final
________ refers to unencrypted text. A) Plain text B) Algorithm C) Cipher text D) Key
A) Plain text
Copies of __________ virus are created in the Windows System directory as #_up.exe. A) Sasser B) TrojanAB C) MiMail D) Stuxnet
A) Sasser
The TCP protocol operates at what layer of the OSI model? A) Data link B) Transport C) Application D) Network
B) Transport
The joint task force representing components of all four U.S armed services is the ____________. A) None of these B) U.S. Cyber Command C) Patriot Command D) Cyber Terror Association
B) U.S. Cyber Command
One way to protect yourself on auction sites is? A) None of these. B) Use a separate credit card with a low limit. C) Bid late in the process. D) Bid early in the process.
B) Use a separate credit card with a low limit.
Question 68 : The company whose chief executive officer was indicted for copyright infringement of allegedly stealing technology from D-Link, which was one of its own customers, was _________. A) None of these B) VIA C) Interactive Television Technologies, Inc. D) General Motors
B) VIA
The virus that infected Iranian nuclear facilities was exploiting vulnerability in SCADA systems. A) Stuxnet B) Persian C) None of these D) MyDoom
A) Stuxnet
What is most important to learn about a person listed in a sex offender registry? A) The nature of her specific crime B) The extent of his punishment C) How old she was when she committed her crime D) How long he has been out of prison
A) The nature of her specific crime
Internet addresses of the form www.google.com is known as what? A) Uniform resource locators B) User-accessible web addresses C) Uniform address identifiers D) User-friendly web addresses
A) Uniform resource locators
The process to list assets that you believe support your organization is called ________. A) Business planning B) Asset identification C) Making a balance sheet D) Organizational charting
B) Asset identification
_________ can include logs, portable storage, emails, tablets, and cell phones. A) Ancillary hardware B) Computer evidence C) None of these D) Network devices
B) Computer evidence
What attack is in progress in the following figure? Figure A A) None of these B) DoS attack C) UDP attack D) Flooding attack
B) DoS attack
In Windows the log that contains events collected from remote computers is the ____________ log. A) System B) ForwardedEvents C) Applications and services D) Application
B) ForwardedEvents
Which of these could be considered a course of conduct directed at a specific person that causes substantial emotional distress in such person and serves no legitimate purpose? A) None of these B) Harassment C) Browsing D) Phishing
B) Harassment
If you fail to handle evidence properly ___________. A) Law enforcement may not look at it. B) It may be unusable in court. C) You may damage the hard drive. D) None of these.
B) It may be unusable in court.
What encryption algorithms are used by WEP and WPA? A) RC4 and DES B) RC4 and 3DES C) RC4 and AES D) RC3 and AES
C) RC4 and AES
Any legitimate security professional will not mind giving? A) References, Permission to check house condition, and criminal background B) References, Permission to check credit history, and car plate C) References, Permission to check credit history, and criminal background D) All of these
C) References, Permission to check credit history, and criminal background
Question 94 : The rule that packets not originating from inside your LAN should not be forwarded relates to ___________. A) Servers B) Workstations C) Routers D) Web servers
C) Routers
Someone who calls himself a hacker but lacks the expertise is a ________. A) White hat hacker B) Sneaker C) Script kiddy D) Black hat hacker
C) Script kiddy
Where would you go to find various state sex offender registries? A) The special victims' unit website B) The interstate online sex offender database C) The national sex offender online database D) The FBI website
D) The FBI website
In 1996 a hacker allegedly associated with the white supremacist movement temporarily disabled a ___________ ISP. A) None of these B) Massachusetts C) New York D) Sri Lankan
B) Massachusetts
Although the Cyberterrorism Preparedness Act of 2002 was not passed, many of its goals were addressed by the ___________. A) None of these B) Patriot Act C) Pentagon D) CIA
B) Patriot Act
A ____________ hides the internal network's IP address and presents a single IP address to the outside world. A) Intrusion detection system B) Proxy server C) Firewall D) Network Monitor
B) Proxy server
Question 67 : The virus scanning technique that means you have a separate area isolated from the operating system in which a file is run, so it won't infect the system is ________. A) Heuristic B) Sandbox C) Signatures D) Updates
B) Sandbox
Sending an email that claims to come from a different sender, and asking for sensitive data is an example of ___________. A) Key logging B) Social engineering C) None of these D) Phishing
B) Social engineering
Micro blocks, SYN cookies, RST cookies, and stack tweaking are defenses against ______. A) None of these B) TCP SYN flood attacks C) Phishing D) Viruses
B) TCP SYN flood attacks
The Linux log file that can reveal attempts to compromise the web server is ______________. A) /var/log/lighttpd/* B) /var/log/apport.log C) /var/log/kern.log D) /var/log/apache2/*
B) /var/log/apport.log
Which of these is NOT one of the two basic types of cryptography? A) Forward B) Symmetric C) Asymmetric D) All of these
A) Forward
Which TCP/IP protocol operates on port 80 and displays web pages? A) HTTP B) DNS C) FTP D) SMTP
A) HTTP
A ________ invites attackers and lures them into breaking into a system while deviating their attention from target systems. A) Honeypot B) Deep box C) Cloud drive D) Sandbox
A) Honeypot
If you experience a denial-of-service attack, you can use firewall logs to determine the _______ from which the attack originated. A) IP address B) None of these C) Computer operating system D) Computer manufacturer
A) IP address
Question 95 : Which country is described by experts as having the strictest cybercrime laws? A) None of these B) France C) Russia D) United States
A) None of these
The simplest form of firewall is a(n) ____________ firewall. A) Packet Filtering B) Domain gateway C) Circuit-level gateway D) Application gateway
A) Packet Filtering
The most common way for a virus to spread is by __________. A) Scanning your computer for network connections and copying itself to other machines on the network B) Use of your email contacts C) None of these D) Locating Linux machines
A) Scanning your computer for network connections and copying itself to other machines on the network
A good password has at least ______ characters. A) 10 B) 15 C) 6 D) 8
D) 8
The command-line command to instruct the ping utility to send packets until explicitly told to stop is ping ____. A) -t B) -u C) None of these D) -s
A) -t
What is BCP? A) Business Continuity Plan B) Business Continuity Practice C) Business and Continuity Processes D) Business Completion Plan
A) Business Continuity Plan
Which web search approach is best when checking criminal backgrounds? A) Check as many places as might have information. B) Check primarily the person's state of residence. C) Check primarily federal records. D) Check the current and previous state of residence.
A) Check as many places as might have information.
Question 69 : Which of the following is one way to protect yourself against identity theft? A) Do not provide personal information to anyone unless it is absolutely necessary. B) Use Firefox as your web browser. C) Use Windows as your operating system. D) None of these.
A) Do not provide personal information to anyone unless it is absolutely necessary.
Which Nmap flag can be used for Xmas tree scan? A) -sL B) -sX C) None of these D) -O
B) -sX
Which of the following is the most accurate description of Usenet? A) A large-scale chat room B) A global collection of bulletin boards C) A nationwide bulletin board D) A repository of computer security information
B) A global collection of bulletin boards
Which U.S. government agency created the distributed network that formed the basis for the Internet? A) Central Intelligence Agency B) Advanced Research Projects Agency C) Department of Energy D) NASA
B) Advanced Research Projects Agency
Question 97 : Which of the following would be most important to know about a potential business partner? A) A recent DUI B) All of these C) Past bankruptcies D) A lawsuit from a former business partner
B) All of these
Why do you not want too much personal data about you on the Internet? A) It might reveal embarrassing facts about you. B) It might be used by an identity thief to impersonate you. C) It might be used by a potential employer to find out more about you. D) There is no reason to worry about personal information on the Internet.,'l
B) It might be used by an identity thief to impersonate you.
Giving personnel access to only data that they absolutely need to perform their jobs is referred to as _________. A) None of these B) Least privilege C) Job rotation D) Business continuation planning
B) Least privilege
The conflict between the user's goal for unfettered access to data and the security administrator's goal to protect that data is an issue of ______________. A) Social engineering B) System administration C) Access control D) Password protection
C) Access control
Question 96 : Which of the following agencies has allegedly had one of its cyber spies caught? A) KGB B) NSA C) CIA D) FBI
C) CIA
Using the __________ cipher you choose some number by which to shift each letter of a text. A) DES B) Multi-alphabet substitution C) Caesar D) DC4
C) Caesar
_______ is a free tool that can be used to recover Windows files. A) None of these B) SearchIt C) DiskDigger D) FileRecover
C) DiskDigger
______________ is the process to scramble a message or other information so that it cannot be easily read. A) Keying B) Cryptography C) Encryption D) Decryption
C) Encryption
Question 92 : Someone who abides the law but can turn into a malicious actor to gain access to a system to cause harm is known as a __________? A) White hat hacker B) Red hat hacker C) Gray hat hacker D) Black hat hacker
C) Gray hat hacker
The principal that users have access to only network resources when an administrator explicitly grants them is called ___________. A) Separation of duty B) Job rotation C) Implicit deny D) Least privilege
C) Implicit deny
CIA explains the three pillars of security. What does 'I' stand for in CIA? A) Intermission B) Intermittent C) Integrity D) Information
C) Integrity
Question 93 : Investing with well-known, reputable brokers protects against what? A) Identity theft B) Phishing C) Investment fraud D) Online fraud
C) Investment fraud
What is being configured in the browser settings in the following figure? Figure A A) Safe browsing settings B) Phishing settings C) Privacy settings D) Harassment settings
C) Privacy settings
Which would you use to begin a search for information on a United States court case? A) Yahoo! People Search B) Infobel C) The National Center for State Courts Website D) Google Groups
C) The National Center for State Courts Website
One tool used for a denial-of-service attack is ______________. A) Linux B) Tribal Flood Network C) UDP D) None of these
C) UDP
Question 65 : McAfee and Norton are examples of ________. A) Worms B) Trojan horses C) Virus scanners D) Viruses
C) Virus scanners
It would be advisable to obtain __________ before running a background check on any person. A) A Social Security number B) An IP address C) Written permission D) None of these
C) Written permission
What search engine can be used to find details about someone in the US? A) The National Center for State Courts Website B) Infobel C) Yahoo! People Search D) Google Groups
C) Yahoo! People Search
What is the name of the Standard Linux command that is also available as a Windows application that can be used to create bitstream images and make a forensic copy? A) image B) MD5 C) dd D) mcopy
C) dd
At a minimum, a security audit should________________. A) Check security logs and personnel records of those in secure positions B) Probe ports for flaws C) Review system patching and security policies D) All of these
D) All of these
Which of the following is not an example of financial loss due to cyber terrorism? A) Lost data B) Transferring money from accounts C) Damage to facilities including computers D) Computer fraud
D) Computer fraud
With _____, an attacker injects client-side script into web pages viewed by other users. A) Scanning B) Port detection C) SQL injection D) Cross Site Scripting
D) Cross Site Scripting
Which TCP/IP protocol operates on port 53 and translates URLs into Web addresses? A) HTTP B) SMTP C) FTP D) DNS
D) DNS
The process to make a system as secure as it can be without adding on specialized software or equipment is _______________ A) Routing B) None of these C) Securitizing D) Hardening
D) Hardening
_____ theft and _______ fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception. A) None of these B) Cyber C) Neutral D) Identity
D) Identity
The I Love You virus caused harm because ________. A) None of these. B) It had a negative payload. C) It erased data on computers. D) It generated large numbers of emails that bogged down many networks.
D) It generated large numbers of emails that bogged down many networks.
The virus/worm that specifically targets Macintosh computers is ________. A) None of these B) W32/Netsky-P C) Troj/Invo-Zip D) MacDefender
D) MacDefender
Scanning bulletin boards, making phony phone calls, and visiting websites by a hacker are examples of _________. A) Phreaking B) Scouring C) Active scanning D) Passive scanning
D) Passive scanning
Testing an organization's security is known as ________ testing. A) Location B) Virus C) None of these D) Penetration
D) Penetration
Firefox and Internet Explorer are examples of ____________. A) Websites B) Proxy servers C) Cookies D) Web browsers
D) Web browsers
