domingo, 7 de fevereiro de 2021

CISCO Cybersecurity Essentials 2021 : Questions and Answers for the Final Quiz / Final Exam / Chapters Quiz of the course

CISCO Cybersecurity Essentials related content
Lab exercises demonstrations (video playlist) (blog post)
Quiz Questions and Answers (video playlist) (blog post)
Cisco Packet Tracer demonstrations (video playlist)
Linux OS tutorials and reviews (video playlist)
Exercícios do curso em Português (video playlist)


All questions and answers to study for the Final Quiz / Final Exam of the Cisco "Cybersecurity Essentials" course

Watch the video to learn about the questions, answers and the explanations of the answer.


All questions and answers to study for the Final Quiz


Final Quiz / Final Exam

A cybersecurity specialist is asked to identify the potential criminals known to attack the organization. Which type of hackers would the cybersecurity specialist be least concerned with?

  white hat hackers  
black hat hackers
script kiddies
gray hat hackers


Which type of cybercriminal is the most likely to create malware to compromise an organization by stealing credit card information?

  black hat hackers  
gray hat hackers
script kiddies
white hat hackers


Which type of cybercriminal attack would interfere with established network communication through the use of constructed packets so that the packets look like they are part of the normal communication?

  packet forgery  
packet sniffing
DNS spoofing
rogue Wi-Fi AP


Which technology can be used to ensure data confidentiality?

  encryption  
hashing
identity management
RAID


Which technology can be implemented as part of an authentication system to verify the identification of employees?

  a smart card reader  
SHA-1 hash
a Mantrap
a virtual fingerprint


Which data state is maintained in NAS and SAN services?

  stored data  
data in-transit
data in-process
encrypted data


Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of BYOD on campus?

  wireless networks  
wired networks
virtual networks
sneaker net


A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?

  Implement a firewall  
Implement intrusion detection systems.
Implement RAID.
Implement a VLAN.


What are the two most effective ways to defend against malware? (Choose two.)

  Install and update antivirus software.  
  Update the operating system and other application software.  
Implement strong passwords.
Implement network firewalls.
Implement a VPN.
Implement RAID.


Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

  Ransomware  
DoS attack
Trojan horse
Man-in-the-middle attack


Users report that the network access is slow. After questioning the employees, the network administrator learned that one employee downloaded a third-party scanning program for the printer. What type of malware might be introduced that causes slow performance of the network?

  worm  
spam
virus
phishing


A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?

  Look for unauthorized accounts  
Look for policy changes in Event Viewer.
Look for usernames that do not have passwords.
Scan the systems for viruses.


What type of attack will make illegitimate websites higher in a web search result list?

  SEO poisoning  
spam
DNS poisoning
browser hijacker


What is an impersonation attack that takes advantage of a trusted relationship between two systems?

  spoofing  
spamming
sniffing
man-in-the-middle


What type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?

  sniffing  
phishing
spamming
spoofing


What is the most difficult part of designing a cryptosystem?

  key management  
reverse engineering
key length
encryption algorithm


Alice and Bob use a pre-shared key to exchange a confidential message. If Bob wants to send a confidential message to Carol, what key should he use?

  a new pre-shared key  
the public key of Bob
the private key of Carol
the same pre-shared key he used with Alice


A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?

  3DES  
Diffie-Hellman
ECC
RSA


Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?

  AES  
3DES
DES
RSA


Which access control strategy allows an object owner to determine whether to allow access to the object?

  DAC  
MAC 
RBAC
ACL


Which access control should the IT department use to restore a system back to its normal state?

  corrective  
preventive
compensative
detective


In which situation would a detective control be warranted?

  when the organization needs to look for prohibited activity  
after the organization has experienced a breach in order to restore everything back to a normal state
when the organization needs to repair damage
when the organization cannot use a guard dog, so it is necessary to consider an alternative


Which method is used by steganography to hide text in an image file?

  least significant bit  
data obfuscation
data masking
most significant bit


What is a feature of a cryptographic hash function?

  The hash function is a one-way mathematical function  
The hash input can be calculated given the output value.
Hashing requires a public and a private key.
The output has a variable length.


You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?

  SHA-256  
AES
SHA-1
MD5


Technicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)

  The systems use different hashing algorithms  
  One system uses hashing and the other uses hashing and salting  
One system uses symmetrical hashing and the other uses asymmetrical hashing.
Both systems use MD5.
Both systems scramble the passwords before hashing.


A VPN will be used within the organization to give remote users secure access to the corporate network. What does IPsec use to authenticate the origin of every packet to provide data integrity checking?

  HMAC  
CRC
password
salting


Which hashing technology requires keys to be exchanged?

  HMAC  
salting
AES
MD5


What technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?

  digital certificate  
salting
asymmetric encryption
digital signature


The X.509 standards defines which security technology?

  digital certificates  
strong passwords
security tokens
biometrics


An organization just completed a security audit. Your division was cited for not conforming to X.509 requirements. What is the first security control you need to examine?

digital certificates  
hashing operations
data validation rules
VPNs and encryption services


There are many environments that require five nines, but a five nines environment may be cost prohibitive. What is one example of where the five nines environment might be cost prohibitive?

  the New York Stock Exchange  
the front office of a major league sports team
department stores at the local mall
the U.S. Department of Education


An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?

  improving reliability and uptime of the servers  
stronger encryption systems
limiting access to the data on these systems
remote access to thousands of external users


Being able to maintain availability during disruptive events describes which of the principles of high availability?

  system resiliency  
fault tolerance
single point of failure
uninterruptible services


The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?

  quantitative analysis  
loss analysis
protection analysis
qualitative analysis


Which two values are required to calculate annual loss expectancy? (Choose two.)

  single loss expectancy  
  annual rate of occurrence  

asset value
exposure factor
quantitative loss value
frequency factor


The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist. Which of the following resources can be used to identify specific details about vulnerabilities?

  CVE national database  
Infragard
ISO/IEC 27000 model
NIST/NICE framework


Which risk mitigation strategies include outsourcing services and purchasing insurance?

  transfer  
reduction
avoidance
acceptance


Which technology would you implement to provide high availability for data storage?

  RAID  
software updates
hot standby
N+1


What are two incident response phases? (Choose two.)

  detection and analysis  
  containment and recovery  

confidentiality and eradication
prevention and containment
mitigation and acceptance
risk analysis and high availability


Which of the following products or technologies would you use to establish a baseline for an operating system?

  Microsoft Security Baseline Analyzer (MBSA)  
CVE Baseline Analyzer
MS Baseliner
SANS Baselining System (SBS)


Mutual authentication can prevent which type of attack?

  man-in-the-middle  
wireless sniffing
wireless poisoning
wireless IP spoofing


What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?

  Local Security Policy tool  
Computer Management
Active Directory Security tool
Event Viewer security log


Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)

  802.11i  
  WPA  
  WPA2  

802.11q
TKIP
WEP


Which utility uses the Internet Control Messaging Protocol (ICMP)?

  ping  
DNS
NTP
RIP


Which technology can be used to protect VoIP against eavesdropping?

  encrypted voice messages  
SSH
ARP
strong authentication


What describes the protection provided by a fence that is 1 meter in height?

  It deters casual trespassers only  
It offers limited delay to a determined intruder.
It prevents casual trespassers because of its height.
The fence deters determined intruders.


HVAC, water system, and fire systems fall under which of the cybersecurity domains?

  physical facilities  
user
device
network


Which website offers guidance on putting together a checklist to provide guidance on configuring and hardening operating systems?

  The National Vulnerability Database website  
CERT
Internet Storm Center
The Advanced Cyber Security Center


Which national resource was developed as a result of a U.S. Executive Order after a ten-month collaborative study involving over 3,000 security professionals?

  NIST Framework  
the National Vulnerability Database (NVD)
ISO OSI model
ISO/IEC 27000



Chapter 1: Cybersecurity - A World of Experts and Criminals


What name is given to a amateur hacker?

  script kiddie  
black hat
red hat
blue team


What type of attack uses many systems to flood the resources of a target, thus making the target unavailable?

  DoS  
ping sweep
spoof
DDoS 


What is an example of an Internet data domain?

  Linkedin  
Palo Alto
Cisco
Juniper


Thwarting cyber criminals includes which of the following? (Choose two.)

  establishing early warning systems  
  sharing cyber Intelligence information  
shutting down the network
changing operating systems
hiring hackers


What type of an attack can disable a computer by forcing it to use memory or by overworking its CPU?

  algorithm  
exhaustion
DDoS
APT


What name is given to hackers who hack for a cause?

  hactivist  
blue hat
hacker
white hat


What does the term vulnerability mean?

 a weakness that makes a target susceptible to an attack  
a potential threat that a hacker creates
a method of attack to exploit a target
a computer that contains sensitive information
a known target or victim machine


What does the acronym IoE represent?

  Internet of Everything  
Insight into Everything
Internet of Everyday
Intelligence on Everything


What is the workforce framework category that includes highly specialized review and evaluation of incoming cybersecurity information to determine if it is useful for intelligence?

  Analyze  
Oversight and Development
Securely Provision
Protect and Defend


What does the term BYOD represent?

  bring your own device  
bring your own decision
bring your own disaster
buy your own disaster



Chapter 2: The Cybersecurity Cube


What name is given to any changes to the original data such as users manually modifying data, programs processing and changing data, and equipment failures?

  modification  
dissemination
corruption
backup
deletion
integrity


What three design principles help to ensure high availability? (Choose three.)

  detect failures as they occur  
  provide for reliable crossover  
  eliminate single points of failure  
ensure confidentiality
check for data consistency
use encryption


What two methods help to ensure system availability? (Choose two.)

  equipment maintenance  
  up-to-date operating systems  
system backups
system resiliency
integrity checking
fire extinguishers


What are two methods that ensure confidentiality? (Choose two.)

  encryption  
  authentication  
integrity
authorization
availability
nonrepudiation


What are the three states of data? (Choose three.)

  at rest  
  in-transit  
  in-process  
encrypted
in-cloud
suspended


What are three types of sensitive information? (Choose three.)

  PII  
  business  
  classified  
published
public
declassified


What are the three foundational principles of the cybersecurity domain? (Choose three.)

  confidentiality  
  integrity  
  availability  
encryption
policy
security


What are two common hash functions? (Choose two.)

  SHA  
  MD5  
Blowfish
ECC
RSA
RC4


Which two methods help to ensure data integrity? (Choose two.)

  hashing  
  data consistency checks  

availability
privacy
repudiation
authorization


What is a method of sending information from one device to another using removable media?

  sneaker net  
packet
LAN
infrared
wired
wireless


What type of cybersecurity laws protect you from an organization that might want to share your sensitive data?

  privacy  
nonrepudiation
integrity
confidentiality
authentication


For the purpose of authentication, what three methods are used to verify identity? (Choose three.)

  something you know  
  something you have  
  something you are  
something you do
where you are


What principle prevents the disclosure of information to unauthorized people, resources, and processes?

  confidentiality  
accounting
availability
integrity
nonrepudiation


What are three access control security services? (Choose three.)

  authentication  
  authorization  
  accounting 

access
availability
repudiation


What name is given to a storage device connected to a network?

  NAS  
DAS
SAN
Cloud
RAID


What is a secure virtual network called that uses the public network?

  VPN  
MPLS
IPS
Firewall
IDS
NAC


What three tasks are accomplished by a comprehensive security policy? (Choose three.)

  sets rules for expected behavior  
  defines legal consequences of violations  
  gives security staff the backing of management  
vagueness
useful for management
is not legally binding


What service determines which resources a user can access along with the operations that a user can perform?

  authorization  
biometric
accounting
token
authentication


What mechanism can organizations use to prevent accidental changes by authorized users?

  version control  
hashing
backups
encryption
SHA-1


What is identified by the first dimension of the cybersecurity cube?

  goals  
safeguards
rules
tools
knowledge



Chapter 3: Cybersecurity Threats, Vulnerabilities, and Attacks


An attacker is sitting in front of a store and wirelessly copies emails and contact lists from nearby unsuspecting user devices. What type of attack is this?

  bluesnarfing  
smishing
bluejacking
RF jamming


What occurs on a computer when data goes beyond the limits of a buffer?

  a buffer overflow  
an SQL injection
cross-site scripting
a system exception


What are two of the tactics used by a social engineer to obtain personal information from an unsuspecting target? (Choose two.)

  urgency  
  intimidation  

compassion
integrity
honesty


What is the term used when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source?

  phishing  
trojan
social engineering
backdoor
vishing


What does a rootkit modify?

  operating system  
Microsoft Word
screen savers
Notepad
programs


What is the term used to describe an email that is targeting a specific person employed at a financial institution?

  spear phishing  
vishing
spam
spyware
target phishing


A criminal is using software to obtain information about the computer of a user. What is the name of this type of software?

  spyware  
virus
adware
phishing


What is a vulnerability that allows criminals to inject scripts into web pages viewed by users?

  Cross-site scripting  
buffer overflow
SQL injection
XML injection


Which term describes the sending of a short deceptive SMS message used to trick a target into visiting a website?

  smishing  
impersonation
spam
grayware


Which two reasons describe why WEP is a weak protocol? (Choose two.)

  The key is transmitted in clear text  
  The key is static and repeats on a congested network  

Everyone on the network uses a different key.
WEP uses the same encryption features as Bluetooth.
The default settings cannot be modified.


A computer is presenting a user with a screen requesting payment before the user data is allowed to be accessed by the same user. What type of malware is this?

  a type of ransomware  
a type of virus
a type of logic bomb
a type of worm


What is the name for the type of software that generates revenue by generating annoying pop-ups?

  adware  
trackers
pop-ups
spyware


What is the meaning of the term logic bomb?

  a malicious program that uses a trigger to awaken the malicious code  
a malicious worm
a malicious virus
a malicious program that hides itself in a legitimate program


What type of attack targets an SQL database using the input field of a user?

  SQL injection  
XML injection
buffer overflow
Cross-site scripting


What is the difference between a virus and a worm?

  Worms self-replicate but viruses do not  
Viruses self-replicate but worms do not.
Worms require a host file but viruses do not.
Viruses hide in legitimate programs but worms do not.


What is the name given to a program or program code that bypasses normal authentication?

  backdoor  
virus
worm
ransomware
Trojan


What are two common indicators of spam mail? (Choose two.)

  The email has misspelled words or punctuation errors or both  
  The email has no subject line  

The email is from a friend.
The email has an attachment that is a receipt for a recent purchase.
The email is from your supervisor.
The email has keywords in it.



Chapter 4: The Art of Protecting Secrets


Which two terms are used to describe cipher keys? (Choose two.)

  key length  
  key space  

key randomness
keylogging


What cryptographic algorithm is used by the NSA and includes the use of elliptical curves for digital signature generation and key exchange?

  ECC  
IDEA
AES
RSA
El-Gamal


Which term describes the technology that protects software from unauthorized access or modification?

  watermarking  
copyright
trademark
access control


What encryption algorithm uses the same pre-shared key to encrypt and decrypt data?

  symmetric  
hash
asymmetric
one-time pad


What encryption algorithm uses one key to encrypt data and a different key to decrypt data?

  asymmetric  
symmetric
transposition
one-time pad


What is the term used to describe the science of making and breaking secret codes?

  cryptology  
spoofing
factorization
impersonation
jamming


Which type of cipher is able to encrypt a fixed-length block of plaintext into a 128-bit block of ciphertext at any one time?

  block  
symmetric
hash
transform
stream


Which three devices represent examples of physical access controls? (Choose three.)

  video cameras  
  locks  
  swipe cards  

routers
servers
firewalls


What term is used to describe the technology that replaces sensitive information with a nonsensitive version?

  masking  
whiteout
retracting
hiding
blanking


Which asymmetric algorithm provides an electronic key exchange method to share the secret key?

  Diffie-Hellman  
WEP
DES
hashing
RSA


What is the name of the method in which letters are rearranged to create the ciphertext?

  transposition  
substitution
enigma
one-time pad


Match the description with the correct term.

obfuscation - making a message confusing so it is harder to understand
steganalysis - discovering that hidden information exists within a graphic file
social steganography - creating a message that says one thing but means something else to a specific audience
steganography - hiding data within an audio file


Which three processes are examples of logical access controls? (Choose three.)

  biometrics to validate physical characteristics  
  firewalls to monitor traffic  
  intrusion detection system (IDS) to watch for suspicious network activity  

swipe cards to allow access to a restricted area
fences to protect the perimeter of a building
guards to monitor security screens


What are three examples of administrative access controls? (Choose three.)

  policies and procedures  
  hiring practices  
  background checks  

encryption
intrusion detection system (IDS)
guard dogs


Which 128-bit block cipher encryption algorithm does the US government use to protect classified information?

  AES  
Skipjack
Vignere
3DES
Caesar


A warning banner that lists the negative outcomes of breaking company policy is displayed each time a computer user logs in to the machine. What type of access control is implemented?

  deterrent  
preventive
masking
detective


What term is used to describe concealing data in another file such as a graphic, audio, or other text file?

  steganography  
obfuscation
hiding
masking


What type of cipher encrypts plaintext one byte or one bit at a time?

  stream  
enigma
hash
elliptical
block


Which three protocols use asymmetric key algorithms? (Choose three.)

  Pretty Good Privacy (PGP)  
  Secure Sockets Layer (SSL)  
  Secure Shell (SSH)  

Telnet
Secure File Transfer Protocol (SFTP)



Chapter 5: The Art of Ensuring Integrity


What is the purpose of CSPRNG?

  to generate salt  
to prevent a computer from being a zombie
to secure a web site
to process hash lookups


A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger in proceeding with this transaction?

  The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear  
The certificate from the site has expired, but is still secure.
The user is using the wrong browser to perform the transaction.
Ad blocker software is preventing the security bar from working properly, and thus there is no danger with the transaction.


What are three type of attacks that are preventable through the use of salting? (Choose three.)

  lookup tables  
  rainbow tables  
  reverse lookup tables  

shoulder surfing
guessing
social engineering
phishing


What is the step by step process for creating a digital signature?

  Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document  
Create a SHA-1 hash; encrypt the hash with the private key of the sender; and bundle the message, encrypted hash, and public key together to signed document.
Create a message; encrypt the message with a MD5 hash; and send the bundle with a public key.
Create a message digest; encrypt the digest with the public key of the sender; and bundle the message, encrypted digest, and public key together to sign the document.


Which method tries all possible passwords until a match is found?

  brute force  
cloud
dictionary
cryptographic
rainbow tables
birthday


Alice and Bob use the same password to login into the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?

  salting  
peppering
pseudo-random generator
RSA


A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?

  HMAC  
MD5
ISAKMP
SHA256


A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?

  digital signature  
code recognition
valid ID
source code


An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?

  The data in the image is an exact copy and nothing has been altered by the process  
The data is all there.
The investigator found a USB drive and was able to make a copy of it.
An exact copy cannot be made of a device.


A recent email sent throughout the company stated that there would be a change in security policy. The security officer who was presumed to have sent the message stated the message was not sent from the security office and the company may be a victim of a spoofed email. What could have been added to the message to ensure the message actually came from the person?

  digital signature  
non-repudiation
hashing
asymmetric key


Identify three situations in which the hashing function can be applied. (Choose three.)

  PKI  
  CHAP  
  IPsec  

DES
PPoE
WPA


A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?

  poor input validation  
weak encryption
bad usernames
lack of operating system patching


What are three NIST-approved digital signature algorithms? (Choose three.)

  RSA  
  DSA  
  ECDSA  

SHA256
MD5
SHA1


A user is evaluating the security infrastructure of a company and notices that some authentication systems are not using best practices when it comes to storing passwords. The user is able to crack passwords very fast and access sensitive data. The user wants to present a recommendation to the company on the proper implementation of salting to avoid password cracking techniques. What are three best practices in implementing salting? (Choose three.)

  A salt should be unique for each password  
  A salt must be unique  
  A salt should not be reused  

The same salt should be used for each password.
Salts should be short.
Salts are not an effective best practice.


A user is instructed by a boss to find a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?

  secret key and message digest  
symmetric key and asymmetric key
message digest and asymmetric key
IPsec and checksum


What are three validation criteria used for a validation rule? (Choose three.)

  format  
  size  
  range  

type
key
encryption


A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?

  Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded  
Install the program on individual computers.
Turn off antivirus on all the computers.
Encrypt the program and require a password after it is downloaded.
Distribute the program on a thumb drive.


What is the standard for a public key infrastructure to manage digital certificates?

  x.509  
x.503
NIST-SP800
PKI


What is a strength of using a hashing function?

  It is a one-way function and not reversible  
It is not commonly used in security.
It can take only a fixed length message.
It has a variable length output.
Two different files can be created that have the same output.


A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every table ​must have a primary key and that the column or columns chosen to be the primary key must be unique and not null. Which integrity requirement is the user implementing?

  entity integrity  
domain integrity
anomaly integrity
referential integrity



Chapter 6: The Five Nines Concept


A user is asked to perform a risk analysis of a company. The user asks for the company asset database that contains a list of all equipment.The user uses this information as part of a risk analysis. Which type of risk analysis could be performed?

  quantitative  
qualitative
hardware
exposure factor


A user is evaluating the network infrastructure of a company. The user noted many redundant systems and devices in place, but no overall evaluation of the network. In a report, the user emphasized the methods and configurations needed as a whole to make the network fault tolerant. What is the type of design the user is stressing?

  resilient  
spanning tree
comprehensive
availability


The CEO of a company is concerned that if a data breach should occur and customer data is exposed, the company could be sued. The CEO makes the decision to buy insurance for the company. What type of risk mitigation is the CEO implementing?

  transference  
mitigation
avoidance
reduction


A user is asked to evaluate the data center to improve availability for customers. The user notices that there is only one ISP connection, some of the equipment is out of warranty, there are no spare parts, and no one was monitoring the UPS which was tripped twice in one month. Which three deficiencies in high availability has the user identified? (Choose three.)

  single points of failure  
  failure to design for reliability  
  failure to detect errors as they occur  

failure to protect against poor maintenance
failure to identify management issues
failure to prevent security incidents


A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?

  post-incident  
containment
detection
analyze
preparation
recovery


A team has been asked to create an incident response plan for security incidents. In what phase of an incident response plan does the team get management approval of the plan?

  preparation  
analysis
post-incident
detection
recovery
containment


A user is asked to create a disaster recovery plan for a company. The user needs to have a few questions answered by management to proceed. Which three questions should the user ask management as part of the process of creating the plan? (Choose three.)

  Who is responsible for the process  
  Where does the individual perform the process?  
  What is the process?  

How long does the process take?
Does the process require approval?
Can the individual perform the process?


A user is asked to evaluate the security posture of a company. The user looks at past attempts to break into the company and evaluates the threats and exposures to create a report. Which type of risk analysis could the user perform?

  qualitative  
opinion
objective
subjective


A company is concerned with traffic that flows through the network. There is a concern that there may be malware that exists that is not being blocked or eradicated by antivirus. What technology can be put in place to detect potential malware traffic on the network?

  IDS  
firewall
NAC
IPS


A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?

  layered  
attack based
structured
risk based


A user has completed a six month project to identify all data locations and catalog the location. The next step is to classify the data and produce some criteria on data sensitivity. Which two steps can the user take to classify the data? (Choose two.)

  Identify sensitivity of the data  
  Establish the owner of the data  

Determine how often data is backed up.
Treat all the data the same.
Determine the user of the data.
Determine permissions for the data.


A user needs to add redundancy to the routers in a company. What are the three options the user can use? (Choose three.)

  VRRP  
  HSRP  
  GLBP  

IPFIX
RAID
STP


A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offer a better solution to provide fault tolerance during a drive failure. Which solution is best?

  RAID  
tape backup
offsite backup
UPS


A user was hired as the new security officer. One of the first projects was to take inventory of the company assets and create a comprehensive database. Which three pieces of information would the user want to capture in an asset database? (Choose three.)

  hardware network devices  
  workstations  
  operating systems  

groups
users
passwords


A user is purchasing a new server for the company data center. The user wants disk striping with parity on three disks. Which RAID level should the user implement?

  5  
0
1
1+0


A user is a consultant who is hired to prepare a report to Congress as to which industries should be required to maintain five nine availability. Which three industries should the user include in a report? (Choose three.)

  healthcare  
  public safety  
  finance  

food service
retail
education


A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network?

  Spanning Tree Protocol  
HSRP
VRRP
GLBP



Chapter 7: Protecting a Cybersecurity Domain


The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.)

  easier to deploy new computers within the organization  
  can provide a full system backup  
  ensures a clean imaged machine  

ensures system compatibility
creates greater diversity
cuts down on number of staff needed


A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)

  the ability to control when updates occur  
  no opportunities for users to circumvent updates  
  the ability to obtain reports on systems  

the likelihood of storage savings
the need for systems be directly connected to the Internet
the ability of users to select updates


A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?

  rogue access point  
password policy
user error
weak password
user laptop


A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)

  Administrators can approve or deny patches  
  Updates cannot be circumvented  
  Updates can be forced on systems immediately  

Computers require a connection to the Internet to receive patches.
Patches can be chosen by the user.
Patches can be written quickly.


A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem?

  computer firewall  
need for a system reboot
corrupt application
permissions


A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?

  Type II  
CER
Type I
false rejection


Why is WPA2 better than WPA?

  mandatory use of AES algorithms  
reduced processing time
supports TKIP
reduced keyspace


The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?

  VPN  
PPP
T1
fiber
modem


Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible?

  NOC  
SOC
HVAC
HR


What are three types of power issues that a technician should be concerned about? (Choose three.)

  spike  
  brownout  
  blackout  

fuzzing
flicker
spark


An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?

  secpol.msc  
system administration
account policy
password policy
grpol.msc


Which service will resolve a specific web address into an IP address of the destination web server?

  DNS  
NTP
ICMP
DHCP


The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?

  audit  
operating system
Windows
syslog


A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?

  Remove unnecessary programs and services  
Disconnect the computer from the network.
Remove the administrator account.
Turn off the firewall.
Give the computer a nonroutable address.
Install a hardware firewall.


Which three items are malware? (Choose three.)

  Trojan horse  
  keylogger  
  virus  

email
Apt
attachments


Why should WEP not be used in wireless networks today?

  easily crackable  
its age
its lack of encryption
its lack of support
its use of clear text passwords


After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)

  Secure password storage  
  Reduce the number of privileged accounts  
  Enforce the principle of least privilege  

Only the CIO should have privileged access.
Only managers should have privileged access.
No one should have privileged access.


What is the difference between an HIDS and a firewall?

  An HIDS monitors operating systems on host computers and processes file system activity. Firewalls allow or deny traffic between the computer and other systems  
An HIDS works like an IPS, whereas a firewall just monitors traffic.
An HIDS blocks intrusions, whereas a firewall filters them.
A firewall performs packet filtering and therefore is limited in effectiveness, whereas an HIDS blocks intrusions.
A firewall allows and denies traffic based on rules and an HIDS monitors network traffic.


An administrator of a small data center wants a flexible, secure method of remotely connecting to servers.Which protocol would be best to use?

  Secure Shell  
Remote Desktop
Secure Copy
Telnet


A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities?

  a baseline  
a blacklist
a pentest
a vulnerability scan
a whitelist


The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution? (Choose two.)

  at least two volumes  
  TPM  

password management
USB stick
EFS
backup



Chapter 8: Becoming a Cybersecurity Specialist


An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)

  a misconfigured firewall  
  unauthorized port scanning and network probing  
  unlocked access to network equipment  

complex passwords
locked systems
the acceptable use policy


A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?

  FERPA  
HIPPA
COPPA
CIPA


Why is Kali Linux a popular choice in testing the network security of an organization?

  It is an open source Linux security distribution and contains over 300 tools  
It is a network scanning tool that prioritizes security risks.
It can be used to test weaknesses by using only malicious software.
It can be used to intercept and log network traffic.


A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?

  vulnerability scanner  
malware
pentest
packet analyzer


A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?

  SaaS  
RaaS
PaaS
IaaS


What three services does CERT provide? (Choose three.)

  resolve software vulnerabilities  
  develop tools, products, and methods to conduct forensic examinations  
  develop tools, products, and methods to analyze vulnerabilities  

develop attack tools
create malware tools
enforce software standards


What are three disclosure exemptions that pertain to the FOIA? (Choose three.)

  national security and foreign policy information  
  confidential business information  
  law enforcement records that implicate one of a set of enumerated concerns  

public information from financial institutions
non-geological information regarding wells
information specifically non-exempt by statue


As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?

  laws governing the data  
potential gain
partnerships
cloud providers
potential bonus


As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?

  GLBA  
SOX
FIRPA
PCI


A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)

  Disable administrative rights for users  
  Enable screen lockout  
  Enable automated antivirus scans  

Remove content filtering.
Enforce strict HR policies.
Enable media devices.


Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)

  Establish policies and procedures for guests visiting the building  
  Conduct security awareness training regularly  

Lock cabinets.
Prohibit exiting the building during working hours.


If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?

  CFAA  
GLBA
ECPA
SOX


A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?

  PCI DSS  
GLBA
ECPA
SOX


An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)

  Update devices with security fixes and patches  
  Test inbound and outbound traffic  
  Disable ping, probing, and port scanning  

Hire a consultant.
Disable firewalls.
Grant administrative rights.


What can be used to rate threats by an impact score to emphasize important vulnerabilities?

  NVD  
ISC
ACSC
CERT


What are two items that can be found on the Internet Storm Center website? (Choose two.)

  InfoSec reports  
  InfoSec job postings  

current laws
historical information


What are the three broad categories for information security positions? (Choose three.)

  builders  
  definers  
  monitors  

creators
doers
seekers


A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)

  Disable CD and USB access  
  Provide security awareness training  
  Use content filtering  

Change to thin clients.
Implement disciplinary action.
Monitor all activity by the users.


What are two potential threats to applications? (Choose two.)

  unauthorized access  
  data loss  

social engineering
power interruptions


Sem comentários:

Enviar um comentário