Practice Questions

Question 1

Which of the following is an example of a physical control?

Question 2

What is the primary purpose of succession planning?

Answer 2

To define plans for how to handle the sudden loss of an executive or key employee to the organization

Question 3

A data center technician needs to securely dispose of several hard drives for systems that are being decommissioned. Which of the following techniques is not sufficient to ensure the data is not recoverable?

Answer 3

Erasure

Erasure occurs when you press the Delete key on a computer or empty the recycle bin on your desktop. When this occurs, the data is not actually removed from the hard drive and may be recovered.

Question 4

Fortification of facilities, deployment of uninterruptible power supplies or generators, communication link redundancy, and fire detection and suppression systems are all examples of what?

Answer 4

Preventative controls

Controls designed to stop unwanted things from occurring

Question 5

Which of the following techniques is not a method for identifying a security incident?

Answer 5

Disabling system accounts

This may be done as a containment strategy as part of the incident response process, however, this is not a method for identifying a security incident.

Question 6

IDS

Answer 6

Intrusion Detection System

Question 7

SIEM

Answer 7

Security Information and Event Management

Question 8

Which of the following would a hacker not usually learn by conducting scans against a targeted network?

Answer 8

Reveal user accounts on endpoints that have excessive privilege

Scanners cannot tell if user accounts have too many privileges since that is dependent upon the user’s role in the organization and their need to know

Question 9

Which of the following best describes DAC?

Answer 9

Access control model that provides the owner of the resource (typically the creator) complete control to configure which subjects can access an object

Question 10

DAC

Answer 10

Discretionary Access Control

Question 11

MAC

Answer 11

Mandatory Access Control

Question 12

RBAC

Answer 12

Role Based Access Control

Question 13

ABAC

Answer 13

Attribute Based Access Control

Question 14

Which technology would an organization use to control which devices could connect to their network?

Answer 14

NAC

Network Access Control allows organizations to control which devices are permitted to connect to their network based on policy

Question 15

IDS

Answer 15

Intrusion Detection System

Question 16

DMZ

Answer 16

Demilitarized Zone

Question 17

Which of the following is not true regarding UDP?

Answer 17

UDP is a connection oriented protocol

User Datagram Protocol is a protocol for for transmitting data between computers. It does not establish a connection (three-way handshake) before transmitting data. This makes it less reliable but also faster than TCP.

Question 18

TCP

Question 19

Which of the following is a logical address assigned to devices connected to a network or the Internet?

Answer 19

Internet Protocol (IP) address

IP addresses are used for identifying devices for the purpose of routing traffic. They are referred to as a logical or software address as it is a virtual address and not hardcoded into the hardware

Question 20

Which of the following is the bestt description of a computer virus?

Answer 20

Malware that infects a legitimate program and causes it to perform a function it was not intended to do

Question 21

A data center administrator installls a biometric authetication system that controls access to the data center. In oder for employees to ender the data center, they must scan their palm to gain access. What type of security control is this an example of?

Answer 21

Physical

Question 22

Which of the following describes a door system that is configured to automatically close and lock during a power outage?

Answer 22

Fail-secure

Question 23

Which access control model is commonly used in military and government environments to protect classified information?

Answer 23

MAC

Question 24

Which part of the access control mechanism provides information used by auditors and investigators?

Answer 24

Accountability

Question 25

Joe fell victim to a social engineering attach by a cybercriminal, then he remembered learning about a similar trick during his company’s security training. What feature of training and awareness programs did his organization likely fail to implement?

Answer 25

Practice testing

Question 26

A system’s administrator is assisting an employee with an issue they are having with their work laptop. When the employee attempts to connect to the company network they are unable to get an IP address assigned and thus cannot access company resources. Which of the following protocols is most relevant for the systems administrator when investigating and troubleshooting this issue?

Answer 26

DHCP

Dynamic Host Configuration Protocol is used to dynamically assign IP addresses to devices. A server checks for available IP addresses from a pool and automatically assigns them to client devices. The administrator should investigate to see whether DHCP is configured and working properly.

Question 27

HTTP

Answer 27

Hypertext Transfer Protocol

Question 28

SMTP

Answer 28

Simple Mail Transfer Protocol

Question 29

FTP

Answer 29

File Transfer Protocol

Question 30

Which of the following is not a category of social engineering?

Answer 30

Mantrap

Refers to a special kind of vestibule used to protect a secure area. It has two doors and requires a visitor to go through the first door and close it before going through the second door to gain entry to the secure area.

Question 31

Which of the following involves a sophisticated attack in which a hacker maintains a stealthy long term presence in a victim’s network?

Answer 31

Advanced persistent threat

Question 32

Which of the following is not an example of protecting data in transit?

Answer 32

Database encryption

Question 33

Which of the following is not commonly used to launch ransomware attacks?

Answer 33

Ping attack

A denial of service attack in which the attacker floods the victim system with pink requests. By itself it does not enable a ransomware attack

Question 34

Mary is conducting a risk analysis for her organization. Her boss, the CISO, feels strongly that the organization’s biggest risk is from hackers trying to steal intellectual property from their engineering database server so that is where their defensive focus should lie. This is an example of what kind of analysis?

Answer 34

Qualitative risk analysis

Question 35

What is the most important governance element for a customer to use to ensure a cloud service provider is delivering on expectations?

Answer 35

SLA

A service level agreement is a contractual agreement between a service provider and a customer that defines the level of service the customer can expect. Provisions around things like performance, availability, security, etc.

Question 36

When an employee is terminated, what is the best course of action regarding the provisioning of their user access accounts?

Answer 36

Disable the employee’s access to all accounts

Question 37

Joe is a network engineer who wants to deploy the most basic and least expensive firewall. All he needs is to set up Access Control Lists to accomplish his goals. Which type of firewall is best for his needs?

Answer 37

Packet filler

A packet filler (gen 1) is the simplest and least expensive type of firewall and uses Access Control Lists to control traffic

Question 38

A server admin wants to ensure that the server’s hard drive is encrypted to protect the sensitive data on the server in case the server is ever stolen. Which of the following would enable the best configuration for disk encryption?

Answer 38

AES

The Advanced Encryption Standard algorithm is the most commonly used symmetric encryption algorithm due to its maturity, security, and international recognition. Symmetric encryption (particularly AES) is most commonly used to encrypt data in bulk and large files, such as hard drive encryption.

Question 39

Which policy would normally include requirements for employees accessing their social media accounts on company owned computers?

Answer 39

AUP

The Acceptable Use Policy defines what employees may and may not do with company resources, usually stating such resources are to be used for official business purposes only.

Question 40

Which method of authentication factor is most likely to falsely reject a valid user?

Answer 40

Type 3

Something you are, uses biometrics which is an improving technology that is not perfect and can falsely reject a valid user or falsely accept an unknown user.

Question 41

Joe ran a vulnerability scan and posted the results on his organization’s unsecured website so it would be easy for his employees to see the results. Was this a good idea?

Answer 41

No, because scan results contain sensitive information which could be used by cybercriminals to launch attacks against the organization

Question 42

Which of the following is considered an “insecure” protocol?

Answer 42

HTTP

Hypertext Transfer Protocol is a communication protocol that serves as the primary way web browsers communicate with web servers to access web pages over the internet. It is considered an insecure protocol since the information is transmitted in plaintext between the client and the server. HTTPS is the secure alternative.

Question 43

Which of the following is considered the best practice regarding patch management?

Answer 43

Test patches before deploying them to production devices.

Question 44

Which of the following is a key benefit of using a SIEM?

Answer 44

Greater availability and monitoring

Security Information and Event Management systems allow greater security visibility and monitoring. The systems collect and analyze security related data from multiple sources, providing security analysts with a comprehensive view of the organization’s security posture.

Question 45

Which of the following best describes RBAC?

Answer 45

Access control model that enforces access based on predefined roles.

Roles are typically developed for similar users with the same access needs.

Question 46

A security engineer is trying to decide on the best course of action to take to block internet traffic from specific IP addresses at the perimeter of the company network. Which of the following controls would allow the security engineer to configure such rules

Answer 46

Network Firewall

A firewall is a network device used to enforce certain security rules that govern how traffic may flow.

Question 47

Which of the following is an example of a technical control?

Answer 47

Antivirus

Question 48

The IT director for a large organization is reviewing options to migrate their servers and infrastructure from their on-prem data center to the cloud. Which cloud service model best fits the organization’s needs?

Answer 48

IaaS

In the Infrastructure as a Service model the cloud provider gives customers self service access to a pool of infrastructure resources that can be virtually provisioned and deprovisioned on demand.

Question 49

SaaS

Answer 49

Software as a Service

A software service or application is hosted by a cloud provider and provided to customers (typically over the Internet). The cloud provider manages the infrastructure and platform, and the customer only needs to manage specific canfugurations within the application.

Question 50

The IT Director for an organization has revamped the organization’s identity management structure so that pre-built permission groups are developed for each department such as IT, Finance, Sales, HR, and so on. Users are then assigned to those corresponding groups depending on what team they are on. Which access control model is most likely being utilized?

Answer 50

RBAC

Role based access control enforces access based on roles that define permissions, and the level of access provided to any subjects assigned to that role.

Question 51

Which cloud deployment model consists of cloud resources that are available for purchase and consumption by the general public?

Answer 51

Public

Public cloud consists of computing resources operated by a third party that are deployed for use by the general public for purchase and consumption