LinkedIn Learning Questions
What type of technology prevents a forensic examiner from accidentally corrupting evidence while creating an image of a disk? A) write blocker B) sealed container C) evidence log D) hashing
A
Which one of the following authentication protocols requires the use of external encryption to protect passwords? A) PAP B) SAML C) Kerberos D) CHAP
A
Which one of the following data sanitization strategies is most secure? A) Destruction B) Erasing C) Clearing D) Purging
A
Which one of the following functions is not normally found in a UTM device? A) SSL termination B) firewall C) content filtering D) intrusion detection
A
Which one of the following is NOT critical to the security of one-time pad operations? A) using AES in conjunction with the one-time pad B) choosing the key at random C) securely exchanging the pads D) only using the pad one time
A
Which one of the following is a commonly used exploitation framework? A) Metasploit B) Snort C) Splunk D) Explat
A
Which one of the following is a hashing utility that you can use in your forensic toolkit? A) shasum B) FTK C) nc D) Autopsy
A
Which one of the following is an example of multifactor authentication? A) ID card and PIN B) ID card and key C) Password and security questions D) Retinal scan and fingerprint
A
Which one of the following security controls is built in to Microsoft Windows? A) Host firewall B) Host IPS C) Host IDS D) MDM
A
Who provides the digital signature on a digital certificate? A) certificate authority B) certificate recipient C) server using the certificate D) certificate owner
A
Alyssa is conducting a penetration test and would like to send raw commands directly to a remote service. What command can she use to open a connection to the service where she may then type direct commands? A) nmap B) nc C) netstat D) arp
B
Nancy is designing a security strategy for remote access. She would like to provide administrators with an intermediate box that they connect to before reaching sensitive systems. What type of service is Nancy planning? A) Honeynet B) Jump box C) Honeypot D) SSL acceleration
B
Nessus is an example of a _____ tool. A) port scanning B) network vulnerability scanning C) protocol analyzing D) web application vulnerability scanning
B
Ricky would like to separate his network into three distinct security zones. Which one of the following devices is best suited to that task? A) IPS B) firewall C) router D) switch
B
Ricky would like to use an authentication protocol that fully encrypts the authentication session, uses the reliable TCP protocol and will work on his Cisco devices. What protocol should he choose? A) RADIUS B) TACACS+ C) TACACS D) XTACACS
B
Server logs are an example of _____ evidence. A) expert opinion B) documentary C) real D) testimonial
B
Vic is planning a redesign of his organization's firewall strategy and is planning to issue an RFP for a firewall vendor. Which one of the following vendors would not be able to meet Vic's needs? A) Palo Alto B) Proofpoint C) Checkpoint D) Cisco
B
What file manipulation command is used to search the contents of a text file? A) cat B) grep C) head D) tail
B
What file permission does NOT allow a user to launch an application? A) Modify B) Read C) Full control D) Read and Execute
B
What is the most important control to apply to smart devices? A) intrusion detection B) network segmentation C) application firewalls D) wrappers
B
What key is actually used to encrypt the contents of a message when using PGP? A) sender's public key B) randomly generated key C) sender's private key D) recipient's public key
B
What language is commonly used to automate the execution of system administration tasks on Windows systems? A) Bash B) PowerShell C) Python D) Ruby
B
What software development methodology uses four stages in an iterative process? A) Agile B) Spiral C) DevOps D) Waterfall
B
What technology allows web servers to attach an OCSP validation to the certificate they send to users? A) Certificate pinning B) Certificate stapling C) Certificate folding D) Certificate skimming
B
What tool allows you to dump the contents of memory on a Linux system? A) sysinternals B) memdump C) tcpview D) memmap
B
What tool can you use to create a disk image? A) nc B) dd C) nmap D) netcat
B
What type of backup includes only those files that have changed since the most recent full or incremental backup? A) Differential B) Incremental C) Full D) Partial
B
What type of control are we using if we supplement a single firewall with a second standby firewall ready to assume responsibility if the primary firewall fails? A) Clustering B) High availability C) Component redundancy D) Load balancing
B
What type of firewall rule error occurs when a service is decommissioned but the related firewall rules are not removed? A) shadowed rule B) orphaned rule C) typographical error D) promiscuous rule
B
What type of investigation would typically be launched in response to a report of high network latency? A) civil B) operational C) criminal D) regulatory
B
What type of lock always requires entering a code to enter the facility? A) magnetic stripe card lock B) cipher lock C) biometric lock D) proximity card lock
B
What type of tool assists with the automated validation of systems? A) UEBA B) Configuration management C) IPS D) Identity and access management
B
Which evidence source should be collected first when considering the order of volatility? A) temporary files B) memory contents C) process information D) logs
B
Which of the following is not an important account management practice for security professionals? A) Mandatory vacations B) Privilege creep C) Separation of duties D) Least privilege
B
Which one of the following devices carries VLANs on a network? A) router B) switch C) firewall D) hub
B
Which one of the following is a file integrity monitoring tool? A) Splunk B) Tripwire C) SCCM D) Snort
B
Which one of the following network intrusion detection technologies requires frequent threat updates from the vendor? A) heuristic B) signature detection C) anomaly detection D) behavior-based
B
Which one of the following security mechanisms prevents laptops from theft while they are in use? A) Encryption B) Cable lock C) Safe D) Locking cabinet
B
Which one of the following shell environments is commonly associated with Windows systems? A) SSH B PowerShell C) Bash D) C
B
Which one of the following tools is a protocol analyzer? A) Nessus B) Wireshark C) Ping D) Nmap
B
Who is the most effective person to lead a lessons learned review? A) NCISO B) Independent facilitator C) Incident response team leader D) Affected business unit leader
B
map is an example of a _____ tool. A) network vulnerability scanning B) port scanning C) protocol analyzing D) web application vulnerability scanning
B
The core issues around BYOD relate to _____. A) administration B) standards C) ownership D) process
C
Tobias recently permanently moved from a job in accounting to a job in human resources but never had his accounting privileges revoked. What situation occurred in this case? A) Least privilege B) Separation of duties C) Privilege creep D) Job rotation
C
What DLP technique tags sensitive content and then watches for those tags in data leaving the organization? A) host-based dlp B) intrusion detection C) watermarking D) pattern recognition
C
What Windows mechanism allows the easy application of security settings to groups of users? A) ADUC B) MMC C) GPOs D) SCEP
C
What basic cryptographic functions does the AES algorithm use to encrypt plaintext? A) transposition only B) substitution only C) both substitution and transposition D) neither substitution nor transposition
C
What class of fire extinguisher is designed to work on electrical fires? A) Class A B) Class B C) Class C D) Class D
C
What command displays the routing table on a system? A) ifconfig B) arp C) route D) ipconfig
C
What command sends ICMP Echo Request packets? A) ftp B) telnet C) ping D) ssh
C
What company developed the Cyber Kill Chain? A) Microsoft B) Boeing C) Lockheed Martin D) Google
C
What do the columns in the ATT&CK matrix represent? A) Attacker type B) Technique C) Tactic D) Goal
C
What is the first step of a Fagan inspection? A) Meeting B) Preparation C) Planning D) Overview
C
What is the name of the application control technology built-in to Microsoft Windows? A) AppControl B) BitLocker C) AppLocker D) BitControl
C
What is the preferred command for looking up IP addresses on a Linux system? A) ifconfig B) arp C) dig D) nslookup
C
What network device can connect together multiple networks? A) switch B) AP C) router D) wireless controller
C
What network port is used for SSL/TLS VPN connections? A) 88 B) 80 C) 443 D) 1521
C
What phase of the capability maturity model introduces the reuse of code across projects? A) Defined B) Optimizing C) Repeatable D) Initial
C
What technology can you use as a compensating control when it's not possible to patch an embedded system? A) Log analysis B) IDS C) Wrappers D) SIEM
C
What type of system is used to gather information from remote sensors via telemetry? A) DSP B) PLC C) SCADA D) DCS
C
Which component of a syslog message contains the timestamp? A) facility B) message C) header D) ytseverity
C
Which of the following is not a core feature of the Diamond Model? A) Victim B) Adversary C) Exploit D) Infrastructure
C
Which of these individuals would not normally be found on the incident response team? A) information security professional B) human resources staff C) CEO D) legal counsel
C
Which one of the following access control cards is the easiest to duplicate without permission? A) Active card B) Smart card C) Magnetic stripe card D) Proximity card
C
Which one of the following is a malware analysis tool? A) Splunk B) theHarvester C) Cuckoo D) Snort
C
Which one of the following is not a normal account activity attribute to monitor? A) Login time B) Incorrect login attempts C) Password D) Login location
C
Which one of the following is not an example of federated authentication? A) Twitter Accounts B) Facebook Connect C) RADIUS D) Google Accounts
C
Which one of the following is the most secure way for web servers and web browsers to communicate with each other? A) SSLv2 B) SSLv3 C) TLS D) SSLv1
C
Which one of the following ports is not normally used by email systems? A) 143 B) 25 C) 139 D) 110
C
Which one of the following security mechanisms prevents laptops from theft while they are in use? A) encryption B) safe C) cable lock D) locking cabinet
C
Which one of the following would typically be an offline CA? A) External CA B) Intermediate CA C) Root CA D) Internal CA
C
hat TCP flag indicates that a packet is requesting a new connection? A) PSH B) RST C) SYN D) URG
C
What security principle does a firewall implement with traffic when it does not have a rule that explicitly defines an action for that communication? A) least privilege B) separation of duties C) informed consent D) implicit deny
D
What technology can help prevent denial of service attacks on a network? A) VLAN pruning B) VLAN hopping C) BGP D) flood guard
D
What term is used to describe loading apps onto a device without going through the official app store? A) jailbreaking B) rooting C) transforming D) sideloading
D
What tool allows penetration testers to quickly gather large amounts of information about a domain? A) whois B) netstat C) arp D) theHarvester
D
What type of attacker is primarily concerned with advancing an ideological agenda? A) APT B) script kiddie C) organized crime D) hacktivist
D
Which of the following is a race condition attack? A) SQLi B) XSRF C) XSS D) TOC/TOU
D
Which one of the following devices helps networked services scale with increasing demand? A) proxy server B) firewall C) web security gateway D) load balancer
D
Which one of the following disaster recovery tests involves the actual activation of the DR site? A) Read-through B) Walk-through C) Simulation D) Parallel test
D
Which one of the following encryption approaches is most susceptible to a quantum computing attack? A) quantum cryptography B) RSA cryptography C) AES cryptography D) elliptic curve cryptography
D
Which one of the following is a file carving tool? A) Tcpdump B) dd C) Wireshark D) Bulk Extractor
D
Which one of the following is not a suggested criteria for evaluating containment strategies? A) expected effectiveness B) damage potential C) service availability D) identity of attacker
D
Which one of the following statements about printers is incorrect? A) Printers often contain web servers. B) Printers may retain remnant data. C) Printers often run common operating systems. D) Printers typically require no routine maintenance.
D
Jane uses an authentication token that requires her to push a button each time she wishes to login to a system. What type of token is she using? A) TOTP B) SSL C) HMAC D) HOTP
D (HMAC-based One Time Password)
What type of organization facilitates cybersecurity information sharing among a industry-specific communities? A) CIRT B) CERT C) InfraGard D) ISAC
D (Information Sharing and Analysis Center)
What disaster recovery metric provides the targeted amount of time to restore a service after a failure? A) MTO B) RPO C) TLS D) RTO
D (Recovery Time Objective)
True or False: Apple devices running current versions of iOS use full device encryption by default.
True
True or False: Embedded systems often suffer from limited access to power and bandwidth.
True
True or False: In a discretionary access control system, individual users have the ability to alter access permissions.
True
True or False: It is generally a bad practice to run software after the vendor's end of life.
True
True or False: Privilege escalation attacks require a normal user account to execute.
True
True or False: SIEMs apply artificial intelligence techniques to log entries.
True
True or False: Software forensics may be used to identify the origin of malware.
True
True or False: The chain of custody must be updated EVERY time someone handles a piece of evidence.
True
True or False: When a user is terminated, administrators should first disable the account and then delete it later.
True
True or False: Windows provides a facility for administrators to implement Time of Day restrictions without requiring the use of a third party tool.
True
True or False: You should rebuild any system that may have been compromised during a security incident.
True
Bob is planning to use a cryptographic cipher that rearranges the characters in a message. What type of cipher is Bob planning to use? A) stream cipher B) transposition cipher C) elliptic cipher D) substitution cipher
B
Cryptolocker is an example of what type of malicious software? A) adware B) ransomware C) spyware D) Trojan horse
B
Dennis would like to capture the DNS traffic on his network using Wireshark. What port should he use in his capture filter to restrict his capture to DNS queries and responses? A) TCP 53 B) UDP 53 C) UDP 80 D) TCP 80
B
During what phase of the access control process does a user prove his or her identity? A) Identification B) Authentication C) Authorization D) Remediation
B
Dylan would like to list all of the active network connections on a system. What command can he use? A) nmap B) netstat C) ipconfig D) nc
B
Fran is choosing an authentication protocol for her organization's wireless network. Which one of the following protocols is the most secure? A) EAP-MD5 B) PEAP C) LEAP D) TACACS
B
Fran's network recently suffered a botnet infestation and she would like to implement a control that limits the ability of botnets to reach their command-and-control servers. Which one of the following deception technologies would best meet this need? A) Honeynet B) DNS sinkhole C) Darknet D) Honeypot
B
Helen has vulnerability scanners located at several points on her network. Which one of the following scanners is likely to provide the most complete picture of the vulnerabilities present on a public web server? A) external scanner B) DMZ scanner C) user subnet scanner D) intranet scanner
B
In what mobile deployment model do users choose devices from a list of company-provided options? A) BYOD B) CYOD C) COPE D) BOPE
B
In what technique do attackers pose as their victim to elicit information from third parties? A) spoofing B) pretexting C) skimming D) phishing
B
True or False: The main purpose of a code repository is to store the source files used in software development in a centralized location that allows for secure storage.
True
Harold works for a certificate authority and wants to ensure that his organization is able to revoke digital certificates that it creates. What is the most effective method of revoking digital certificates? A) Online Certificate Status Protocol B) Certificate Revocation Bulletins C) Certificate Revocation Lists D) Transport Layer Security
A
Maloof would like to digitally sign a message that he is sending to Clementine. What key does he use the create the digital signature? A) Maloof's private key B) Maloof's public key C) Clementine's private key D) Clementine's public key
A
Randy is developing a vulnerability management program. Which one of the following is not a common source of requirements for such a program? A) sales team requests B) legal requirements C) security objectives D) corporate policy
A
What CVSS value is the threshold at which PCI DSS requires remediation to achieve a passing scan? A) 4 B) 5.5 C) 8 D) 6
A
What Java clause is critical for error handling? A) Try...Catch B) While...Until C) If...Then D) For....Next
A
What action can users take to overcome security flaws in RC4? A) It is not possible to use RC4 securely. B) Increase the key length. C) Use two rounds of encryption. D) Use three rounds of encryption.
A
Which one of the following is an example of an in-band approach to key exchange? A) Diffie-Hellman B) U.S. mail C) physical meeting D) telephone call
A
Which one of the following is not a possible hash length from the SHA-2 function? A) 128 bits B) 512 bits C) 224 bits D) 256 bits
A
Which one of the following is not an effective defense against XSRF attacks? A) Network segmentation B) User education C) Preventing the use of HTTP GET requests D) Automatic logouts
A
Which one of the following is not an example of an open source intelligence resource? A) IP reputation service B) social media C) security website D) government security analysis center
A
Which one of the following is the most secure way for web servers and web browsers to communicate with each other? A) TLS B) SSLv2 C) SSLv3 D) SSLv1
A
Which one of the following metrics does not contribute to the exploitability score for a vulnerability in CVSS? A) availability B) attack vector C) authentication D) access complexity
A
Which one of the following types of malware can spread without any user interaction? A) worm B) back door C) Trojan horse D) virus
A
Which one of these file extensions is always associated with certificates stored in binary form? A) PFX B) PEM C) P7B D) CRT
A
_____ consist of shared code objects that perform related functions. A) Libraries B) APIs C) DLPs D) ETLs
A
As Dave works with his colleagues in other IT disciplines, he notices that they use different names to refer to the same products and vendors. Which SCAP component would best assist him in reconciling these differences? A) CVE B) CPE C) CVSS D) OVAL
B
Dan is engaging in a password cracking attack where he uses precomputed hash values. What type of attack is Dan waging? A) brute force B) rainbow table C) hybrid D) dictionary
B
In a _____ penetration test, the attacker has no prior knowledge of the environment. A) rainbow box B) black box C) white box D) grey box
B
In the early 1990s, the National Security Agency attempted to introduce key escrow using what failed technology? A) Common criteria B) Clipper chip C) DES D) Common certificates
B
Jasmine comes across a file sent out of her organization that she suspects contains proprietary trade secrets but appears to be an innocuous image. What technique might the sender have used to hide information in the image? A) polymorphism B) steganography C) rasterization D) elliptic curves
B
Matt would like to limit the tests performed by his vulnerability scanner to only those that affect operating systems installed in his environment. Which setting should he modify? A) ping type B) plug-ins C) safe checks D) sensitivity level
B
What input validation approach works to exclude prohibited input? A) Bluelisting B) Blacklisting C) Whitelisting D) Greenlisting
B
What technology can you use to tell clients that a certificate is unlikely to change over time? A) Certificate skimming B) Certificate pinning C) Certificate folding D) Certificate stapling
B
What type of website does the attacker use when waging a watering hole attack? A) software distribution site B) site trusted by the end user C) hacker forum D) known malicious site
B
Where do fileless viruses often store themselves to maintain persistence? A) Memory B) Windows Registry C) BIOS D) Disk
B
Which one of the following is not a barrier to using the web of trust (WoT) approach? A) technical knowledge required of users B) use of weak cryptography C) decentralized approach D) high barrier to entry
B
Which one of the following is not a standard application hardening technique? A) Apply security patches promptly B) Conduct cross-site scripting C) Validate user input D) Encrypt sensitive information
B
Which one of the following issues is not generally associated with the use of default configurations? A) extraneous services running B) SQL injection flaws C) open ports D) vendor-assigned passwords
B
Alan is analyzing his web server logs and sees several strange entries that contain strings similar to ../../ in URL requests. What type of attack was attempted against his server? A) Buffer overflow B) Cross-site scripting C) Directory traversal D) SQL injection
C
Linda's organization recently experienced a social engineering attack. The attacker called a help desk employee and persuaded her that she was a project manager on a tight deadline and locked out of her account. The help desk technician provided the attacker with access to the account. What social engineering principle was used? A) social proof B) authority C) urgency D) scarcity
C
The difficulty of solving what mathematical problem provides the security underlying the Diffie-Hellman algorithm? A) elliptic curve B) graph isomorphism C) prime factorization D) traveling salesman
C
What algorithm uses the Blowfish cipher along with a salt to strengthen cryptographic keys? A) PBKDF2 B) Blowdart C) Bcrypt D) PBKDF1
C
What approach to threat identification begins with a listing of all resources owned by the organization? A) likelihood-focused B) threat-focused C) asset-focused D) service-focused
C
What component of a change management program includes final testing that the software functions properly? A) Request management B) Change management C) Release management D) Iteration management
C
What is the basic principle underlying threat hunting activities? A) fail-safe B) default deny C) assumption of compromise D) least privilege
C
What is the name of the application control technology built-in to Microsoft Windows? A) AppControl B) BitControl C) AppLocker D) BitLocker
C
What standard governs the structure and content of digital certificates? A) 802.1x B) X.500 C) X.509 D) 802.11ac
C
What type of artificial intelligence technique is most commonly associated with optimization? A) proactive analytics B) descriptive analytics C) prescriptive analytics D) predictive analytics
C
What type of fuzz testing captures real software input and modifies it? A) Twist fuzzing B) Switch fuzzing C) Mutation fuzzing D) Generation fuzzing
C
What type of malware delivers its payload only after certain conditions are met, such as specific date and time occurring? A) worm B) ransomware C) logic bomb D) Trojan horse
C
Which one of the following controls is not particularly effective against the insider threat? A) least privilege B) background checks C) firewalls D) separation of duties
C
What type of digital certificate offers the highest possible level of trust? A) CV B) DV C) EV D) OV
C (Extended Validation certificate)
Which of the following is a standardized language used to communicate security information between systems and organizations A) CybOX B) TAXII C) STIX D) CVSS
C (Structured Threat Information eXpression)
Which of the following is a common command-and-control mechanism for botnets? A) FTP B) SMTP C) IRC D) HTTP
C (an IRC bot is a set of scripts or an independent program that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user)
If Alice wants to send a message to Bob using symmetric cryptography, what key does she use to encrypt the message? A) Alice's public key B) Alice's private key C) Bob's public key D) shared secret key
D
In a cybersecurity exercise, what team is responsible for serving as moderators? A) blue team B) purple team C) red team D) white team
D
Jason recently investigated a vulnerability discovered during a scan and, after exhaustive research, determined that the vulnerability did not exist. What type of error occurred? A) false negative B) true negative C) true positive D) false positive
D
Question 1 of 4 What device is often used in card cloning attacks? A) malicious USB B) unsecured network C) smart card D) skimmer
D
Renee is creating a prioritized list of scanning targets. Which one of the following is the least important criteria for her prioritization? A) network exposure B) information sensitivity C) services installed D) operating system
D
The reuse of passwords across multiple sites makes an individual susceptible to _____ attacks. A) rainbow table B) password spraying C) brute force D) credential stuffing
D
What attack technique wraps malicious code around a legitimate driver? A) Driver phreaking B) Driver refactoring C) Driver signing D) Driver shimming
D
What data obfuscation technique is intended to be reversible? A) Masking B) Deletion C) Hashing D) Tokenization
D
What operation uses a cryptographic key to convert plaintext into ciphertext? A) hashing B) decryption C) digital signature D) encryption
D
What type of attack is possible when the attacker has access to both an encrypted and unencrypted version of a single message? A) chosen plaintext B) known ciphertext C) chosen ciphertext D) known plaintext
D
What type of object must a hacker typically access in order to engage in a session hijacking attack? A) Hard disk B) Network cable C) One-time password generator D) Cookie
D
What type of phishing attack focuses specifically on senior executives of a targeted organization? A) pharming B) spear phishing C) vishing D) whaling
D
Which one of the following technologies is an example of a parameterized query? A) Output encoding B) Masked identifier C) Hashed identifier D) Stored procedure
D
True or False: Static code testing software executes code to verify that it is functioning properly.
False (Dynamic code testing executes, static code testing does not)
True or False: The DevOps model prioritizes development efforts over operational tasks.
False (prioritizes both equally by aiming to improve the relationship between developers and operators)
What communications technology provides the widest global coverage? A) Satellite B) Radio frequency C) 4G D) 5G
A
What router technology can be used to perform basic firewall functionality? A) access control lists B) IPS C) spanning tree D) flood guard
A
What security technology best assists with the automation of security workflows? A) SOAR B) IPS C) SIEM D) CASB
A
True or False: Cable distribution runs are not normally included in a site's physical security plan.
False
True or False: Companies should always manage bug bounty programs internally.
False
True or False: Conducting a brute force attack requires a sample of plaintext.
False
True or False: Database normalization should always be used to improve database security.
False
True or False: Removing names and identification numbers is usually all that is necessary to deidentify a dataset.
False
True or False: You are normally required to report security incidents to law enforcement if you believe a law may have been violated.
False
True or False: The analysis of adversary TTP includes tools, techniques, and policies.
False (TTP = Tactics, Techniques, and Procedures)
What condition occurs when a software package fails to release memory that it reserved for use? A) Memory leak B) Core dump C) DDoS D) Race condition
A
What containment strategy moves compromised systems to a separate VLAN attached to the enterprise network? A) Segmentation B) Isolation C) Removal D) Denial
A
What is the minimum number of disk required to perform RAID level 5? A) 3 B) 4 C) 2 D) 1
A
What is the most effective defense against cross-site scripting attacks? A) Input validation B) Antivirus software C) Vulnerability scanning D) Query parameterization
A
What technique should network administrators use on switches to limit the exposure of sensitive network traffic? A) VLAN pruning B) Spanning tree C) Loop prevention D) VLAN hopping
A
What technology provides the translation that assigns public IP addresses to privately addressed systems that wish to communicate on the Internet? A) NAT B) HTTP C) SSL D) TLS
A
What term best describes making a snapshot of a system or application at a point in time for later comparison? A) baselining B) diagramming C) versioning D) documenting
A
What type of attack seeks to write data to areas of memory reserved for other purposes? A) Buffer overflow B) XSS C) XSRF D) SQL injection
A
What type of disaster recovery site is able to be activated most quickly in the event of a disruption? A) Hot site B) Cold site C) Lukewarm site D) Warm site
A
What type of malware prevention is most effective against known viruses? A) signature detection B) heuristic detection C) behavior analysis D) anomaly detection
A
What type of physical security control should always be disclosed to visitors when used? A) Cameras B) Security guards C) Intrusion alarms D) Fences
A
What is the simplest way to take an existing cipher and make it stronger? A) increase the length of the encryption key B) replace the cipher with a stronger cipher C) increase the size of the hash function output D) rewrite the algorithm to include added rounds
A
What length encryption key does the Data Encryption Standard use? A) 56 bits B) 38 bits C) 128 bits D) 256 bits
A
What protocol may be used to secure passwords in transit to a web application? A) TLS B) MS-CHAPv2 C) MS-CHAPv1 D) PAP
A
Brad is configuring a new wireless network for his small business. What wireless security standard should he use if he wishes the strongest possible security? A) WPA3 B) WEP C) WPA2 D) WPA
A
Dan is engaging in a password cracking attack where he uses precomputed hash values. What type of attack is Dan waging? A) Rainbow table B) Dictionary C) Hybrid D) Brute force
A
During what phase of ediscovery does an organization share information with the other side? A) production B) preservation C) analysis D) collection
A
In what application control approach may users install only approved software on their devices? A) whitelist B) bluelist C) greylist D) blacklist
A
In what type of social engineering attack does the attacker physically observe the victim's activity? A) shoulder surfing B) tailgating C) dumpster diving D) phishing
A
Key _____ adds security to the use of encryption. A) management B) deletion C) escrow D) repudiation
A
Matt would like to assign users to roles within his Windows enterprise. What feature can he use to create a role? A) Security group B) Distribution group C) Forest D) Domain
A
Three of these choices are data elements found in NetFlow data. Which is not? A) packet contents B) amount of data transferred C) source address D) destination address
A
Tom would like to retrieve a file from a remote web server but only has command-line access to the system where he would like to store the file. What command can he use to download the file directly without using a browser? A) curl B) sftp C) ftp D) ssh
A
What IPsec protocol provides confidentiality protection for the content of packets? A) ESP B) AH C) IKE D) ISAKMP
A
What command may be used to determine the network path between two locations? A) tracert B) dig C) ping D) arp
A
What message can an SNMP agent send to a network management system to report an unusual event? A) SetRequest B) Response C) GetRequest D) Trap
D
What mobile connection method may best serve remote areas without a local infrastructure? A) NFC B) cellular C) WiFi D) satellite
D
Alice would like to be able to prove to Charlie that a message she received actually came from Bob. What cryptographic goal is Alice trying to enforce? A) authentication B) integrity C) confidentiality D) non-repudiation
D
Alice would like to send a message to Bob using RSA encryption. What key should she use to encrypt the message? A) shared secret key B) Alice's private key C) Alice's public key D) Bob's public key
D
Cindy would like to transfer files between two systems over a network. Which one of the following protocols performs this action over a secure, encrypted connection? A) TFTP B) SSH C) FTP D) SCP
D
Data breaches violate which principle of cybersecurity? A) integrity B) availability C) non-repudiation D) confidentiality
D
Developers wishing to sign their code must have a _____. A) Shared secret key B) Software license C) Patent D) Digital certificate
D
During an incident response, what is the highest priority of first responders? A) collecting evidence B) restoring operations C) identifying the root cause D) containing the damage
D
Gary would like to look up the MAC address associated with an IP address on his network. Which command can he use? A) nslookup B) ifconfig C) traceroute D) arp
D
How many keys should be used with 3DES to achieve the greatest level of security? A) 4 B) 1 C) 2 D) 3
D
In the Kerberos protocol, what system performs authentication of the end user? A) TGT B) SS C) TGS D) AS
D
Security questions are an example of what type of authentication factor? A) Something you have B) Something you are C) Something you do D) Something you know
D
What Linux file permissions group is used to describe the permissions assigned to any user of the system? A) g B) a C) u D) o
D
What command is used to apply operating system updates on some Linux distributions? A) systeminfo B) ps C) update D) yum
D
What component of a change management program includes final testing that the software functions properly? A) request management B) iteration management C) change management D) release management
D
What goal of security is enhanced by a strong business continuity program? A) Non-repudiation B) Integrity C) Confidentiality D) Availability
D
What is the piece of software running on a device that enables it to connect to a NAC-protected network? A) SNMP agent B) Authenticator C) Authentication server D) Supplicant
D
What hardware technology may be embedded in a laptop computer to protect encrypted hard drives from removal? A) TLS B) USB C) SSL D) TPM
D (Trusted Platform Module, an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys)