NexGenT Cyber Security

Question 1

All of the following are examples of real security and privacy threats
except:
a. Hackers
b. Virus
c . Spam
d. Worms

Answer 1

C – Spam is not an actual threat, only an annoyance. Most popular email
hosting services filter to a folder you do not see. Clicking on them does not
yield any malware or viruses either.

Question 2

Malware is

a. Machine made
b. Bugs
c. Man made
d. All of the above

Answer 2

C – Malware is man made with malicious intent. As of now computers can
not program themselves to create malicious code.

Question 3

Unsolicited commercial email is identified as

a. Spam
b. Spyware
c. Malware
d. Virus

Answer 3

A – Unsolicited email is known as spam. As discussed it is actually not
malware and causes no harm. Often times it’s just commercials for products.

Question 4

Which of these is not a threat?

a. Adware
b. Trojan Horses
c. Pop Up Ads
d. Ransomware

Answer 4

C – Pop up ads are not an actual threat. While annoying they typically do
not cause any sorts of problems for your actual devices.

Question 5

Which of the following is a class of computer threat?

a. DDoS Attack
b. Soliciting
c. Spamming
d. Phishing

Answer 5

D – Phishing is a class of computer threats. By far the most popular way to
fool users. Typically this is used as an entry point for more malicious malware
down the road.

Question 6

Hacking a computer is illegal and punishable by law

a. True
b. False

Answer 6

A – True, Causing harm to another entities property is always a crime and
carries a severe punishment when caught.

Question 7

A penetration tester ______

a. Is an Ethical Hacker
b. Identifies potential vulnerabilities
c. Reports mitigations
d. All of the above

Answer 7

D – All of the above. Penetration testers are ethical hackers who identifies
potential vulnerabilities and provides ways to fix them.

Question 8

This type of security professional breaks down malware code to
understand how it works
a. CISO
b. Penetration Tester
c. Architect
d. Reverse Engineer

Answer 8

D – Reverse Engineers are proficient and code and able to work their way
around and understand what makes an exploit work and disable them.

Question 9

Dorking is a function of which tool?

a. Metasploit
b. Google
c. TraceRoute
d. All of the above

Answer 9

B – Dorking is done with Google, it’s an invaluable tool.

Question 10

Nmap’s primary function is to

a. Find malware
b. Discover hosts on a network
c. Stop spam
d. None of the above

Answer 10

Nmap’s primary use is to ping all the devices on a network and map
them.

Question 11

Encryption improves a computers
a. Performance
b. Longevity
c . Reliability
d. Security

Answer 11

D – Encryption is all about securing the data, that is the first and foremost goal
of any cryptographic scheme.

Question 12

In a symmetric key encryption

a. only public keys are used for encryption
b. private and public keys are symmetric
c. one private key is used for encryption and decryption
d. None of the above

Answer 12

C – In Symmetric key encryption there is only 1 key that is used for both
encrypting and decrypting the data. While efficient and easy to implement, it is
not secure when dealing with a large volume of users.

Question 13

In asymmetric key encryption if A wants to send an encrypted message

a. A encrypts with their private key
b. A encrypts with B’s private key
c. A encrypts using their public key
d. A encrypts with B’s public key

Answer 13

B – In order for B to be able to decrypt it has to be encrypted with their public
key in the first place. If it was encrypted with A’s public key, B would not be able to
decrypt it.

Question 14

In asymmetric key encryption if B wants to decrypt A’s message

a. B decrypts with A’s public key
b. B decrypts with A’s private key
c. B decrypts with B’s public key
d. B decrypts with B’s private key

Answer 14

C – B would only be able to decrypt this with their own private key. Private keys
are never shared.

Question 15

Hashing is a one way function

a. True
b. False

Answer 15

A – True – Hashing is designed to be a one way function, it is different from
typical encryption / decryption.

Question 16

Which is the best use case for hashing?

a. Storing user passwords
b. Sending encrypted emails
c. Sharing keys
d. All of the above

Answer 16

A – Hashing is best used for user passwords. You do not want to be able to see
their actual text but at the same time would like to check if what is entered is
accurate. If it matches each time, then it is the correct password.

Question 17

Salting hashed data makes it

a. Harder to crack
b. Easier to crack
c. A more compressed file
d. None of these

Answer 17

A – Salting hashed data makes it harder to crack, it adds in arbitrary values that
will be tougher for hackers to make sense of the data.

Question 18

What is the most important factor of cryptographic algorithms?

a. How fast the process time is
b. Efficiency
c. Large key sizes so it’s tougher to crack
d. All of the above

Answer 18

C – Large key sizes are a very important factor. The goal is to make data as
secure as possible. Processing time and efficiency do not matter if the data can
not be secured.

Question 19

You can derive a private key from a public key, and a public key from a
private key.
a. True
b. False

Answer 19

B – False. You can never derive keys from one another, makes them secure.

Question 20

Which internet protocols utilize cryptography?

a. SSL
b. TLS
c. PKI
d. All of the above

Answer 20

D – All of the above. Cryptographic fundamentals are the basis for all secure
protocols on the internet.

Question 21

When firewalls are placed in a network, which zone contains Internet-facing services?

a. Outside zone
b. Enterprise network zone
c. Demilitarized zone
d. Inside zone

Answer 21

C - Explanation: The demilitarized zone (DMZ) is where Internet-facing servers/services are placed

Question 22

What is the reason firewalls are considered stateful?

a. Firewalls keep track of the zone states
b. Firewalls keep accounting on the state of packets
c. Firewalls track the state of a TCP conversation
d. Firewalls transition between defense states

Answer 22

C - Explanation: Firewalls keep track of the TCP conversation via the SYN-SYN/ACK-ACK three-way
handshake. This is done so that a DoS attack such as a SYN flood can be mitigated

Question 23

What is a benefit of site-to-site IPSec VPNs?

a. Lower bandwidth requirements
b. Lower latency
c. Scalability
d. Support for multicast

Answer 23

C - Explanation: Site-to-site IPSec VPNs offer scalability as a benefit. This is because each remote
office only needs an Internet connection to create a VPN tunnel back to the main office

Question 24

Which protocol does IPSec use to check integrity of data packets?

a. AH
b. ESP
c. IKE
d. ISAKMP

Answer 24

A - Explanation: IPSec uses the Authentication Header protocol to check data integrity. This is done
by creating a numerical hash of the data via SHA1, SHA2, or MD5 algorithms

Question 25

WPA-Personal is also vulnerable. What is the biggest vulnerability it has?

a. Poor encryption strength
b. Weak passwords
c. Lengthy initialization vectors
d. MSCHAPv1 authentication

Answer 25

B - Explanation: The biggest vulnerability in WPA networks is weak passwords. While additional
recent vulnerabilities have been discovered, weak passwords remain the biggest problem for
WPA-Personal

Question 26

You need to implement a secure wireless LAN. In your research, you determine that your
organization should implement AES encryption and the 802.1X-EAP authentication and key
management protocol. You’ve also determined that you will be installing too many APs and clients to
configure each one with a pre-shared key passphrase. Which Wi-Fi Alliance certification will meet your
needs?
a. WPA-Personal
b. WPA2-Personal
c. WPA-Enterprise
d. WPA2-Enterprise

Answer 26

D - Explanation: WPA2-Enterprise will implement AES and requires an authentication infrastructure
with an authentication server (RADIUS) and authenticator. WPA-Enterprise would not require
AES

Question 27

Which of the following best describes a honeypot?

a. It is used to filter traffic from screened subnets
b. It is used to gather information about potential network attackers
c. It is used to analyze traffic for detection signatures
d. Its primary function involves malware and virus protection

Answer 27

B - Explanation: A honeypot is designed to draw attackers in so you can watch what they do, how
they do it, and where they do it from

Question 28

In what situation would you employ a proxy server? (Choose the best answer)

a. You wish to share files inside the corporate network.
b. You want to allow outside customers into a corporate website.
c. You want to filter Internet traffic for internal systems.
d. You want to provide IP addresses to internal hosts

Answer 28

C - Explanation: There are a bunch of reasons for having a proxy. In this case, you’re using it to filter
traffic between internal hosts and the rest of the world

Question 29

Which statement describes the use of a Network Admission Control (NAC) solution?
a. It provides network access to only authorized and compliant systems.
b. A Network Admission Control solution provides filtering of potentially malicious emails
before they reach the endpoint
c. It provides endpoint protection from viruses and malware.
d. It provides filtering and blacklisting of websites being accessed by end users

Answer 29

A - Explanation: Network Admission Control (NAC) allows only authorized and compliant systems to
connect to a network

Question 30

Which is a collection of protocols designed by the IETF (Internet Engineering Task Force) to
provide security for a packet at the network level
a. IPSec
b. IKE
c. ISAKMP
d. SSL

Answer 30

A - Explanation: IPSec is developed by the Internet Engineering Task Force (IETF) which is a set of
security protocols and algorithms used to secure IP data at the network layer

Question 31

The faster you find a security issue

a. The more damage it does
b. The safer your enterprise will be
c. It doesn’t matter once its there
d. None of the above

Answer 31

B – In all situations the faster you find the bug the better. It becomes less expensive to fix in the long run.

Question 32

Dynamic testing

a. is only done after a virus is detected
b. is don’t after your product is in production
c. outdated and not used anymore
d. analyzes running code in your development stage

Answer 32

D – Dynamic testing is important to be done alongside static testing during the development process itself.

Question 33

The process of making your code harder to reengineer is called

a. Obfuscation
b. Fuzzing
c. Encryption
d. Hashing

Answer 33

A – Obfuscation is the method used to make it hard to understand what is happening in your code. This makes it tougher to reengineer.

Question 34

Best practice for secure application development

a. Keeping software patched and up to date
b. Following OWASP top 10
c. Security Audits
d. All of the above

Answer 34

D – All of them listed are part of the best practices needed.

Question 35

TLS is the a protocol that provides

a. Authentication
b. Speed
c. Latency
d. Compression

Answer 35

A – TLS main goal is authentication and privacy, it is meant to secure data.

Question 36

Which of the following protocols does a website encrypt the session with a digital certificate?

a. TCP
b. HTTP
c. HTTPS
d. FTP

Answer 36

C – HTTPS is the choice protocol when it comes to security online. Client will check the servers certificate and ask to prove itself.

Question 37

How do you keep a server room secure?

a. Security cameras
b. Map vulnerabilities
c. Locks
d. All of the above

Answer 37

D – All of the above, you need to have layered resiliency and fall backs. Make sure that there are multiple security guards in place.

Question 38

This attack exploits bugs in the web server to gain unauthorized access to files / folders that are not on the public domain.

a. Sniffing
b. DNS Hijacking
c. DoS Attack
d. Directory Traversal Attack

Answer 38

D – This is a director traversal attack, it is meant to gain as much information on your file structure system as possible. Typically used for lateral movements.

Question 39

Indicators of compromise are

a. Rarely useful
b. A type of attack
c. Symptoms of an incoming attack
d. None of the above

Answer 39

C – Indicators of compromise always show

Question 40

Which of these is not a sign of a cyber attack?

a. Unusual outbound traffic
b. Irregular super user activity
c. Irregular information flow
d. Delayed network activity

Answer 40

A - Unusual out bound traffic is typically not an issue, unless you
see large chunks of data flow also going out.

Question 41

Which of these is a real challenge faced by corporations?

a. Companies do not know what their high value assets are
b. Companies have too many security audits
c. Companies need to reduce the layers of security, it’s redundant
d. None of the above

Answer 41

A - Companies typically do not understand what their tech stack is like,
therefore not understanding what assets are critical to protect.

Question 42

What type of a cyber attack do botnets typically launch from their infected
computers?
a. Spam
b. Adware
c. Spyware
d. DDoS attacks

Answer 42

D - Botnets launch DDoS attacks due to large amounts of zombie machines.

Question 43

Web applications need constant access to the backend servers even if it
means a risk of an attack.
a. True
b. False

Answer 43

A – True. Web applications need to constantly be up so they can server
users and customers. Hence the tough challenges to secure them, they need
to be available and reliable at all times.

Question 44

This type of IDS identifies malware based on specific patterns of previous
attacks
a. Anomaly based
b. Signature based
c. Host based
d. Networked based

Answer 44

B – Signature based IDS use previously known patterns, where as anomaly
based uses the behavior of known malicious files.

Question 45

Which of these is not a type of IPS:

a. Host Based Intrusion Prevention System
b. Network Behavior Analysis
c. Wireless Intrusion Prevention
d. Signature Based Prevention

Answer 45

D – Signature based is not an IPS, it is an IDS.

Question 46

Anti-malware is software that

a. Should never be updated, might cause bugs
b. Scans and identifies hosts for malware
c. Does not provide real time information, just logging
d. None of these

Answer 46

B – Anti malware scans the host for potential malicious files. These need to
be constantly updated as they need the latest known lists to work efficient.

Question 47

Which of these is a feature of Mobile Device Management?

a. Remote Wipe
b. Password Reinforcement
c. Data Encryption
d. All of these

Answer 47

D – All of these are essential to MIDM, it’s what makes them effective to
corporations. The redundancy helps lower risks.

Question 48

The absence of security awareness training in one department does not
put another at risk, they are all segmented.
a. True
b. False

Answer 48

B – False, all departments need to be trained properly. Common
misconception that only technical sides are at risk because they deal with
core products. Any breach could move latterly and effect the entire
organization.

Question 49

Which of the following allows secure and private data exchange on an
unsecure network?
a. Public Key Infrastructure
b. Virtual Key Infrastructure
c. Private Key Infrastructure
d. All of the above

Answer 49

A – It is PKI that enables this, and it is a backbone of the internet. Provides
a chain of trust that allows us to have the checks and balances required.

Question 50

Vulnerability Management and Scanning is the process of

a. Identifying
b. Reporting
c. Treating
d. All of the above

Answer 50

D – All of the above, it is an encompassing process that deals with the
entire remediation process.

Question 51

Which is part of the vulnerability scanning process?

a. Correlating system information with known vulnerabilities
b. Sandboxing any malicious threats found
c. All of the above
d. None of the above

Answer 51

A – During the scanning phase you are only doing reconnaissance on your
own systems. Goal is to identify the issues not take any actions yet, you are
only gathering actionable information.

Question 52

What is a firewall?
a. Firewalls are interrupting software that disconnect hosts when
malicious threats appear
b. Program that stops other software from using the network
c. Program that encrypts software that accesses the network
d. Networked based security measures that control the flow of
network traffic.

Answer 52

D – The goal of the firewall is to control the flow of data to avoid potential
problems. You can identify malicious IP,s and stop access to critical ports.

Question 53

Penetration testing is not necessary and typically a costly mistake that can
be avoided with good tools.
a. True
b. False

Answer 53

B – False, highly recommended because it identifies issues earlier on

Question 54

Hackers are typically after

a. PII
b. Credentials
c. Intellectual Property
d. All of the above

Answer 54

D – Hackers are after anything and everything regarding data that could be
sold for profit

Question 55

Which best describes social engineering?

a. A way to brute force your way into a user’s credentials
b. Manipulating people to gain confidential information
c. Manually inserting malware into computers in a social setting
d. None of these

Answer 55

B – Social Engineering is all about creating false trust to obtain information
that could be used for malicious efforts later.

Question 56

What would be an example of a social engineering attack?

a. A text pretending from a friend asking for money
b. A phone call from your CEO asking you for login help
c. An email asking you to click a link to some random website
d. All of these

Answer 56

D – All of these examples are scenarios of social engineering. Unless you
can correctly verify that the message is from who they said they were, a
chance exists that there is spoofing about to happen.

Question 57

The top OWASP 10 attacks are constantly changing year after year

a. True
b. False

Answer 57

B – False, these attacks rarely change year of year. The top ones seem to be
very similar year after year proving hackers go after low hanging fruit.

Question 58

If you find a flaw and decide to exploit it just for research purposes, there
are no legal implications. You only get in trouble when trying to monetize it.
a. True
b. False

Answer 58

B – False, how does anyone know what your true intentions are? If you
find a vulnerability the ethical thing to do is report it.

Question 59

What was the issue during the Equifax data breach?

a. A team injected a virus with a USB internally
b. Hackers went into the server room and copied all the files
c. They forgot to patch their software which let an exploit be used
d. None of the above

Answer 59

C – They forgot to update their Apache Struts java servlets and it allowed
hackers to run and execute code on the backend servers .

Question 60

Which of these are mobile threats?

a. Lack of encryption
b. Spam
c. Slow processors
d. All of the above

Answer 60

A – Lack of encryption is a problem as a lot of confidential data is passing
from the clients mobile device to the web servers.

Question 61

Cybersecurity is all about understanding, managing, controlling, and
mitigating
a. risks
b. malware
c. hackers
d. attacks

Answer 61

A – Cybersecurity is all about managing risks that are currently present and
what is to come in the future. Planning for this allows the best chance of
defense.

Question 62

Internet privacy is highly regulated and has harsh fines when breached

a. True
b. False

Answer 62

B – False this is a new growing sector and currently the fines are minimal
to companies compared to their revenues.

Question 63

Which of these are risks?

a. Using the same credentials for multiple accounts
b. Opening unknown links
c. Staying logged into online services
d. All of these

Answer 63

D – All of these are unsafe actions which could cause potential threats.