Cybersecurity Questions and Answers
Q1. According to shared responsibility model, which cloud computing model places the most responsibility on the cloud service provider (CSP)?
- [ ] Software as a Service (SaaS) -
[ ] Hybrid Cloud
- [ ] Platform as a Service (PaaS) - [ ] Infrastructure as a Service (IaaS)
Q2. Which option removes the risk of multitenancy in cloud computing?
- [ ] PaaS -
[ ] public cloud
- [ ] private cloud - [ ] IaaS
Q3. You
are responsible for researching the vulnerabilities of the VoIP system. Which
type of attack are VoIP phones most vulnerable to experiencing?
- [ ] denial-of-service -
[ ] brute force attacks
- [ ] malware - [ ] buffer overflow
Q4. Which
security control cannot produce an active response to a security event?
- [ ] cloud access security broker (CASB) - [ ] next generation firewall
- [ ] intrusion detection system (IDS) - [ ] intrusion prevention system (IPS)
Q5. Packet
sniffer is also called **\_**.
- [ ] SIEM -
[ ] UTM
- [ ] protocol analyzer - [ ] data sink
Q6. Which
option tests code while it is in operation?
- [ ] code review - [ ] code analysis
- [ ] static analysis - [ ] dynamic analysis
Q7. Which
option describes testing that individual software developers can conduct on
their own code?
- [ ] gray box testing - [ ] integration testing
- [ ] white box testing - [ ] unit testing
Q8. In black box penetration testing, what
info is provided to the tester about the target environment?
- [ ] none -
[ ] limited details of server and network infrastructure
- [ ] all information - [ ] limited details of server infrastructure
Q9. Which
security control can best protect against shadow IT by identifying and
preventing use of unsanctioned cloud apps and services?
- [ ] intrusion prevention system (IPS) - [ ] next generation firewall
- [ ] cloud access security broker (CASB) - [ ] intrusion detection system (IDS)
Q10. Which
option describes the best defense against collusion?
- [ ] monitor normal employee system & data
access patterns [ ] apply system &
application update regularly
- [ ] fault tolerant infrastructure and data redundancy - [ ] separation of duties and job rotation
Q11. During
a penetration test, you find a file containing hashed passwords for the system
you are attempting to breach. Which type of attack is most likely to succeed in
accessing the hashed passwords in a reasonable amount of time?
- [ ] rainbow table attack -
[ ] pass-the-hash attack
- [ ] password spray attack - [ ] brute force attack
A rainbow table attack is a type of password cracking method that uses pre-computed hashes to quickly crack encrypted passwords without brute-force guessing.
Q12. Which area is DMZ?
- [ ] 4 - [ ] 1
- [ ] 2 - [ ] 3
Q13. You
configure an encrypted USB drive for a user who needs to deliver a sensitive
file to an in-person meeting. What type of encryption is typically used to
encrypt a file?
- [ ] file hash -
[ ] asymmetric encryption
- [ ] digital signature - [ ] symmetric encryption
Q14. What
is the difference between DRP and BCP
- [ ] DRP keeps business up & running despite a disaster. BCP works to
restore its original business capabilities.
- [ ] BCP keeps business up & running
despite a disaster. DRP work to restore the original business capabilities.
- [ ] BCP is part of DRP. - [ ] DRP is part of BCP.
Q15. Which
aspect of cybersecurity do Distributed Denial of Service (DDoS) attacks affect
the most?
- [ ] non-repudiation - [ ] integrity
- [ ] availability - [ ] confidentiality
Q16.
What type of solution should you recommend to automatically assess your
cloud-hosted VMs against CIS benchmarks to identify deviations from security
best practices.
- [ ] Cloud Security Posture Management (CSPM)
- [ ] Intrusion Detection and Prevention System
(IDPS)
- [ ] Cloud Workload Protection Platforms (CWPP)
- [ ] Cloud Access Security Brokers (CASBs)
Q17. **\_**
validates the integrity of data files.
- [ ] Compression - [ ] Hashing
- [ ] Symmetric encryption - [ ] Stenography
Q18. Which
is an example of privacy regulation at the state government level in the U.S.?
- [ ] CCPA (California Consumer Privacy Act) - [ ]
GDPR
- [ ] NIST Privacy Framework - [ ] OSPF (Open Shortest Path First)
Q19. What
is the term for the policies and technologies implemented to protect, limit,
monitor, audit, and govern identities with access to sensitive data and
resources?
- [ ] identity and access management (IAM) - [ ] privileged account management (PAM)
- [ ] authentication and authorization - [ ] least privilege
Q20. You
have configured audit settings in your organization's cloud services in the
event of a security incident. What type of security control is an audit trail?
- [ ] preventive control - [ ] detective control
- [ ] directive control - [ ] corrective control
Q21. What
is the name for a short-term interruption in electrical power supply?
- [ ] grayout -
[ ] blackout
- [ ] brownout - [ ] whiteout
Q22. You
recommend adding a layer of defense against emerging persistent threats and
zero-day exploits for all endpoints on your network. The solution should offer
protection from external threats for network-connected devices, regardless of OS.
Which solution is best suited to meet this requirement?
- [ ] Security Information Event Management
(SIEM)
- [ ] Extended Detection and Response (XDR)
- [ ] Next generation firewall (NGFW)
- [ ] Cloud App Security Broker (CASB)
Q23. Which
is NOT a threat modeling methodology?
- [ ] TRIKE -
[ ] TOGAF (The
Open Group Architecture Framework)
- [ ] STRIDE - [ ] MITRE ATT&CK
Q24. A
new e-commerce app is considered for purchase. Your organization does not have
access to the application's source code. Which strategy should you choose to
evaluate its security?
- [ ] dynamic application security testing - [ ] unit testing
- [ ] white box testing - [ ] static application security testing
Q25. You
need to disable the camera on corporate devices to prevent screen capture and
recording of sensitive documents, meetings, and conversations. Which solution
would be suited to the task?
- [ ] Mobile Device Management (MDM) -
[ ] Data Loss Prevention (DLP)
- [ ] Intrusion Detection and Prevention System (IDPS) - [ ] Cloud Access Security Broker (CASB)
Q26. How many keys are necessary to accommodate
100 users in an asymmetric cryptography system?
- [ ] 200 - [ ]
400 Asymmetric encryption is `2n`; where `n` is the number of
communicating parties.
- [ ] 100 - [ ] 300
Q27. Two
competing online retailers process credit card transactions for customers in
countries on every continent. One organization is based in the United States.
The other is based in the Netherlands. With which regulation must both
countries comply while ensuring the security of these transactions?
- [ ] Federal Information Security Management
Act (FISMA)
- [ ] Payment Card Industry Data Security Standard (PCI-DSS)
- [ ] General Data Protection Regulation (GDPR)
- [ ] International Organization for Standardization & IEC Commission (ISO/IEC 27018)
Q28. Common language describing security
incidents in a structure & repeatable manner?
- [ ] Common event format -
[ ] Common weakness enumeration
- [ ] Common vulnerabilities and exposures (CVE) - [ ] Common vulnerability scoring system
Q29. Which type of application can intercept sensitive
info such as passwords on a network segment?
- [ ] log server -
[ ] network scanner
- [ ] firewall - [ ] protocol analyzer
Q30. An
attacker has discovered that they can deduce a sensitive piece of confidential
information by analyzing multiple pieces of less sensitive public data. What
type of security issue exists?
- [ ] aggregation - [ ] inference
- [ ] SQL injection - [ ] cross-origin resource sharing
**Explanation**: An `Inference Attack` is a data mining technique performed by analyzing data in order to illegitimately gain knowledge about a subject or database. A subject's sensitive information can be considered as leaked if an adversary can infer its real value with high confidence.
Q31. What
act grants an authenticated party permission to perform an action or access a
resource?
- [ ] Zero Trust Security - [ ] Role-Based Access Control (RBAC)
- [ ] authorization - [ ] Single Sign-On
Q32. According
to GDPR, a data \_ is the person about whom data is being collected.
- [ ] processor -
[ ] object
- [ ] subject - [ ] controller
Q33. Which
is not a principle of zero trust security? (Assumes that the system will be
breached, no trust)
- [ ] use least privilege access - [ ] verify explicitly
- [ ] trust but verify - [ ] assume breach
Q34. Which
attack exploits input validation vulnerabilities?
- [ ] ARP spoofing - [ ] pharming attacks
- [ ] cross-site scripting (XSS) - [ ] DNS poisoning
Q35. You
are a security analyst, and you receive a text message alerting you of a
possible attack. Which security control is the _least_ likely to produce this
type of alert?
- [ ] IDS -
[ ] SIEM
- [ ] packet sniffer - [ ] IPS
Q36. SQL injection inserts a code fragment
that makes a database statement universally true, like **\_**.
- [ ] `SELECT * FROM users WHERE username =
" AND 1=1--'`
- [ ] `SELECT * FROM users WHERE username =
" AND 1!=1--'`
- [ ] `SELECT * FROM users WHERE username = " OR 1=1--'`
- [ ] `SELECT * FROM users WHERE username = " OR 1!=1--'`
Q37. Which
type of security assessment requires access to source code?
- [ ] static analysis -
[ ] black box testing
- [ ] dynamic analysis - [ ] penetration testing
Q38. Which
option is an open-source solution to scanning a network for active hosts and
open ports?
- [ ] Autopsy (for forensic analysis) - [ ] Snort (an IDS)
- [ ] Nmap - [ ] Wireshark
Q39. When
implementing a data loss prevention (DLP) strategy, what is the first step in
the process?
- [ ] Evaluate the features of available DLP
products to determine which best meet your organizations’ needs.
- [ ] Examine the flow of sensitive data in your
organization to better understand usage patterns.
- [ ] Conduct an inventory of all the data in
your organization to establish classifications based on sensitivity.
- [ ] Conduct a risk assessment to determine the best data labeling strategy for your organization.
Q40. Which
malware changes an operating system and conceals its tracks?
- [ ] virus -
[ ] worm
- [ ] rootkit - [ ] Trojan horse
Q41. Virtual
Private Networks (VPNs) use **\_** to create a secure connection between two
networks.
- [ ] encryption -
[ ] a metropolitan area network
- [ ] a virtual local area network - [ ] a wide area network
Q42.
What is the process of challenging a user to prove their identity?
- [ ] authentication -
[ ] Single Sign-On
- [ ] authorization - [ ] Role-Based Access Control (RBAC)
Q43. Which cyberattack exhausts an
application's resources, making it unavailable to legitimate users?
- [ ] SQL injection - [ ] dictionary attack
- [ ] Distributed Denial of Service (DDoS) - [ ] rainbow table attack
Q44. You
are a recent cybersecurity hire, and your first assignment is to present on the
possible threats to your organization. Which of the following best describes
the task?
- [ ] risk mitigation - [ ] threat assessment
- [ ] risk management - [ ] enumeration
Q45. You
are at a coffee shop and connect to a public wireless access point (WAP). What
a type of cybersecurity attack are you most likely to experience?
- [ ] man-in-the-middle attack -
[ ] back door
- [ ] logic bomb -
[ ] virus
Q46. You
have been tasked with recommending a solution to centrally manage mobile devices
used throughout your organization. Which technology would best meet this need?
- [ ] Extended Detection and Response (XDR) - [ ] Security Information
Event Management (SIEM)
- [ ] Intrusion Detection and Prevention System (IDPS) - [ ] Mobile Device Management (MDM)
Q47. Which
type of vulnerability cannot be discovered during a typical vulnerability
assessment?
- [ ] file permissions - [ ] buffer overflow
- [ ] zero-day vulnerability - [ ] cross-site scripting
Q48. The
DLP team classify your organization's data. What’s the primary purpose of
classifying data?
- [ ] It identifies regulatory compliance
requirements. - [ ] It prioritizes IT
budget expenditures.
- [ ] It quantifies the potential cost of a data breach. - [ ] It establishes the value of data to the organization.
Q49. You
are responsible for managing security of your organization's public cloud
infrastructure. You need to implement security to protect the data and
applications running in a variety of IaaS and PaaS services, including a new
Kubernetes cluster. What type of solution is best suited to this requirement?
- [ ] Cloud Workload Protection Platforms (CWPP) - [ ] Cloud Security Posture Management
(CSPM)
- [ ] Cloud Access Security Brokers (CASBs) - [ ] Intrusion Detection and
Prevention System (IDPS)
Q50. Sharing
account credentials violates the **\_** aspect of access control.
- [ ] identification - [ ] authorization
- [ ] accounting - [ ] authentication
Q51. You
have recovered a server that was compromised in a malware attack to its
previous state. What is the final step in the incident response process?
- [ ] Eradication / Remediation - [ ] Certification
- [ ] Reporting - [ ] Lessons Learned
Q52. Which
encryption type uses a public and private key pair for encrypting and
decrypting data?
- [ ] asymmetric
- [ ] symmetric
- [ ] hashing
- [ ] all of these answers
Q53. You
have just identified and mitigated an active malware attack on a user's
computer, in which command and control was established. What is the next step
in the process?
- [ ] Reporting -
[ ] Recovery
- [ ] Eradication / Remediation - [ ] Lessons Learned
Q54. Which
programming language is most susceptible to buffer overflow attacks?
- [ ] C -
[ ] Java
- [ ] Ruby - [ ] Python
Q55. Which
list correctly describes risk management techniques?
- [ ] risk acceptance, risk mitigation, risk
containment, and risk qualification
- [ ] risk avoidance, risk transference, risk
containment, and risk quantification
- [ ] risk avoidance, risk mitigation, risk
containment, and risk acceptance
- [ ] risk avoidance, risk transference, risk mitigation, and risk acceptance
Q56. To
implement encryption in transit, such as with the HTTPS protocol for secure web
browsing, which type(s) of encryption is/are used?
- [ ] asymmetric
- [ ] both symmetric and asymmetric
- [ ] neither symmetric or asymmetric
- [ ] symmetric
Q57. Which
type of program uses Windows Hooks to capture keystrokes typed by the user,
hides in the process list, and can compromise their system as well as their
online access codes and password?
- [ ] trojan -
[ ] keystroke collector
- [ ] type thief - [ ] keylogger
Q58. How
does ransomware affect a victim's files?
- [ ] by destroying them - [ ] by encrypting them
- [ ] by stealing them - [ ] by selling them
Q59. Your
computer has been infected and is sending out traffic to a targeted system upon
receiving a command from a botmaster. What condition is your computer currently
in?
- [ ] It has become a money mule. - [ ] It has become a zombie.
- [ ] It has become a bastion host. - [ ] It has become a botnet.
Q60. You choose a cybersecurity framework for
your financial organization that implements an effective and auditable set of
governance and management processes for IT. Which framework are you choosing?
- [ ] C2M2 - [ ] NIST SP 800-37
- [ ] ISO/IEC 27001 - [ ] COBIT (comprehensive guidance & best practices for IT governance management.
Q61. NIST
issued a revision to SP 800-37 in December 2018. It provides a disciplined,
structured, and flexible process for managing security and privacy risk. Which
type of document is SP 800-37?
- [ ] a risk management framework - [ ] a guide to risk assessments
- [ ] a guideline for vulnerability testing - [ ] a step-by-step guide for performing business impact analyses
Q62. The
most notorious military-grade advanced persistent threat (APT) was deployed in
2010, and targeted centrifuges in Iran. What was this APT call?
- [ ] duqu -
[ ] agent BTZ
- [ ] Stuxnet - [ ] flame
Q63. Where
would you record risks that have been identified and their details, such as
their ID and name, classification of information, and the risk owner?
- [ ] in the risk assessment documentation - [ ] in the risk register
- [ ] in the business impact ledger - [ ] in the Orange Book
Q64. To
prevent an incident from overwhelming resources, \_ is necessary.
- [ ] disconnection from the network - [ ] early containment
- [ ] continuation of monitoring for other incidents - [ ] eradication of the issues
Q65. FUD (Fear, Uncertainty,
and Doub) is expensive, often
causes high drama over low risk. Which chip exploits reported by CNN as needing
to be completely replaced, but fixed with firmware updates?
- [ ] fire and ice exploits - [ ] Meltdown and Spectre exploits
- [ ] Intel and STMicro CPU exploits - [ ] super microboard and Apple iPhone exploits
Q66. The ASD (Australian
Signals Directorate) Top Four are
application whitelisting, patching of OSes, patching of applications &
limiting administrative privileges. What % of breaches does this account for?
- [ ] 40 percent -
[ ] 60 percent
- [ ] 85 percent - [ ] 100 percent
Q67. You
are working in the security operations center analyzing traffic on your
network. You detect what you believe to be a port scan. What does this mean?
- [ ] This could be a specific program being run
by your accounting department.
- [ ] This is an in-progress attack and should
be reported immediately
- [ ] This is normal operation for your business. - [ ] This could be a precursor to an attack.
Q68. How
often is the ISF (Information Security Forum) Standard of Good Practice updated?
- [ ] annual -
[ ] biannually
- [ ] bimonthly - [ ] monthly
Q69. Your incident response team is unable to
contain an incident because they lack authority to act without management
approval. Which critical step in the preparation phase did your team skip?
- [ ] From an incident response committee to
oversee any incidents that may occur.
- [ ] Get preauthorized to take unilateral action and make or direct
emergency changes.
- [ ] Bring management in as leadership on the
incident response team.
- [ ] Assign a head of the emergency response team who has the correct authority
Q70. NIST SP 800-53 is one of two important
control frameworks in cybersecurity. What’s the other one?
- [ ] ISO 27001 -
[ ] NIST SP 800-54
- [ ] ISO 27002 - [ ] NIST SP 751-51
Q71. Which organization, established by NIST
in 1990, runs workshops to foster coordination in incident prevention,
stimulate rapid reaction to incidents, and allow experts to share information?
- [ ] Forum of Incident Response and Security Teams (FIRST) - [ ] Crest UK Response Teams
- [ ] Community of Computer Incident Response Teams - [ ] NIST Special Publication 800-61 Response Teams
Q72. You
have implemented controls to mitigate the threats, vulnerabilities, and impact
to your business. Which type of risk is left over?
- [ ] inherent risk - [ ] residual risk
- [ ] applied risk - [ ] leftover risk
Q73. There
are four possible treatments once an assessment has identified a risk. Which
risk treatment implements controls to reduce risk?
- [ ] risk mitigation -
[ ] risk acceptance
- [ ] risk avoidance - [ ] risk transfer
Q74. Which
security control scheme do vendors often submit their products to for
evaluation, to provide an independent view of product assurance?
- [ ] Common Criteria (an international standard ISO/IEC 15408) - [
] risk management certification board
- [ ] OWASP security evaluation - [ ] ISO 27000
Q75. Which
organization has published the most comprehensive set of controls in its
security guideline for the Internet of Things?
- [ ] IoT ISACA -
[ ] IoT Security
Foundation
- [ ] OWASP - [ ] GSMA
Q76. Which
main reference coupled with the Cloud Security Alliance Guidance comprise the
Security Guidance for Critical Areas of Focus in Cloud Computing?
- [ ] ISO 27001 -
[ ] ISO 27017
- [ ] Cloud Security Guidelines - [ ] Cloud Controls Matrix (CCM is a comprehensive set of controls and requirements aligned with various industry standards and best practices, including ISO 27001 and ISO 27017)
Q77. What
are the essential characteristics of the reference monitor?
- [ ] It is versatile, accurate, and operates at
a very high speed.
- [ ] It is tamper-proof, can always be invoked, and must be small enough to
test.
- [ ] It is restricted, confidential, and top secret
Q78. According
to NIST, what is the first action required to take advantage of the
cybersecurity framework?
- [ ] Identify the key business outcomes.
- [ ] Understand the threats and
vulnerabilities.
- [ ] Conduct a risk assessment.
- [ ] Analyze and prioritize gaps to create the action plan.
Q79. You
are implementing a cybersecurity program in your organization and want to use
the "de facto standard" cybersecurity framework. Which option would
you choose?
- [ ] The ISACA Cybersecurity Framework - [ ] The COBIT Cybersecurity Framework
- [ ] The ISC2 Cybersecurity Framework - [ ] The NIST Cybersecurity Framework
Q80. In
2014, 4,278 IP addresses of zombie computers were used to flood a business with
over one million packets per minute for about one hour. What is this type of
attack called?
- [ ] a salami attack - [ ] a
DoS (Denial of Service) attack
- [ ] a DDoS (Distributed Denial of Service) attack - [ ] a botnet attack
Q81. The
regulatory requirements for notifications of data breaches, particularly the
European General Data Protection Regulations (GDPR), have had what sort of
effect on business?
- [ ] an increased business liability in the event of a data breach
- [ ] an increased consumer liability in the
event of a data breach
- [ ] a decreased consumer liability in the
event of a data breach
- [ ] a decreased business liability in the event of a data breach
Q82. Which
compliance framework governs requirements for the U.S. healthcare industry?
- [ ] FedRAMP -
[ ] GDPR
- [ ] PCI-DSS - [ ] HIPAA
Q83. What
is the difference between DevOps and DevSecOps?
- [ ] DevSecOps requires the inclusion of cybersecurity engineers in the
CI/CD process of DevOps.
- [ ] DevSecOps slows down the CI/CD process of
DevOps.
- [ ] DevSecOps places security controls in the
CI/CD process of DevOps.
- [ ] DevSecOps lets cybersecurity engineers dictate the CI/CD process of DevOps.
Q84. When
does static application security testing require access to source code?
- [ ] always -
[ ] only when assessing regulatory compliance
- [ ] only if following the Agile model - [ ] never
Q85. Your
organization service customer orders with a custom ordering system developed
in-house. You are responsible for recommending a cloud model to meet the
following requirements:
·
Control
of security required for regulatory compliance.
·
Legacy
application and database support.
·
Scalability
to meet seasonal increases in demand.
Which cloud model is the best option for these
requirements?
- [ ] government cloud
- [ ] public cloud
- [ ] hybrid cloud
- [ ] private cloud
Q86. You
have just conducted a port scan of a network. There is no well-known port
active. How do you find a webserver running on a host, which uses a random port
number?
- [ ] Give up on the current target network and
move on to the next one.
- [ ] Switch to another network scanning tool. Resort
to more resource-intensive probing, like launching random attacks to all open
ports.
- [ ] Turn on the stealth mode in your network
scanning tool. Check whether you missed any other active ports associated with
web servers.
- [ ] Turn on additional options in your network scanning tool to further investigate the details (type and version) of applications running on the rest of the active ports.
Q87. Executives
in your organization exchange emails with external business partners when
negotiating valuable business contracts. To ensure that these communications
are legally defensible, the security team has recommended that a digital
signature be added to these messages.
What are the primary goals of the digital
signature in this scenario? (Choose the best answer.)
- [ ] integrity and non-repudiation (ensures email
sender cant deny sending it. [ ]
privacy and non-repudiation
- [ ] privacy and confidentiality - [ ] integrity and privacy
Q88. Which
option is a mechanism to ensure non-repudiation?
- [ ] MD5 -
[ ] Caesar cipher
- [ ] symmetric-key encryption - [ ] asymmetric-key encryption
Q89. Which
software development lifecycle approach is most compatible with DevSecOps?
- [ ] Agile
- [ ] Model-Driven Development
- [ ] Waterfall
- [ ] Model-Driven Architecture
Q90. Which
information security principle states that organizations should defend systems
against any attack using several independent methods?
- [ ] separation of duties - [ ] privileged account
management (PAM)
- [ ] defense-in-depth - [ ] least privilege
Q91. Which
option describes a core principle of DevSecOps?
- [ ] Testing and release should be 100%
automated - [ ] Role separation is
the key to software security
- [ ] Final responsibility for security rests
with the architect of the application
- [ ] Everyone in the process is responsible for security
Q92. You
need to implement a solution to protect internet-facing applications from
common attacks like XSS, CSRF, and SQL injection. Which option is best suited
to the task?
- [ ] Security Information Event Management
(SIEM) - [ ] an IDPS appliance
- [ ] a web application firewall (WAF) - [ ] a stateful packet inspection firewal
Q93. Which
phase of the incident response process happens immediately following
identification?
- [ ] Eradication / Remediation - [ ] Reporting
- [ ] Containment / Mitigation - [ ] Recovery
Q94. How
can a data retention policy reduce your organization's legal liability?
- [ ] by reducing DLP licensing costs
- [ ] by reducing cost associated with data
storage and protection
- [ ] by ensuring that data is not retained beyond its necessary retention
date
- [ ] by destroying data that may implicate company executives in dishonest behavior
Q95. You
believe a recent service outage due to a denial-of-service attack from a
disgruntled inside source. What is the name of the malicious act this employee
has committed?
- [ ] espionage -
[ ] sabotage
- [ ] fraud - [ ] confidentiality breach
Q96. Which
option is a framework widely utilized by organizations in the development of
security governance standards?
- [ ] Software Capability Maturity Model
(SW-CMM) - [ ] Software Development
Life Cycle (SDLC)
- [ ] Control Objectives for Information and Related Technologies (COBIT)
- [ ] The Open Group Architecture Framework (TOGAF)
Q97. There
are connection-oriented and connectionless protocols in networking. What do web
browsers use to ensure the integrity of the data it sends and receives?
- [ ] UDP that is connection-oriented - [ ] TCP that is connection-oriented
- [ ] UDP that is connectionless - [ ] TCP that is connectionless
Q98. Which
type of attack targets vulnerabilities associated with translating MAC
addresses into IP addresses in computer networking?
- [ ] DNS poisoning
(manipulate DNS records to redirect users to malicious websites. - [ ] DDo
- [ ] ARP (Address Resolution Protocol) spoofing - [ ] CRL (Certificate Revocation List) trapping
Q99. You
are part of an incident response team at your company. While sifting through
log files collected by a SIEM, you discover some suspicious log entries that
you want to investigate further. Which type of the following best refers to
those recorded activities demanding additional scrutiny?
- [ ] attack -
[ ] information
- [ ] threat - [ ] event
Q100. You
are responsible for forensic investigations in your organization. You have been
tasked with investigating a compromised virtual application server. Because a
revenue generating application runs on the server, the server needs to be
returned to service as quickly as possible. What’s the next step to best
fulfill your responsibilities and meet the needs of the business?
- [ ] Restore the server from backup
immediately.
- [ ] Take the server offline until your
investigation is complete.
- [ ] Take a snapshot of the compromised virtual server for your
investigation.
- [ ] Restart the server. Remediate the issue after business hours.
Q101. Site-to-site
VPN provides access from one network address space (192.168.0.0/24) to another
network address space _
- [ ] 192.168.0.1/24 - [ ] 192.168.0.3/24
- [ ] 10.10.0.0/24 - [ ] 192.168.0.2/24
Q102. You
research probable threats to your company’s internet-facing web applications.
Which organization should you reference as an authoritative source for
web-based attack vectors?
- [ ] EC-Council (International
Council of E-Commerce Consultants)
- [ ] ISACA (Information Systems
Audit and Control Association)
- [ ] NIST (National Institute of Standards and
Technology)
- [ ] OWASP (Open Web Application Security Project).
Q103. Which
action is most likely to simplify security staff training, improve integration
between security components, and reduce risk to the business? (Choose the best
answer.)
- [ ] adopting a "best-in-suite"
approach to security - [ ] adopting
a "trust but verify" approach to security
- [ ] adopting a "best-of-breed" approach to security - [ ] adopting a "defense-in-depth" approach to security
Q104. **\_**
attacks can execute the code injected by attackers as part of user inputs.
- [ ] Ping of death - [ ] Buffer overflow
- [ ] Distributed Denial of Service - [ ] Denial of Service
Q105.
Which activity is NOT part of risk assessment?
- [ ] identifying and valuing assets - [ ]
analyzing risks by criticality and cost
- [ ] discontinuing activities that introduce risk - [ ] identifying threats and analyzing vulnerabilities
Q106. You
analyze logs for a web application and see the following string:
`./../../../var/secrets` What type of attack was most likely attempted against
the application?
- [ ] brute force - [ ] session hijacking
- [ ] cross-site scripting - [ ] directory traversal
Q107. Which quadrant should be the focus of risk management?
- [ ] 1 - [ ] 2
- [ ] 3 - [ ] 4
Q108. Which
option will not actively identify a security incident?
- [ ] Extended Detection and Response (XDR) - [ ] Cloud Security Posture Management (CSPM)
- [ ] Security Information Event Management (SEIM) - [ ] Endpoint Detection and Response (EDR)
CSPM ensures cloud
infrastructure is configured securely and in compliance with industry
standards.
Q109. A
website asks for a password and also sends an authentication code to your
phone. What factors are used in this multi-factor authentication scenario?
- [ ] what you have and what you do - [ ] what you know and what
you are
- [ ] what you have and what you know -
[ ] what you do and what you know
Q110.
Which option is a list of publicly disclosed information security defects?
- [ ] DBIR (Data Breach Investigations Report): -
[ ] CVE (Common Vulnerabilities and
Exposures)
- [ ] CWE (Common Weakness Enumeration) - [ ] CERT (Computer Emergency Response Team)
Q111. What
is crypto virology? implementation of malicious software or malware
- [ ] Plain cryptography - [ ] Antivirus
- [ ] Design powerful malicious software - [ ] Asymmetric backdoor
Q112. What
does a metamorphic virus do?
- [ ] Static analyzer -
[ ] Antivirus
- [ ] Generates a whole variable code using a variable encryptor - [ ] Mutation function
Q113. What
is the most common cause of cyber incidents in organizations?
- [ ] Vulnerabilities in software - [ ] Social Engineering
- [ ] Ransomware - [ ] Phishing
Q114. Which
of the following terms is used to describe a collection of unrelated patches?
- [ ] Hotfix -
[ ] Update
- [ ] Security Fix - [ ] Service Pack
Q115. How
often should security teams conduct a review of the privileged access that a
user has to sensitive systems?
- [ ] On a periodic basis -
[ ] When a User leaves the
organization
- [ ] When a User changes roles - [ ] On a daily basis
Q116. What term describes the default set of
privileges assigned to a user when a new account is created?
- [ ] Aggregation - [ ] Transitivity
- [ ] Baseline - [ ] Entitlement
Q117. Who
is the father of computer security??
- [ ] August Kerckhoffs -
[ ] Bob Thomas
- [ ] Charles Thomas - [ ] Robert Kerckhoffs
Q118. Which
type of attack uses formal emails to entice specific individuals into signing
in and changing their passwords?
- [ ] vishing -
[ ] spear phishing
- [ ] brute force attack - [ ] password spray attack
Q119. A
data asset register should contain which of the following?
- [ ] the location of the data. - [ ] The value of the asset.
- [ ] The owner of the asset. - [ ] All of these options.
Q120. Once
you have confirmed that Burp suite is intercepting website requests, where can
you check to see if you have credentials in cleartext to access the target
webpage?
- [ ] Select Go on the Repeater tab - [ ] See the loopback
address and port are on in the Options tab
- [ ] Check the Raw section in the Intercept tab - [ ] Check for a login.php line in the Proxy tab
Q121. Threat actors will attempt to find an
attack vector on their target by mapping the attack **\_**.
- [ ] surface - [ ]
infrastructure
- [ ] threat - [ ] door
Q122. How
would an organization ensure software product support in the event a supplier
goes out of business or is sold to a competitor?
- [ ] They could employ the software developers
once the supplier organization has gone out of business.
- [ ] They could ensure support by acquiring the
supplier organization.
- [ ] They could ensure support through an escrow agreement.
- [ ] They could reverse engineer the product so that it could be supported in-house.
Q123. Which
of the following is the security standard that applies to the certification of
security controls within products?
- [ ] ISO/IEC 9000. (A
quality management standard)
- [ ] ISO/IEC 27001. (A standard
for information security management systems ISMS)
- [ ] ISO/IEC 15408 (Common Criteria for IT Security Evaluation)
- [ ] ISO/IEC 13335 (Focuses on the management of information security risk)
Q124. What
is the main role of the board member known as the information security manager?
- [ ] To ensure appropriate security controls are implemented across the organization.
- [ ] To provide day-to-day management of the
information assurance function.
- [ ] To have a detailed understanding of the organization’s
vulnerabilities.
- [ ] To have a detailed understanding of threats faced by the organization.
Q125.
What are the two main approaches used to determine the likelihood of a threat
occurring?
- [ ] Qualitative and statistical - [ ] Statistical
and quantitative
- [ ] Statistical and assumptive - [ ] Qualitative and quantitative
Q126. Which
type of hackers are often organized and funded by a nation's military
intelligence or security services, and attempt to gain access to a foreign
adversary's state secrets or military intelligence?
- [ ] hacktivists - [ ] competitors
- [ ] black hat hackers - [ ] state-sponsored hackers
Q127. Which
of the following methods combines two binary streams to create one new stream
that contains hidden information that cannot be retrieved without the other
stream that was used to create it?
- [ ] substitution cipher - [ ] weaponization
- [ ] transposition cipher - [ ] XOR encryption
Q128.
What is Drupalgeddon? (vulnerability in the popular content
management system (CMS) Drupal)
- [ ] A web app proxy tool - [ ] A DDoS
bot
- [ ] A network packet capturing device - [ ] a SQL injection flaw
Q129.
The algorithm used by an encryption technique to hide information is known as
the **\_**.
- [ ] cipher -
[ ] XOR
- [ ] encoding - [ ] cyber kill chain
Q130. Which
of these is not an issue that could arise because of outsourcing software
development?
- [ ] The accidental or deliberate introduction
of malicious code.
- [ ] The loss of intellectual property or trade
secrets.
- [ ] Legal disputes could develop between the
customer and the supplier.
- [ ] The laws on the protection of data do not apply to information sent to a third party.
Q131. A
**\_** hat is a hacker who may not operate according to ethical testing standards
but does not have malicious intent.
- [ ] gray - [ ]
blue
- [ ] red - [ ] purple
Q132.
Understanding that multifactor authentication (MFA) is a best practice, which
option should be avoided as a secondary authentication factor in MFA whenever possible?
- [ ] biometric authentication - [ ] OAUTH Token
- [ ] authenticator apps - [ ] SMS message SMS messages can be susceptible to
interception, SIM swapping attacks, or phishing attempts targeting the mobile
device.
Comments
Post a Comment