In-Class Quizzes

Question 1

What type of network connects systems over the largest geographic area?

a. Storage area network (SAN)
b. Wide area network (WAN)
c. Local area network (LAN)
d. Metropolitan area network (MAN)

Answer 1

b. Wide area network (WAN)

Question 2

Terry is troubleshooting a network that is experiencing high traffic congestion issues. Which device, if present on the network, should be replaced to alleviate these issues?

a. Hub
b. Switch
c. Router
d. Firewall

Answer 2

b. Switch

Question 3

Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?

a. Virtual private network (VPN)
b. Transport Layer Security (TLS)
c. Virtual LAN (VLAN)
d. Firewall

Answer 3

c. Virtual LAN (VLAN)

Question 4

What protocol is responsible for assigning IP addresses to hosts on most networks?

a. Simple Mail Transfer Protocol (SMTP)
b. Virtual LAN (VLAN)
c. Dynamic Host Configuration Protocol (DHCP)
d. Transport Layer Security (TLS)

Answer 4

c. Dynamic Host Configuration Protocol (DHCP)

Question 5

What wireless security technology contains significant flaws and should never be used?

a. Wi-Fi Protected Access (WPA)
b. Wired Equivalent Privacy (WEP)
c. WPA2
d. Remote Authentication Dial-In User Service (RADIUS)

Answer 5

b. Wired Equivalent Privacy (WEP)

Question 6

What category of attacker might also be called cyberterrorists? Choose the best response.

a. Script kiddies
b. Hacktivists
c. Shadow IT
d. Nation states

Answer 6

b. Hacktivists

Question 7

Your company has long maintained an email server, but it’s insecure and unreliable. You’re considering just outsourcing email to an external company that provides secure cloud-based email services. What risk management strategy are you employing? Choose the best response.

a. Risk mitigation
b. Risk transference
c. Risk avoidance
d. Risk acceptance

Answer 7

b. Risk transference

Question 8

What element of your risk mitigation strategy helps keep future additions to your network from introducing new security vulnerabilities? Choose the best response.

a. Security audits
b. Technical controls
c. Change management
d. Incident management

Answer 8

c. Change management

Question 9

Which of the following is a Windows operating system tool that displays or refreshes IP settings for network interfaces? Choose the best response.

a. Curl
b. Pathping
c. Scanless
d. Ipconfig

Answer 9

d. Ipconfig

Question 10

__________ is a simulated attack designed to determine whether an attacker could compromise an asset.

a. vulnerability scan
b. reconnaissance
c. Pivot
d. penetration test

Answer 10

d. penetration test

Question 11

Evil twins are mostly used as part of what kind of attack? Choose the best response.

a. Trojan horse
b. On-path
c. Denial of service
d. Phishing

Answer 11

b. On-path

Question 12

You’ve just discovered a kind of malware that overwrites the hosts file to redirect web searches to a malicious site. What technique does it most likely use? Choose the best response.

a. VLAN hopping
b. ARP poisoning
c. Domain hijacking
d. DNS poisoning

Answer 12

d. DNS poisoning

Question 13

You’re configuring a router, and want it to check the properties of incoming traffic before passing it on. What will this require? Choose the best response.

a. Configuring routing tables
b. Configuring ACLs
c. Only a fully featured firewall can do this
d. Either would have the same effect

Answer 13

b. Configuring ACLs

Question 14

What DMZ topology is displayed? Choose the best response.

a. Bastion Host
b. Dual firewall
c. Three-homed firewall
d. UTM firewall

Answer 14

c. Three-homed firewall

Question 15

On a subnet with limited physical security, you’re worried about ARP poisoning and DHCP spoofing attacks. What switch feature could help prevent both? Choose the best response.

a. Port security
b. DHCP snooping
c. MAC filtering
d. MACsec

Answer 15

d. MACsec

Question 16

Which of the following statements is true?

a. The auditee is the person running the audit, and the client is the subject of the audit.
b. The auditor is the person running the audit, and the client is the subject of the audit.
c. The client is the person setting the scope for the audit, and the auditor performs the work.
d. The client pays for the audit, and the auditor sets the scope of the audit that will follow.

Answer 16

c. The client is the person setting the scope for the audit, and the auditor performs the work.

Question 17

Which of the following assurance methods is acceptable for external use, including licensing?

a. Independent audit
b. Internal audit
c. External audit
d. Assessment

Answer 17

a. Independent audit

Question 18

What is the definition of a standard as compared to a guideline?

a. Standards are mandatory controls designed to support a policy. Following guidelines is discretionary.
b. Guidelines are recommended controls necessary to support standards, which are discretionary.
c. Standards are discretionary controls used with guidelines to aid the reader’s decision process.
d. Guidelines are intended to designate a policy, whereas standards are used in the absence of a policy

Answer 18

a. Standards are mandatory controls designed to support a policy. Following guidelines is discretionary.

Question 19

Which of the following types of risk are of the most interest to an IS auditor?

a. Inherent, noninherent, control, lack of control
b. Unknown, quantifiable, cumulative
c. Control, detection, noncompliance, risk of strike
d. Sampling, control, detection, inherent

Answer 19

d. Sampling, control, detection, inherent

Question 20

What is the purpose of the audit charter?

a. To authorize the creation of the audit committee
b. To engage external auditors
c. To provide detailed planning of the audit
d. To grant responsibility, authority, and accountability

Answer 20

d. To grant responsibility, authority, and accountability

Question 21

Which type of cryptography is most commonly used for key exchange? Choose the best response.

a. Symmetric encryption
b. Hashing
c. Asymmetric encryption
d. One-Time Pad

Answer 21

c. Asymmetric encryption

Question 22

What type of cryptography is usually used for password storage? Choose the best response.

a. One-Time Pad
b. Symmetric encryption
c. Hashing
d. Asymmetric encryption

Answer 22

c. Hashing

Question 23

Which of the following encryption ciphers is the strongest.

a. DES
b. AES
c. Blowfish
d. 3DES

Answer 23

b. AES

Question 24

What process gives integrity, authenticity, and non-repudiation? Choose the best response.

a. Diffie-Hellmann key exchange
b. Digital signature
c. HMAC
d. Hashing

Answer 24

b. Digital signature

Question 25

You’ve received an assortment of files along with accompanying hashes to guarantee integrity. Some of the hash values are 256-bit, and some are 512-bit. Assuming they all use the same basic algorithm, what might it be? Choose the best response.

a. MD5
b. RIPEMD
c. SHA-1
d. SHA-2

Answer 25

d. SHA-2

Question 26

What is true of a digital certificate, but not true of a digital signature?

a. Provides non-repudiation
b. Proves the authenticity of a message
c. Has a valid starting and ending date and proves the authenticity of a person or system
d. Requires a hashing algorithm
e. Requires both an asymmetric key pair and a hashing algorithm

Answer 26

c. Has a valid starting and ending date and proves the authenticity of a person or system

Question 27

What defines an EV certificate? Choose the best response.

a. It lasts longer than a standard certificate\
b. It applies to more than one domain
c. It uses more robust cryptography
d. It requires a stricter identity verification process on application

Answer 27

d. It requires a stricter identity verification process on application

Question 28

What certificate formats commonly use the web of trust model? Choose the best response.

a. ASN.1
b. Bridge
c. X.509
d. OpenPGP

Answer 28

d. OpenPGP

Question 29

You’re receiving many unauthorized network scans using methods carefully designed to get by existing firewall rules. What device or feature would be the best way to recognize and block those scans? Choose the best response.

a. IPS
b. Stateful firewall
c. IDS
d. Application layer firewall

Answer 29

a. IPS

Question 30

Your department just deployed some fake DNS servers which only interact with automated scripts, never legitimate clients. When they receive unexpected requests, they send an alert to the SIEM. What technique is being used? Choose the best response.

a. Honeypot
b. IPS
c. Sinkhole
d. NGFW

Answer 30

a. Honeypot

Question 31

What SNMP component is a database for a particular device? Choose the best response.

a. OID
b. MIB
c. Agent
d. Manager

Answer 31

b. MIB

Question 32

Which of the following is the meaning of Value 4 of the syslog file? Choose the best response.

a. Critical
b. Warning
c. Error
d. Alert

Answer 32

b. Warning

Question 33

What SIEM software feature finds broader trends and relationships formed by individually insignificant events? Choose the best response.

a. Synchronization
b. Deduplication
c. Correlation
d. Aggregation

Answer 33

c. Correlation

Question 34

Which of the following is the file format for Linux to store log? Choose the best response.

a. Syslog
b. MIB
c. MySQL
d. SysVar

Answer 34

a. Syslog

Question 35

Which of the following is a popular network analyzer? Choose the best response.

a. Linux
b. Wireshark
c. Networkpro
d. Network Traffic Plus

Answer 35

b. Wireshark

Question 36

Who sets the priorities and objectives of the IT balanced scorecard (BSC)?

a. Chief executive officer (CEO)
b. IT steering committee
c. Chief information officer (CIO)
d. Chief financial officer (CFO)

Answer 36

a. Chief executive officer (CEO)

Question 37

The Software Engineering Institute’s Capability Maturity Model (CMM) is best described by which of the following options?

a. Measurement of resources necessary to ensure a reduction in coding defects
b. Baseline of the current progress or regression
c. Relationship of application performance to the user’s stated requirement
d. Documentation of accomplishments achieved during program development

Answer 37

b. Baseline of the current progress or regression

Question 38

Which of the following options contains the steps for business process reengineering (BPR) in the proper sequence?

a. Evaluate, envision, redesign, reconstruct, review
b. Envision, initiate, diagnose, redesign, reconstruct, evaluate
c. Initiate, evaluate, diagnose, reconstruct, review
d. Diagnose, envision, redesign, reconstruct

Answer 38

b. Envision, initiate, diagnose, redesign, reconstruct, evaluate

Question 39

The organization’s is focused on exploiting trends forecast in the next three to five years.

a. Operational plan
b. Long‐term planning
c. Managerial plan
d. Strategy

Answer 39

d. Strategy

Question 40

Which of the following statements is true concerning the steering committee?

a. Steering committee membership is composed of people with authority to make decisions from each department.
b. The steering committee conducts formal management oversight reviews.
c. The steering committee focuses Information Security Issues
d. The steering committee focuses the agenda on IT issues.

Answer 40

a. Steering committee membership is composed of people with authority to make decisions from each department.

Question 41

On an IPsec VPN, what protocol negotiates security associations? Choose the best response.

a. IKE
b. AH
c. ESP
d. L2TP

Answer 41

a. IKE

Question 42

You have a lingering problem with mobile users who connect to untrusted Wi-Fi networks without enabling their VPN, out of forgetfulness or lack of technical knowledge. What technology might help solve the problem? Choose the best response.

a. Full tunneling
b. Secure shell
c. ESP
d. Always-on VPN

Answer 42

d. Always-on VPN

Question 43

What’s the most essential tool for segmenting broadcast domains? Choose the best response.

a. Routers
b. VLANs
c. Bridges
d. Switches

Answer 43

a. Routers

Question 44

Which Wi-Fi feature should you disable to improve security? Choose the best response.

a. 802.1X
b. MAC filtering
c. WPA2
d. WPS

Answer 44

d. WPS

Question 45

What VPN type is secure, compatible with nearly any application, and supported by most operating systems? Choose the best response.

a. L2TP/IPsec
b. SSH
c. PPTP
d. SSL/TLS

Answer 45

a. L2TP/IPsec

Question 46

What is the biggest difference between disaster planning and business continuity planning?

a. Business continuity plans are run by IT.
b. Disaster planning is an extension of facility plans.
c. Business continuity plans span department boundaries.
d. Disaster plans are usually specific to a department.

Answer 46

c. Business continuity plans span department boundaries.

Question 47

What is the principal reason you might use a hot site?

a. It’s already configured for your use
b. You will have to install and configure new equipment
c. Expensive and prevents you from using other warm or cold site alternatives
d. May not be available during a crisis

Answer 47

a. It’s already configured for your use

Question 48

A critical success factor is defined as which of the following?

a. Something that must occur perfectly every time
b. An asset to be planned
c. A factor that is calculated for insurance purposes
d. A measure or score of efficiency

Answer 48

a. Something that must occur perfectly every time

Question 49

When can a warm site be used for recovery?

a. When the recovery is of high priority
b. When the actual recovery exceeds the recovery time objective
c. When it’s not profitable to operate a hot site
d. When the downtime is acceptable to the business without breaching any legal requirements

Answer 49

d. When the downtime is acceptable to the business without breaching any legal requirements

Question 50

Name one of the purposes of creating a business continuity plan.

a. To maximize the number of decisions made during an incident
b. To minimize decisions needed during a crisis
c. To lower business insurance premiums
d. To provide guidance for federal regulations

Answer 50

b. To minimize decisions needed during a crisis