CIS 288 Fundamentals of Cybersecurity

Ace your homework & exams now with Quizwiz!

Which of the following are the examples of generic top-level domains (gTLDs)?

.edu .com

Which of the following lux ratings of a camera will differentiate objects most accurately at lower light levels?

0.5 lux

What is the range for a valid Class A IP address?

001.x.x.x-126.x.x.x

Henry has installed a home automation system using Zigbee technology. What is the maximum range for his home appliances to establish a successful communication?

10-meter: communication range with data transfer rates at 250 Kbps.

What is the maximum power for Bluetooth class 1 device?

100 mW (20 dBm)

What is the range of port numbers for registered ports?

1024-49151

What is the maximum number of peripheral devices that can be connected to a Universal Serial Bus (USB) port?

127

Which of the following port numbers does Microsoft SQL Server use?

1433 or 1434

Which of the following port numbers does Microsoft Windows Internet Name Service use?

1512

Which of the following are considered as registered ports?

1512 1433

Which of the following IP addresses can be used with the subnet mask of 255.255.0.0?

169.254.0.0

Which of the following IP addresses can be used with the subnet mask of 255.255.255.0?

192.168.0.0

What is the range of resolutions for color monitors?

350-400 lines

What is the data transfer rate for Bluetooth version 1.1 and 1.2 devices?

723.1 Kbps

What is a firmware?

A software product enclosed in a hardware device

Which protocol provides data integrity and origin authentication to protect against replay attacks?

AH: Authentication Header

Stephen, a network specialist, recently became of the man-in-the middle attack, which allows an attacker to interude into the communication networks and inject false information. Which of the following techniques does an attacker use for this purpose?

ARP spoofing: Address Resolution Protocol

Stella has advised the employees in her organization to install a Microsoft utility that allows software components to be reused independent of the programming language used in development. Which utility will the employees install?

ActiveX

Ria, a network administrator, has provided the write permission for a shared folder to an employee in her organization.What can be performed using this permission?

Add data to an existing file. Change file and folder attributes. Add new files or subfolders.

Bella is working as a security manager in XYZ Inc. She has advised the employees of her organization to use password encryption practices to enhance the level of security in their systems. What practices must they follow for his purpose?

Always supply a password to an account and change it upon first login. Enforce password policies at all levels of an organization. Do not use default passwords.

Which of the following products used to protect personal computers checks disks and files before using them in the computer?

Antivirus program

What is the act of adding a set of characters to the end of another set of characters?

Appending

Which layer of the TCP/IP determines how data is received and processed?

Application

Ryan want to know whether sufficient network resources are available for using Internet Explorer to access a web page on the internet. Which of the following OSI model layers determines such a condition?

Application Layer If someone wants to use Internet Explorer to access a web page on the Internet, the Application layer of the OSI model determines whether access to the Internet is available using HTTP.

Which of the following are the components of the inner perimeter of ICS devices?

Application program Operating system

Which firewall is configured to view entire packets for consistency and appropriate ports?

Application-level

Which server runs programs accessed by multiple users and interacts with informational

Application: servers run programs accessed by multiple users and interact with informational databases.

What is a measure of how much signal loss occurs as the information moves across the medium?

Attenuation

Which component of auditing systems defines the types of events that will be monitored and added to the system's security logs?

Audit policy

What is a security function of the operating system that enables the user and operating system activities performed on a computer to be monitored and tracked?

Auditing

Which term denotes applying approval of access of information, after an individual authenticates?

Authorization

Ryan noticed that while powering on his computer, some special programs load the computer's operating system. Which of the following is responsible for this?

BIOS

Which group account allows its members to restore all files on the computer?

Backup operators

Which term denotes the media's capacity to carry data?

Bandwidth

Which of the following devices converts the physiological quantity into a digital representation?

Biometric Scanner

Full disk-level encryption is provided on some high-end Windows OS versions through a native utility called:

BitLocker

Ryan is a network administrator in XYZ Inc. His organization recently faced an attack where spammers have send out millions of junk email messages from the infected PCs. Which malware threat is used to carry out such an attack?

Botnet Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allows the attackers to access the device and its connection. These are a large collection of zombies, or bots, controlled by a bot header. This type of network can consist of literally millions of unsuspecting computers.

Mia has recently been experiencing an excess of traffic flow over her LAN network. Michael, her friend, suggested her to use a device that reduces the traffic flow with the help of a MAC address table. Which device was suggested to her?

Bridge

Which term refers to sending messages to all possible destinations?

Broadcast messaging

In which topology do the nodes of the network connect to a central communication link?

Bus

Ted is working in an organization. He is trying to access an application port 80 but he's unable to establish the connection. How will Ted get access to the application?

By supplying the port number in his connection URL

Which type of network is a combination of interconnected local area networks inside a limited geographical area?

CAN: Campus Area Networks

Stella is working as a cybersecurity specialist in an organization. Her organization is facing a security threat and she needs to get information about this threat and the best way to prevent it. Which of the following can help her to choose the most appropriate solutions for her need?

CVE: Common Vulnerabilities and Exposures

Which type of locks are used in access-control and management systems?

Cipher Locks

Andrew is a security administrator in an organization. All the departments in his organization have lockable doors that have manually operated door locks. He decided to replace these manually operated door locks with door locks that require access codes known by the members of the departments. Which type of lock will Andrew choose to accomplish this task?

Cipher locks These locks are magnetic door locks, which gets unlocked when the correct programmed code is entered by the user on the cipher-lock keypad. They provide an added level of security for perimeter entry areas.

Which class of IP address is used with smaller LANs?

Class C

Which class of IP address is used with smaller LANs?

Class C addresses are normally used with smaller LANs.

Which attack employs deceptive frame techniques to trick a user into clicking on their content rather than the intended content?

Clickjacking

Ryan needs a cable to connect DVD players, speakers, digital cable set-top boxes. Which cable is suitable for this purpose?

Co-axial

Stella is working as a cybersecurity specialist in XYZ,Inc. She realizes that her organization is facing security risks as all the employees and visitors are allowed to have free access to all the departments inside the organization. Which of the following should Stella develop to reduce the risk?

Cohesive access-control policy

Which of the statements are true about color and black-and-white closed-circuit television (CCTV) cameras?

Color cameras can offer a full and accurate clothing and vehicle description Both black-and-white and color cameras are fully capable of providing quality pictures

Mary has installed an intelligent security system in her organization. Which of the following is the command center and distribution point of her security system to which all input devices are connected?

Controller

Which of the following techniques does an attacker use to redirect the returning cookie to a third-party server?

Cross-site scripting

Ryan is working as a network administrator. In his organization, the employees have complete control over all the program network access control strategy is implemented in his organization?

DAC: Discretionary Access Control

Which of the following connectors is used for serial connections, allowing for the asynchronous transmission of data as provided by standard RS-232?

DB-25

Jennifer works as a security administrator at Infosoft Inc. Her network is being flooded by ICMP packets. She observes that the packets came from multiple different IP addresses. Which type of attack can be the result of such situation?

DDoS: Distributed denial-of-service

Which practice do spammers adapt to guess email addresses at a domain and then connect to the email server of that domain?

DHA: directory harvest attacks

Which configuration option does a managed switch offer that are designed to prevent MITM attacks?

DHCP snooping Dynamic ARP Inspection

Stark is the manager of the application team in an organization. One of his team members often makes some coding mistakes that do not work well with other elements in the program. Which attack can attacker introduce using such a situation?

DOS-Denial of Service **An attacker can introduce Denial of Service(DOS) attack in the software using such a situation. When programmers initially develop a product,they may make coding mistakes or create portions of a product that do not work well with elements created by other programmers in the development team. This creates vulnerabilities in the final product which attackers use to insert and hide malicious code that can be used to disrupt services or operations. Due to this, the system becomes effectively disabled to the point where the user cannot use it. This is a type of Denial of Service (DOS) attack.

What is an example of optical storage media?

DVD drive

Which layer of the OSI model controls how the data is packaged and moved between communication points?

Data link

Alicia is unable to access an SQL database online due to an SQL injection vulnerability. Which of the following security controls should she take to prevent this type of breach in the future?

Database activity monitoring Input validation

What is a separate perimeter network that isolates the secure intranet from the outside world, yet enables public access to outward-facing dedicated resources?

Demilitarized zone

Which attack is designed to overuse a host,server, or network resource to the point where it functionally ceases to provide its services?

Denial of service

What is the goal of access control?

Deter potential intruders

Which of the following elements does territorial reinforcement employ to prevent unauthorized entry?

Devices Systems Structures

Which attack can be eliminated by limiting the number of login attempts that can be performed in a given period of time?

Dictionary

Which video-storage type employs additional disk-drive storage devices that are attached directly to the DVR via USB or eSATA connections?

Direct-attached storage

Ryan is the security specialist in an organization. He wants to conduct a session to make his employees aware of some practical methods they should follow to protect his organization's local computing devices from Internet-based threats. Which of the following methods should Ryan cover in his session?

Disable unnecessary OS default features. Apply operating system and application software updates and patches. Install and use anti-malware on the local computer

Which proxy server includes incorrect IP information in the HTTP headers?

Distorting

Henry needs to connect his laptop to multiple peripheral devices simultaneously. Which accessory will Henry use to accomplish this task?

Docking station

Which of the following is a unique realm assigned by a registrar?

Domain

Microwave beam devices are based on which phenomenon?

Doppler Effect

Which term is used to describe the legal right to leave a property?

Egress

What is the maximum number of devices that can be grouped together under the Bluetooth specification to form a piconet?

Eight

Which type of locks can be used with swinging,sliding,power-operated and vertical-lift doors, as well as on fence gates?

Electronic Deadbolts

Which process refers to the conversion of electronic data into a form called ciphertext?

Encryption

Stephen, the CEO of an organization, has decided to implement an Extranet in his organization. What benefits does his organization get by implementing such a network?

Exchange large volumes of data using Electronic Data Interchange (EDI). Share product catalogs exclusively with trade partners, Develops and use training programs with other organizations.

Which term is used to describe an intranet structure that grants limited access to authorized outside users, such as corporate business partners?

Extranet

Which file management system was developed to manage data storage on floppy disks?

FAT16

Stella, a security architect, discovered a zero-day vulnerability in the software application that her company uses. This vulnerability needs to be fixed immediately to prevent damage to her organization's network. Which of the following cybersecurity tools must she own in such a situation?

Fast incident response Intrusion prevention systems Behavior monitoring

Olivia is working as a telecommunication engineer in a company. She needs to replace the copper cable her company is using in the transmission network as it causes high attenuation. Which type of cable will Olivia find suitable to replace the copper cable?

Fiber-optic

Which cable is designed to carry digital data in the form of light pulses?

Fiber-optic

Henry is working as a cybersecurity manager in an organization. To protect the organization's computers from outside attacks, he wants to use a system that will only pass data to and from designated IP addresses and TCP/UDP ports. Which of the following systems will help Henry in this scenario?

Firewall Henry will use a firewall to protect the computers from outside attacks. A firewall is designed to filter out the IP packets that are coming from the network to the computer. It is placed between a local device and an outside network such as the internet. It will only pass data to and from designated IP addresses and TCP/UDP ports.

Which lens allows a user to see an entire room, but with some distortion in the image?

Fish eye

Which of the following is a denial-of-service (DoS) attack that involves sending a large amount of spoofed UDP traffic to a router's broadcast address within a network?

Fraggle

Jack, a network specialist, needs a device, which allows Windows NT network to communicate with a NetWare network. Which device will Jack use to accomplish the task?

Gateway

Which of the following file systems is developed as the primary file system for Mac line of computers?

HFS

Olvin wants to minimize his computer OS's exposure to threats. Which process will help him accomplish this task?

Hardening

What is the process of taking steps to close as many known vulnerabilities as possible while still offering an acceptable users?

Hardening

Which term refers to the process of making a system more secure?

Hardening

Andrew's gas detectors have been going off, indicating carbon monoxide (CO) accumulation in his home. Which of the following protection measures should Andrew take?

He should do a head count to ensure that all persons in his family are accounted for. He must immediately go outside of the house. He should call emergency services, such as the fire department or 911.

Jerry, a network specialist, has decided to install a computer network using fiber optic cable. Which of the following advantages can be the reason behind Jerry's decision?

High bandwidth and speed High data carrying capacity Less attenuation

Andrew is working as a security specialist in an organization. He wants to install a system in his organization which helps network administrators in monitoring network traffic and triggering alerts when known threats are detected. Which of the following will help Andrew accomplish the task?

IDS: Intrusion Detection System

Which of the following wireless standards is also known as Wireless Fidelity?

IEEE 802.11x

Which of the following protocols is used to set up a security association in IPsec?

IKE: Internet Key Exchange

Which protocol is commonly used to retrieve an email from a mail server?

IMAP: Internet Message Access Protocol is a mail protocol used for accessing email on a remote web server from commonly used Internet mail protocols for retrieving emails. It is supported by modern email clients and web servers.

Rhea's organization wants to establish a secure connection with a trusted supplier. She has decided to establish a Virtual Private Network (VPN) between the two company networks. Which of the following protocols are combined to accomplish this goals?

IPSec L2TP

Which tool is used at the command line and presents user with the basic network-configuration information?

IPconfig

What is an open standard commonly used in VPNs that actually employs a suite of protocols for encrypting and authenticating IP communications?

IPsec: Internet Protocol Security

Stephen is working as a network designer in an organization. He has observed that an error has occurred multiple times in his organization's communication network, which he reported to the Internet Engineering Task Force (IETF) handle such an issue?

Implement an RFC, mentioning the use of the standard protocol for removing the error.

Richard, a network specialist, has decided to implement network segmentation in his organization's communication network. Which of the following advantages of network segmentation can be the reason behind this decision?

Improved Performance Improved Monitoring Better Access Control

Which of the following are advantages of using NAT?

Increases flexibility when connecting to the Internet Conserves legally registered addresses Reduces address overlap occurrence

What is the best way to minimize the impact of exploits like Cyptolocker?

Incremental backups

Which terms involves applying physical security initiatives to provide security for the basic physical and organizational architecture needed for the operation of an enterprise, an organization, or a society?

Infrastructure Security

Liza is working as a security specialist in an organization. One of her organization's project is involving members of an external agency. Which of the following rights must they possess to enter her organization?

Ingress

What risks are involved with the usage of removable computer media?

Introduction of destructive malware in the host system Potential loss of data through theft

Which of the following statements are true about antivirus programs?

It checks disks and files before using them in the computer. It includes utilities to check emails and files downloaded to the computer through Internet connections. **Antivirus software sometimes known as anti-malware software,is designed to detect,prevent,and take action to remove malicious software from user's computer such as viruses,worms, and Trojan horses.

Which of the following are the advantages of the Open Systems Interconnection (OSI) model?

It conceptualizes how data is handled between two networked systems. It supports both connection-oriented services and connection less services.

Which of the following statements are true about the Password Authentication Protocol(PAP)?

It is a form of authentication, in which a user's name and password are transmitted over a network and compared to a table of name-password pairs. It is a password-based authentication protocol used by Point to Point Protocol (PPP) to validate users.

Which of the following statements are true about MAC address?

It is assigned to the devices by its manufacturer. It is 48 bits (6 bytes) hexadecimal address

Which statement is true about the Denial of Service (DoS) attack?

It is designed to overuse a host, server, or network resource to the point where it functionally ceases to provide its services.

Which of the following statements is true about the external network in single-firewall Demilitarized Zones (DMZs)?

It is formed from the ISP to the firewall in the first network interface

Kate, a network security specialist, has implemented WPA-PSK authentication in her small office network. Why would she choose this security mechanism over the others?

It is simple to implement

Which of the following statements is true about packet filtering?

It is the process of passing or blocking network packets based on their source and destination addresses, logical ports or protocols.

What are the advantages of shielded twisted pair cable?

It offers better electrical characteristics than UN-shielded cables. It can be easily terminated with modular connector. It reduces chances of cross talk and provides protection from interference.

What are the functions of the transport layer?

It segments and reassembles data from upper-layer applications and combines it into the same data stream. It provides two connection-oriented and connection less services.

Which of the following statements are true about the operating system?

It works as the interface between the user and the hardware. It is a program designed to control and coordinate the operation of the computer system.

Which authentication protocol relies on a trusted third-party Ticket Granting Server (TGS) to authenticate client interaction?

Kerberos

Which of the following files is responsible for interpreting commands obtained from software programs for the central processing unit?

Kernel

Which device enables security personnel to arm and disarm a security system with a push of a button?

Key Fob

Which device is used for programming,controlling, and operating various access-control and management devices in most of the intrusion-detection and reporting systems?

Keypad

Which of the following factors are involved in authentication?

Knowledge Inheritance Possession

George wants to set up a computer network in his home. Which type of computer network will be suitable for this purpose?

LAN: Local Area Network

At which layer of the OSI model does the IP portion of TCP/IP operate?

Layer 3: The IP portion of TCP/IP protocol operates at Layer 3 of the OSI model.

Which layer's components are the most desired targets of a cyber attack?

Layer 7 Attacks aimed at this level are designed to gain control of physical assets or compromise the operation of software applications.

Ryan is a network administrator. He has set up access levels in his organization based on an idea, which allows the user, program, or process to have only the minimum access necessary to perform its function. On which of the following principles has Ryan set up the access levels?

Least privilege

Stephen, a network specialist, is aware of the dictionary attack and fears that his organization's email accounts can be accessed by spammers. Which of the following preventive measures should he adopt?

Limit the number of login attempts that can be performed in a given period of time. Enforce a strict password methodology.

Which of the following are the functions of the network layer?

Logical Addressing Routing

Which attack exploits the prime number sieve used in the key-generation process?

Logjam

In the___strategy, the system establishes which users or groups can access files, folders and other resources.

MAC: Mandatory Access Control

Which type of network is a combination of interconnected local area networks inside a medium-size geographical area?

MAN: Metropolitan area network

Which of the following storage media includes external hard devices and backup tapes?

Magnetic

Which device translates the magnetically encoded information in a magnetic stripe card and translates it into digital data that it passes to a host system?

Magnetic Card Reader

Daniel, a security manager, wants to install a system in his organization that can alert him when someone attempts to gain entry through doors and windows through unauthorized means. Which sensor will Daniel use for this purpose?

Magnetic-switch

Which attack involves intercepting and modifying communication between users?

Man-in-the-Middle

Which attack involves an attacker manipulating IP packets to create a false IP address so they can gain access to the network?

Masquerade

Stella is working as a network administrator in an organization. As part of her current project, she needs to set up a network where each computer and network device is interconnected with one another. Which network topology will help Stella in this purpose?

Mesh Stella will use a mesh topology to set up a network where each computer and network device is interconnected with one another, allowing for most transmission to be distributed even if one of the connections goes down.

What is a packet analyzer that helps the user to view traffic flows and troubleshoot network problems?

Microsoft Network Monitor

Which NTFS folder permission enables users to delete the folder?

Modify

Ria has installed Autorun in her computer due to which malware programs located on the media are running automatically and infecting the computer. Which of the following actions will Ria perform to remove this threat?

Modify the Windows registry to turn off Autorun Download an app to turn off Autorun

Henry is given the responsibility to install a smart indoor lighting system in his organization, which powers the lights according to the duration of a time. Which of the following sensors will Henry use to accomplish the task?

Motion Detector

Which of the following detectors is also called a passive infrared detector?

Motion Detector

Which of the following devices routes the images from the surveillance system to a specific display device?

Multiplexer

What is another name for zoning?

Network Segmentation

Which tool is used to examine, profile, and assess systems in any network?

Nmap

Which command is a DNS query tool used to gain DNS information about a website?

Nslookup

Which of the following is a version of an Apple server?

OS X Server

Which of the following is a group of XML schemas that describe a language to provide the details needed to assess a network resource for security vulnerabilities?

OVAL

Which tool uses SCAP and can perform several network vulnerability tests?

OpenVAS: Security Content Automation Protocol

Which configuration supports the concept of mapping multiple private IPs to a single public IP address?

PAT: Port Address Translation

Stella is working in a company that accepts credit or debit card payments on its website. Which of the following standards must her company adhere to for reducing the risk of debit and credit card data loss?

PCI-DSS: Payment Card Industry Data Security Standard

What is inserted into the network so that network traffic flows through it allowing packets to be captured in real time?

Packet analyzer

Mary, a network administrator, wants to filter IP addresses such that she could deny access to port 80 to outsiders. Which type of firewall will help Mary accomplish the task?

Packet-filtering

Which of the following camera permits users to view live full-motion video from anywhere?

Pan-Tilt-Zoom camera

Which device allows immediate triggering of an alarm system when facing an emergency situation such as the discovery of an intruder?

Panic button

What is the most common and economical type of motion detector?

Passive Infrared Detector

What are the benefits of the Pan-Tilt-Zoom (PTZ) camera?

Permits users to view live full-motion video from anywhere Allows a user to monitor larger areas that would require multiple fixed cameras

Which type of cookie will remain on the computer until the specified expiration date is reached?

Persistent

An attacker, masquerading as a trusted entity, tricks a victim into opening an email. The user is then tricked into clicking a malicious link, which can lead to the installation of malware and revealing sensitive information. This is an example of which of the following attacks?

Phishing

John, a door system technician, has to establish an efficient garage door safety system, which stops or reverses an automatic garage door's lifter motor whenever an obstacle is encountered. Which sensor should John use for this purpose?

Photoelectric

The outer perimeter corresponds to the components of which layer of the OSI model?

Physical

Which layer of the OSI model is concerned with the transmission media used to move data?

Physical

Which type of lens is used for applications where the lens should be hidden?

Pinhole

Which of the following terms refers to users who are able to execute a program with embedded code that gives them administration onto the server?

Privilege Escalation

Which type of firewall disassembles each packet, evaluates it, and then reassembles it, making the network connection significantly slower than other firewall types?

Proxy filtering firewalls

What is a barrier that prevents outsiders from entering a local area network and prevents insiders from directly connecting to outside resources?

Proxy server

What are the differences between public key cryptography and private key cryptography?

Public key is used to encrypt the message, whereas private key is used to decrypt the message. Public key converts the message to an unreadable form, whereas private key converts the received message back to the original message. Public key is widely distributed, whereas private key is kept secret.

Which of the following functionalities can be a way to allocate bandwidth effectively on a busy network?

QoS: Quality of Service

Stella has implemented a resource access control method that allows the system to restrict or permit access to objects based on the user's role within the organization. Which of the following access control methods is referred to in this scenario?

RBAC: Role-Based Access Control RBAC is a resource access control method that allows control method that allows the system to restrict or permit access to objects based on the user's role within the organization.

Which malware threat is designed to keep the user from their data and hold it hostage for payment?

Ransomware

Vestin is a cybersecurity specialist in an organization. He has been given the responsibility to check for a security threat, which is carried out using a malicious code that is disguised as a legitimate file. Which type of malware threat will Vestin check for?

Ransomware Ransomware attacks are typically carried out using a Trojan, a malicious code that is disguised as legitimate file that the user is tricked into downloading or opening when it arrives as an e-mail attachment.

What is defined as the right of an individual to re-enter a property?

Regress

Which of the following file systems does the Linux kernel support?

Reiser

Which electromechanical device employs safer, low-voltage control signals to be used to control high-voltage devices?

Relay

Ria is working as a cybersecurity analyst in XYC, Inc. Her primary job is to manage entry to some protected areas of her organization. To achieve this, she employed a system that authenticates the identity of a person entering the area by using a system located in a different location than the access point. Which design feature has Ria implemented?

Remote-Access Control

John is a government security agent and his work is to protect the asset from the intruders. This can be accomplished by prohibiting the access of unauthorized personnel to assets. Which of the following mush he limit to accomplish this purpose?

Rights

John is a government security agent and his work is to protect the asset from the intruders. This can be accomplished by prohibiting the access of unauthorized personnel to assets. Which of the following he must limit to accomplish this purpose?

Rights John must limit the rights to protect the asset from the intruders. A right is a legal privilege or permission granted to someone, or some group, by some recognized source of authority.

Michael is working as a network administrator in an organization. He needs to set up a low-cost LAN network which does not need a central hub to function and provides the ability to handle heavy network communications better than some other setups. Which network topology will Michael use to set up such LAN network?

Ring Ring network do not need a central hub to function and provides the ability to handle heavy network communications better than some other setups.

Which device is a microprocessor-based intelligent device that controls the flow of data between networks?

Router

Which device receives data and directs it toward a designated IP address?

Router

Which server manages various transmission speeds and different protocols used within a network?

Router

Jerry, a network administrator, has used a device in his organization's network, which can forward network information. Which device is referred to in this scenario?

Router: has used router, which is a network connectivity device that forwards network information across different network to receive, analyze, and more incoming packets to another network.

What is the process of translating an IP address used in one network to an IP address in another network?

Routing

Which of the following processes selects the best pathway for transmitting data over a network?

Routing

Mary is a security specialist in an organization. She needs to implement some specific standards to enable automated vulnerability management in her organization. Which of the following methods should Mary implement?

SCAP: Security Content Automation Protocol

Which protocol is used to send an email?

SMTP: Simple Mail Transfer Protocol

Which protocol permits the administrator to access the switch's parameters through a remote client using its web browser?

SNMP: Simple Network Management Protocol

Which tool permits the system administrator to access the switch's parameters through a remote client using its web browser?

SNMP: Simple Network Management Protocol

Which protocol can be used to secure the configuration data as it moves from the administrator's device to the switch?

SSH: Secure Shell

Which protocol is an encrypted network protocol for secure client-server connections?

SSH: Secure Shell

Which protocol manages authentication and communication between clients and servers using both public key and private key?

SSL: Secure Sockets Layer

Which protocol segments a network to minimize the risks of a broadcast storm?

STP: Spanning-tree protocol

What is an executable application that provides interactive content on websites?

Script

What is developed specifically for the purpose of correcting an observed vulnerability in software to prevent exploitation?

Security Patch

Which device displays video information that is obtained from the cameras and processed by video processing devices?

Security monitor

Alicia , a cybersecurity specialist, wants to track the physical activities in her organization. For this purpose, she had used a device, which converts physical activities into signals that are presented to the security controller. Which device did Alicia use?

Sensor

Which device converts physical activity into a signal that can be presented to the security controller

Sensor

Ryan need to attach a keyboard to his computer. Which type of connector will he use for this purpose?

Series-A

Which of the following connectors is used for devices where the USB cable connection is permanently attached to devices to one end?

Series-A

Which connector is designed for devices that require detachable cabling?

Series-B

Which cookie enables the user to identify and track his movements within the website?

Session

Alicia has used Bluetooth to establish communication between her computer and other wireless devices. What is the maximum number of devices can she pair with her computer using this technology?

Seven

Mary has installed a highly efficient security system in her organization. In that system, she has used a device that produces a sufficiently high level of sound when an alarm condition is activated. Which device is being described in this scenario?

Siren

How many pairs of hexadecimal digits does the standard 48-bit format for generating a MAC address specify?

Six

Which of the following access-control gates are used where high levels of operational safety and security are needed?

Sliding Gates

Alicia was studying about the authentication devices used in access-control systems. While preparing the topic, she learned about a device that contains information about its owners, such as their passwords and other Personally Identifiable Information (PII) that can be used in the authentication process. Which device has been referred to in the give scenario

Smart Card

Which of the following devices offers improved data security due to the presence of intelligent circuitry that can be used to hide the user's data until an authentication process has been performed

Smart Card

Which term is used to describe cyber attacks designed to take advantage of vulnerabilities or weakness in software product?

Software exploitation the term software exploitation is used to describe cyber attacks designed to take advantage of vulnerabilities or weaknesses in software products.

Which of the following is an electronic unsolicited message sent to a user's email address?

Spam

Which program is introduced to the system through internet downloads that appear to be useful programs?

Spyware

What is another name for tarpitting?

Sticky honeypot

What is a group of network sections that share a range of IP address?

Subnet

Which type of cookie uses local browser HTML5 database storage?

Super

Which password option must be used to establish a password that can be employed to access the CMOS Setup utility?

Supervisor password

Which device functions at Layer 2 of the OSI model?

Switch

Which device allows user to observe live images from one or cameras simultaneously?

Switcher

What are the differences between Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?

TCP is a connection-oriented protocol, whereas UDP is a connection-less protocol. TCP allows data sequencing, whereas there is no sequencing of data in UDP. TCP provides extensive error checking mechanisms, whereas UDP has only the basic error mechanism using checksums.

Which of the following protocols is a hacker-resistant, secure protocol for transmitting data across a network?

TCP/IP

Which of the following protocols does Wi-Fi Protected Access (WPA) use for authentication?

TKIP EAP

Which user authentication protocol WPA uses to provide increased security?

TKIP: Temporary Key Integrity Protocol

Which of the following modules store cryptographic information,such as encryption keys?

TPM

Edward is working as a network administrator in an organization. To prevent his organization's network from the dictionary attack, he has a network security process in his organization's network server through which he can slow down the propagation of mass emails. Which security process has Edward used?

Tarpitting

Henry, a cybersecurity specialist, has been assigned the task of installing surveillance cameras in his organization. These cameras should have long-range high-resolution lenses. Which type of lens should Henry use?

Telephoto

What is a lux rating?

The amount of light required to obtain a reasonable video camera image.

John is trying to log on to a coffee shop's Wi-Fi, he will first be redirected to a sign-in page. He will only be connected to the Internet after he agrees to their terms and conditions. Which of the following proxies authenticates users in this way?

Transparent

Which proxy server makes the original IP address available but only in the HTTP headers?

Transparent

Which layer of the OSI model does a DDoS attack target?

Transport

John, an instructor, is discussing how the data transfer is coordinated between end systems and hosts. Which layer of the OSI model serves this purpose?

Transport layer deals with the coordination of the data transfer between end systems and hosts. This layer is responsible for providing an orderly end-to-end flow of data that includes the sequencing of data packets and providing basic error-recovery functions and flow control.

Which protocol is a connectionless protocol that sends multiple message as packets in data chunks, without waiting to verify they're received?

UDP: User Datagram Protocol

Stella has set up a computer network in which one device will send the message to exactly one device at the destination. Which type of communication is needed for such implementation?

Unicast

Which of the following are the ways to prevent packet sniffing attacks?

Use of encryption software before transmitting data Use of remote computing technology Use of secure protocols

Ronaldo, the CEO of an organization, conducts a meeting with the security specialists of his organization to gain more knowledge on the preventive methods for social engineering attacks. Which of the following tips can they provide him that he can then impact to the employees of his organization after this meeting?

User multiform authentication Don't open emails and attachments from suspicious sources. Keep their antivirus/anti-malware software updated

Which security topology restricts the visibility of network traffic by limiting the movement of network packets so that they only pass between designated ports?

VLAN:

Which type of lens contains several movable elements that permit the effective focal length (EFL) to be changed?

Varifocal

Which security feature provides a 128-bit mathematical key encryption scheme for encrypting data transmissions and authenticating each computer on the network?

WEP: Wired Equivalent Privacy

Cheri is working as an administrative officer in an organization. She has set up a network in her organization, which provides employees the ability to move around within the organization's premises without getting disconnected to the network. What type of network is referred to in the scenario?

WLAN: Wireless Local Area Network

Which wireless security feature offers the best defense for wireless networking?

WPA: Wi-Fi Protected Access

Which of the following terms refers to the applications associated with well-known ports?

Well-known services

Which group is an administrative group that typically provides access to user creation and configuration utilities?

Wheel

What is the practice of explicitly allowing some specified users access to a network segment?

Whitelisting

What is a braoadband wireless access standard designed to provide Internet access across large geographic areas?

WiMAX

Jack is a wireless network specialist. As part of his current project, he needs to provide wireless broadband access to areas of his city that are difficult for wired infrastructure to reach. Which wireless technology will help Jack accomplish this purpose?

WiMax

Which device connects the wireless network devices with the wired network?

Wireless Access Point

Richeal wants to set up a network connection using a device which will allow the wireless network devices to connect to a wired network?

Wireless access point

What is a mature, open-source, and cross-platform network protocol analyzer?

Wireshark

An individual who possesses extensive programming skills and uses them to breach or bypass network security structures for malicious or criminal purposes is called as a

black hat hack. An individual who possesses extensive programming skills and uses them to breach or bypass network security structures for malicious or criminal purposes is called as a black hat hacker.

Which of the following interfaces are hot-swappable?

eSATA FireWire USB

Which server provides interfacing between different types of networks, protocols, or mechanisms to provide access to a network?

gateway

USB devices can be added to or removed from the system when it is powered up and fully operational, which is referred to as:

hot-swapping

Stella wants to know the gateway IP address of her Windows system. Which of the following tools will Stella use?

ipconfig

Matthew wants to troubleshoot DNS related network problems. Which command-line tool will he use?

nslookup


Related study sets

Chapter 51: Assessment and Management of Patients With Diabetes

View Set

Chapter 19 - Share-Based Compensation and Earnings Per Share

View Set

Lesson 1: X-ray Production And Safety

View Set

HA - PrepU - Ch. 29 - Hospitalized Adult Assessment

View Set

Spanish Countries Geography Facts

View Set

NURS 345 Family Centered Care Test 1

View Set