Chapter 1 review questions
IT career paths
1. Besides hardware manufacturers like Cisco and Dell, name three other types of IT industry employers mentioned in the text. Answer: Any three of the following: Value Added Resellers (VARs), Managed Service Providers (MSPs), Internet Service Providers (ISPs), IT recruiters, businesses/nonprofits/schools/government, freelancing platforms (e.g., Upwork, Fiverr).
2. What is the primary difference in responsibility between a Level 1 and a Level 3 Tech Support role? Answer: Level 1 support is a front-line customer service role focused on initial troubleshooting. Level 3 support is more specialized, is not front-line, and is often considered part of product development.
3. According to the section, what are the two main benefits (one quantitative, one qualitative) that a System Administrator provides to an organization? Answer: A System Administrator ensures the uptime, performance, resources, and security of computer systems (qualitative) while also ensuring these needs are met without exceeding the budget (quantitative).
4. The text states that information security is often a specialization within other paths. Name two other IT career paths (besides Information Security) that have a dedicated "Security Analyst" role. Answer: Systems (Systems Security Analyst) and Networking (Network Security Analyst). (Database Security Analyst is also a valid answer).
5. List two key knowledge areas or skills that the text associates with IT security, as taught in the "IT Security: Defense against the digital dark arts" course. Answer: Any two of the following: How encryption algorithms work; Various authentication systems; The difference between authentication and authorization; How to evaluate potential risks and recommend reductions; Best practices for securing a network.
Job roles in IT and cybersecurity
1. Differentiate between the primary focus of an Incident Responder and a Penetration Tester. Answer: An Incident Responder is reactive; their primary focus is on detecting, analyzing, and mitigating active security breaches to minimize damage. A Penetration Tester is proactive; their primary focus is on simulating cyberattacks to identify vulnerabilities before they can be exploited by malicious actors.
2. List three key responsibilities of a Cloud Engineer. Answer: Any three of the following: Maintaining cloud infrastructure, designing serverless architecture, managing IAM (Identity and Access Management), automation, cost optimization, performance optimization, and managing storage.
3. What is the significance of "system hardening," and which job role is typically responsible for this task? Answer: System hardening is the process of securing a system by reducing its attack surface, which involves removing unnecessary processes and services. This task is a key responsibility of a System Administrator.
4. Beyond technical skills, name two non-technical skills crucial for a Cybersecurity Manager. Answer: Any two of the following: Negotiation, time management, understanding regulations and standards, auditing, and managing policies and processes.
5. Which industry certification is considered a essential entry-level certification for multiple roles, including System Administrator and Incident Responder? Answer: Security+ (from CompTIA) is a foundational certification listed for both roles.
How to break into information security
1. List the three key information security foundation areas described in the section. Answer: The three key foundation areas are: 1) Computer Networking, 2) Operating Systems, and 3) System Administration.
2. What is the core difference between traditional IT infrastructure and cloud infrastructure? Answer: In a traditional infrastructure, the components (like datacenters and equipment) are managed and owned by the business within their own facilities. With cloud infrastructure, the components and resources are rented from a cloud provider.
3. Name two specific technical skills mentioned for the 'Operating Systems' foundation area. Answer: (Any two of the following are acceptable): Navigating filesystems using a command line; Setting up users, groups, and permissions; Installing, configuring, and removing software; Configuring disk partitions; Managing system processes; Working with system logs.
4. What are two cybersecurity job roles associated with a SOC analyst? Answer: (Any two of the following): Incident Responder, Forensic Investigator, and Threat Hunter.
5. According to the section, what are the two main career routes to break into information security? Answer: The two main career routes are: 1) Information Security Analyst (e.g., Vulnerability Analyst, Network/Systems Analyst) and 2) SOC Analyst.
The Security Operations Center (SOC) career path
1. List the four main roles within a SOC team as described in the text. Answer: The four main SOC roles are: 1) Security Analyst (SOC Analyst), 2) SOC Manager, 3) CISO (Chief Information Security Officer), and 4) Security Engineer.
2. What are the three primary stages of the incident response process that SOC analysts are responsible for? Answer: The three stages are: 1) Threat Detection, 2) Threat Investigation, and 3) Timely Response.
3. Briefly explain the difference in core duties between a Tier 1 and a Tier 3 SOC analyst. Answer: A Tier 1 analyst primarily monitors, prioritizes, and triages initial SIEM alerts to determine if a real incident is occurring. A Tier 3 analyst is a senior expert focused on proactive threat hunting, analyzing cyber threat intelligence, and identifying new threats and vulnerabilities, rather than just reacting to alerts.
4. Name two industry certifications that would be relevant for an aspiring Tier 1 SOC analyst. Answer: (Any two of the following are correct): CompTIA Security+, GSEC (GIAC Security Essentials), GCIA (GIAC Certified Intrusion Analyst), CND (Certified Network Defender), CEH (Certified Ethical Hacker), CSA (Certified SOC Analyst).
5. Besides monitoring for threats, what are two other key focus areas for a SOC within an organization? Answer: (Any two of the following are correct): Network and System Administration (e.g., identity management, firewall admin) and Control and Digital Forensics (e.g., compliance enforcement, penetration testing).
The GRC analyst job role
1. Besides technical IT roles, name two other organizational functions mentioned from which someone could pivot into a GRC analyst role. Answer: Policy analyst role and compliance auditor role. (Also acceptable: Risk analyst/manager, Quality Assurance, legal, procurement).
2. What is the primary purpose of the NIST SP 800-53 publication? Answer: It serves as a catalog (or list) of security and privacy controls for information systems and organizations.
3. List two of the key industry certifications relevant to a GRC analyst/manager as mentioned in the text. Answer: Any two of the following: CISA, CRISC, CISM, ISO 27001 Lead Auditor, ISACA’s IT Risk Fundamentals Certificate.
4. What are two of the primary job activities of a GRC analyst as described in the section? Answer: Any two of the following: Developing a cybersecurity governance program; Identifying relevant regulations and a suitable RMF; Establishing compliance procedures (e.g., for GDPR, PCI DSS); Establishing IT security audit procedures; Establishing performance measures for GRC programs.
5. Name one specific online training resource mentioned for learning about GRC and what it focuses on. Answer: Example Answer: "Executive RMF" on Cybrary, which discusses the NIST Risk Management Framework from an executive perspective and how to implement it in an organization. (Other correct answers are the Coursera and TCM Security courses listed).
How to get CCNA certification
1. What is the single exam required to earn the CCNA certification? Answer: The 200-301 CCNA exam.
2. Name the six knowledge areas the CCNA tests. Answer: The CCNA exam tests a candidate’s knowledge and skills related to network fundamentals, network access, IP connectivity, IP services, security fundamentals, and automation and programmability.
3. Based on the text, what are four examples of job titles that a CCNA holder might see in a job posting? Answer: (Any four of the following are correct): Infrastructure Engineer, Network Analyst, Network Engineer, Junior Network Engineer, IT Specialist, Network Technician, Network Administrator, and Systems Administrator.
4. What are the three core components of preparation for the CCNA exam, as mentioned in the "How to study for the CCNA exam" segment? Answer: 1. Study the theoretical material. 2. Practice configuring and troubleshooting in a virtual lab. 3. Practice exam questions.
5. Before you can schedule your CCNA exam, what two specific online profiles must you create? Answer: 1. A Cisco profile on Cisco.com. 2. A Cisco Certification candidate profile on the Certification Tracker portal.
Job search strategy
1. What is the purpose of creating a "skill gap analysis" table, and what are the four column headers used in the example? Answer: The purpose is to systematically identify the difference (the gap) between the skills required for a target job role and the skills you currently possess. The four column headers are: Skill/certification, Required for role, Current level, and Gap/notes.
2. List three specific actions recommended for optimizing your resume for an Applicant Tracking System (ATS). Answer: Any three of the following:
Use simple formatting; avoid complex columns and fonts.
Submit it as a Word document (not PDF) to allow for recruiter edits.
Tailor the resume with keywords from the specific job description.
Keep the professional summary brief (1-3 lines).
Limit the length to 2-3 pages.
3. According to the text, what is the primary goal of an "informational interview"? Answer: The primary goal is to gain valuable insights into a company's culture, specific job requirements, and industry trends from a professional already working in the field, not to ask for a job directly.
4. What does the acronym SMART stand for in the context of creating a skill development plan? Answer: Specific, Measurable, Achievable, Relevant, Time-bound.
5. Besides formal applications, what are two methods described in the section for building professional connections and conducting outreach? Answer: Any two of the following:
Growing your LinkedIn connections (e.g., seven new industry professionals per week).
Reaching out to professionals to schedule informational interviews.
Participating in webinars, virtual meetups, or networking events.
Commenting on or messaging industry professionals on social media.
Last updated