Cybersecurity Principles Final Practice Exam

¡Supera tus tareas y exámenes ahora con Quizwiz!

You have conducted a risk analysis to protect a key company asset. You identify the following values: o Asset value = 400 o Exposure factor = 75 o Annualized rate of occurrence = 0.25 What is the annualized loss expectancy (ALE)? - 25 - 75 - 100 - 175 - 475

75

You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches. Which standard do you need to ensure that the switches are supported? - 802.3 - 802.1Q - 802.1x - 802.11

802.1Q

A remote access user needs to gain access to resources on the server. Which of the following processes are performed by the remote access server to control access to resources? - Authentication and authorization - Identity proofing and authentication - Authentication and accounting - Authorization and accounting - Identity proofing and authorization

Authentication and authorization

An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering? - Social validation - Persuasive - Authority - Commitment

Authority

You have been hired as part of the team that manages an organization's network defense. which security team are you on? - White - Red - Blue - Purple

Blue

A collection of zombie computers have been set up to collect personal information. Which type of malware do the zombie computers represent? - Botnet - Logic bomb - Trojan horse - Spyware

Botnet

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle? - Data diddling - Time-of-check to time-of-use attack - Buffer overflow attack - Smurf attack

Buffer overflow attack

You want to connect a laptop computer running Windows to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want ot use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do? - Configure the connection to use 802.1x auth and TKIP encryption - Configure the connection to use 802.1x auth and AES encryption - Configure the connection with a pre-shared key and AES encryption - Configure the connection with a pre-shared key and TKIP encryption

Configure the connection with a pre-shared key and AES encryption

You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you use them in the future? - Create a hash of each log - Store the logs in an offsite facility - Make two copies of each log and store each copy in a different location - Encrypt the logs

Create a hash of each log

A security administrator logs onto a Windows server on her organization's network. Then she runs a vulnerability scan on that server. Which type of scan was conducted in this scenario? - Non-credentialed scan - Non-intrusive scan - Intrusive scan - Credentialed scan

Credentialed scan

An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. Which kind of exploit has been used in this scenario? - Man-in-the-middle - Domain name kiting - Reconnaissance - DNS poinsoning

DNS poisoning

Which type of denial-of-service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses? - DNS poisoning - Spam - ARP poisoning - SYN flood

DNS poisoning

Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt? - Downgrade attack - Collision attack - Dictionary attack - Birthday attack

Dictionary attack

When you conduct a forensic investigation, which of the following initial actions is appropriate for preserving evidence? - Stop all running processes. - Turn off the system - Document what is on the screen - Remove the hard drive

Document what is on the screen

You have been given a laptop to use for work. You connect the laptop to your company network, use it form home, and use it while traveling. You want to protect the laptop from internet-based attacks. Which solution should you use? - Proxy server - Network-based firewall - Hos-based firewall - VPN concentrator

Host-based firewall

You are concerned about attacks directed against the firewall on your network. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action to stop or prevent the attack, if possible. Which tool should you use? - IDS - Port scanner - Packet sniffer - IPS

IPS

To obtain a digital certificate and participate in a public key infrastructure (PKI), what must be submitted and where? - Identifying data wiht the MAC and IP address to the root certificate authority (CA) - Identifying data with the 3DES block cipher to the hosting certificate (CA) - Identifying data and a certification request to the registration authority (RA) - Identifying data and a secret key request to the subordinate distribution authority (DA)

Identifying data and a certification request to the registration authority (RA)

Which of the following describes a false positive when using an IPS device? - The source address identifying a non-existent host - Legitimate traffic being flagged as malicious - The source address matching the destination address - Malicious traffic masquerading as legitimate traffic - Malicious traffic not being identified

Legitimate traffic being flagged as malicious

The chain of custody is used for which purpose? - Listing people coming into contact with the evidence - identifying the owner of the evidence - Detailing the timeline between creation and discovery of evidence - Retaining evidence integrity

Listing people coming into contact with the evidence

Which steps in the penetration testing life cycle is accomplished suing rootkits or Trojan horse programs? - Gain access - Enumeration - Maintain access - Reconnasisance

Maintain access

You want to use a tool to scan a system for vulnerabilities, including open ports, running services, and missing patches. Which tool should you use? - Wireshark - LC4 - OVAL - Nessus

Nessus LC4 is for password cracking Wireshark is wireshark OVAL is a set of standards

Which of the following is the MOST likely to happen if the firewall managing traffic into the DMZ fails? - Nothing will happen - all devices will stay protected - The LAN is compromised but the DMZ stays protected - All devices in the DMZ and LAN will be compromised - Only the servers in the DMZ are compromised but the LAN will stay protected

Only the servers in the DMZ are compromised but the LAN will stay protected

Which of the following Security Orchestration, Automation, and Response (SOAR) system automation components is often used to document the processes and procedures that are to be used by a human during the manual interverntion? - Orchestration - Playbook - Runbook - Response

Playbook

Which of the following protocols can TLS use for key exchange? - RSA - KEA - Diffie-Hellman - ECC - IKE

RSA Diffie-Hellman

An attacker is attempting to crack a system's password by matching the password hash to a hash in a large table of hashes he or she has. Which type of attack is the attacker using? - Cracking - Brute force - Rainbow - RIPEMD

Rainbow

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this? - Man-in-the-middle attack - Physical security - Rogue access point - Phishing - Social engineering

Rogue access point

Which of the following tools can be used to see if a target has any online IoT devices without proper security? - scanless - Shodan - theHarvester - Packet sniffing

Shodan

Which term means a cryptography mechanism that hides secret communications within various forms of data? - Algorithm - Ciphertext - Cryptanalysis - Steganography

Steganography

A VPN is primarily used for which of the following pruposes? - Support secured communications over an untrusted network - Support distribution of public web documents - Allow remote systems to save on long-distance charges - Allow the use of network-attached printers

Support secured communications over an untrusted network

When using SSL auth, what does the client verify first when checking a server's identity? - The certificate must be non-expiring and self-signed by the sysadmin - All DNS resolution must point to the corporate intranet routers - The current date and time must fall within the server's certificate-validity period - Master secrets are verifiable from asymmetric keys

The current date and time must fall within the server's certificate-validity period

Which of the following best defines single loss expectancy (SLE)? - The total monetary loss associated with a single occurrence of a threat - The statistical probablility of a malicious event - The monetary value of a single employee's loss of productivity due to a successful attack - The total cost of all countermeasures associated with protecting against a given vulnerability

The total monetary loss associated with a single occurrence of a threat

Which security mechanism uses a unique list that meets the following specifications: o The list is embedded in the object itself o The list defines which subjects have access to certain objects o The list specifies the level or type of access allowed to certain objects - User ACL - Mandatory access control - Hashing - Conditional access

User ACL

You need to implement a solution to manage multiple access points in your organization. Which of the Following would you most likely use? - WLC - LWAP - SOHO - Bridge

WLC A wireless LAN controller (WLC) is used... to manage multiple access points Small Office Home Office wireless router is for small Lightweight access points are using in conjunction with a wireless controller A wireless bridge connects two wireless networks together

Which of the following are disadvantages of biometrics? (select two) - Biometric factors for identical twins are the same - They can be circumvented using a brute force attack - They require time synchronization - When used alone they are no more secure than a strong password - They have the potential to produce numerous false negatives

When used alone they are no more secure than a strong password They have the potential to produce numerous false negatives

You have been hired to perform a penetration test for an organization. You are given full knowledge of the network before the test begins. Which type of penetration test are you performing? - Bug bounty - White box - Grey box - Black box

White box

This application endpoint-protection rule implicitly denies unless added to the rule. Which of the following processes describes this? - Blacklisting - Content filtering - Quarantining - Whitelisting

Whitelisting

Which networking model is based on peer-to-peer networking? - None - Standalone - Client-server - Workgroup

Workgroup

Which of the following tools can be user to view and modify DNS server information in Linux? - tracert - route - dig - netstat

dig

What is the purpose of audit trails? - To detect security-violating events - To correct system problems - to prevent security breaches - To restore systems to normal operations

to detect security-violating events


Conjuntos de estudio relacionados

PrepU Videbeck Ch 18 Personality Disorders

View Set

Medialab questions that I got wrong

View Set

AP Psych 5 Steps to a 5 Chapter 1 Schools of Thought

View Set

Chapter 1: Health Care Delivery and Evidence-Based Nursing Practice

View Set