1-50 Security plus questions

Question 1

A company is considering implementing a BYOD policy. What is the most significant security risk to consider?

Answer 1

Possible data leakage

Question 2

A security analyst observes a huge amount of ICMP echo reply (ping) traffic coming from multiple sources to a
single destination within the network. What type of attack is most likely occurring?

Answer 2

Smurf attack

Question 3

Which protocol is vulnerable to sniffing attacks because it transmits usernames and passwords in cleartext?

Answer 3

B. FTP

Question 4

A company has a policy that requires all mobile devices to be encrypted. What is the primary purpose of this
policy?

Answer 4

To prevent data loss if a device is physically lost or stolen

Question 5

A cybersecurity analyst is reviewing a series of failed login attempts on the company’s user portal. The attempts
appear to be using common usernames and passwords. Which type of attack is most likely being attempted?

Answer 5

Brute force attack

Question 6

Which of the following symmetric encryption algorithms is considered to be the most secure?

Answer 6

AES

Question 7

What does a rootkit primarily target?

Answer 7

Operating system

Question 8

A cybersecurity analyst has discovered that an attacker has been moving laterally within the network. What is
the BEST next step?

Answer 8

Contain the compromise

Question 9

Which of the following is considered an example of a technical control?

Answer 9

Firewall

Question 10

A company has implemented a system to centralize the management of user credentials. What is this system
known as?

Answer 10

Identity and Access Management (IAM)

Question 11

What is the primary purpose of a Web Application Firewall (WAF)?

Answer 11

Protect against SQL injection and XSS attacks

Question 12

What is the main difference between a worm and a virus?

Answer 12

A virus requires user action to spread, while a worm can spread by itself

Question 13

Which of the following is a type of public key infrastructure (PKI) attack where the attacker redirects the user to
a malicious website that appears to be legitimate?

Answer 13

Pharming attack

Question 14

A system administrator finds a file on a user’s desktop that appears to contain a list of passwords for various
company systems. What type of attack has likely occurred?

Answer 14

Credential harvesting

Question 15

A company has implemented a system that uses a single secure private key to encrypt and decrypt messages.
What type of encryption system is this?

Answer 15

Symmetric encryption

Question 16

A security analyst is examining logs and notices a large number of HTTP GET and POST requests from an IP
address that doesn’t belong to the company. What type of attack is likely occurring?

Answer 16

SQL injection

Question 17

A DDoS attack is overwhelming the company’s website. Which of the following would be the most effective way
to mitigate this attack?

Answer 17

Implement rate limiting

Question 18

What is the primary purpose of a VLAN?

Answer 18

To separate network traffic

Question 19

Which of the following is a risk associated with cloud computing?

Answer 19

Vendor lock-in

Question 20

An employee receives an email that appears to be from the CEO asking for sensitive company information. What
type of attack is this an example of?

Answer 20

Whaling

Question 21

Which form of authentication is based on something the user has?

Answer 21

Security token

Question 22

Which of the following is the most critical step in responding to a security incident?

Answer 22

Documenting the incident

Question 23

Which of the following is NOT a characteristic of a zero-day vulnerability?

Answer 23

It is easy to detect

Question 24

Which technology is used to separate a physical server into multiple virtual servers?

Answer 24

Hypervisor

Question 25

Which of the following is a security advantage of using a virtual private network (VPN)?

Answer 25

It encrypts data in transit

Question 26

A security analyst has detected an anomaly in network traffic. Which tool would be best suited to further
investigate this issue?

Question 27

Which type of malware requires a host program to spread?

Answer 27

Trojan

Question 28

What is the main benefit of a stateful firewall over a stateless firewall?

Answer 28

It can filter traffic based on the state of the connection

Question 29

A company is considering outsourcing its email services to a cloud provider. What type of cloud service model is
it considering?

Answer 29

Software as a Service (SaaS)

Question 30

Which type of security testing involves the tester having full knowledge of the system being tested?

Answer 30

White box testing

Question 31

A company has implemented a policy that requires all employees to use a smart card and a PIN to access the
corporate network. What type of authentication method is this?

Answer 31

Multifactor authentication

Question 32

Which of the following is a characteristic of a rainbow table attack?

Answer 32

It uses precomputed hashes to crack passwords

Question 33

What is the primary purpose of a security incident response plan?

Answer 33

To define the steps to take in response to a security incident

Question 34

What is the primary purpose of a Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

Answer 34

To issue digital certificates

Question 35

A security analyst is investigating a potential security incident and notices a large amount of data being
transferred from a company server to an unknown IP address. What type of threat is most likely being
encountered?

Answer 35

Data exfiltration

Question 36

Which of the following is a characteristic of a full backup?

Answer 36

It backs up all data and marks each file as being backed up

Question 37

A company is developing a new web application and wants to ensure it is secure. Which of the following would
be the BEST approach?

Answer 37

Conduct a penetration test

Question 38

A company has suffered a data breach and the investigation revealed that an insider was responsible. What type
of threat does this represent?

Answer 38

Insider threat

Question 39

Which of the following is a security disadvantage of using peer-to-peer (P2P) networks?

Answer 39

They can be used to distribute malware

Question 40

Which of the following is a critical step in the patch management process?

Answer 40

Test patches before deployment

Question 41

Which of the following is an example of a physical security control?

Question 42

A security analyst is conducting a penetration test and has gained access to a system. The analyst now wants to
ensure they maintain access to the system, even if the system is rebooted. What technique should the analyst
use?

Answer 42

Implementing a backdoor

Question 43

Which of the following is a benefit of using a Host-based Intrusion Detection System (HIDS) over a Networkbased
Intrusion Detection System (NIDS)?

Answer 43

It can detect attacks that a NIDS cannot, such as attacks that occur within encrypted traffic

Question 44

A company is planning to implement a system that will require users to provide two forms of identification from
different categories (something they know, something they have, something they are). What type of
authentication is this?

Answer 44

Multifactor authentication

Question 45

Which of the following is the most secure method for securely disposing of SSD drives?

Answer 45

Physical destruction

Question 46

A security analyst has detected a number of failed login attempts on a server from a single IP address. What type
of attack is most likely being attempted?

Answer 46

Brute force attack

Question 47

A user reports that their computer has been running slowly and they have been receiving pop-up ads while
browsing the internet. What type of malware is most likely causing these symptoms?

Answer 47

Adware

Question 48

Which of the following is an advantage of using a Security Information and Event Management (SIEM) system?

Answer 48

It provides real-time analysis of security alerts

Question 49

A company uses a secure protocol for transferring files between systems. This protocol also allows for
management and manipulation of directories on the remote system. What protocol is the company using?

Answer 49

SFTP

Question 50

What are the key concepts of the CIA triad in cybersecurity?

Answer 50

Non-repudiation
Integrity
Availability