CompTIA Security+ Certification SYO-701 Exam Questions Flashcards
What principle of social engineering is the natural gas utility seeking to utilize by sending messages, similar to the one provided, to encourage customers to reduce their energy consumption?
A: Consensus
B: Familiarity
C: Intimidation
D: Authority
** Answer: Consensus **
Consensus in security is a process that uses automated verification to establish agreement, trust, and security across a network. It’s used in blockchains, cryptocurrencies, and distributed ledgers.
An attacker captures a legitimate user’s request to an application and then sends it multiple times. What type of application security threat does this scenario represent?
A: Memory leak
B: Replay attack
C: Integer overflow
D: Request forgeries
** Answer: Replay Attack **
It is a malicious act where a hacker intercepts a legitimate data transmission and then re-transmits it at a later time, essentially “replaying” the data to trick a system into performing an unauthorized action, like granting access or processing a transaction, as if the original request was being made again; this exploits a lack of proper authentication mechanisms in the communication protocol involved.
A replay attack is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and re-transmits it, possibly as part of a spoofing attack by IP packet substitution.
While modifying security protocols to adapt to evolving threats, what control category best characterizes the network firewall Bob is managing?
A: Corrective
B: Preventative
C: Deterrent
D: Detective
** Answer: B: Preventative **
Examples of preventative security:
Firewalls: Filter network traffic to prevent unauthorized access
Encryption: Secures data during storage and transmission
Antivirus software: Scans for malicious software and protects devices from infection
Software updates: Keeps software up to date to fix vulnerabilities
System hardening: Strengthens systems to make them more difficult to attack
User access controls: Limits who can access systems and data
Network access controls: Limits who can access networks
Security awareness training: Educates users on how to identify and avoid security threats
Policies and procedures: Establishes guidelines for how to respond to security threats
Within a PKI system, a Registration Authority (RA) plays a vital role. What’s the main responsibility of an RA?
A: Conducting encryption operations
B: Establishing secure connections
C: Managing certificate registrations
D: Issuing root certificates
** Answer: Managing certificate registrations**
A registration authority (RA) is an authority in a network that verifies user requests for a digital certificate and tells the certificate authority (CA) to issue it.
Some attacks aim to gain higher privileges on a mobile device. Which of the following options is an example of such a privilege escalation attack?
A: Jailbreaking
B: Tethering
C: Man-in-the-middle
D: Sideloading
** Answer: Jailbreaking **
Jailbreaking is a technique that bypasses restrictions on a device or application to gain more control or access to unauthorized software. It can be used on mobile devices, AI models, and other applications.
Amanda wants to create a secure connection between two company offices using IPsec-based VPN concentrators. Which IPsec mode is BEST suited for this site-to-site VPN setup?
A: Split tunnel
B: TLS
C: Transport model
D: Tunnel model
** Answer: Tunnel Model **
For a site-to-site VPN setup using IPsec concentrators, the best mode is “Tunnel Mode” as it encapsulates the entire original packet, providing the most secure and reliable connection between the two offices.
A military base recently deployed large, loud dogs that bark fiercely at any movement. What type of security control does this represent?
A: Detective
B: Compensating
C: Preventive
D: Deterrent
** Answer: Deterrent **
A deterrent control refers to a security measure designed to discourage individuals from violating security controls. It can take various forms, such as signs indicating video monitoring or yard signs with alarm company logos, which signal the presence of other security measures.
When assessing a vendor, what is the main goal of penetration testing?
A: To identify vulnerabilities in the vendor’s systems and applications
B: To evaluate the vendor’s marketing strategies
C: To evaluate the vendor’s financial stability
D: To assess the physical security of the vendor’s premises
** Answer: A **
The primary goal of penetration testing in security is to proactively identify vulnerabilities within a system or network that malicious actors could exploit, allowing organizations to address weaknesses and improve their overall security posture before a real attack occurs; essentially, it’s a simulated attack to discover potential security flaws
Imagine you need to connect to your company’s network remotely and manage files or applications securely. Which protocol facilitates this secure remote access?
A: Simple Network Management Protocol (SNMP)
B: Secure Shell (SSH)
C: Simple Mail Transfer Protocol (SMTP)
D: File Transfer Protocol (FTP)
** Answer: Secure Shell (SSH) **
Amanda is building an incident response team. Who, among the following, should HOLD ultimate responsibility and authority over the team’s actions?
A: Chief Financial Officer (CFO)
B: Chief Information Officer (CIO)
C: Chief Executive Officer (CEO)
D: Chief Information Security Officer (CISO)
** Answer: Chief Information Security Officer (CISO) **
CISO security is the role of a Chief Information Security Officer (CISO) in protecting an organization’s information and technology assets. CISOs are senior executives who work with IT managers, business leaders, and security teams to ensure the security of an organization’s systems, applications, and data.
What security tool acts as a gatekeeper, inspecting and filtering incoming and outgoing network traffic based on defined security policies to block unauthorized access?
A: Virtual Private Network (VPN)
B: Intrusion Detection System (IDS)
C: Network Address Translation (NAT)
D: Access Control Lists (ACL)
** Answer: Access Control Lists (ACL) **
An access control list (ACL) is a set of rules that control who can access a network or computer system. ACLs are a key component of network security, and are used to protect sensitive data and resources.
In cryptography, Kerckhoff’s principle focuses on the importance of secrecy for which element?
A: Public disclosure of encryption methods
B: Keeping the key confidential
C: Regularly changing encryption algorithms
D: Keeping the algorithm secret
** Answer: Keeping the key confidential **
Kerckhoff’s Principle is a fundamental concept in cryptography that states that a system’s security should rely on the secrecy of its keys, not the secrecy of the system itself.
Kerckhoffs’ principle is a fundamental concept in cryptography. It states that the security of a cryptographic system shouldn’t rely on the secrecy of the algorithm. Instead, it should be based on the secrecy of the cryptographic key. A good cryptographic system should remain secure even if the algorithm used is known.
Amanda wants to prevent employees from stealing confidential data. Which control would be LEAST helpful?
A: Implementing data loss prevention systems
B: Blocking the use of personal email accounts
C: Building least privilege access controls
D: Encrypting data in transit
** Answer: Encrypting data in transit **
What ethical hacking practice led to Bob receiving a $10,000 payout from Microsoft for identifying a security flaw in their NET platform?
A: Red-team
B: Black Hat
C: Bug bounty
D: OSINT
** Answer: OSINT **
Open Source Intelligence (OSINT) is the process of collecting and analyzing publicly available information to support security and intelligence operations. In the context of security, OSINT can be used to identify potential threats and vulnerabilities.
Which technology is used to combat malware and phishing attacks propagated through email platforms?
A:Intrusion Prevention System (IPS)
B: Email gateway
C: Virtual Private Network (VPN)
D: Secure Sockets Layer (SSL)
** Answer: Email gateway **
It refers to a dedicated server that acts as a checkpoint for all incoming and outgoing emails, inspecting them for potential threats like malware, spam, phishing attempts, and other malicious content before delivering them to the intended recipient, essentially acting as a security filter to protect an organization’s email system; a “secure email gateway” (SEG) specifically indicates a system designed to perform this function with advanced threat detection capabilities.
Which approach to access control determines permissions based on established policies rather than individual user identities?
A: Implicit Trust Zones
B: Policy-driven Access Control
C: Zero Trust
D: Adaptive Identity
** Answer: Policy-driven Access Control **
“Policy-driven Access Control” in security refers to a method of managing user access to systems and resources based on predefined policies, where access decisions are made by evaluating a user’s attributes against these policies, allowing for more granular control and dynamic adjustments compared to simpler role-based access control (RBAC) models; essentially, it means users can only access information or perform actions that are explicitly permitted by the established policies within the system.
Bob wants to deploy a Cloud Access Security Broker (CASB) for his organization. To ensure compatibility with most cloud applications, what approach should he prioritize?
A: Forward proxy
B: Firewall
C: Extensive Reporting Functionalities
D: API
** Answer: Forward proxy **
Forward proxies add an extra layer of security between your network and the Internet. They can be configured to block access to malicious websites, reducing the risk of malware infections.
A proxy server, sometimes referred to as a forward proxy, is a server that routes traffic between client(s) and another system, usually external to the network. By doing so, it can regulate traffic according to preset policies, convert and mask client IP addresses, enforce security protocols, and block unknown traffic
In order to protect her SMTP email exchanges from eavesdropping during transmission, what solutions can Stephani implement?
A: SPF
B: DKIM
C: EXIF
D: TLS
** Answer: TLS **
TLS (Transport Layer Security) protects SMTP emails by encrypting the communication between email servers during transmission, ensuring that the content of the email remains confidential and cannot be intercepted or read by unauthorized parties while it travels across the internet; essentially making email transmission more secure by preventing eavesdropping on the data exchanged between servers.
The Chief Information Security Officer aims to guarantee the validation and integrity verification of zone transfers within the organization. Which solution among the following is the most appropriate?
A: LDAPS
B: DNSSEC
C: DLP
D: NGFW
** Answer: DNSSEC **
Domain Name System Security Extensions (DNSSEC) is a set of protocols that use cryptography to improve the security of the Domain Name System (DNS). DNSSEC helps protect users from receiving incorrect or tampered data, and it can help prevent cyber attacks.
Amanda is beginning a penetration test against a client and would like to begin with passive reconnaissance. Which one of the following tools may be used for passive reconnaissance?
A: Social engineering tools
B: Metasploit
C: Nslookup
D: Nessus
** Answer: Nslookup **
Nslookup is a command-line tool that can be used to investigate security breaches and troubleshoot network issues. It can be used on Windows and Unix operating systems.
Security uses
– Phishing detection: Nslookup can help detect phishing attacks by identifying IP addresses associated with malicious domains.
– DDoS attack tracking: Nslookup can help identify the IP addresses of attackers in a DDoS attack.
– Cache poisoning defense: Nslookup can help detect cache poisoning attacks, where attackers distribute fraudulent data to DNS servers.
Which type of card would be the most suitable choice for Bob’s facility, given his primary concern about authentication speed in a card-based access control system?
A: Magnetic stripe card
B: Proximity card
C: Photo ID card
D: Smart card
** Answer: B: Proximity card **
A proximity card is a contactless card or key fob which is used to access secure areas. They are a key part of modern access control systems.
Among the following options, which certificate format is likely employed in the displayed certificate?
A: P12
B: PEM
C: DER
D: PFX
** Answer: B: PEM **
PEM can refer to Preemptive Exposure Management, Privileged Entitlements Management, or Privacy Enhanced Mail, which are all cybersecurity-related terms.
– A proactive cybersecurity strategy that identifies and fixes security vulnerabilities before they can be exploited.
– Uses technologies like automated security control assessments and breach and attack simulation.
Which algorithm did the US federal government sanction for digital signature creation as per the Digital Signature Standard (DSS)?
A: DSA
B: 3DES
C: RSA
D: AES
** Answer: A: DSA **
Digital Signature Algorithm (DSA)
– A public-key cryptosystem that uses a mathematical concept to create digital signatures.
– The DSA was proposed by the National Institute of Standards and Technology (NIST) in 1991 and adopted by the Federal Information Processing Standard (FIPS) in 1993.
– A DSA certificate makes it easier to keep up with government standards.
Which subnet would be most suitable for a security administrator to create on a corporate firewall interface for establishing a DMZ, with the capacity to host up to 14 physical hosts?
A: 192.168.0.16/28
B: 192.168.0.16 - 255.25.255.248
C: 192.168.1.50 - 255.255.25.240
D: 192.168.2.32/27
** Answer: A: 192.168.0.16/28 **
A DMZ subnet typically hosts servers that need to be accessible from the public internet, like web servers, email servers, DNS servers, FTP servers, VPN gateways, proxy servers, firewalls, load balancers, application servers, database servers (if publicly accessible), content management systems (CMS), e-commerce platforms, remote access servers, and public-facing collaboration tools; all of which should be carefully configured and monitored due to their exposure to external threat
A large financial institution is evaluating the security of procedures related to customer data handling by seeking assistance from an external organization. Which security protocol is being implemented in this scenario?
A: Internal audit
B: Compliance check
C: Self-assessment
D: Third-party audit
** Answer: D: Third-party audit **
A third-party security audit is an independent evaluation of an organization’s security practices and procedures. Third-party audits can help identify potential risks, ensure compliance with regulations, and recommend improvements.
Which RAID level would Lori select to support fault tolerance for her database server, ensuring recovery from the failure of any single drive, while utilizing distributed parity bits?
A: RAID 3
B: RAID 1
C: RAID 5
D: RAID O
** Answer: C: RAID 5 **
RAID 5 is a redundant array of independent disk configurations that uses disk striping with parity. Data and parity are striped evenly across all of the disks, so no single disk is a bottleneck. Striping also enables users to reconstruct data in case of a disk failure.
Which security control category includes measures like visitor registration, badging, and escorting for visitor control?
A: Operational
B: Physical
C: Managerial
D: Technical
** Answer: A: Operational **
Operational controls in security are policies, procedures, and standards that help an organization prevent, detect, and respond to security incidents. These controls focus on the day-to-day operations of an organization.
What is the objective of conducting a network security assessment?
A: To monitor network activity
B: To prevent data breaches
C: To identify vulnerabilities and weaknesses in the network
D: To improve network speed
** Answer:
C: To identify vulnerabilities and weaknesses in the network
**
A network security assessment involves evaluating a computer network’s security posture by identifying vulnerabilities, weaknesses, and potential threats.
Bob calculated a unique identifier for three separate log files on his computer. Each file contains entries from distinct days. What function did Bob likely use?
A: Use of a secure hash function
B: Collision
C: Syntax error
D: Decryption
** Answer: A: Use of a secure hash function **
A secure hash function in security is a cryptographic algorithm that takes input data of any size and produces a fixed-length output, called a hash value or digest, which is designed to be computationally difficult to reverse engineer, ensuring data integrity and authenticity by making it nearly impossible to find two different inputs that generate the same hash value; commonly used examples include SHA-256 and SHA-1.
What are the benefits of DomainKeys Identified Mail (DKIM) in improving email security?
A: By storing emails on a gateway
B: By filtering DNS requests
C: By blocking or allowing access to specific websites
D: By providing a digital signature to authenticate email content and its sender
** Answer: D: By providing a digital signature to authenticate email content and its sender **
DKIM (DomainKeys Identified Mail) is a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify. DKIM record verification is made possible through cryptographic authentication.
DomainKeys Identified Mail (DKIM) is an email security standard that verifies the authenticity of messages. DKIM uses cryptography to sign emails and protect against spoofing, phishing, and spam.
What term describes the new technique recently implemented by Steve’s company to secure remote access for BYOD mobile device users, where users connect to corporate systems through a dedicated application with no corporate data accessible outside of it?
A: Full device encryption
B: Storage segmentation
C: Sideloading
D: Containerization
** Answer: C: Sideloading **
Sideloading is the installation of an application on a mobile device without using the device’s official application distribution method. These days, most users acquire their applications through a sanctioned app store, such as Google Play, Microsoft Store, Samsung Galaxy Store or Apple’s App Store.
If a company replaces a user’s Social Security Number with a random string of characters for processing, but retains a secure mapping to the original number, which method are they using?
A: Tokenization
B: Hashing
C: Masking
D: Encryption
** Answer: A: Tokenization **
Tokenization is a data security method that protects sensitive information by replacing it with a non-sensitive substitute called a token. Tokens are unique identifiers that are linked to the original data but cannot be deciphered.
What aspect of security does the Metasploit Framework primarily concentrate on?
A: Network mapping
B: Exploiting discovered vulnerabilities
C: Vulnerability scanning
D: Post-compromise analysis
** Answer:
B: Exploiting discovered vulnerabilities
**
The Metasploit framework is a very powerful tool, which can be used by cybercriminals as well as ethical hackers to probe systematic vulnerabilities on networks and servers. Because it’s an open-source framework, it can be easily customized and used with most operating systems.
When an administrator adjusts hashed passwords to include randomization, ensuring that identical inputs lead to varied outputs, what term applies to this modification?
A: Key stretching
B: Salting
C: IPSec
D: Hashing
** Answer:
B: Salting
**
Salting is a security technique that adds a random string of characters to a password before it’s hashed. This makes it harder for attackers to crack passwords.
Salting: Adds random data to passwords before hashing, making them harder to crack using methods like rainbow tables. Unique Functions: Encryption secures data, hashing ensures integrity, and salting makes password protection stronger.
A detailed agreement between a client and a vendor describing the work to be performed on a project is referred to as:
MSA
SLA
WO
SOW
** Answer: SOW **
A Statement of Work (SOW) in security is a document that outlines the tasks, deliverables, and timeline for a security project. It’s a formal agreement that defines the work to be done and the expectations for the project.
Which of the following answers refers to an analog telephone service providing basic voice communication over copper telephone lines?
PSTN
ISDN
PBX
POTS
** Answer: ROTS **
POTS may refer to Plain Old Telephone Service, which is an outdated technology that was once used for alarm signals.
In cybersecurity, a honeypot is a decoy system that attracts malicious software or cyberattacks. Honeypots are used to gather information about attacks so that security teams can improve their systems.
A protocol designed to improve the security of existing WEP implementations is known as:
SRTP
TKIP
CCMP
WPA2
** Answer: TKIP **
Temporal Key Integrity Protocol (TKIP) is a security protocol that encrypts data packets in wireless local area networks (WLANs). It was created to improve on the security of Wired Equivalent Privacy (WEP), an earlier encryption protocol. TKIP is a component of Wi-Fi Protected Access (WPA), which replaced WEP
Which of the acronyms listed below refers to a technology used in cameras and surveillance systems that enables remote control of camera functions?
RDP
CCTV
PTZ
TCP/IP
** Answer: PTZ **
PTZ (Pan-Tilt-Zoom) Security Cameras can move their lens horizontally, vertically, and zoom in and out. This provides 360° surveillance and detailed close-ups, ideal for securing large commercial and business areas like parking lots, warehouses, and perimeters.
Which of the following provides granular control over user access to specific network segments and resources based on their assigned roles and permissions?
IAM
SSO
PAM
MFA
** Answer: IAM **
Identity and access management (IAM) is a security framework that controls who can access an organization’s digital resources. IAM is a set of policies, processes, and technologies that use unique user identities to manage access to applications, devices, networks, and more.
A security solution designed to detect anomalies in the log and event data collected from multiple network devices is called:
SNMP
PCAP
HIPS
SIEM
** Answer: SIEM **
SIEM stands for security information and event management. It’s a security management system that monitors, analyzes, and responds to IT events. SIEM tools help detect threats and incidents and can automate responses.
Which of the answers listed below refers to a smart card used in mobile phones to identify the phone user?
IMSI
SoC
IMEI
SIM
** Answer: SIM **
“Subscriber Identity Module,” refers to the small chip within a mobile phone that stores crucial identifying information like your phone number, allowing you to connect to a cellular network, and is considered a vital component for mobile security as it plays a key role in user authentication and preventing unauthorized access to your accounts linked to your phone number; essentially, a compromised SIM card can lead to significant security risks like SIM swapping scams where attackers gain control of your phone number and access to sensitive accounts linked to it.
Which of the following devices would be used for connecting a router to a T1 line?
CSU
IDF
NIC
EDR
** Answer: CSU **
a “Channel Service Unit” used to connect a network device (like a router) to a T1 line, which is a high-speed digital leased line often used for reliable data transmission, particularly in scenarios where robust security is required due to the sensitive nature of the information being transferred; essentially, the CSU acts as a bridge between the local network and the T1 carrier network, ensuring proper data signal conversion and transmission while providing a secure connection to the wider network.
What are the applications of PGP? (Select 3 answers)
Compressing data
Encrypting and decrypting data ( Your answer)
Signing and verifying digital signatures ( Your answer)
Managing public and private keys ( Your answer)
Securing website traffic
** Answer: b, c, d **
- Encrypting and decrypting data
- Signing and verifying digital signatures
- Managing public and private keys
Pretty Good Privacy, a security program that enables users to communicate securely by decrypting and encrypting messages, authenticating messages through digital signatures, and encrypting files.
A field in an SSL/TLS certificate that allows the certificate to be used for multiple domain names or IP addresses is referred to as:
CNAME
SAN
MX
PTR
** Answer: SAN **
SAN security refers to the protection of a Storage Area Network (SAN) and the data it stores. SANs are high-speed networks that connect servers to storage devices. They are often used for business-critical applications.
Your answer to this question is incorrect or incomplete.
Which of the answers listed below refers to a tunneling protocol commonly used in creating VPNs?
VRRP
GRE
RTSP
BGP
** Answer: GRE **
Generic Routing Encapsulation (GRE) is a communication protocol that can be used to create secure connections between networks. However, GRE tunnels can also be used by hackers to launch attacks.
It is a protocol for wrapping data packets inside secondary data packets to set up a direct point-to-point network connection.
Which of the following answers refers to a professional that oversees the management and maintenance of an information repository?
CTO
PM
DBA
CIO
** Answer: DBA **
Which of the terms listed below refers to a US government initiative for real-time sharing of cyber threat indicators?
NVD
AIS
TTP
CVSS
** Answer: AIS **
Automated Indicator Sharing (AIS) is a service the Cybersecurity and Infrastructure Security Agency (CISA) provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations
A type of OS characterized by low delay between the execution of tasks required in specific applications, such as in military missile guidance systems or in automotive braking systems, is known as:
UNIX
Windows NT
POSIX
RTOS
** Answer: RTOS **
Real-Time Operating Systems (RTOS) can be used to secure embedded systems and the Internet of Things (IoT). RTOS can help prevent attacks at entry points, like networks and physical devices.
It is an operating system with two key features: predictability and determinism. In an RTOS, repeated tasks are performed within a tight time boundary, while in a general-purpose operating system, this is not necessarily so.
Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use?
CBC
GCM
ECB
CTR
** Answer: ECB **
CB stands for Electronic Code Book, a mode of operation for encrypting and decrypting data. It’s a simple and fast algorithm that’s commonly used in cybersecurity. However, ECB is not recommended for use in cryptographic protocols because it doesn’t hide data patterns well.
Which communication method supports real-time text-based messaging, multimedia sharing, group chats, and video calls?
SMS
MMS
IM
RTC
** Answer: IM **
“Instant Messenger” generally refers to a communication platform that can be considered not inherently secure due to the potential for transmitting sensitive information in unencrypted form, making it vulnerable to interception by unauthorized parties; therefore, caution is advised when using IM for sensitive data, and utilizing features like end-to-end encryption is crucial for enhanced security when necessary.
Which senior executive position assumes the responsibility for protecting assets, data, and people from potential threats?
CEO
CIO
CSO
CTO
** Answer: CSO **
Which cybersecurity role is primarily responsible for hands-on implementation and oversight of security measures for specific systems and networks?
CSO
CTO
DPO
ISSO
** Answer: ISSO **
An Information Systems Security Officer (ISSO) is a cybersecurity professional who protects an organization’s IT infrastructure. They are responsible for maintaining the security of systems, networks, and databases.
A company or organization that offers cloud computing services over the Internet is called:
ISP
MSSP
CSP
MSP
** Answer: CSP **
Content Security Policy, a security measure that helps protect websites from attacks like cross-site scripting (XSS). CSP is a set of instructions that a website sends to a browser to limit what resources can be loaded.
Which of the terms listed below refers to a global community focused on the development of engineering standards?
ANSI
NIST
CERT
IEEE
** Answer: IEEE **
Which of the following answers refers to a device designed to supply (and monitor the quality of) electric power to multiple outlets?
PSU
MDF
PDU
IDF
** Answer: PDU **
PDUs can incorporate security features such as encryption, authentication, and access control mechanisms in their headers to protect data confidentiality, integrity, and availability. These security measures help safeguard against unauthorized access, data manipulation, and other security threats.
Which of the answers listed below refers to a global standard development organization composed of different national standards bodies?
NIST
ISO
IEEE
ANSI
** Answer: ISO **
ISO stands for International Organization for Standardization, and ISO/IEC 27001 is an international standard for information security management. ISO standards help organizations improve their security, safety, and risk management.
Which of the following acronyms refers to the process of identifying and preparing for potential disruptions or unexpected events to ensure business continuity?
BIA ( Your answer)
SLE
CP ( Missed)
BPA
** Answer: ECB **
A dedicated local network consisting of devices providing data access is referred to as:
SDN
NAS
iSCSI
SAN
** Answer: SAN **
SAN can refer to Security Assistance Network or Storage Area Network, both of which have security implications.
Which senior executive is responsible for managing an organization’s IT strategy and systems?
CEO
CIO
CSO
CTO
** Answer: CIO **
Which of the answers listed below refers to a framework used on Unix-like OSs to manage authentication-related tasks?
PAM
SSO
MFA
OAuth
** Answer: PAM **
Privileged Access Management (PAM) is a cybersecurity strategy that protects sensitive data and systems by controlling who can access them. PAM helps organizations prevent cyber threats and data breaches.
Which of the following answers refers to a network protocol for delivering audio and video over IP networks?
RDP
VoIP
RTP
UDP
** Answer: RTP **
Real-time Transport Protocol (RTP) is a network protocol that can be vulnerable to security breaches, so the Secure Real-time Transport Protocol (SRTP) was developed to protect it.
SRTP uses encryption and authentication to protect voice and video communications.
Which of the terms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?
GUI
SDLC
API
SDK
** Answer: SDK **
SDK security refers to the practices and measures taken to ensure that Software Development Kits (SDKs) used in mobile application development are secure, do not introduce vulnerabilities, and protect user data and the integrity of the application.
A type of software that serves as an intermediary between users and the hardware, allowing users to interact with the computer and run applications is known as:
ROM
BIOS
OS
RAM
** Answer: OS **
Operating system (OS) security is the protection of a computer’s operating system from unauthorized access and other threats. The goal is to keep data and systems secure.
Which of the following answers refers to an encryption protocol primarily used in Wi-Fi networks implementing the WPA2 security standard?
TKIP
CCMP
SSL
HMAC
** Answer: CCMP **
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.S. federal government’s Advanced Encryption Standard (AES) algorithm and uses the Counter Mode with CBC-MAC (CCM) mode of operation.
In telecommunications, a type of main hub connecting internal networks with outside cabling is called:
MDF
ICS
MDI
IDF
** Answer: MDF **
A Main Distribution Frame (MDF) is a central hub for telecommunications wiring that’s important for network security. MDFs are a key part of a building’s telecommunications infrastructure and are often located on the first floor.
Which of the acronyms listed below refers to a protocol used in network management systems for monitoring network-attached devices?
SSH
VNC
SNMP
RDP
** Answer: SNMP **
Simple Network Management Protocol (SNMP) is an internet standard that can be vulnerable to security breaches. To secure SNMP, you can use access control lists (ACLs), encryption, and other best practices.
Which of the following answers refers to a routing protocol?
RTP
BGP
RDP
EAP
** Answer: BGP **
BGP security protects the Border Gateway Protocol (BGP) from attacks by verifying the authenticity of routing information. BGP is a protocol that exchanges routing information between networks.
A specific URI type most commonly used to identify web pages is referred to as:
DOI
ISBN
OUI
URL
** Answer: URL **
Which of the answers listed below refers to a solution that simplifies web browser configurations by using predefined rules or scripts to make server selection decisions for specific web traffic?
PAC
DDNS
PAM
NAT
** Answer: PAC **
PAC stands for Physical Access Control System, which is a security system that controls who can enter a building or facility. PACS can use a variety of methods to authenticate users, including PINs, biometrics, and mobile credentials.
Which of the following terms refers to a network of physical devices, vehicles, buildings, and other items embedded with sensors, software, and other technologies that connect and exchange data with other devices and systems over the Internet?
SoC
PAN
IoT
WMN
** Answer: IoT **
Internet of Things (IoT) security is the protection of devices and networks connected to the internet. It’s a subset of cybersecurity.
** IoT security goals **
– Protect user privacy and data confidentiality
– Ensure the security of devices and infrastructure
– Allow the IoT ecosystem to function smoothly
Which of the answers listed below refers to a unique 32-bit identifier embedded in older mobile phones and used by network operators to identify and authenticate the device on the cellular network?
MAC
ESN
IP
OID
** Answer: ESN **
The full form of ESN is Electronic Serial Number. An ESN is a unique identification number that the manufacturers embed on a microchip used in wireless phones.
Which of the following answers refers to a software-based solution that allows users to access and interact with a virtual OS from anywhere using any device with an Internet connection?
VDU
VTC
VDE
VNC
** Answer: VDE **
VDE standards are technical regulations that define safety requirements, test procedures, and other specific criteria for products and systems in the field of electrical engineering, electronics, and information technology.
GPG is used for: (Select all that apply)
Securing website traffic
Managing public and private keys ( Your answer)
Signing and verifying digital signatures ( Your answer)
Compressing data
Encrypting and decrypting data ( Your answer)
** Answer: GPG **
GNU Privacy Guard (GnuPG or GPG) is a free-software replacement for Symantec’s cryptographic software suite PGP. The software is compliant with the now obsoleted RFC 4880, the IETF standards-track specification of OpenPGP. Modern versions of PGP are interoperable with GnuPG and other OpenPGP v4-compliant systems.
– Managing public and private keys
– Signing and verifying digital signatures
– Encrypting and decrypting data
A software system that integrates and manages various business processes and functions across an organization is known as:
BCP
CMS
ERP
BIA
** Answer: ERP **
Enterprise Resource Planning (ERP) security is the protection of a company’s ERP systems from cyber threats. ERP systems are software platforms that integrate business processes, including finance, human resources, and supply chain management. They store sensitive data, making them attractive targets for cybercriminals.
What is RIPEMD?
Block cipher encryption mode
Digital signature algorithm
Family of cryptographic hash functions
Symmetric encryption algorithm
** Answer: C. Family of cryptographic hash functions **
RIPEMD is a cryptographic hash function used to verify data integrity and detect tampering. It’s used in cybersecurity and in Bitcoin and other cryptocurrencies.
Which of the following acronyms refers to a dedicated facility responsible for monitoring, detecting, investigating, and responding to cybersecurity incidents?
NOC
C2
ISAC
SOC
** Answer: SOC **
“Security Operations Center,” which is a centralized unit within an organization responsible for continuously monitoring, detecting, analyzing, and responding to potential cyber threats across the company’s network and systems, aiming to prevent and minimize damage from cyber attacks.
