Exam Questions

Question 1

A company’s IT policy manual states that “All company computers, workstations, application servers, and mobile devices must have current versions of antivirus software.”

Which principle or concept of cybersecurity does this policy statement impact?

Operating system security

Accounting policy

Physical security

Access control policy

Answer 1

Operating system security

Question 2

An organization’s procedures document states that “All electronic communications should be encrypted during transmission across networks using encryption standards specified in the data encryption policy.”

Which security principle is this policy addressing?

Confidentiality

Interruption

Control

Availability

Answer 2

Confidentiality

Question 3

A company’s website policy states that “To gain access to the corporate website, each employee must provide a valid user name and password, and then answer one of six security questions accurately.”

Which type of security does the policy address?

Operations

Application

Human element

Physical

Answer 3

Operations

Question 4

An organization notices unauthorized visitors following employees through a restricted doorway.Which vulnerability should be addressed in the organization’s security policy?

Pretexting

Phishing

Baiting

Tailgating

Answer 4

Tailgating

Question 5

A company wants to update its access control policy. The company wants to prevent hourly employees from logging in to company computers after business hours. Which type of access control policy should be implemented?

Attribute-based

Mandatory

Discretionary

Physical

Answer 5

Attribute-based

Question 6

A new software development company has determined that one of its proprietary algorithms is at a high risk for unauthorized disclosure. The company’s security up to this point has been fairly lax. Which procedure should the company implement to protect this asset?

Relocate the algorithm to encrypted storage.

Create multiple off-site backups of the algorithm.

Store the algorithm on highly available servers.

Transfer the algorithm onto servers in the demilitarized zone.

Answer 6

Relocate the algorithm to encrypted storage.

Question 7

In addition to a username and corresponding password, a desktop application asks users to submit a special code. This code is produced by an application running on the users’ mobile phone.Which authentication technique is the phone application providing?

Something you have

Something you know

Something you are

Something you do

Answer 7

Something you have

Question 8

Employees are required to swipe their access cards and then to use an iris scanner to access protected areas in the company’s data center.Which two authentication techniques are used to protect the data center?

Something you have and something you are

Something you have and something you know

Something you do and something you are

Something you know and something you do

Answer 8

Something you have and something you are

Question 9

Which security solution can an organization deploy to prevent unauthorized external access to its internal network?

Firewall

Sniffer

IDS

VPN

Answer 9

Firewall

Question 10

A restaurant needs to protect its customers’ credit card information.Which security standard should the restaurant follow?

PCI DSS

SOX

FERPA

FISMA

Answer 10

PCI DSS

Question 11

A petroleum company has a group of computers used to monitor flow of materials in the refining process. These computers are never connected to the Internet or other corporate network, and they host proprietary monitoring software which the company has registered as a trade secret.Which type of security will be able to help protect its software against theft?

Application

Network

Physical

Operating system

Answer 11

Physical

Question 12

An organization wants to minimize the impact of user credential theft by ensuring that only HR staff can access employee personal information.Which security mechanism should it implement?

Turn on logging and auditing.

Remove all unnecessary services.

Apply the principle of least privilege.

Apply the latest software patches.

Answer 12

Apply the principle of least privilege.

Question 13

An organization wants to prevent malware from infecting its workstations, mobile devices, and web applications.Which security tool should it implement?

Antivirus

Firewall

Fuzzer

Scanner

Answer 13

Antivirus

Question 14

How can an operating system be hardened in accordance to the principle of least privilege?

Restrict account permissions.

Implement account auditing.

Remove unnecessary software.

Remove unneeded services.

Answer 14

Restrict account permissions.

Question 15

A company implements an Internet-facing web server for its sales force to review product information. The sales force can also update its profiles and profile photos, but not the product information. There is no other information on this server. Which content access permissions should be granted to the sales force based on the principle of least privilege?

Limited read access only

Limited write access only

Read and limited write access

Read and write access

Answer 15

Read and limited write access

Question 16

A corporation has discovered that some confidential personnel information has been used inappropriately.How can the principle of least privilege be applied to limit access to confidential personnel records?

Only allow access to those who work in the human resources department.

Only allow access to those who need access to perform their job.

Only allow access to department heads and executives.

Only allow access to those with elevated security permissions.

Answer 16

Only allow access to those who need access to perform their job.

Question 17

A user runs an application that has been infected with malware that is less than 24 hours old. The malware then infects the operating system.Which safeguard should be implemented to prevent this type of attack?

Limit user account privileges.

Modify the default user accounts.

Install the latest security updates.

Uninstall unnecessary software.

Answer 17

Limit user account privileges.

Question 18

A company was the victim of a security breach resulting in stolen user credentials. An attacker used a stolen username and password to log in to an employee email account.Which security practice could have reduced the post-breach impact of this event?

Operating system hardening

Mutual authentication

Multifactor authentication

Network segmentation

Answer 18

Multifactor authentication

Question 19

A module in a security awareness course shows a user making use of two-factor authentication using a hardware token.Which security failure is being addressed by this training module?

Weak passwords

Tailgating

Malware infections

Pretexting

Answer 19

Weak passwords

Question 20

A student downloads free software from a website and this software includes some malware.Which tool can locate this vulnerability?

Asymmetric encryption

Antivirus software

Access control list

Honeypot

Answer 20

Antivirus software

Question 21

Which type of tool can be used to detect vulnerabilities in source code related to improper handling of user input?

Fuzzer

Port scanner

Sniffer

Honeypot

Answer 21

Fuzzer

Question 22

Which tool should an application developer use to help identify input validation vulnerabilities?

A fuzzer

A sniffer

A scanner

A filter

Answer 22

A fuzzer

Question 23

A systems administrator enables operating system logging to capture unsuccessful log in attempts. Which attack can be uncovered by reviewing such logs?

Brute force

Denial of service

Stolen password

Spear phishing

Answer 23

Brute force

Question 24

A small IT firm is required to authenticate remote customers who access the firm’s network.Which protection technique should the IT firm employ to satisfy this requirement?

Certificates

Data encryption

File encryption

RAID

Answer 24

Certificates

Question 25

A company has files stored on a server that are critical to the organization’s viability. The administrator has assigned the appropriate permissions to the files.How should the administrator provide additional confidentiality protection for the files at rest?

File encryption

File compression

Network encryption

Network compression

Answer 25

File encryption

Question 26

A health company must comply with HIPAA regulations. It decides to encrypt databases that contain HIPAA information.Which resource is the health company directly trying to protect?

Application

Server

Data

Operating system

Answer 26

Data

Question 27

At a small company, an employee makes an unauthorized data alteration.Which component of the CIA triad has been compromised?

Integrity

Confidentiality

Availability

Authenticity

Answer 27

Integrity

Question 28

An organization plans to encrypt data in transit on a network.Which aspect of data is the organization attempting to protect?

Authenticity

Possession

Availability

Integrity

Answer 28

Integrity

Question 29

Which aspect of the CIA triad is violated by an unauthorized database roll back or undo?

Integrity

Confidentiality

Availability

Identification

Answer 29

Integrity

Question 30

A company’s website has suffered several denial of service (DoS) attacks and wishes to thwart future attacks.

Which security principle is the company addressing?

Availability

Confidentiality

Possession

Authenticity

Answer 30

Availability

Question 31

An organization has a requirement that all database servers and file servers be configured to maintain operations in the presence of a failure.

Which principle of the CIA triad is this requirement implementing?

Availability

Confidentiality

Utility

Integrity

Answer 31

Availability

Question 32

Which tool can be used to map devices on a network, along with their operating system types and versions?

Port scanner

Stateful firewall

Packet filter

Packet sniffer

Answer 32

Port scanner

Question 33

Which web attack is a server-side attack?

SQL injection

Cross-site scripting

Cross-site request forgery

Clickjacking

Answer 33

SQL injection

Question 34

A new start-up company has started working on a social networking website. The company has moved all its source code to a cloud provider and wants to protect this source code from unauthorized access.

Which cyber defense concept should the start-up company use to maintain the confidentiality of its source code?

File encryption

Alarm systems

Antivirus software

Account permissions

Answer 34

File encryption

Question 35

A company has an annual audit of installed software and data storage systems. During the audit, the auditor asks how the company’s most critical data is used. This determination helps the auditor ensure that the proper defense mechanisms are in place to protect critical data.

Which principle of the Parkerian hexad is the auditor addressing?

Utility

Possession

Authenticity

Integrity

Answer 35

Utility

Question 36

Which web attack is possible due to a lack of input validation?

SQL injection

Cross-site request forgery

Clickjacking

Extraneous files

Answer 36

SQL injection

Question 37

Which cybersecurity term is defined as the potential for an attack on a resource?

Threat

Vulnerability

Risk

Impact

Answer 37

Threat

Question 38

Which security type deliberately exposes a system’s vulnerabilities or resources to an attacker?

Intrusion detection

Intrusion prevention

Firewalls

Honeypots

Answer 38

Honeypots

Question 39

An organization employs a VPN to safeguard its information.

Which security principle is protected by a VPN?

Data in motion

Data in storage

Data at rest

Data in use

Answer 39

Data in motion

Question 40

A malicious hacker was successful in a denial of service (DoS) attack against an institution’s mail server. Fortunately, no data was lost or altered while the server was offline.

Which type of attack is this?

Interruption

Interception

Modification

Fabrication

Answer 40

Interruption

Question 41

A company has had several successful denial of service (DoS) attacks on its email server.

Which security principle is being attacked?

Availability

Confidentiality

Integrity

Possession

Answer 41

Availability

Question 42

A file is stored in a marketing folder and is accessible only to members of the marketing group. An attacker uses a phishing scam to gain the credentials of a user who is a member of the marketing group, and then reads the file.

Which leg of the CIA triad is being targeted?

Confidentiality

Availability

Integrity

Control

Answer 42

Confidentiality

Question 43

An attacker performs a buffer overflow attack on an organization’s web server. The web server locks up and must be restarted to restore functionality.

Which part of the CIA triad is under attack?

a. Confidentiality
b. Integrity
c. Availability
d. Control

Answer 43

Availability

Question 44

Some malware hides itself by replacing some system administrator commands on a server, but the server continues to function normally for its users.

Which component of the CIA triad has been compromised?

a. Integrity
b. Availability
c. Authenticity
d. Confidentiality

Answer 44

Integrity

Question 45

Which component of the CIA triad will be impacted if an attacker cuts network cables?

a. Availability
b. Confidentiality
c. Authenticity
d. Integrity

Answer 45

Availability

Question 46

Which two principles of the CIA triad can be violated by a fabrication attack?

a. Integrity and availability
b. Confidentiality and availability
c. Confidentiality and integrity
d. Integrity and authenticity

Answer 46

Integrity and availability

Question 47

Which two principles of the CIA triad can be violated by an interruption attack?

a. Integrity and availability
b. Confidentiality and availability
c. Confidentiality and integrity
d. Integrity and authenticity

Answer 47

Integrity and availability

Question 48

Which attack category targets the confidentiality of data?

a. Interception
b. Interruption
c. Modification
d. Fabrication

Answer 48

Interception

Question 49

Which file action implements the principle of confidentiality from the CIA triad?

a. Compression
b. Hash
c. Backup
d. Encryption

Answer 49

Encryption

Question 50

Which cyber defense concept suggests limiting permissions to only what is necessary to perform a particular task?

a. Defense in depth
b. Authorization
c. Authentication
d. Principle of least privilege

Answer 50

Principle of least privilege

Question 51

A company institutes a new policy that “All office computer monitors must face toward employees and must face away from doorways. The monitor screens must not be visible to people visiting the office.”

Which principle of the CIA triad is this company applying?

a. Confidentiality
b. Utility
c. Integrity
d. Availability

Answer 51

Confidentiality

Question 52

In the system room of a small company, an emergency power shut-down switch was installed right next to a light switch. As a result, employees sometimes shut down the power accidentally when they leave the data center.

Which type of control should be implemented to mitigate the risk of accidental shut down?

a. Physical
b. Logical
c. Administrative
d. Technical

Answer 52

Physical

Question 53

A company developing and distributing open source applications realizes that attackers are copying the publicly available, open source code and inserting malware into the code.

Which type of cryptographic tool should the company use to protect the integrity of its open source applications?

a. Hash functions
b. Asymmetric cryptography
c. Symmetric cryptography
d. Block cipher

Answer 53

Hash functions

Question 54

After considerable research, attackers directed a spear phishing attack at employees at a single bank. One employee opened a message, resulting in a breach that delivered ransomware.

Which type of control should be implemented to prevent future spear phishing attacks?

a. Mutual authentication
b. Strong passwords
c. Input validation
d. Employee training

Answer 54

Employee training

Question 55

A bank wants to ensure user interactions with the online banking website are confidential.

Which security solution should be implemented?

a. SSH/FTP
b. VPN
c. AES
d. SSL/TLS

Answer 55

SSL/TLS

Question 56

What is an example of symmetric key encryption?

a. RSA
b. ECC
c. AES
d. MD5

Answer 56

AES

Question 57

Which asymmetric cryptographic algorithm can provide confidentiality for data in motion?

a. RSA
b. 3DES
c. AES
d. MD5

Answer 57

RSA

Question 58

A company has just completed an audit of disaster protection strategies. The company has decided it must keep and be able to retrieve backup data for a period of 30 years. The company has implemented tape backups using 8mm digital audio tapes.

Which factor could impact the company’s ability to access information from the backup tapes?

a. Technical obsolescence
b. Tape access speed
c. Reading tape header
d. Network speed

Answer 58

Technical obsolescence

Question 59

A military installation is evaluating backup solutions for its critical data. This installation operates in a harsh environment that is subjected to heat, humidity, and magnetic fields.

Which physical media should be selected to ensure the integrity of backups is preserved given these harsh operating conditions?

a. Flash drives
b. Tape media
c. Optical media
d. Hard drives

Answer 59

Flash drives

Question 60

A university research group wants to collect data on animals that are native to southern Arizona, which is a hot, dry region. They plan to camp in tents for the summer at the edge of a national park and to use optical media to backup photos and research notes.

Which physical or environmental factor may damage their optical media?

a. Electric shocks
b. Temperature
c. Humidity
d. Magnetic fields

Answer 60

Temperature

Question 61

A company has instituted a policy to prevent data leakage. The policy requires that any data stored on USB storage devices must be encrypted with at least 256-bit encryption.

Which principle that is part of the Parkerian hexad but not the CIA triad would be violated if one of these devices was stolen?

a. Possession
b. Confidentiality
c. Authenticity
d. Integrity

Answer 61

Possession

Question 62

A company is concerned about potential phishing attacks through email. As a result, a new company policy dictates that all email must be digitally signed before it is sent to any customers or partners.

Which security principle that is part of Parkerian hexad but not part of the CIA triad is precipitating this policy change?

a. Authenticity
b. Confidentiality
c. Utility
d. Control

Answer 62

Authenticity

Question 63

In order to continue processing credit card payments, a retail store arranges for an external auditor to perform regular external and internal vulnerability scans.

Which regulation are they addressing?

a. PCI DSS
b. HIPAA
c. GLBA
d. FCRA

Answer 63

PCI DSS

Question 64

A hospital allows its patients to pay by credit card.

Which set of regulations apply to the hospital’s operations?

a. HIPAA and PCI DSS
b. HIPAA and FCRA
c. FERPA and HITECH
d. FERPA and PCI DSS

Answer 64

HIPAA and PCI DSS

Question 65

While visiting a country in the European Union, an American purchases an expensive bottle of perfume with a credit card.

What does the European Union Directive 95/46/EC regulation safeguard for the purchaser?

a. Personally identifiable information
b. Right to return goods
c. Computer fraud and abuse
d. Unfair trade practices

Answer 65

Personally identifiable information

Question 66

Which U.S. law defines security standards exclusively for federal agencies?

a. FISMA
b. FERPA
c. HIPAA
d. GLBA

Answer 66

FISMA

Question 67

Which U.S. law regulates the confidentiality and accuracy of a publicly traded corporation’s financial reports?

a. SOX
b. FERPA
c. FISMA
d. HIPAA

Answer 67

SOX

Question 68

A bank website accepts online loan applications. It requires applicants to review and sign a disclosure document explaining the organization’s information sharing practices.

Which federal law protects consumer’s financial information?

a. SOX
b. FERPA
c. HIPAA
d. GLBA

Answer 68

GLBA

Question 69

A retail store has hired a third party to audit its computer and network systems that process credit card payments.

Which industry standard is the retail store addressing?

a. PCI DSS
b. FERPA
c. SOX
d. HIPAA

Answer 69

PCI DSS

Question 70

An accounting firm stores financial data for many customers. The company policy requires that employees only access data for customers they are assigned to. The company implements a written policy indicating an employee can be fired for violating this requirement.

Which type of control has the company implemented?

a. Deterrent
b. Detective
c. Preventive
d. Active

Answer 70

Deterrent

Question 71

A tornado destroyed a data center. Which side of the CIA triad is most affected?
Authenticity

Authenticity
Availability
Utility
Integrity

Answer 71

Availability

Question 72

Which attribute of the Parkerian hexad allows for proper attribution of the owner of a dataset?

Possession
Availability
Authenticity
Integrity

Answer 72

Authenticity

Question 73

What element of the Parkerian Hexad is concerned with usefulness?

Integrity
Confidentiality
Utility
Availability

Answer 73

Utility

Question 74

Which type of attack category is an attack against confidentiality?

Interception.
Modification.
Fabrication.
Interruption.

Answer 74

Interception.

Question 75

Which two attributes are included in the concept of risk? Choose two answers.

Threats
Frequency
Vulnerabilities
Impacts

Answer 75

Threats
Vulnerabilities

Question 76

Which phase of the incident response (IR) process includes putting the system back better than the original state?

Post-incident activity.
Containment.
Recovery.
Detection and Analysis

Answer 76

Recovery.

Question 77

Which concept refers to adding layers of security to our networks?

Administrative control depth.
Defense in depth.
Physical control depth.
Logical control depth.

Answer 77

Defense in depth

Question 78

Which combination of factors demonstrates multi-factor authentication?

Fingerprint and voice print
Password and Pin
Password and fingerprint
Voice print and weight

Answer 78

Password and fingerprint

Question 79

What is the name of the process where the client authenticates the server and the server authenticates the client?

Token-based authentication
Mutual authentication
Two-factor authentication
Multifactor authentication

Answer 79

Mutual authentication

Question 80

What is an example of identification?

Text to cell phone
Employee Number
Update Access
Fingerprint

Answer 80

Employee Number

Question 81

What is an example of authentication?

Username
First Car
Read Only
Pin

Answer 81

Pin

Question 82

Which factors demonstrate multi-factor authentication?

Vein patterns and iris scan
Username and email address
Childhood pet and Mother’s maiden name
Mother’s maiden name and voice print

Answer 82

Mother’s maiden name and voice print

Question 83

What is an objective for performing an audit?

To ensure a company can respond effectively to a disaster.
To ensure compliance and detect misuse.
To ensure potential risks are identified and analyzed.
To ensure proper access is granted to resources

Answer 83

To ensure compliance and detect misuse.

Question 84

What are two common values for a network access control list (ACL)? Choose two answers.

Accept
Agree
Disagree
Deny
Allow

Answer 84

Deny , Allow

Question 85

What are two common types of access control lists (ACLs)? Choose two answers.

File system
Allow
Network
Deny
Database system

Answer 85

File system
Network

Question 86

Which access control model allows access to be determined by the owner of the resource?

Mandatory access control (MAC)
Attribute-based access control (ABAC)
Role-based access control (RBAC)
Discretionary access control (DAC)

Answer 86

Discretionary access control (DAC)

Question 87

Which form of access control uses CAPTCHAs?

Attribute-based access control (ABAC)
Rule-based access control (RBAC)
Media access control (MAC)
Discretionary Access Control (DAC)

Answer 87

Attribute-based access control (ABAC)

Question 88

What is the disadvantage of logging?

Highly configurable
Resources
Reactive tool
History of activities

Answer 88

Resources

Question 89

Which cryptographic algorithm is obsolete?

Hash functions
Asymmetric key cryptography
Caeser cypher
Symmetric key cryptography

Answer 89

Caeser cypher

Question 90

Which two laws protect the privacy of medical records and electronic health care information? Choose two answers.

HIPAA
PCI-DSS
HITECH
SOX
GLBA

Answer 90

HIPAA
HITECH

Question 91

What jurisdiction does the General Data Protection Regulation regulate?

China
Russia
The European Union
The United States

Answer 91

The European Union

Question 92

What are two acts that regulate health care in the United States? Choose two answers.

HIPAA
COPPA
HITECH
FERPA

Answer 92

HITECH
HIPAA

Question 93

Which act regulates the United Sates department of education?

GLBA
FERPA
GDPR
FISMA

Answer 93

FERPA

Question 94

Which act regulates federal departments in the United States?

GLBA
SOX
GDPR
FISMA

Answer 94

FISMA

Question 95

Which act regulates customer privacy in the finance industry?

GLBA
SOX
GDPR
FISMA

Answer 95

GLBA

Question 96

Which act regulates reporting of publicly traded companies?

CFAA
SOX
GDPR
FOIA

Answer 96

SOX

Question 97

What is one of the three states of data?

Compromised
Data in motion
Safe
Valid

Answer 97

Data in motion

Question 98

Which type of algorithm is a symmetric key?

ECC
RSA
SHA
DES

Answer 98

DES

Question 99

Which type of algorithm is an asymmetric key?

ECC
MD5
SHA
DES

Answer 99

ECC

Question 100

Which two types of algorithms are hashing algorithms? Choose two answers.

MD5
3DES
SHA
ECC
AES
RC4

Answer 100

SHA
MD5

Question 101

Which type of compliance is achieved by law?
Security
Privacy
Industry
Regulatory

Answer 101

Regulatory

Question 102

Which type of compliance is achieved by stakeholder agreement?

Privacy
Regulatory
Industry
Security

Answer 102

Industry

Question 103

Which two types of compliance are laws? Choose two answers.

Privacy Act
GDPR
HIPAA
Least privilege

Answer 103

Privacy Act
HIPAA

Question 104

What act deals with the online privacy of minors under 13?

FISMA
GLBA
FERPA
COPPA

Answer 104

COPPA

Question 105

Which term refers to the process of gathering and analyzing information to support business decisions?

Competitive Counterintelligence
Purple Dragon
Operational Security
Competitive Intelligence

Answer 105

Competitive Intelligence

Question 106

What is the correct order of steps in the Operations Security Process?

Identification of critical information; Analysis of threats; Analysis of vulnerabilities;
Assessment of risks; Application of countermeasures.

Identification of critical information; Analysis of vulnerabilities; Assessment of risks; Analysis of threats; Application of countermeasures.

Assessment of risks; Analysis of threats; Analysis of vulnerabilities; Identification of critical information; Application of countermeasures.

Identification of critical information; Analysis of threats; Assessment of risks; Application of countermeasures; Analysis of vulnerabilities.

Answer 106

Identification of critical information; Analysis of threats; Analysis of vulnerabilities; Assessment of risks; Application of countermeasures.

Question 107

What describes vulnerability analysis?

The identification of the monetary loss caused by a weakness.

The identification of weaknesses that can be used to cause harm.

The identification of physical assets critical to the organization.

The identification of information critical to an organization.

Answer 107

The identification of weaknesses that can be used to cause harm.

Question 108

Which type of attack is conducted on people to gather information?

Clickjacking
Social Engineering
Cross site scripting (XSS)
Cross site request forgery (CSRF)

Answer 108

Social Engineering

Question 109

Which type of data is collected by law enforcement agents without using technology as its primary tool?

Human intelligence
Open-source Intelligence
Discovery order
Cease and desist order

Answer 109

Human intelligence

Question 110

Which social engineering technique uses electronic communications to carry out an attack that is broad in nature?

Pretexting
Phishing
Baiting
Tailgating

Answer 110

Phishing

Question 111

Which type of intrusion detection system (IDS) is used to analyze activities on the network interface of a particular asset?

Perimeter-based
Application protocol-based
Network-based
Host-based

Answer 111

Host-based

Question 112

Which security mechanism hardens operating systems (OS) by limiting user access to the minimum permissions needed to carry out tasks?

Apply the principle of least privilege
Disable unessential services
Disable unnecessary software
Implement logging and auditing

Answer 112

Apply the principle of least privilege

Question 113

Which tool is used for port scanning and to discover devices on a network?

HIDS
Anti-malware
Nmap
Wireshark

Answer 113

Nmap

Question 114

What is reduced by hardening an operating system?

The principle of least privilege
The attack surface
The need to implement logging
The number of needed updates

Answer 114

The attack surface

Question 115

You are tasked with designing a system to securely store user passwords for a new web application. Which of the following approaches should you use to ensure the passwords are not stored in plain text and cannot be easily accessed if the database is compromised?

A) Encrypt the passwords using a symmetric key and store the key in the same database.
B) Store the passwords in plain text for easy retrieval during login verification.
C) Use a hash function to transform the passwords into fixed-length strings and store the hashed values.
D) Compress the passwords using a lossless compression algorithm to reduce storage space.

Answer 115

Correct Answer: C) Use a hash function to transform the passwords into fixed-length strings and store the hashed values.

Explanation:
Hash functions are ideal for password storage because they create unique, fixed-length outputs that cannot be reversed, ensuring passwords are not easily retrievable if the database is compromised.

Question 116

Which access control model is concerned with confidentiality?

Biba
Brewer and Nash
Sutherland
Bell-LaPadula

Answer 116

Bell-LaPadula

Question 117

Which of the following is a primary requirement of the Gramm-Leach-Bliley Act (GLBA)

A) Conduct annual penetration testing for all financial institutions.
B) Allow customers to opt-out of information sharing with non-affiliated third parties.
C) Mandate encryption of all data at rest for financial institutions.
D) Require financial institutions to report all breaches to federal law enforcement within 72 hours.

Answer 117

B) Allow customers to opt-out of information sharing with non-affiliated third parties.

Explanation:
The GLBA requires financial institutions to inform customers about their data-sharing practices and give them the option to opt-out of sharing their personal information with non-affiliated third parties. This is part of the act’s Privacy Rule.

Question 118

Which of the following is a requirement under the Children’s Online Privacy Protection Act (COPPA)?

A) Websites must verify the identity of all users regardless of age.
B) Operators of websites directed at children under 13 must obtain parental consent before collecting personal information.
C) Businesses must store children’s personal information for at least five years.
D) Parents must approve all website content that children under 13 can access.

Answer 118

B) Operators of websites directed at children under 13 must obtain parental consent before collecting personal information.

Explanation:
COPPA requires operators of websites and online services directed at children under 13 to obtain verifiable parental consent before collecting, using, or disclosing the child’s personal information. It aims to protect the privacy and safety of children online.

Question 119

Question:
What is Kismet primarily used for?

A) Performing penetration tests on web applications.
B) Monitoring wireless networks and detecting unauthorized devices.
C) Scanning networks for open ports and vulnerabilities.
D) Encrypting data transmissions over Wi-Fi networks.

Answer 119

Correct Answer:
B) Monitoring wireless networks and detecting unauthorized devices.

Explanation:
Kismet is an open-source wireless network detector, packet sniffer, and intrusion detection system. It is widely used for monitoring Wi-Fi networks, identifying devices, and detecting unauthorized or suspicious activity on a network.

Question 120

Question:
Which type of Intrusion Detection System (IDS) is best suited for detecting zero-day attacks?

A) Signature-based IDS
B) Host-based IDS
C) Anomaly-based IDS
D) Network-based IDS

Answer 120

Correct Answer:
C) Anomaly-based IDS

Explanation:
An anomaly-based IDS identifies unusual activity by comparing current behavior to an established baseline. This approach allows it to detect previously unknown threats, including zero-day attacks, unlike signature-based IDS, which only identifies known threats.

Question 121

Question:
Which framework does FISMA require federal agencies to follow for managing information security risks?

A) ISO/IEC 27001
B) OWASP Top 10
C) NIST Risk Management Framework (RMF)
D) CIS Controls

Answer 121

Correct Answer:
C) NIST Risk Management Framework (RMF)

Explanation:
FISMA mandates federal agencies to follow the NIST Risk Management Framework, which provides guidelines for identifying, assessing, and managing cybersecurity risks in federal information systems.

Question 122

Question:
What is the primary purpose of Wireshark?

A) Encrypting network traffic for secure communication.
B) Scanning for vulnerabilities in software applications.
C) Capturing and analyzing network traffic in real-time.
D) Managing and allocating IP addresses in a network.

Answer 122

Correct Answer:
C) Capturing and analyzing network traffic in real-time.

Explanation:
Wireshark is a powerful network protocol analyzer used to capture, inspect, and troubleshoot network traffic. It is widely used by network administrators, security analysts, and developers for diagnosing issues and studying network protocols.

Question 123

Question:
What does the concept of “Defense in Depth” primarily emphasize in cybersecurity?

A) Relying on a single, robust security control to protect systems.
B) Using multiple, layered security measures to protect systems and data.
C) Deploying firewalls and antivirus software as the only defense mechanisms.
D) Prioritizing physical security over digital security controls.

Answer 123

Correct Answer:
B) Using multiple, layered security measures to protect systems and data.

Explanation:
Defense in Depth is a cybersecurity strategy that employs multiple layers of security controls across different areas (e.g., network, application, endpoint) to provide redundancy and mitigate risks in case one control fails. It enhances an organization’s ability to prevent, detect, and respond to threats.

Question 124

How do you define possession in the parkerian hexad model

Answer 124

Definition: Ensuring that the ownership or physical control of information is maintained.

Example: Preventing the theft of a USB drive containing confidential data.

Question 125

How do you define utility in the parkerian hexad model

Answer 125

Definition: Ensuring that information is useful and meets the needs of the intended purpose.

Example: Ensuring that encrypted files are accessible to authorized users with the correct decryption keys.

Question 126

How do you define authenticity in the parkerian hexad model

Answer 126

Definition: Ensuring that data, communications, and systems are genuine and come from trusted sources.

Example: Using digital signatures to verify the sender of an email.

Question 127

What does integrity of data refer to?

The level of assurance which can be given as to how structured data is
The level of assurance which can be given as to how accurate and trustworthy data is
The level of assurance which can be given as to how strong data is
The level of assurance which can be given as to how relevant the data is

Answer 127

Correct Answer:
The level of assurance which can be given as to how accurate and trustworthy data is

Explanation:
Integrity of data refers to maintaining and ensuring the accuracy, consistency, and trustworthiness of data over its lifecycle. This includes preventing unauthorized modifications, corruption, or loss of information to ensure it remains reliable and truthful.

Question 128

You are conducting an OSINT investigation to gather publicly available information about a company’s recent activities. Which of the following sources would NOT typically be considered part of OSINT?

Options:
A. Public social media profiles of the company’s employees.
B. A press release published on the company’s official website.
C. A confidential internal memo obtained through unauthorized access.
D. News articles from reputable online publications about the company.

Answer 128

Correct Answer:
C. A confidential internal memo obtained through unauthorized access.

Explanation:
OSINT refers to gathering information from publicly available sources. A confidential memo is not publicly available and would involve unauthorized methods to access, which is outside the scope of OSINT.

Question 129

What is integrity in information security?

Answer 129

Ensuring that data is accurate and has not been tampered with.

Question 130

What is the purpose of asymmetric cryptography?

Answer 130

It uses a pair of keys (public and private) for secure communication, with one key encrypting and the other decrypting data.

Question 131

An organization sees an increase in recent operating system vulnerabilities. To address these vulnerabilities, the organization modifies its patching procedures to install critical security patches within 10 days of release.

Which defense in depth layer does the new policy address?

Host
Data
Application
Network

Answer 131

Host

Explanation: The Host layer in the defense-in-depth model refers to the protection of individual devices, servers, or endpoints, including their operating systems and software.

Question 132

An organization’s IT infrastructure includes network switches, file servers, and database servers.

What should the organization use to minimize false positives and protect the infrastructure from known attacks?

Signature-based intrusion detection
Anomaly-based intrusion detection
Stateful packet inspection
Deep packet inspection

Answer 132

Signature-based intrusion detection

Explanation: Signature-based Intrusion Detection Systems (IDS): These systems rely on a database of known attack patterns (signatures). They compare network traffic or system activity against these signatures to detect threats.

Question 133

The IT department is updating its policies and procedures to ensure that critical functions continue to operate during an expected hurricane.

Which policies and procedures are being updated?

Disaster recovery plan
Business continuity plan
Physical security plan
Program management plan

Answer 133

Business continuity plan

Question 134

A user runs an application that has been infected with malware. This malware then performs a brute force attack on the built-in administrator account on Windows systems. The malware successfully cracks the password, and is used to compromise other systems in the environment.

Which safeguard should be implemented to prevent this type of attack?

Turn on logging and auditing.
Modify the default user accounts.
Disable remote desktop access.
Uninstall unnecessary software.

Answer 134

Modify the default user accounts

Explanation: The malware successfully brute-forced the built-in administrator account. This suggests that the account was either enabled with a weak password or left with its default configuration, which made it a prime target. To mitigate this risk

Question 135

Question:
Which of the following best describes a hardware token used in multi-factor authentication (MFA)?

A. A physical device that generates a one-time password (OTP) for login.
B. A software application that stores passwords securely.
C. A fingerprint scanner used to verify a user’s identity.
D. A device that encrypts data during transmission.

Answer 135

A. A physical device that generates a one-time password (OTP) for login.

Explanation: A hardware token is a physical device, such as a key fob or smart card, that generates a one-time password (OTP) for use in multi-factor authentication. It provides an additional layer of security beyond just passwords. Other options describe different types of security methods.

Question 136

Question:
What is the primary purpose of SSL (Secure Sockets Layer) in network security?

A. To prevent unauthorized access to data by encrypting communications between a web server and a browser.
B. To authenticate the identity of a user before granting access to a system.
C. To monitor network traffic and detect malicious activities.
D. To store and manage passwords securely.

Answer 136

A. To prevent unauthorized access to data by encrypting communications between a web server and a browser.

Explanation: SSL (now largely replaced by TLS) is a cryptographic protocol used to secure communication between a web server and a browser by encrypting the data transmitted between them. It ensures confidentiality, integrity, and authentication, protecting sensitive information during transmission. Other options describe different security functions.

Question 137

What is the primary function of a Virtual Private Network (VPN)?

A. To protect a system from malware and viruses.
B. To encrypt internet traffic and provide secure access to a remote network over the internet.
C. To monitor network activity for suspicious behavior.
D. To manage user authentication for secure logins.

Answer 137

B. To encrypt internet traffic and provide secure access to a remote network over the internet.

Explanation: A VPN creates a secure, encrypted connection over the internet, allowing users to access remote networks as if they were physically connected to that network. This ensures privacy and security, particularly when using public or unsecured networks. Other options refer to different types of security solutions.

Question 138

What is the primary function of Wireshark in network security?

A. To monitor and block incoming network traffic
B. To scan for vulnerabilities in a network
C. To capture and analyze network packets in real-time
D. To encrypt network communications

Answer 138

C. To capture and analyze network packets in real-time

Explanation: Wireshark is a network protocol analyzer that allows users to capture and examine data packets transmitted over a network. It is primarily used for network troubleshooting, analysis, and monitoring of network traffic, but it does not perform functions like blocking traffic or encrypting communications.

Question 139

Question:
Which of the following is the first step in the incident response process?

A. Containment
B. Eradication
C. Identification
D. Recovery

Answer 139

C. Identification

Explanation: The first step in the incident response process is Identification, where the organization detects and confirms that a security incident has occurred. Once identified, the other steps such as containment, eradication, and recovery follow to manage and resolve the incident.