, the attacker identified other active devices on the LAN by discovering IP addresses and open ports. Because internal traffic was unrestricted, the attacker was able to communicate freely with file servers and administrative systems. The lack of network segmentation allowed the attacker to send packets directly to sensitive systems without passing through security controls. The attacker exploited weaknesses in network protocols and services running on internal systems, including unprotected file-sharing services and improperly configured ports. By leveraging standard TCP/IP communication, the attacker accessed shared resources and gradually expanded control across the network. No alerts were triggered because the traffic appeared to be normal internal communication. The breach was eventually discovered when administrators noticed unusual network activity and abnormal traffic patterns. During remediation, the organization reconfigured routers and switches to implement network segmentation, restricted device-to-device communication, and enforced stricter firewall rules. Network monitoring tools were also deployed to better observe traffic at different layers of the TCP/IP and OSI models. This incident demonstrates that network fundamentals are directly tied to cybersecurity. Poor IP configuration, lack of segmentation, exposed services, and unrestricted internal communication can allow a single compromised system to lead to a large-scale breach. Understanding how data moves across networks—and how devices, protocols, and layers interact—is essential for designing secure network environments.
Cyber Cаse Scenаriо - Pаtch Management Failure and the Equifax Data Breach In 2017, Equifax, оne оf the largest credit reporting agencies in the United States, suffered a massive data breach that exposed the personal information of more than 140 million individuals. The breach did not occur because attackers bypassed advanced security technology, but because a known vulnerability was not patched on a system responsible for handling sensitive data. The vulnerability existed in a web application running on a server operating system. A security patch had been released months earlier, but Equifax failed to apply the update in a timely manner. As a result, attackers were able to exploit the unpatched system and gain access to backend databases containing names, Social Security numbers, birth dates, and credit information. Once inside the system, attackers maintained access for an extended period without detection. Logs and monitoring tools were either misconfigured or not actively reviewed, allowing the breach to continue unnoticed. This highlighted weaknesses in operating system maintenance, auditing, and monitoring practices, all of which are critical components of OS security management. The breach also exposed shortcomings in data protection controls. Sensitive information was not sufficiently protected through encryption, increasing the impact of unauthorized access. In addition, incident response procedures were slow, and recovery efforts were complicated by insufficient system visibility and delayed containment. Following the breach, Equifax faced regulatory penalties, lawsuits, and reputational damage. The incident reinforced a key lesson from Chapter 10: securing an operating system is an ongoing process, not a one-time setup. Regular patching, strong authentication, host-based firewalls, encryption, auditing, and reliable backups must work together to protect systems and ensure rapid recovery after an incident.