Security + 701

Question 1

Which of the following is an example of a technical security control?

Answer 1

Firewalls

Question 2

What is the primary purpose of a VPN?

Answer 2

Provide secure remote access

Question 3

Which attack involves sending fraudulent emails that appear to be from a trusted source?

Answer 3

Phishing

Question 4

What is the main function of a Network Access Control (NAC) system?

Answer 4

Enforce policies on devices before they connect to the network

Question 5

Which of the following describes the process of hashing?

Answer 5

Ensuring data integrity

Question 6

What is the difference between symmetric and asymmetric encryption?

Answer 6

Symmetric uses one key; asymmetric uses two keys

Question 7

Which protocol is used to secure email communications?

Answer 7

S/MIME

Question 8

What is the purpose of a honeypot?

Answer 8

Detect and deflect unauthorized access

Question 9

Which security principle ensures that only authorized users can access data?

Answer 9

Confidentiality

Question 10

A user reports that their system has been infected by ransomware. What should be done first?

Answer 10

Disconnect the affected system from the network

Question 11

What type of malware hides itself by altering system files?

Answer 11

Rootkit

Question 12

Which wireless security protocol is the most secure?

Answer 12

WPA3

Question 13

What does a digital signature provide?

Answer 13

Integrity and authentication

Question 14

Which port does HTTPS typically use?

Answer 14

443

Question 15

Which tool is commonly used for vulnerability scanning?

Answer 15

Nessus

Question 16

Which access control model uses labels to enforce security policies?

Answer 16

Mandatory Access Control (MAC)

Question 17

What is the purpose of a demilitarized zone (DMZ) in network security?

Answer 17

Separate public-facing services from internal networks

Question 18

Which of the following is a physical security control?

Answer 18

Biometrics

Question 19

What does a DNS poisoning attack do?

Answer 19

Redirects users to malicious websites

Question 20

Which security framework focuses on continuous monitoring and risk assessment?

Answer 20

NIST Cybersecurity Framework

Question 21

What does a Certificate Authority (CA) do?

Answer 21

Issues and manages digital certificates

Question 22

Which term describes the process of identifying and reducing security risks?

Answer 22

Risk management

Question 23

What type of attack involves intercepting and altering communication between two parties?

Answer 23

Man-in-the-middle

Question 24

What is the purpose of a Security Information and Event Management (SIEM) system?

Answer 24

Centralize logging and analyze security events

Question 25

Which protocol is used to securely transfer files over the internet?

Answer 25

FTPS

Question 26

What does a network intrusion detection system (NIDS) do?

Answer 26

Detects and alerts on suspicious activity

Question 27

Which of the following is an example of social engineering?

Answer 27

Phishing

Question 28

What is the function of port 22?

Answer 28

SSH

Question 29

Which RAID level provides both redundancy and performance improvement?

Answer 29

RAID 10

Question 30

What type of malware replicates itself without user intervention?

Answer 30

Worm

Question 31

Which of the following is a symmetric encryption algorithm?

Answer 31

AES

Question 32

What type of attack exploits a vulnerability in dynamically generated SQL queries?

Answer 32

SQL injection

Question 33

Which security control detects unauthorized changes to files?

Answer 33

HIDS (Host-Based Intrusion Detection System)

Question 34

What is the primary purpose of a disaster recovery plan?

Answer 34

Restore business operations after a disaster

Question 35

Which wireless attack involves capturing authentication packets to crack WPA/WPA2 keys?

Answer 35

WPA cracking

Question 36

What is the purpose of a digital certificate?

Answer 36

Verify the identity of an entity

Question 37

Which of the following uses public and private key pairs for encryption?

Answer 37

RSA

Question 38

What is the purpose of a session key?

Answer 38

Encrypt data for a single communication session

Question 39

What type of attack involves flooding a network with traffic to cause disruption?

Answer 39

DDoS (Distributed Denial of Service)

Question 40

What tool is used to test network vulnerabilities by simulating attacks?

Answer 40

Metasploit

Question 41

Which security policy ensures users only have the permissions needed for their job roles?

Answer 41

Least privilege

Question 42

What is the primary purpose of hashing in cybersecurity?

Answer 42

Data integrity verification

Question 43

What is an example of multifactor authentication (MFA)?

Answer 43

Password and SMS code

Question 44

Which tool is used for password cracking?

Answer 44

Hashcat

Question 45

What is the purpose of a sandbox in cybersecurity?

Answer 45

Isolate suspicious programs for analysis