Missed Questions Practice Test

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which of the following answers lists the filename extension of a Microsoft PowerShell script file? .py .vbs .sh .ps1

-.ps1

Files with this filename extension are used in a scripting language based on the Microsoft's Visual Basic programming language. .vb .sh .vbs .js

-.vbs

Which of the following answers can be used to describe characteristics of a cross-site scripting attack? (Select 3 answers) ------------------ Exploits the trust a user's web browser has in a website A malicious script is injected into a trusted website User's browser executes attacker's script Exploits the trust a website has in the user's web browser A user is tricked by an attacker into submitting unauthorized web requests Website executes attacker's requests

-A malicious script is injected into a trusted website -User's browser executes attacker's script -Exploits the trust a user's web browser has in a website

What is a PUP? (Select 3 answers) ---------- A type of computer program not explicitly classified as malware by AV software An application downloaded and installed without the user's consent (illegal app) A type of software that may adversely affect the computer's security and performance, compromise user's privacy, or display unsolicited ads An application downloaded and installed with the user's consent (legal app) A type of computer program explicitly classified as malware by AV applications A type of free, utility software often bundled with a paid app

-A type of software that may adversely affect the computer's security and performance, compromise user's privacy, or display unsolicited ads -An application downloaded and installed with the user's consent (legal app) -A type of computer program not explicitly classified as malware by AV software

Which of the following are the characteristic features of a session ID? (Select 3 answers) ------------------ Stored on a server A unique identifier assigned by the website to a specific user Contains user's authentication credentials, e.g. username and password A piece of data that can be stored in a cookie, or embedded as an URL parameter Stored in a visitor's browser A unique identifier assigned to a server

-A unique identifier assigned by the website to a specific user -A piece of data that can be stored in a cookie, or embedded as an URL parameter -Stored in a visitor's browser

A rule-based access control mechanism implemented on routers, switches, and firewalls is called: ACL CSR DLP AUP

-ACL

Which of the algorithms listed below does not fall into the category of asymmetric encryption? RSA GPG DSA AES DHE ECDHE PGP

-AES

Which of the cryptographic algorithms listed below is the least vulnerable to attacks? AES DES RC4 3DES

-AES

Which of the following encryption schemes is used in WiFi Protected Access 2 (WPA2)? RC4 AES-CCMP TKIP with RC4 AES-GCMP

-AES-CCMP

For the purpose of encryption, WiFi Protected Access 3 (WPA3) takes advantage of: (Select 2 answers) AES-GCMP PSK TKIP with RC4 RC4 AES-CCMP SAE

-AES-GCMP -AES-CCMP

Which part of the IPsec protocol suite provides authentication and integrity? CRC AH SIEM AES

-AH(Application Header)

Which of the following terms refers to a US government initiative for real-time sharing of cyber threat indicators? NVD AIS TTP CVSS

-AIS

Which of the following enables the exchange of information between computer programs? ------------------- API UI Device drivers SDK

-API

Which of the following answers refer to the Rule-Based Access Control (RBAC) model? (Select 2 answers) Access to resources granted or denied depending on Access Control List (ACL) entries Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules Every resource has a sensitivity label matching a clearance level assigned to a user; labels and clearance levels can only be applied and changed by an administrator An access control method based on user identity

-Access to resources granted or denied depending on Access Control List (ACL) entries -Implemented in network devices such as firewalls to control inbound and outbound traffic based on filtering rules

Which of the physical security control types listed below provides isolation from external computer networks? Air gap Network segmentation Hardware firewall Protected cable distribution

-Air gap

Restoring data from an incremental backup requires: (Select 2 answers) Copy of the last incremental backup All copies of differential backups made since the last full backup Copy of the last differential backup All copies of incremental backups made since the last full backup Copy of the last full backup

-All copies of incremental backups made since the last full backup -Copy of the last full backup

Examples of social media threat vectors include: PII harvesting Social engineering Identity/account theft Malicious URLs All of the above

-All of the above

RFID is vulnerable to: -------------------- Spoofing Eavesdropping Data interception Replay attacks Denial-of-Service (DoS) attacks All of the above

-All of the above

In active-active mode, load balancers distribute network traffic across: Least utilized servers None of the servers All servers Most utilized servers

-All servers

Which of the following statements can be used to describe the characteristics of an on-path attack? (Select all that apply) --------------------- An on-path attack is also known as MITM attack In an on-path attack, attackers place themselves on the communication route between two devices In an on-path attack, attackers intercept or modify packets sent between two communicating devices In an on-path attack, attackers do not have access to packets exchanged during the communication between two devices In an on-path attack, attackers generate forged packets and inject them in the network

-An on-path attack is also known as MITM attack -In an on-path attack, attackers place themselves on the communication route between two devices -In an on-path attack, attackers intercept or modify packets sent between two communicating devices

What are the characteristic features of Elliptic Curve Cryptography (ECC)? (Select 3 answers) Asymmetric encryption Low processing power requirements Suitable for small wireless devices High processing power requirements Symmetric encryption Not suitable for small wireless devices

-Asymmetric encryption -Low processing power -Suitable for small wireless devices

Which of the following answers describe the features of TOTP? (Select 3 answers) Vulnerable to replay attacks Based on a cryptographic hash function and a secret cryptographic key Valid for multiple login sessions Based on a shared secret key and current time Not vulnerable to replay attacks Valid for only one login session

-Based on a shared secret key and current time -Not vulnerable to replay attacks -Valid for only one login session

Examples of key stretching algorithms include: (Select 2 answers) ROT13 Twofish Bcrypt DSA PBKDF2

-Bcrypt -PBKDF2

Which cryptographic attack relies on the concepts of probability theory? ----------------- KPA Brute-force Dictionary Birthday

-Birthday

What is the function of a C2 server? -------- Spam distribution Botnet control Authentication, Authorization, and Accounting (AAA) Penetration testing

-Botnet Control

A type of exploit that relies on overwriting contents of memory to cause unpredictable results in an application is called: -------------- IV attack SQL injection Buffer overflow Fuzz test

-Buffer overflow

Which of the answers listed below refers to a type of metric used for evaluation of a biometric security system's accuracy? FRR ( Forensic Recyclability) CER(Cybersecurity) FAR ( Federal Acquisition Regulation) CER(Cybersecurity)

-CER(Cybersecurity)

Which of the following answers refer to vulnerability databases? (Select 2 answers) DBA CVE DBaaS NVD AIS

-CVE -NVD

The practice of making an unauthorized copy of a payment card is referred to as: ----------------- Rooting Cloning Replication Copying

-Cloning

Which of the following terms illustrate the security through obscurity concept? (Select all that apply) Code obfuscation Steganography SSID broadcast suppression Encryption

-Code obfuscation -Steganography -SSID broadcast suppression

What is STIX? Vulnerability database Common language for describing cyber threat information US government initiative for real-time sharing of cyber threat indicators Transport mechanism for cyber threat information

-Common language for describing cyber threat information

Which of the following terms refers to the concept of virtualization on an application level? Serverless architecture Containerization System on a Chip (SoC) Infrastructure as code

-Containerization

Which of the following terms best describes threat actors whose sole intent behind breaking into a computer system or network is monetary gain? State actors Black hat hackers Criminal syndicates Advanced Persistent Threat (APT)

-Criminal syndicates

A network protocol providing an alternative solution to the manual allocation of IP addresses is called: DNS SNMP NAT DHCP

-DHCP

A security feature of a network switch that provides countermeasures against rogue DHCP servers is called: DHCP scope DHCP reservation DHCP snooping DHCP relay agent

-DHCP snooping

A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as: ------------------- DLL ISO EXE INI

-DLL(Dynamic Link Library)

A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as: DEP RADIUS DLP PGP

-DLP

Which of the following acronyms refers to software or hardware-based security solutions designed to detect and prevent unauthorized use and transmission of confidential information? DRP DHE DLP DEP

-DLP

Remapping a domain name to a rogue IP address is an example of what kind of exploit? DNS poisoning Domain hijacking ARP poisoning URL hijacking

-DNS poisoning

Which of the following is an example of fake telemetry? OSINT Bluejacking DNS sinkhole Replay attack

-DNS sinkhole

A suite of security extensions for an Internet service that translates domain names into IP addresses is known as: EDNS DNSSEC Split DNS DDNS

-DNSSEC

A wireless disassociation attack is a type of: (Select 2 answers) ----------------------- Cryptographic attack Downgrade attack Deauthentication attack Brute-force attack Denial-of-Service (DoS) attack

-Denial-of-Service (DoS) attack -Deauthentication attack

Which of the following terms applies to the concept of non-repudiation? Security through obscurity Digital certificate MFA Hashing Encryption

-Digital Certificate

A dot-dot-slash attack is also referred to as: ---------------- Disassociation attack On-path attack Directory traversal attack Downgrade attack

-Directory traversal attack

Which of the following factors has the biggest impact on domain reputation? Domain age Missing SSL certificate Derivative content Bounce rate Distribution of spam

-Distribution of spam

What are the characteristic features of a transparent proxy? (Select all that apply) Doesn't require client-side configuration Modifies client's requests and responses Redirects client's requests and responses without modifying them Clients might be unaware of the proxy service Requires client-side configuration

-Doesn't require client-side configuration -Redirects client's requests and responses without modifying them -Clients might be unaware of the proxy service

SSL stripping is an example of: (Select 2 answers) -------------------- Brute-force attack Downgrade attack Watering hole attack On-path attack Denial-of-Service (DoS) attack

-Downgrade attack -On-path attack

Which of the EAP methods listed below relies on client-side and server-side certificates for authentication? EAP-TLS PEAP EAP-TTLS EAP-FAST

-EAP-TLS

Which of the following EAP methods offers the highest level of security? PEAP EAP-FAST EAP-TLS EAP-TTLS

-EAP-TLS

Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use? CBC GCM ECB CTR

-ECB

Which cryptographic solution would be best suited for low-power devices? ECC EFS SED FDE

-ECC

Which of the following answers refers to an endpoint security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats? SWG CASB EDR NGFW

-EDR

Which part of IPsec provides authentication, integrity, and confidentiality? AES SHA AH ESP

-ESP(Encapsulating Security Payload)

POP3 is used for: Name resolution Sending email messages File exchange Email retrieval

-Email retrieval

An asymmetric encryption key designed to be used only for a single session or transaction is known as: Static key Ephemeral key Asymmetric key Symmetric key

-Ephemeral key

Which of the following answers list the characteristic features of the Mandatory Access Control (MAC) model? (Select 3 answers) Users are not allowed to change access policies at their own discretion Labels and clearance levels can only be applied and changed by an administrator Every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object Access to resources based on user identity Every resource has a sensitivity label matching a clearance level assigned to a user

-Every resource has a sensitivity label matching a clearance level assigned to a user -Users are not allowed to change access policies at their own discretion -Labels and clearance levels can only be applied and changed by an administrator

Which of the following answers can be used to describe characteristics of a cross-site request forgery attack? (Select 3 answers) ---------------- Exploits the trust a website has in the user's web browser A user is tricked by an attacker into submitting unauthorized web requests Website executes attacker's requests Exploits the trust a user's web browser has in a website A malicious script is injected into a trusted website User's browser executes attacker's script

-Exploits the trust a website has in the user's web browser -A user is tricked by an attacker into submitting unauthorized web requests -Website executes attacker's requests

A measure of the likelihood that a biometric security system will incorrectly accept an access attempt by an unauthorized user is known as: CRC(Contagion Research Center) FAR(Federal Acquisition Regulation) CER(Cybersecurity) FRR(Forensic Recyclability)

-FAR(Federal Acquisition Regulation)

A software technology designed to provide confidentiality for an entire data storage device is known as: AES FDE EFS HSM

-FDE

A measure of the likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user is referred to as: FAR ( Federal Acquisition Regulation) CER(Cybersecurity) CRC(Contagion Research Center) FRR ( Forensic Recyclability)

-FRR(Forensic Recyclability)

-FTPS is an extension to the Secure Shell (SSH) protocol and runs by default on port number 22. True False

-False

A situation where a cryptographic hash function produces two different digests for the same data input is referred to as a hash collision. ---------------- True False

-False

Examples of techniques used for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption, or session-key encryption.) True False

-False

In cybersecurity exercises, purple team combines the roles of all other teams (i.e. red, blue, and white). True False

-False

Secure File Transfer Protocol (SFTP) is an extension to the FTP protocol that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. True False

-False

The lack of entropy(Randomness) in the process of generating cryptographic keys improves the security of cryptographic algorithms. True False

-False

An authentication subsystem in which a single set of authentication credentials provides access to multiple systems across different organizations is called: AAA framework Multi-factor authentication Group-based access control Federation

-Federation

GitHub is an example of: Digital media store Virtualization software File/code repository Social media site

-File/code repository

Which type of malware resides only in RAM? ------ Rootkit Fileless Virus Backdoor Logic bomb

-Fileless Virus

Which of the following statements does not apply to dark web? Requires specific software to access its contents Forms a large part of the deep web Not indexed by traditional search engines Frequently associated with illegal activities

-Forms a large part of the deep web

Which of the block cipher modes listed below provides both data integrity and confidentiality? CBC GCM ECB CTR

-GCM

Which of the following answers refers to a piece of hardware and associated software/firmware designed to provide cryptographic functions? EFS HSM SFC TPM

-HSM

Which of the protocols listed below enables remote access to another computer on the network via web browser? RDP HTTPS SSH VNC

-HTTPS

Which of the following terms refers to an environmental control system? SCADA HIPS TEMPEST HVAC

-HVAC

Examples of MFA attributes include: (Select all that apply) USB token Retina scan Handwritten signature Gait analysis GPS reading PIN Chain of trust

-Handwritten signature -Gait analysis -GPS reading -Chain of trust

Which firewall would provide the best protection for an ingress/egress point of a corporate network? (Select 2 answers) Hardware firewall Network-based firewall Software firewall Host-based firewall

-Hardware firewall -Network-based firewall

Which of the following terms applies to the concept of data integrity? MFA Digital certificate Hashing Security through obscurity Encryption

-Hashing

A NIDS/NIPS that detects intrusions by comparing network traffic against the previously established baseline can be classified as: (Select all that apply) Heuristic Anomaly-based Behavioral Signature-based

-Heuristic -Anomaly-based -Behavioral

Which statements best describe the attributes of an APT? (Select 3 answers) Lack of extensive resources/funding High level of technical sophistication Extensive amount of resources/funding Threat actors are individuals Low level of technical sophistication Typically funded by governments/nation states

-High level of technical sophistication -Extensive amount of resources/funding -Typically funded by governments/nation states

Which of the following enables processing data in an encrypted form? Diffusion Homomorphic encryption Obfuscation Hashing

-Homomorphic encryption

Which of the following is a common firewall type used for protecting a single computer? (Select 2 answers) Host-based firewall Software firewall ) Network-based firewall Hardware firewall

-Host-based firewall -Software firewall

Which of the following terms refers to a duplicate of the original site, with fully operational computer systems as well as near-complete backups of user data? Hot site Warm site Cold site

-Hot Site

Which of the following answers refers to an IEEE standard that can be implemented in a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports? IEEE 802.1X IEEE 802.11ac IEEE 802.1D IEEE 802.11x

-IEEE 802.1X

Which of the answers listed below refers to a short distance, line-of-sight technology used for example in home remote controls? NFC Bluetooth IR Zigbee

-IR

Which of the following answers refers to a cloud computing service model in which clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment and software? SaaS XaaS PaaS IaaS

-IaaS

Vulnerability scanning: (Select all that apply) Identifies lack of security controls Actively tests security controls Identifies common misconfigurations Exploits vulnerabilities Passively tests security controls

-Identifies lack of security controls -Identifies common misconfigurations -Passively tests security controls

Which programming aspects are critical for secure application development process? (Select 2 answers) Patch management Input validation Password protection Error and exception handling Application whitelisting

-Input validation -Error an exception handling

Digital signatures provide: (Select 3 answers) Integrity Authentication Confidentiality Authorization Non-repudiation Accounting

-Integrity -Authentication -Non-repudiation

A type of forensic evidence that can be used to detect unauthorized access attempts or other malicious activities is called: CVE IoC AIS OSINT

-IoC

Hardware RAID Level 10 (a.k.a. RAID 1+0): (Select 3 answers) Requires a minimum of 4 drives to implement Is referred to as stripe of mirrors, i.e. a combination of RAID 1 (disk mirroring) and RAID 0 (disk striping) Requires a minimum of 5 drives to implement Offers increased performance and fault tolerance (failure of one drive in each mirrored pair of disk drives does not destroy the array) Requires a minimum of 3 drives to implement Continues to operate in case of failure of more than 2 drives

-Is referred to as stripe of mirrors, i.e. a combination of RAID 1 (disk mirroring) and RAID 0 (disk striping) -Offers increased performance and fault tolerance (failure of one drive in each mirrored pair of disk drives does not destroy the array) -Requires a minimum of 4 drives to implement

Which statements best describe the attributes of a script kiddie? (Select 2 answers) Motivated by money Low level of technical sophistication Motivated by ideology High level of technical sophistication Lack of extensive resources/funding

-Lack of extensive resources/funding -Low level of technical sophistication

Which of the following answers refer to the concept of non-persistence? (Select 3 answers) Last known-good configuration System image Live boot media Journaling Known state reversion

-Last known-good configuration -Live boot media -Known state reversion

A collection of commonly used programming functions designed to speed up software development process is known as: Snap-in Repository Library Container

-Library

Which of the answers listed below refers to a type of removable storage media that contains a portable, non-persistent OS? Flash memory Primary storage Live boot media Hybrid drive

-Live boot media

Which of the following fall(s) into the category of Layer 2 attacks? (Select all that apply) MAC cloning ARP poisoning MAC flooding DNS poisoning MAC spoofing

-MAC cloning -ARP poisoning -MAC flooding -MAC spoofing

An attack that relies on altering the burned-in address of a NIC to assume the identity of a different network host is known as: (Select 2 answers) -------------------- ARP poisoning On-path attack MAC spoofing Replay attack MAC cloning

-MAC cloning -MAC spoofing

Which of the following answers refer to an office equipment that combines the functionality of multiple devices? (Select 2 answers) MFD IoT MEP PED MFA

-MFD -MEP

Which of the following would be the best solution for a company that needs IT services but lacks any IT personnel? MSA MaaS MSP MSSP

-MSP

Which of the following terms refers to a third-party vendor offering IT security management services? (Select best answer) MSP MaaS MSA MSSP

-MSSP

Which of the following answers refers to a sequential-access backup media? Magnetic tapes Disk drives Optical discs Flash media

-Magnetic tapes

Which of the following answers refers to a device designed to distribute (and monitor the quality of) electric power to multiple outlets? Power Supply Unit (PSU) Main Distribution Frame (MDF) Managed Power Distribution Unit (Managed PDU) Intermediate Distribution Frame (IDF)

-Managed Power Distribution Unit (Managed PDU)

A nontransparent proxy: (Select 2 answers) Modifies client's requests and responses Doesn't require client-side configuration Requires client-side configuration Redirects client's requests and responses without modifying them

-Modifies client's requests and responses -Requires client-side configuration

A dedicated storage appliance that can be added to a local network is known as: SDP NAS EDR SSD

-NAS

A solution that alleviates the problem of depleting IPv4 address space by allowing multiple hosts on the same private LAN to share a single public IP address is known as: DNS APIPA NAT DHCP

-NAT

Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device? NAC ACL NAT DMZ

-NAT

The process of combining multiple physical network adapters into a single logical interface for increased throughput and redundancy is called: Device pairing Multipath I/O Route aggregation NIC teaming

-NIC teaming

Which of the following is a secure implementation of a protocol used for synchronizing clocks over a computer network? NTPsec SNMPv3 SRTP IPsec

-NPTsec

Which of the following answers refer(s) to wireless threat vector(s)? (Select all that apply) Network protocol vulnerabilities (WEP/WPA) Rogue AP / Evil twin Default security configurations Malicious email attachments Vulnerabilities in network security standards (WPS)

-Network protocol vulnerabilities (WEP/WPA) -Rogue AP / Evil twin -Default security configurations -Vulnerabilities in network security standards (WPS)

The process of removing redundant entries from a database is known as: Normalization Input validation Baselining Data sanitization

-Normalization

Which of the following terms describes an attempt to read a variable value from an invalid memory address? --------------- Buffer overflow Null-pointer dereference Integer overflow Memory leak

-Null-pointer dereference

Which type of DDoS attack targets industrial equipment and infrastructure? IoT ATT&CK OT IoC

-OT

Which of the following terms refers to a nonprofit organization focused on software security? CSIRT IETF OWASP CERT

-OWASP

Which of the following answers refer to IMAP? (Select 2 answers) Offers improved functionality in comparison to POP3 Serves the same function as POP3 Enables sending email messages from client devices Offers less functions than POP3 Enables email exchange between mail servers

-Offers improved functionality in comparison to POP3(Post Office Protocol) -Serves the same function as POP3(Post Office Protocol)

Which of the following answers refers to a common antenna type used as a standard equipment on most Access Points (APs) for indoor Wireless Local Area Network (WLAN) deployments? Omnidirectional antenna Dish antenna Unidirectional antenna Yagi antenna

-Omnidirectional antenna

Which of the following answers refers to a specification for SEDs? OVAL ISO Opal OWASP

-Opal

Which of the following answers refers to a solution designed to strengthen the security of session keys? ECB PFS EFS PFX

-PFS

Which of the following fall into the category of MFA factors? (Select 3 answers) GPS reading Handwritten signature PIN Chain of trust USB token Gait analysis Retina scan

-PIN -USB Token -Retina Scan

Which of the following acronyms refers to a client authentication method used in WPA2 Personal mode? AES RC4 IKE PSK SAE

-PSK

Which cloud service model would provide the best solution for a web developer intending to create a web app? XaaS SaaS PaaS IaaS

-PaaS

A technique that allows an attacker to authenticate to a remote server without extracting cleartext password from a digest is called: ------------------ Pass the hash Replay attack Brute-force attack Spraying attack

-Pass the Hash

A security administrator configured a NIDS to receive traffic from network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the NIDS? (Select 2 answers) In-band Passive Inline Out-of-band

-Passive -Out-of-band

Which of the following examples meets the requirement of multifactor authentication? Password and biometric scan Username and PIN Smart card and ID badge Voice recognition and fingerprint scan

-Password and biometric scan

URL redirection is a characteristic feature of: Pharming Directory traversal attacks On-path attacks Typosquatting

-Pharming

Which of the following answers refer(s) to the characteristic feature(s) of Faraday cage? (Select all that apply) Physical security control type Provides protection against RFI Technical security control type Provides protection against EMI Administrative security control type

-Physical security control type -Provides protection against RFI -Provides protection against EMI

Which of the following allows an administrator to inspect traffic passing through a network switch? VLAN tagging Port mirroring Fault-tolerant mode Port scanner

-Port Mirroring

What type of preventive physical access controls would provide a basic means for securing a door access? (Select 2 answers) Air gap Proximity card reader CCTV Industrial camouflage Smart card reader

-Proximity card reader -Smart card reader

Which of the following solutions is used for controlling network resources and assigning priority to different types of traffic? Measured service Acceptable Use Policy (AUP) Fair access policy Quality of Service (QoS)

-Quality of Service (QoS)

Which of the following RAID levels does not offer fault tolerance? RAID 6 RAID 10 RAID 5 RAID 0 RAID 1

-RAID 0

A type of formal document that describes the specifications for a particular technology is known as: RFQ RFC RFI RFP

-RFC

Which of the following are examples of hardware authentication tokens? (Select 3 answers) Key fob Cable lock Passphrase Biometric reader RFID badge Smart card

-RFID badge -Smart card -Key fob

Which of the algorithms listed below does not belong to the category of symmetric ciphers? RC4 DES RSA AES Blowfish 3DES Twofish

-RSA

A type of OS characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems, is known as: UNIX Windows NT POSIX RTOS

-RTOS

A malfunction in a preprogrammed sequential access to a shared resource is described as: ---------------- Race condition Buffer overflow Memory leak Pointer dereference

-Race condition

Which of the following is an example of cryptomalware? ----------- Backdoor Ransomware Keylogger Rootkit

-Ransomware

Examples of embedded systems include: (Select all that apply) Android OS Raspberry Pi iOS Arduino Field Programmable Gate Array (FPGA) Mainframe computer system

-Raspberry Pi -Arduino -Field Programmable Gate Array (FPGA)

A dedicated data storage solution that combines multiple disk drive components into a single logical unit to increase volume size, performance, or reliability is referred to as: Storage Area Network (SAN) Load balancer Redundant Array of Independent Disks (RAID) Network-Attached Storage (NAS)

-Redundant Array of Independent Disks (RAID)

Which of the following terms refer to software/hardware driver manipulation techniques? (Select 2 answers) ------------------ Prepending Fuzz testing Refactoring Shimming Sideloading

-Refactoring -Shimming

Hardware RAID Level 0: (Select all that apply) Requires a minimum of 2 drives to implement Is also known as disk striping Decreases reliability (failure of any disk in the array destroys the entire array) Is also referred to as disk mirroring Offers less volume capacity in comparison to RAID 1 Requires at least 3 drives to implement Is suitable for systems where performance has higher priority than fault tolerance Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data)

-Requires a minimum of 2 drives to implement -Is also known as disk striping -Decreases reliability (failure of any disk in the array destroys the entire array) -Is suitable for systems where performance has higher priority than fault tolerance

Hardware RAID Level 1: (Select 3 answers) Requires at least 2 drives to implement Is also known as disk striping Offers improved performance in comparison to RAID 0 Requires at least 3 drives to implement Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) Is also referred to as disk mirroring

-Requires at least 2 drives to implement -Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) -Is also referred to as disk mirroring

Hardware RAID Level 5: (Select 2 answers) Requires at least 2 drives to implement Continues to operate in case of failure of more than 1 drive Requires at least 3 drives to implement Offers increased performance and fault tolerance (single drive failure does not destroy the array and lost data can be re-created by the remaining drives) Requires at least 4 drives to implement

-Requires at least 3 drives to implement -Offers increased performance and fault tolerance (single drive failure does not destroy the array and lost data can be re-created by the remaining drives)

Hardware RAID Level 6: (Select 2 answers) Requires at least 4 drives to implement Offers increased performance and fault tolerance (failure of up to 2 drives does not destroy the array and lost data can be re-created by the remaining drives) Requires at least 3 drives to implement Continues to operate in case of failure of more than 2 drives Requires at least 5 drives to implement

-Requires at least 4 drives to implement -Offers increased performance and fault tolerance (failure of up to 2 drives does not destroy the array and lost data can be re-created by the remaining drives)

A collection of software tools used by a hacker to mask intrusion and obtain administrator-level access to a computer or computer network is known as: ----------- Rootkit Spyware Backdoor Trojan

-Rootkit

Which of the following acronyms refers to a client authentication method used in WPA3 Personal mode? SAE IKE RC4 PSK AES

-SAE

A dedicated local network consisting of devices providing data access is called: SDN NAS iSCSI SAN

-SAN

Which of the following answers refer to industrial and manufacturing control systems? (Select 2 answers) EDR CMS SCADA ICS CCTV

-SCADA -ICS

Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform? GUI SDLC API SDK

-SDK

Which of the following answers refer to software technologies designed to simplify network infrastructure management? (Select 2 answers) SDP SSP SDV SEH SDN

-SDN -SDV

Which of the following answers refers to a data storage device equipped with hardware-level encryption functionality? SSP SEH SDN SED

-SED

Which of the following indicates an SQL injection attack attempt? ---------------- DELETE FROM itemDB WHERE itemID = '1'; SELECT * FROM users WHERE userName = 'Alice' AND password = '' OR '1' = '1'; DROP TABLE itemDB; SELECT * FROM users WHERE email = '[email protected]' AND password = '';

-SELECT * FROM users WHERE userName = 'Alice' AND password = '' OR '1' = '1';

A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called: SNMP PCAP HIPS SIEM

-SIEM

Which of the answers listed below refers to a deprecated TLS-based method for securing SMTP? IMAPS STARTTLS POP3S SMTPS

-SMTPS

Which version(s) of the SNMP protocol offer(s) authentication based on community strings sent in an unencrypted form? (Select all that apply) SNMPv1 SNMPv2 SNMPv3 SNMPv4

-SNMPv1 -SNMPv2

Which of the following tools enables automated response to security incidents? NIDS SOAR HIDS

-SOAR

Which protocol enables secure, real-time delivery of audio and video over an IP network? S/MIME RTP SIP SRTP

-SRTP

Which of the following answers refers to a non-proprietary cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services? RDP Telnet SSH RAS

-SSH

Which of the following answers refers to a deprecated encryption protocol? SSH TLS S/MIME SSL IPsec PGP

-SSL

Which type of exploit allows an attacker to take control over a server and use it as a proxy for unauthorized actions? ----------------- XSRF CSRF XSS SSRF

-SSRF

A cloud computing service model offering remote access to applications based on monthly or annual subscription fee is called: PaaS SaaS IaaS XaaS

-SaaS

Which of the following provide randomization during encryption process? (Select 2 answers) ------------------- Salting Rainbow tables Obfuscation Initialization Vector (IV) Shimming

-Salting -Initialization Vector (IV)

What are the countermeasures against VM escape? (Select 2 answers) Group policy Sandboxing User training Patch management Asset documentation

-Sandboxing -Patch Managment

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company's firewall is called: Honeynet Virtual Private Network (VPN) Extranet Screened subnet

-Screened subnet

What are the characteristic features of the secure version of IMAP? (Select all that apply) TCP port 143 Secure Sockets Layer (SSL) TCP port 993 Transport Layer Security (TLS) TCP port 995

-Secure Sockets Layer (SSL) -TCP port 993 -Transport Layer Security (TLS)

Which of the following answers refer(s) to POP3S encrypted communication? (Select all that apply) TCP port 993 Secure Sockets Layer (SSL) TCP port 995 Transport Layer Security (TLS) TCP port 110

-Secure Sockets Layer (SSL) -TCP port 995 -Transport Layer Security (TLS)

LDAPS is an example of: Authentication protocol Secure directory access protocol Address resolution protocol File exchange protocol

-Secure directory access protocol

A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers) Session-key encryption Public-key encryption Symmetric encryption Asymmetric encryption Secret-key encryption

-Session key encryption -Symmetric encryption -Secret-key encryption

Which of the following alters the external behavior of an application and at the same time does not introduce any changes to the application's code? ------------------ Shimming Refactoring API call Sideloading

-Shimming

Which of the following destruction tools/methods allow(s) for secure disposal of physical documents? (Select all that apply) Shredding Hard drive sanitization Burning Low-level formatting Degaussing

-Shredding -Burning

Which of the following answers refers to an example implementation of certificate-based authentication? Smart card ID badge PIN code Biometric lock

-Smart Card

A file-based representation of the state of a virtual machine at a given point in time is called: Restore point Shadow copy Snapshot System image

-Snapshot

What type of backups are commonly used with virtual machines? Incremental backups Snapshot backups Tape backups Differential backups

-Snapshot backups

An integrated circuit combining components normally found in a standard computer system is referred to as: HSM TPM SoC BIOS

-SoC

A short list of commonly used passwords tried against large number of user accounts is a characteristic feature of: -------------- Replay attack Dictionary attack Spraying attack Birthday attack

-Spraying attack

Which password attack bypasses account-lockout policies? ---------------- Birthday attack Spraying attack Dictionary attack Replay attack

-Spraying attack

Which of the terms listed below refers to the dynamic packet filtering concept? Port mirroring Stateful inspection Out-of-band management Stateless inspection

-Stateful inspection

Which of the following terms refers to an automated or manual code review process aimed at discovering logic and syntax errors in the application's source code? Input validation Dynamic code analysis Fuzzing Static code analysis

-Static code analysis

A mobile security solution that enables separate controls over the user and enterprise data is called: Content management Virtualization Containerization Storage segmentation

-Storage segmentation

What are the countermeasures against SQL injection attacks? (Select 2 answers) Code obfuscation Database normalization Stored procedures Code signing Input validation

-Stored procedures -Input validation

What are the characteristic features of WPA2/WPA3 Enterprise mode? (Select 3 answers) Suitable for large corporate networks IEEE 802.1D Does not require an authentication server IEEE 802.1X Suitable for all types of wireless LANs Requires RADIUS authentication server

-Suitable for large corporate networks -IEEE 802.1X -Requires RADIUS authentication server

An exact copy of the entire state of a computer system is known as: System image Last known-good configuration Restore point Mirrored volume

-System image

Which of the following facilitate(s) privilege escalation attacks? (Select all that apply) ------------------ System/application vulnerability Principle of least authority Social engineering techniques Mandatory Access Control (MAC) System/application misconfiguration

-System/application vulnerability -Social engineering techniques -System/application misconfiguration

Which of the following terms refers to a dedicated transport mechanism for cyber threat information? TCP/IP STIX TAXII S/MIME

-TAXII

Which of the following terms refers to an embedded cryptoprocessor that can be found on the motherboards of newer PCs and laptops? CFB AHCI UEFI TPM

-TPM

Which of the following answers list examples of hardware root of trust? (Select 2 answers) EFS TPM SED HSM FDE

-TPM -HSM

Which of the following describes the behavior of a threat actor? PII TTPs IPS MaaS

-TTPs

Which of the following terms refers to a vulnerability caused by race conditions? ---------------- Mean time to failure Replay attack Mean time between failures Time-of-check to time-of-use

-Time-of-check to time-of-use

Which of the following security solutions can be used to protect database contents? (Select all that apply) Fuzzing Tokenization Salting Normalization Hashing

-Tokenization -Salting -Hashing

A network replay attack occurs when an attacker intercepts sensitive user data and resends it to the receiver with the intent of gaining unauthorized access or tricking the receiver into unauthorized operations. --------------- True False

-True

An HTML5 VPN portal is an example of clientless VPN implementation where an HTML5-compliant web browser along with TLS encryption can be used instead of a dedicated VPN client software. True False

-True

Discretionary Access Control (DAC) is an access control model based on user identity. In DAC, every object has an owner who at his/her own discretion determines what kind of permissions other users can have to that object. True False

-True

In a weighted round-robin load balancing method, each consecutive request is handled in a rotational fashion, but servers with higher specs are designated to process more workload. True False

-True

In client-server model, the term "Thin client" refers to a networked computer equipped with the minimum amount of hardware and software components. As opposed to thick client, which runs applications locally from its own hard drive, thin client relies on network resources provided by a remote server performing most of the data processing and storage functions. True False

-True

Of the three existing versions of the Simple Network Management Protocol (SNMP), versions 1 and 2 (SNMPv1 and SNMPv2) offer authentication based on community strings sent in an unencrypted form (in cleartext). SNMPv3 provides packet encryption, authentication, and hashing mechanisms that allow for checking whether data has changed in transit (i.e. validation of data integrity). True False

-True

Unified Extensible Firmware Interface (UEFI) is a firmware interface designed as a replacement for BIOS. UEFI offers a variety of improvements over BIOS, including Graphical User Interface (GUI), mouse support, or secure boot functionality designed to prevent the loading of malware and unauthorized operating systems during the computer startup process. True False

-True

What is the name of a device that can provide short-term emergency power during an unexpected main power source outage? UPS PoE SVC PSU

-UPS

Which of the following physical security controls can be implemented as DLP solution? USB data blocker Visitor logs CCTV Motion detection

-USB data blocker

Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers) Patch management Usage audit Physical security controls Sandboxing Asset documentation

-Usage audit -Asset documentation

What are the characteristic features of a session key? (Select 2 answers) Used during a single session Asymmetric key Reused during multiple sessions Symmetric key

-Used during a single session -Symmetric key

Which of the following enables running macros in Microsoft Office applications? DOM VBA SDK RAD

-VBA

In cloud computing, users on an on-premises network take advantage of a transit gateway to connect to: WAN VPC SAN VLAN

-VPC

Which of the acronyms listed below refers to a firewall controlling access to a web server? WEP WAP WPS WAF

-WAF

Which of the following would be of help in troubleshooting wireless signal loss and low wireless network signal coverage? (Select 2 answers) Protocol analyzer WAP power level controls WiFi analyzer Logical network diagram Network mapper

-WAP power level controls -WiFi analyzer

Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities resulting from implementation flaws? EAP AES WPA2 WEP

-WEP

Which of the following would be the best solution for securing a small network that lacks an authentication server? WPA3-SAE WPA2-Enterprise WPA2-PSK WPA3-Enterprise

-WPA3-SAE

A solution that simplifies configuration of new wireless networks by allowing non-technical users to easily configure network security settings and add new devices to an existing network is known as: WPA WPS WEP WAP

-WPS

Which of the wireless technologies listed below are deprecated and should not be used due to their known vulnerabilities? (Select 2 answers) WPS WAP WPA2 WAF WEP

-WPS -WEP

A 2.4/5.0 GHz frequency range wireless network technology implemented in the IEEE 802.11 series of standards is commonly referred to as: WiFi Ethernet NFC Cellular broadband Bluetooth

-WiFi

Which of the following answers refers to a diagnostic tool that can be used for measuring wireless signal strength? Tone generator Multimeter WiFi analyzer Network mapper

-WiFi analyzer

Which of the answers listed below refers to an IoT technology designed to provide communication between appliances in a home automation network? Ant+ Zigbee NFC RFID

-Zigbee

Which of the following enables client-side URL redirection? host hosts hostname localhost

-hosts

Which of the following answers refers to a filename extension used in a cross-platform, general-purpose programming language? .bat .py .ps1 .vbs

-py

Which of the following answers refers to a script file type designed to be run in Unix command line? bat ps1 vbs sh

-sh

Which access control model defines access control rules with the use of statements that closely resemble natural language? DAC ABAC MAC RBAC

ABAC

What is the PKI role of Registration Authority (RA)? (Select 2 answers) Accepting requests for digital certificates Validating digital certificates Authenticating the entity making the request Providing backup source for cryptographic keys Issuing digital certificates

Accepting requests for digital certificates Authenticating the entity making the request

The term "Rooting" refers to the capability of gaining administrative access to the operating system and system applications on: Android devices iOS devices Microsoft devices All types of mobile devices

Android devices

OpenID Connect is a protocol used for: Authentication Authorization Accounting

Authentication

OAuth is an open standard for: Authentication Authorization Accounting

Authorization

Which of the following answers refers to an STP frame? MTU Jumbo frame BPDU Magic packet

BPDU

Which of the following terms is used to describe a text message containing system information details displayed after connecting to a service on a server? Log Trap Signature Banner

Banner

The practice of connecting to an open port on a remote host to gather more information about its configuration is known as: Phishing Bluesnarfing Banner grabbing eDiscovery

Banner grabbing

A popular, 2.4 GHz short-range wireless technology used for connecting various personal devices in a WPAN is known as: 802.11 NFC Bluetooth Z-Wave

Bluetooth

Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications? UTM CASB NGFW DMVPN

CASB

In which of the mobile device deployment models employees can use corporate-owned devices both for work-related tasks and personal use? BYOD COPE VDI CYOD

COPE

Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers) CIRT CRL OCSP CSR Key escrow

CRL OCSP

Which of the answers listed below refers to a method for requesting a digital certificate? CBC CSR CFB CRL

CSR

An industry standard for assessing the severity of computer system security vulnerabilities is known as: SIEM CVSS OSINT SOAR

CVSS

A mobile device deployment model in which employees select devices for work-related tasks from a company-approved device list is known as: VDI CYOD BYOD COPE

CYOD

In the context of MDM, the isolation of corporate applications and data from other parts of the mobile device is referred to as: Containerization Storage segmentation Virtualization Content management

Containerization

Which of the following terms refers to a modified mobile device equipped with software features that were not originally designed by the device manufacturer? Jailbreaking Custom firmware Rooting Sideloading

Custom firmware

Which of the following would prevent using a mobile device for data exfiltration via cable connection? DLP Full device encryption Screen locks COPE

DLP

Netstat is a command-line utility used for: (Select 2 answers) Displaying active TCP/IP connections Testing the reachability of a remote host Displaying intermediary points on the packet route Viewing the TCP/IP configuration details Displaying network protocol statistics

Displaying network protocol statistics Displaying active TCP/IP connections

What are the characteristics of TACACS+? (Select 3 answers) Encrypts only the password in the access-request packet Combines authentication and authorization Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication and authorization Primarily used for network access

Encrypts the entire payload of the access-request packet Primarily used for device administration Separates authentication and authorization

Which of the following answers refers to a rule-based access control mechanism associated with files and/or directories? EFS FACL FIM NTFS

FACL

The term "DHCP snooping" refers to an exploit that enables operation of a rogue DHCP network server. True False

False

The arp command can be used to perform what kind of resolution? IP to FQDN MAC to IP IP to MAC FQDN to IP

IP to MAC

Examples of protocols used for implementing secure VPN tunnels include: (Select all that apply) bcrypt IPsec SRTP TLS L2TP

IPsec TLS L2TP

Which of the following answers refers to a trusted third-party service for validating user identity in a federated identity system? RA IdP CA Kerberos

IdP

A type of hardened server used as a secure gateway for remote administration of devices placed in a different security zone is known as: C2 server Jump server UC server Proxy server

Jump server

Which of the following servers would be best suited to act as an intermediary between an intranet and a screened subnet? UC server Proxy server C2 server Jump server

Jump server

During a password reminder procedure the system asks security question that covers personal details that should be known only to the user (e.g. user's favorite holiday destination). This type of authentication method is an example of: SAE KBA IdP PII

KBA

Assigning a unique encrypted key, called a ticket, to each user that logs on to the network is a characteristic feature of: SAML TOTP RADIUS Kerberos

Kerberos

Which of the following authentication protocols can be used to enable SSO in Windows-based network environments? PAP LDAP MS-CHAP Kerberos

Kerberos

Which of the following access control models enforces the strictest set of access rules? MAC RBAC DAC ABAC

MAC

What is the name of a network security access control method in which a 48-bit physical address assigned to each network card is used to determine access to the network? MAC filtering Network Address Translation (NAT) Static IP addressing Network Access Control (NAC)

MAC filtering

Which of the following answers refers to a dedicated mobile app management software? UEM MAM RCS MDM

MAM

Which protocol ensures the reliability of the Kerberos authentication process? EAP NTP IPsec RTP

NTP

Which of the following tools offers the functionality of a configuration compliance scanner? Zenmap Roo Nessus DBAN

Nessus

In a round-robin load balancing method, each consecutive request is handled by: (Select best answer) First server in a cluster Next server in a cluster Least utilized server in a cluster Last server in a cluster

Next server in a cluster

What is the fastest way for checking the validity of a digital certificate? CRL Key escrow OCSP CSR

OCSP

Mobile device updates delivered over a wireless connection are known as: WAP UAV OTA RAS

OTA

Which technology enables establishing direct communication links between two USB devices? VDE GRE OTG DHE

OTG

A security solution that provides control over elevated (i.e. administrative type) accounts is known as: MAC PAM ICS FACL

PAM

Which of the answers listed below refers to an obsolete authentication protocol that sends passwords in cleartext? PAP CHAP EAP MS-CHAP

PAP

Which of the following answers refers to a security feature used in Bluetooth device pairing? PIN code Multi-factor authentication Biometrics Cleartext credentials

PIN code

Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates? Web of trust PKI IaaS CA

PKI

Which of the following answers refers to a deprecated method for implementing Virtual Private Networks (VPNs)? GRE PPTP OpenVPN SSTP

PPTP

An account policy setting that forces users to come up with a new password every time they are required to change their old password is called: Password reuse Multi-factor authentication Password history Password complexity

Password history

Which of the following answers refer(s) to (an) example(s) of physical authentication token(s)? (Select all that apply) RFID badge Password key Password vault Key fob Smart card

Password key RFID badge Key fob Smart card

802.1X is an IEEE standard for implementing: VLAN tagging Token ring networks Port-based NAC Wireless networks

Port-based NAC

What are the characteristic features of RADIUS? (Select 3 answers) Primarily used for network access Encrypts the entire payload of the access-request packet Combines authentication and authorization Encrypts only the password in the access-request packet Primarily used for device administration Separates authentication and authorization

Primarily used for network access Combines authentication and authorization Encrypts only the password in the access-request packet

Group-based access control in MS Windows environments is an example of: RBAC DAC ABAC MAC

RBAC

Which of the following answers refers to a technology designated as a successor to SMS and MMS? RCS S/MIME IM CMS

RCS

Which VPN type is used for connecting computers to a network? (Select all that apply) Remote access Intranet-based Client-to-site Site-to-site Extranet-based

Remote access Client-to-site

In the Kerberos-based authentication process, the purpose of the client's timestamp is to provide countermeasure against: Replay attacks Dictionary attacks Birthday attacks Downgrade attacks

Replay attacks

An access control model in which access to resources is granted or denied depending on the contents of Access Control List (ACL) entries is called: Role-Based Access Control Mandatory Access Control Rule-Based Access Control Lattice-Based Access Control

Rule-Based Access Control

Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data? SAML OpenID Connect Shibboleth OAuth

SAML

A type of mobile OS implementing more strict, Linux-based access security controls is known as: Chrome OS SEAndroid Windows Mobile iOS

SEAndroid

Which of the following protocols provide protection against broadcast storms and switching loops? (Select 2 answers) RTP SRTP RDP STP RSTP

STP RSTP

A user interface element controlling access to a mobile device after the device is powered on is called: Launcher Screen lock Privacy filter Hardware lock

Screen lock

In active-passive mode, load balancers distribute network traffic across: All servers Servers marked as active Least utilized servers Servers marked as passive

Servers marked as active

Which of the following account types is not designed for an end user use? Guest account Privileged account Shared account Service account

Service account

Which of the terms listed below refers to a method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server? Round-robin method Active-active configuration Session affinity Least connection method

Session affinity

Allowing "Unknown Sources" in Android Security Settings enables: Rooting Carrier unlocking Sideloading Jailbreaking

Sideloading

Installing mobile apps from websites and app stores other than the official marketplaces is referred to as: Jailbreaking Rooting Sideloading Carrier unlocking

Sideloading

A common implementation of identity and access controls used in federated SSO systems includes OpenID Connect and Oauth 2.0 used in conjunction to provide authentication and authorization services. True False

True

Challenge Handshake Authentication Protocol (CHAP) is a remote access authentication protocol that periodically re-authenticates client at random intervals to prevent session hijacking. True False

True

In computer networking, the term "Out-of-band management" refers to a network device management technique that enables device access through a dedicated communication channel separate from the network where a given device operates. Managing access can be established either locally by installing an out-of-band management card on the device, or remotely by establishing a dedicated connection to the device with the use of a modem or console router. True answer) False

True

In software engineering, the term "Microservice" describes independent and self-contained code components that can be put together to form an application. True False

True

Which of the following answers refers to a software tool that provides a single management interface for mobile devices, PCs, printers, IoT devices and wearables? MDM RCS UEM MAM

UEM

Which of the following can be used to verify the identity of a client while establishing a session over TCP port 22? (Select all that apply) PIN Digital certificate IPsec Username and password SSH key

Username and password SSH key

In which of the mobile device deployment models a mobile device acts as a terminal for accessing data and applications hosted on a remote server? CYOD COPE VDI BYOD

VDI

Which of the answers listed below refers to a dedicated device for managing encrypted connections established over an untrusted network, such as the Internet? VPN concentrator Load balancer Managed switch Multilayer switch

VPN concentrator

Which of the following answers refer to the characteristics of HOTP? (Select 3 answers) Valid for only one login session Based on a shared secret key and current time Vulnerable to replay attacks Based on a cryptographic hash function and a secret cryptographic key Valid for multiple login sessions Not vulnerable to replay attacks

Valid for only one login session Based on a cryptographic hash function and a secret cryptographic key Not vulnerable to replay attacks

What type of IP address would be assigned to a software-based load balancer to handle an Internet site hosted on several web servers, each with its own private IP address? IPv4 address Virtual IP address Non-routable IP address IPv6 address

Virtual IP address

Which technology enables establishing direct communication links between two wireless devices without an intermediary Wireless Access Point (WAP)? USB OTG WiFi Direct IEEE 802.3 WiMAX

WiFi Direct

Which digital certificate type allows multiple subdomains to be protected by a single certificate? Root signing certificate Subject Alternative Name (SAN) certificate Extended Validation (EV) certificate Wildcard certificate

Wildcard certificate

Which of the following answers refers to a command-line tool used to download or upload data to a server via any of the supported protocols, such as FTP, HTTP, SMTP, IMAP, POP3, or LDAP? theHarvester curl sn1per memdump

curl

Which of the following answers refer to network administration command-line utilities used for DNS queries? (Select 2 answers) dig tracert nslookup ping pathping

dig nslookup

Which of the following tools would be best suited for gathering information about a domain? FTK imager dnsenum scanless Wireshark

dnsenum

Which of the following answers refers to a command-line tool used for security auditing and testing of firewalls and networks? pathping netstat nslookup hping

hping

The Linux command-line utility for network interface configuration is called: ifconfig netstat nslookup ipconfig

ifconfig

What is the name of a Windows command-line utility that can be used to display TCP/IP configuration settings? ifconfig nslookup ipconfig netstat

ipconfig

Which of the following answers refers to a network debugging and exploration tool that can read and write data across TCP or UDP connections? netcat theHarvester Cuckoo tcpdump

netcat

A Linux command-line command for displaying routing table contents is called: print route netstat -r route print netstat -a

netstat -r

Which of the following command-line commands in MS Windows are used to display the contents of a routing table? (Select 2 answers) netstat -p route print netstat -a print route netstat -r

route print netstat -r

Which of the following tools hides attacker's identity by utilizing a proxy for port scanning? tcpdump Cuckoo scanless dnsenum

scanless

Which of the following tools is used for gathering OSINT? Wireshark theHarvester Nessus FTK imager

theHarvester

A network command-line utility in MS Windows that tracks and displays the route taken by IPv4 packets on their way to another host is called: ping traceroute nslookup tracert

tracert


Kaugnay na mga set ng pag-aaral

Lewis Chapter 67: Acute Respiratory Failure and ARDS NCLEX

View Set

Chapter 44: Care of Patients With Problems of the Peripheral Nervous System

View Set

Biology 30 - Diploma Review - All Units

View Set

Sill's 7th edition Self-Study Questions (Chapter 3 Blood Gas Sampling, Analysis, Monitoring, and Interpretation)

View Set

Political Map of Europe Countries

View Set