1.Which statement is NOT true regarding a critical asset in the enterprise environment?
A) It can be easily replaced
2.Which state legislation requires companies to report security breaches within 48 hours?
A) Database Security Breach Notification Act
3.When evaluating risk response techniques, which of the terms would best identify the attempt to make the risk less serious?
A) Mitigate
4. When evaluating risk response techniques, which of the terms would best identify the act of purchasing insurance for an asset?
A) Transfer
5.Which attack method can be executed by someone with little or no computer or network knolege?
A) Open-source intelligence
6.Which of the following are measures for achieving availability? (Choose all that apply.)
A) Redundancy, Fault tolerance, and Patching
7.Which of the following is true regarding cloud storage?
A) One may not have control over how exactly the data is safeguarded.
8.Which of the following are options that are viable and practical for implementing data encryption? (Choose all that apply.)
A) Full disk encryption, database encryption, individual file encryption, removable media encryption, and mobile devices encryption.
9.You are speaking to your CIO, and she has instructed you to ensure that the network is “five nines” in percentage of availability. What is the total yearly downtime that this allows
A) 5.26 minutes
10.When dealing with the preservation of evidence, who should be responsible for processing the evidence?
A) Properly trained computer evidence specialists
11.What type of malware specializes in avoiding detection by accessing lower layers of the operating system or by using undocumented functions to make alterations
A) rootkit
12.Per your company’s data destruction policy, you have been tasked with the destruction of data on a magnetic hard drive. The policy employed by your company specifies that you must destroy the drive by reducing or eliminating the magnetic fields present in the drive. What method should you use
A) You should perform a degaussing procedure on the drive
13.What is NOT an advantage of using job rotation in a complex business environment
A) It reduces job training costs by ensuring everyone knows how to do everyone else’s job
14.What type of cryptography provides security comparable to asymmetric encryption with significantly reduced computational power and with smaller key sizes
A) elliptic curve cryptography
15.When using OAuth, how are a user’s username and password received by a third party server.
A) The username and password are replaced by a an authentication token, which is then used to gain access to the third party server.
16.What two statements describe methods that can be employed by armored viruses in order to avoid detection? (Choose two.)
A) Armored viruses can use encrypted code pieces to assemble itself with the help of an infected program.Armored viruses may mutate or change their code on the fly to avoid detection.
17.When deploying sensors, collectors, and filters, where should they be placed in the network?
A) They should be placed where the stream of data is largest.
18.A client PC on your company’s network is attempting to browse to a vendor’s web page on the Internet, but the computer goes to a malicious web page instead. What two utilities can you use to verify that the DNS records are correct for the web page? (Choose two.)
A) dignslookup
19.What DNS vulnerability can be specifically addressed by utilizing Domain Name System Security Extensions (DNSSEC)
A) DNS poisoning
20.What encryption protocol is used for the WPA2 wireless standard
A) Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
21.What are the two different types of one-time password that can be created? (Choose two.)
A) HMAC based one-time password (HOTP)time-based one time password (TOTP)
22.A Bluetooth piconet is an example of what type of network topology
A) ad hoc topology
23.Of the two encryption modes supported by IPsec, what mode is more secure, and why
A) Tunnel mode, because the header and data portion of the packet are encrypted
24.Providing the minimum amount of privileges necessary to perform a job or function is known as what security principle
A) least privilege
25.When using application-based firewalls, what is NOT capable of being used to identify an application being used
A) IP addresses
26.You have been tasked with responding to a security incident involving the compromise of a manager’s documents. You and your team have determined that the attacker involved copied files via a Bluetooth connection with the manager’s unprotected cell phone. What kind of attack was this
A) bluesnarfing attack
27.When you are configuring password policy settings in Group Policy, what is the recommended setting for password reuse
A) 24 new passwords must be used before a reused password
28.What are two items that are specifically part of the Secure DevOps methodology? (Choose two.)
A) continuous integrationsecurity automation
29.What feature of a mobile device management system could be used to restrict the use of an application containing confidential data to only a specific geographical area?
A) geofencing
30.What statement describes the Privacy Enhancement Mail (PEM) X.509 format?
A) It is designed to provide confidentiality and integrity to emails utilizing DER encoding.
31.What block cipher mode of operation involves each ciphertext block being fed back into the encryption process to encrypt the next plaintext block?
A) Cipher Block Chaining (CBC)
32.In what type of security policy might you define the required minimal security configuration for servers on the network
A) server security policy
33.By creating a starting point for comparison purposes in order to apply targets and goals to measure success, what are you doing
A) Establishing a baseline.
34.What is the most secure form of IEEE 802.1x authentication
A) certificate based
35.What statement correctly defines what a rainbow table is in relation to password attacks
A) A rainbow table is a compressed representation of cleartext passwords that are related and organized in a sequence.
36.What does a component’s mean time between failures (MTBF) value determine?
A) It refers to the average amount of time until a component fails and cannot be repaired.
37.How does a distributed denial of service attack differ from a regular denial of service attack
A) DDoS attacks utilize many computers for making bogus requests, instead of just one.
38.What statement accurately defines what a race condition is and how it might affect a computer?
A) A race condition occurs when concurrent threads of execution access a shared resource simultaneously, producing unintended consequences.
39.Proxies are “devices” that are strictly software-only.
A) Falce
40.A web application firewall is exactly the same as a network firewall.
A) False
41.A Web application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system. It prevents targeted attacks that include Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input. In which of the following attacks does the attacker gains access to a restricted page within a Web application by supplying a URL directly?
A) Forceful browsing
42.Anetwork administrator is evaluating different firewalls. Which of the following firewalls provides protection from the following attacks: Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input?
A) Web application firewall (WAF)
43.Which of the choices shown are NOT true when considering virus behavior?
A) Requires human actions to execute
44.Which of the choices identifies the actions of a rootkit?
A) Becomes undetectable
45.Which of the choices is NOT a trait of crypt-malware?
A) Collects private information
46.Which malware type would be used to infect cloud based storage?
A) Crypto-malware
47.What specific type of phishing attack uses the telephone to target a victim?
A) Vishing
48.What type of computer code is typically added to a legitimate program but lies dormant until a specific logical event triggers it?
A) Logic bomb
49.What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks?
A) Easter egg
50.What type of ransomware displays a screen and prevents the user from accessing the computer’s resources?
A) blocker ransomware
51.What type of software can be installed in an individual’s web browser to prevent ads from displaying?
A) ad blocking
52.Once the malware reaches a system through circulation, then it must embed itself into that system.
A) True
53.What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?
A) watering hole
54.What type of spyware silently captures and stores each keystroke that a user types on the computer’s keyboard?
A) keylogger
55.Which of the following is not one of the four methods for classifying the various instances of malware by using the primary trait that the malware possesses?
A) Source
56.Cryptography is often used to make a message unreadable. _________ is used to physically hide a message.
A) Steganography
57.The Steganography message is called the ___________?
A) Plaintext
58.Steganography takes the data it is protecting and hides it within a file. The process can utilize many areas of the file. Which of the choices shown is NOT used?
A) File name
59.When using steganography to hide a message you can increase the protection of a message by using cryptography to encrypt the message. Examine the choices provided and select the one that describes encrypted information.
A) Ciphertext
60.Digital files all contain hidden information used to describe the content and structure. This information is called _________?
A) Metadata
61.With this type of key cryptography, the sender and receiver of a message share a single common key.
A) Symmetric
62.Hashing aims to produce:
A) A fixed-size string
63.MD5 uses a hash value to create a hash which is typically a 32 character hex number and how many bits?
A) 128
64.RIPEMD (RIPE Message Digest) is a suite of cryptographic hash functions developed basing upon:
A) MD4 – Message-Digest Algorithm
65.Which of the following is true concerning RC4 (Rivest Cipher 4)?
A) It was the most widely used software cipher.
66.What is PBKDF2 (Password-Based Key Derivation Function 2) for?
A) Hashing passwords for storage
67.In Active Directory, what does authorization?
A) LDAP Lightweight Directory Access Protocol
68.A Digital signature is a piece of data digest encrypted with:
A) The private key of the sender
69.Which of the following may be used as an alternative to CRLs (Certificate revocation list)?
A) OCSP Online Certificate Status Protocol
70.What is the faster way for browsers to obtain the revocation status of a digital certificate attached to a Web site?
A) OCSP Online Certificate Status Protocol
71.The security administrator for Conglomerate.com has been directed by the CIO to reduce the cost of certificates. Which of the following is the FIRST step that should be taken?
A) Install a CA (Certificate Authority)
72.A framework for all of the entities involved in digital certificates for digital certificate management is known as:
A) Public key infrastructure
73.The Authentication Header (AH) protocol is a part of what encryption protocol suite below?
A) IPSec
74.What kind of digital certificate is typically used to ensure the authenticity of a web server to a client?
A) web server
75.What process will remove all private and public keys along with the user’s identification information in the CA?
A) destruction
76.What type of trust model is used as the basis for most digital certificates used on the Internet?
A) distributed trust
77.SSL v3.0 served as the basis for TLS v1.0.
A) True
78.What is the S/MIME protocol used for?
A) MIME is a standard for organizing electronic messages. So, the S/MIME protocol is used to secure email messages. It also allows users to send encrypted messages that are digitally signed.
79.What are the three areas of protection provided by IPSEC?
A) Three areas of protection provided by IPSEC are:
Authentication – IPSEC authenticates the packets received were the original packets that were sent from the source.
Confidentiality – IPSEC encrypts the packets so no third parties could view the information.
Key management – IPSEC manages the keys to ensure they are not intercepted.
80.What is used to create session keys?
A) master secret
81.What common method is used to ensure the security and integrity of a root CA?
A) Keep it in an offline state from the network
82.What can be deployed to intercept and log network traffic passing through the network?
A) protocol analyzers
83.What attack involves impersonating another device?
A) Spoofing
84.Packet sniffing can be helpful in detecting rogues.
A) True
85.Which of the following is NOT a means used by an attacker to do reconnaissance on a network?
A) Smurf attack
86.Which of the following are considered to be interception attacks? (Choose all that apply.)
A) man-in-the-middle, replay attacks
87.How does a buffer overflow attack occur?
A) A buffer overflow attack occurs when an attacker sets up a process to overflow data in the target machines RAM that will fill the memory past its buffered capacity. This extra information flows into other memory locations (i.e. virtual memory). Thus, the attacker is able to interrupt the current program’s instructions, overflow/redirect the return address, and point that process towards his/her own malware.
88.The exchange of information among DNS servers regarding configured zones is known as:
A) zone transfer
89.What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks?
A) ARP poisoning
90.What directory are the host tables found in the /etc/ directory in UNIX, Linux, and macOS on a Windows system?
A) Host tables are found in the following directories:
Unix/Linux:
/etc/ directory
Windows:
Windows\System32\drivers\etc
90.How does a cross-site scripting (XSS) attack work?
A) In a cross-site scripting (XSS) attack, the threat actor uses the web applications that accept user input without validating it before presenting it back to the user. Thus, the attacker can use this vulnerability by tricking a valid (non-validating) website to feed a malicious script to the user’s browser which will execute the script.
91.Choose the SQL injection statement example below that could be used to find specific users:
A) whatever’ OR full_name LIKE ‘%Mia%’
92.What language below is used to view and manipulate data that is stored in a relational database?
A) SQL
93.Which type of attack below is similar to a passive man-in-the-middle attack?
A) replay
94.What specific ways can a session token be transmitted? (Choose all that apply.)
A) In the URL., In the header of the HTTP requisition.
95.To achieve server scalability, more servers may be added to a configuration and make use of:
A) load balancers
96.What hardware based solutions are measures for fault tolerance? (Choose all that apply.)
A) Clustering, RAID, Load Balancing
97.To increase fault-tolerance, the security administrator for Corp.com has installed an active/passive firewall cluster where the second firewall is held in reserve in case of primary firewall failure. Stateful firewall inspection is being used in the firewall implementation. There have been numerous reports of dropped connections with external clients. Which of the following is MOST likely the cause of this problem?
A) Inbound packets are traversing the active firewall and return traffic is being sent through the passive firewall.
98.How is a network-based MITM attack executed?
A) A network-based man in the middle (MITM) attack happens when a threat actor inserts themselves between two parties. The goal is to impersonate both parties to gain access to secure information.
99.What two locations can be a target for DNS poisoning? (Choose all that apply.)
A) Local host table, external DNS server
100.What is the basis for domain name resolution of names-to-IP addresses?
A) The first network (ARPAnet) was relatively small and humans could remember/manage the identification numbers to each computer. However, as the network grew it became difficult to remember the long string of identifiers for every terminal. Thus, a naming system was introduced that would allow devices on a network to have both a numeric address and a symbolic (human-friendly) name. This system would develop into a hierarchical name system for matching computer names/numbers.
Other Links:
Statistics Quiz
Networking Quiz
See other websites for quiz:
Check on QUIZLET
Check on CHEGG