- Which of the following tool can be used to automate the setup of an evil twin?
2. Which of the following attack is also known as DNS spoofing?
DNS poisoning
3. Which of the following tools can be used to conduct a Distributed Denial-of-Service (DDoS) attack? [Choose all that apply]
Nemesy
DAVOSET
UDP Flooder
HTTP Unbearable Load King (HULK)
4. Which of the following is globally unique in the system?
MAC address
5. Which of the following can be triggered when a document opens?
Macro
6. Which of the following can be used to detect if a Trojan has infected a system?
Netstat
7. Which of the following command is used to detect OS on a target?
nmap -o
8. Which of the following nmap command is used for file-exclusion?
nmap -iL /tmp/scanlist.txt –excludefile /tmp/exclude.txt
9. Which of the following is an open source toolkit used to implement the SSLv3 and TLS v1 protocols?
OpenSSL
10. Which of the following is used to target SSL-enabled sessions and non-SSL-enabled links to sniff their contents?
SSL Strip
11. Which of the following command is used to perform xmas tree scan?
nmap –sX –v
12. Which of the following command is used to perform FIN scan?
nmap –sF
13. Which of the following type of security controls involves installing bollards?
Deterrent
14. Which of the following can be used to detect malicious activities? [Choose all that apply]
CCTV Cameras
Alarms
15. Which of the following type of security control are CCTV cameras? [Choose all that apply]
Deterrent
Detective
16. If you are using a USB data blocker, which type of security control are you using?
Preventive
17. In an organization, in which of the following places would you install a fire suppression system? [Choose all that apply]
Server Room
Datacenter
18. What is the minimum number of load balancers needed to configure active/active load balancing?
2
19. Which feature of Windows 10 establishes a persistent virtual private network (VPN) connection when there is Internet connectivity?
Always On VPN
20. Which of the following tasks can be performed using the out-of-band management feature in network devices? [Choose all that apply]
Perform maintenance
Reboot the network device
Upgrade the firmware
Power-on the network device
Reinstall the operating system
21. Which of the following are ways of configuring access control lists (ACL)? [Choose all that apply]
Per-user basis
Using an effective right mask
Per-group basis
22. Which of the following statements describe the implications of IPv6? [Choose all that apply]
The adoption of IPv6 is still missing with many organizations
Devices and operating systems need to be upgraded
Networks need to be upgraded or redesigned
IPv6 addresses are long and difficult to remember
23. Which of the following should be mentioned by a network diagram? [Choose all that apply.]
Devices present on the network
IP addresses and names of the devices
Connectivity between the devices
24. Which of the following relates to the term Data Sovereignty?
Country specific laws and regulations
25. Which of the following term relates to the accuracy and consistency of data?
Integrity
26. When setting up a data center in a particular geography, which of the following points must be considered? [Choose all that apply]
Choose all options
27. Which of the following offerings can be provided by a Cloud Access Service Broker (CASB)? [Choose all that apply]
Cloud governance
Identity and Access Management (IAM)
Threat prevention
Malware prevention
Data Loss Prevention (DLP)
28. Which attack intercepts communications between a web browser and the underlying OS?
| a. Man-in-the-browser (MITB) |
| b. Interception |
| c. DIG |
| d. ARP poisoning |
29. Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?
| a. Web browser and browser add-on |
| b. Reply referrer and domain buffer |
| c. Host table and external DNS server |
| d. Web server buffer and host DNS server |
30. What is the result of an ARP poisoning attack?
| a. MAC addresses are altered. |
| b. The ARP cache is compromised. |
| c. Users cannot reach a DNS server. |
| d. An internal DNS must be used instead of an external DNS. |
31. Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?
| a. MAC cloning attack |
| b. MAC flooding attack |
| c. MAC spoofing attack |
| d. MAC overflow attack |
32. Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user?
| a. DNS hijack attack |
| b. DNS poisoning attack |
| c. DNS overflow attack |
| d. DNS resource attack |
33. Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?
| a. Application |
| b. Operational Technology |
| c. IoT |
| d. Network |
34. Which of the following is NOT a reason that threat actors use PowerShell for attacks?
| a. It cannot be detected by antimalware running on the computer. |
| b. It leaves behind no evidence on a hard drive. |
| c. Most applications flag it as a trusted application. |
| d. It can be invoked prior to system boot. |
35. What is the difference between a DoS and a DDoS attack?
| a. DoS attacks use more memory than DDoS attacks. |
| b. DoS attacks are faster than DDoS attacks. |
| c. DoS attacks do not use DNS servers as DDoS attacks do. |
| d. DoS attacks use fewer computers than DDoS attacks. |
36. Which of the following is NOT true about VBA?
| a. It is included in select non-Microsoft products. |
| b. It is being phased out and replaced by PowerShell. |
| c. It is commonly used to create macros. |
| d. It is built into most Microsoft Office applications |
37. Which of the following is NOT a Microsoft defense against macros?
| a. Protected View |
| b. Trusted location |
| c. Trusted domain |
| d. Trusted documents |
38. Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use?
| a. Download only vetted libraries. |
| b. Use caution when formatting strings. |
| c. Only use compiled and not interpreted Python code. |
| d. Use the latest version of Python. |
39. What is Bash?
| a. The open source scripting language that contains many vulnerabilities |
| b. A substitute for SSH |
| c. The underlying platform on which macOS is built |
| d. The command-language interpreter for Linux/UNIX OSs |
40. Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use?
| a. traceroute |
| b. trace |
| c. tracepacket |
| d. tracert |
41. Which utility sends custom TCP/IP packets?
| a. shape |
| b. hping |
| c. curl |
| d. pingpacket |
42. Which of the following is a third-party OS penetration testing tool?
| a. sn1per |
| b. Nessus |
| c. theHarvester |
| d. scanless |
43. Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?
| a. display |
| b. cat |
| c. show |
| d. head |
44. Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior?
| a. Packetdump |
| b. Wireshark |
| c. Tcpdump |
| d. Tcpreplay |
45. Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?
| a. Two-person integrity/control |
| b. Dual observation protocol (DOP) |
| c. Multiplayer recognition |
| d. Compromise mitigation assessment (CMA) |
46. Which of the following sensors can detect an object that enters the sensor’s field?
| a. Field detection |
| b. Proximity |
| c. Object recognition |
| d. IR verification |
47. Which of the following does NOT describe an area that separates threat actors from defenders?
| a. Secure area |
| b. DMZ |
| c. Containment space |
| d. Air gap |
48. Which of the following is NOT a firewall rule parameter?
| a. Visibility |
| b. Context |
| c. Time |
| d. Action |
49. Which firewall rule action implicitly denies all other traffic unless explicitly allowed?
| a. Allow |
| b. Bypass |
| c. Force Deny |
| d. Force Allow |
50. Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?
| a. Hardware firewall |
| b. Content/URL filtering firewall |
| c. Policy-based firewall |
| d. Proprietary firewall |
51. Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?
| a. Connection-aware firewall |
| b. Proxy firewall |
| c. Stateful packet filtering |
| d. Packet filtering firewall |
52. What is a virtual firewall?
| a. A firewall that runs in the cloud |
| b. A firewall that runs in an endpoint virtual machine |
| c. A firewall that blocks only incoming traffic |
| d. A firewall appliance that runs on a LAN |
53. Which of these appliances provides the broadest protection by combining several security functions?
| a. NAT |
| b. NGFW |
| c. UTM |
| d. WAF |
54. Which of the following contains honeyfiles and fake telemetry?
| a. Attacker-interaction honeypot |
| b. Honeypotnet |
| c. High-interaction honeypot |
| d. Honeyserver |
55. Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider?
| a. DNS sinkhole |
| b. MAC pit |
| c. DDoS Prevention System (DPS) |
| d. IP denier |
56. Which type of monitoring methodology looks for statistical deviations from a baseline?
| a. Anomaly monitoring |
| b. Signature-based monitoring |
| c. Heuristic monitoring |
| d. Behavioral monitoring |
57. Which statement regarding a demilitarized zone (DMZ) is NOT true?
| a. It provides an extra degree of security. |
| b. It typically includes an email or web server. |
| c. It contains servers that are used only by internal network users. |
| d. It can be configured to have one or two firewalls. |
58. Which of the following functions does a network hardware security module NOT perform?
| a. Random number generator |
| b. Fingerprint authentication |
| c. Key exchange |
| d. Key management |
59. Which of these is NOT used in scheduling a load balancer?
| a. Data within the application message itself |
| b. Round-robin |
| c. Affinity |
| d. The IP address of the destination packet |
60. In which of the following configurations are all the load balancers always active?
| a. Active-active |
| b. Active-load-passive-load |
| c. Active-passive |
| d. Passive-active-passive |
61. Which device intercepts internal user requests and then processes those requests on behalf of the users?
| a. Reverse proxy server |
| b. Intrusion prevention device |
| c. Forward proxy server |
| d. Host detection server |
62. Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose?
| a. Full tunnel |
| b. Split tunnel |
| c. Narrow tunnel |
| d. Wide tunnel |
63. Which of the following is not a basic configuration management tool?
| a. Baseline configuration |
| b. MAC address schema |
| c. Standard naming convention |
| d. Diagrams |
64. Which of the following is NOT correct about L2TP?
| a. It must be used on HTML5 compliant devices. |
| b. It does not offer encryption. |
| c. It is used as a VPN protocol. |
| d. It is paired with IPSec. |
65. Which of the following is NOT a NAC option when it detects a vulnerable endpoint?
| a. Update Active Directory to indicate the device is vulnerable. |
| b. Connect to a quarantine network. |
| c. Deny access to the network. |
| d. Give restricted access to the network |
66. Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use?
| a. Data Object Obfuscation (DOO) |
| b. Masking |
| c. PII Hiding |
| d. Tokenization |
67. How does BPDU guard provide protection?
| a. It detects when a BPDU is received from an endpoint. |
| b. BPDUs are encrypted so that attackers cannot see their contents. |
| c. All firewalls are configured to let BPDUs pass to the external network. |
| d. It sends BPDU updates to all routers |
Other Links:
See other websites for quiz:
Check on QUIZLET