6

Question 1

What are the two types of Ciphers?

Answer 1

Stream and Block

Stream is byte by byte (byte=characters)
Block encrypts blocks of bytes at a time

Question 2

Which of the following answers refer to an office equipment that combines the functionality of multiple devices? (Select 2 answers)
* MFD
* IoT
* MFP
* PED
* MFA

Answer 2

• MFD
• MFP

Question 3

A type of OS characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems, is known as:
* UNIX
* Windows NT
* POSIX
* RTOS

Answer 3

RTOS

Question 4

An integrated circuit combining components normally found in a standard computer system is referred to as:
* HSM
* TPM
* SoC
* BIOS

Answer 4

SoC

A System on a Chip, or SoC

Question 5

Which of the answers listed below refers to an IoT technology designed to provide communication between appliances in a home automation network?
* Ant+
* Zigbee
* NFC
* RFID

Answer 5

Zigbee

Question 6

A type of contactless smart card that can be read at a close range from a reader device is commonly referred to as:
* MicroSD card
* Common Access Card (CAC)
* Proximity card
* Personal Identity Verification (PIV) card

Answer 6

Proximity card

Question 7

What type of preventive physical access controls would provide a basic means for securing a door access? (Select 2 answers)
* Air gap
* Proximity card reader
* CCTV
* Industrial camouflage
* Smart card reader

Answer 7

• Proximity card reader
• Smart card reader

Question 8

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called:
* Honeynet
* Virtual Private Network (VPN)
* Extranet
* Screened subnet

Answer 8

Screened subnet

Question 9

Which of the following methods provides the most effective way for permanent removal of data stored on a magnetic drive?
* Standard format
* Overwriting data
* Degaussing
* Low-level format

Answer 9

Degaussing

Question 10

Digital signatures provide: (Select 3 answers)
* Integrity
* Authentication
* Confidentiality
* Authorization
* Non-repudiation
* Accounting

Answer 10

• Integrity
• Authentication
• Non-repudiation

Question 11

In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key length determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security.
* True
* False

Answer 11

True

Question 12

In cryptography, the term “Key stretching” refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks.
* True
* False

Answer 12

True

Question 13

Examples of key stretching algorithms include: (Select 2 answers)
* ROT13
* Twofish
* Bcrypt
* DSA
* PBKDF2

Answer 13

Bcrypt
PBKDF2

Question 14

Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks?
* Seed
* IV
* Salt
* Shim

Answer 14

Salt

Question 15

What are the Three Data states that need to be protected?

Answer 15

Data in Transit
Data at Rest
Data in Use

Question 16

What are the Threat Actor Types?

Answer 16

Scirpt Kiddies
Insider Threats
Hacktivist
Advanced Persistent Threat (APT)
State Actors
Criminal Syndicates
Show IT
Competitors

Question 17

What are the types of Hackers?

Answer 17

White Hat
Black Hat
Gray Hat

Question 18

What is the percentage of the value of a given asset that gets lost as a result of a specific incident?

Answer 18

EF (Exposure Factor)

Question 19

What is the value of tangible or intangible assets such as servers, computers, expertise, databases, or sensitive information?

Answer 19

AV (Asset Value)

Question 20

What is the amount of money you expect to lose each time a specific asset is lost of compromised?

Answer 20

SLE (Single Loss Expectancy)

Question 21

How is SLE calculated?

Answer 21

AV X EF = SLE

Question 22

What is the total number of times you expect a specific incident to occur in one year called?

Answer 22

ARO (Annual Rate of Occurrence)

Question 23

What is the calculation that helps to determine the expected monetary loss of an asset due to a particule risk over a single year called?

Answer 23

ALE (Annual Loss Expectancy)

Question 24

What is the calculation for ALE (Annual Loss Expectancy)?

Answer 24

SLE x ARO = ALE

Question 25

What is the contract between a service provider and its customers that documents what services the provider will furnish and defines the serve standards that the provider is obligated to meet called?

Answer 25

SLA (Service-Level Agreement)

Question 26

RPO refers to the amount of time that an application, system, or process can be down without causing significant damage to the business and the time spent restoring the application and its data to resume normal business operations after a significant incident.

True or False?

Answer 26

False

RPO (Recovery Point Objective) refers to calculating how much data loss a company can experience within a period most relevant to its business before significant harm occurs from the point of a disruptive event to the last data backup.

The definition used in the question is for RTO (Recovery Time Objective)