Pre Assessment
Which of the following attacks takes more time? a. Brute force attack b. Dictionary attack c. Hybrid attack d. Rule attack
a. Brute force attack
Which feature of a security information and event management (SIEM) tool can help filter multiple alerts detected by different devices for the same event into a single alarm? a. Event duplication b. Automated alerting c. Event coalescing d. Traffic analysis
a. Event duplication
Which of the following is a tool used for making a mirror image backup? a. GNU dd b. memdump c. Winhex d. Autopsy
a. GNU dd
Your enterprise ran out of computing resources due to the increasingly high rate of stored data. You are asked to choose a cloud model in which your enterprise can have the most control over the hardware. Which model should you choose? a. Infrastructure as a service b. Platform as a service c. Software as a service d. Security as a service
a. Infrastructure as a service
You conducted workshops to help train users to identify different risks. What control category does this fall within? a. Operational b. Managerial c. Technical d. Deterrent
a. Operational
Which of the following tools has a graphical user interface (GUI)? a. Wireshark b. Traceroute c. Ping d. Tcpdump
a. Wireshark
Which of the following is true for KRI? a. A KRI exceeding its normal bounds is always an indicator of compromise. b. A KRI exceeding its normal bounds is not always an indicator of compromise. c. A KRI exceeding its normal bounds is never an indicator of compromise. d. A KRI never exceeds its normal bounds.
b. A KRI exceeding its normal bounds is not always an indicator of compromise.
What is a firewall? a. A firewall is an ultimate security device that blocks everything malicious from entering a network. b. A firewall is a network security system that monitors and controls all incoming and outgoing traffic. c. A firewall is a network security system that monitors only incoming network traffic. d. A firewall provides physical security for all enterprise devices connected to a network.
b. A firewall is a network security system that monitors and controls all incoming and outgoing traffic.
In which of the following mobile device deployment models are employees supplied a chosen device paid for by their company for both professional and personal use? a. BYOD b. COPE c. CYOD d. VDI
b. COPE
Which of the following contains the set of rules that govern the operation of a PKI? a. Electronic code book (ECB) b. Certificate policy (CP) c. Signature resource guide (SRG) d. Certificate practice statement (CPS)
b. Certificate policy (CP)
Ramesh is very active on social media. He visits a lot of pages and views a lot of photos. He also uploads most of his photos to social media sites such as Facebook and Instagram. By doing this, he increases the risk of becoming a victim of which of the following? a. Firmware over-the-air b. GPS tagging c. Unauthorized recording d. Tethering
b. GPS tagging
Seo-jun is a bug bounty hunter. He was hired by an industrial organization to damage the network's security defenses as much as possible. Seo-jun gained initial access to a system in the network by sending a spear-phishing email into the network that installed a virus. What sequence of actions should he perform to achieve repeated and long-term access to multiple systems in the network with a highly privileged account? a. Perform backdoor installation, then lateral movement, and then perform privilege escalation b. Perform privilege escalation, then lateral movement, and then perform backdoor installation c. Perform backdoor installation, then privilege escalation, and then lateral movement d. Perform lateral movement, then credential dumping, and then perform backdoor installation
b. Perform privilege escalation, then lateral movement, and then perform backdoor installation
Which of the following denotes a "pass the hash?" a. Securing the passwords by hashing b. Sending the hash to get authenticated c. Cracking the password d. Hashing the password digest
b. Sending the hash to get authenticated
Which of the following processes can conceal a file, message, image, or a video within another file, message, image, or a video? a. Cryptography b. Steganography c. Encryption d. Decryption
b. Steganography
Which of the following best defines the recovery point objective? a. The length of time it will take to recover the backed-up data b. The maximum tolerable length of time between backups c. The length of time it will take to back up data d. The maximum number of recoveries possible from a backup
b. The maximum tolerable length of time between backups
You are a cybersecurity trainer, and the following are the objectives of an incident response plan listed by a student in a cybersecurity exam. Which of the following is a correct statement? a. To deceive the attackers b. To contain the spread of the attack c. To completely prevent an attack d. To avenge an attack
b. To contain the spread of the attack
Smith installed new meeting-scheduling software that automatically sends emails and reminders to the recipient's computer. Smith noticed that after installation, the software was also tracking other applications he accessed on his computer. What is this attack called? a. Backdoor b. Trojan c. Spyware d. PUP
b. Trojan
Sara keeps sensitive data on her work phone, which she frequently uses to make business calls while driving to different client sites. Which of the following actions should Sara take to limit the threat of bluejacking and bluesnarfing attacks on her work phone? a. Ensure that her Bluetooth connection is never disabled b. Turn off her phone's Bluetooth connection when she is not using it c. Reboot her phone hourly to ensure potential threat actors are disconnected d. Put her phone on airplane mode when its Bluetooth connection is enabled
b. Turn off her phone's Bluetooth connection when she is not using it
Your organization is planning to be a part of the CISCP program as a partner. As an information security expert in your company, you are approached by your CEO, who wants to understand how the speed limit of public information centers like CISCP is handled. How should you explain how this speed limit is handled to him? a. CISCP implements PPTP, which takes care of the speed limit issue of public information centers. b. CISCP currently implements threat maps to address the issue of public information center speed limits. c. CISCP implements AIS, which resolves the speed limit issue of public information centers. d. CISCP implements HTTP protocol in communications to address the speed limit issue of public information centers.
c. CISCP implements AIS, which resolves the speed limit issue of public information centers.
You are assigned to hunt for traces of a dangerous DNS attack in a network. You need to capture DNS attacks that can compromise DNS replies to all the devices in the network. What type of DNS attack should you look for? a. DNS amplification attack b. DNS poisoning c. DNS hijacking d. DNS botnet attack
c. DNS hijacking
An enterprise's application server and web server are hosted by a cloud service provider, and their database server is in the enterprise's own cloud establishment. Which type of cloud is used by the enterprise? a. Community cloud b. Public cloud c. Hybrid cloud d. Private cloud
c. Hybrid cloud
ABC Manufacturing Company is located in Hiroshima, Japan. Being prone to earthquakes, the company decided to implement a backup of their data on a Singapore server. The IT administrator contacted you to identify the optimal command-line interface protocol for this backup. Which protocol should you advise? a. Secure sockets layer b. Transport layer security c. Secure shell d. Hypertext transport protocol secure
c. Secure shell
Your organization has been developing a new product for the last three years. The technical specifications of the product were leaked before the product's official release. As a result of the leak, your company's main competitor is changing the specifications of their own product, releasing it earlier than your product, and planning on acquiring the manufacturer your company uses to create vital digital circuits. News of the competitor's plans has caused the majority of investors to pull their funding from your company. Based on typical commercial data classification levels, which data classification level was breached? a. Confidential b. Private c. Sensitive d. Proprietary
c. Sensitive
You work in an enterprise that provides various services to other enterprises. After successfully negotiating terms with a new client, you were asked to issue an agreement that specifies the responsibilities of each party and guarantee of services. Which of the following agreements should you issue? a. Nondisclosure agreement b. Business partnership agreement c. Service-level agreement d. Memorandum of understanding
c. Service-level agreement
What is an attack on a NoSQL database compromised by data manipulation when the input is not sanitized by the application? a. SQL injection b. Trojan attack c. XML injection d. Backdoor attack
c. XML injection
In an interview, you were asked to analyze the following statements regarding secure network designs and choose the correct one. Which of the following should you choose? a. An ACL is a security technology that enables authorized users to use an unsecured public network. b. A VPN contains rules that administer the availability of digital assets by granting or denying access to them. c. A SMTP is a VPN protocol that does not offer any encryption or protection, so it is usually paired with IPsec. d. A NAC examines an endpoint before it can connect to the network, denying access to any device that does not meet specific criteria.
d. A NAC examines an endpoint before it can connect to the network, denying access to any device that does not meet specific criteria.
John needs to identify public key systems that generate different, random public keys for each session and, even if a key gets stolen, should not reveal more than one message. Which public key system should John suggest? a. Diffie-Hellman b. Diffie-Hellman Ephemeral c. Elliptic Curve Diffie-Hellam d. Perfect forward secrecy
d. Perfect forward secrecy
A threat actor employed by the victimized organization who purchases and deploys their own devices in the enterprise network is referred to as which of the following? a. Cyberterrorist b. Competitor c. Broker d. Shadow IT
d. Shadow IT
Alex works for Alpha Consultancy, where employees are only allowed to use the company's intranet resources using static IT devices connected through a physical network connection. But their clients' teams frequently travel to Alpha Consultancy and require intranet connections for their mobile devices and laptops. One client team has members from various departments who visit at different times. Alex has been told to implement a solution that can be configured for visiting team use while ensuring that these visiting teams can access the intranet without compromising network security. Which of the following protocols should Alex implement? a. WEP b. WPS c. MAC d. WPA
d. WPA
Your company's Accounts Payable department reports that an invoice was marked as paid, but the vendor has shown proof they never received any of the $783,296 payment. Accounts Payable confirms that the amount was deducted from the company's accounts, but the recipient account number does not match the vendor's. After an investigation, you discover that the invoice was paid by the Chief Financial Officer. He says he paid the invoice after receiving an after-hours, past-due invoice from the vendor claiming that they would be filing a civil action in court the next morning. Rather than wait for Accounts Payable to come in the next day and verify the invoice date, the CFO immediately paid the full amount. Which type of social engineering attack was your company most likely the victim of? a. Pharming b. Credential harvesting c. Phishing d. Whaling
d. Whaling
