Last Updated on October 29, 2019 by Admin
Cybersecurity Essentials 1.1 Final Quiz Online
CE -- Final Quiz
Quiz-summary
0 of 50 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
Information
CE — Final Quiz
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 50 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- Answered
- Review
-
Question 1 of 50
1. Question
1 pointsA cybersecurity specialist is asked to identify the potential criminals known to attack the organization. Which type of hackers would the cybersecurity specialist be least concerned with?Correct
Incorrect
Hackers are classified by colors to help define the purpose of their break-in activities.
Hint
Hackers are classified by colors to help define the purpose of their break-in activities.
-
Question 2 of 50
2. Question
1 pointsWhat is an example of early warning systems that can be used to thwart cybercriminals?Correct
Incorrect
Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
Hint
Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
-
Question 3 of 50
3. Question
3 pointsA specialist in the HR department is invited to promote the cybersecurity program in community schools. Which three topics would the specialist emphasize in the presentation to draw students to this field? (Choose three.)Correct
Incorrect
The increased demand for cybersecurity specialists offers several unique career opportunities.
Hint
The increased demand for cybersecurity specialists offers several unique career opportunities.
-
Question 4 of 50
4. Question
3 pointsWhat are three states of data during which data is vulnerable? (Choose three.)Correct
Incorrect
A cybersecurity specialist must be aware of each of the three states of data to effectively protect data and information. Purged data was stored data. Encrypted and decrypted data can be in any of the three states.
Hint
A cybersecurity specialist must be aware of each of the three states of data to effectively protect data and information. Purged data was stored data. Encrypted and decrypted data can be in any of the three states.
-
Question 5 of 50
5. Question
1 pointsWhich framework should be recommended for establishing a comprehensive information security management system in an organization?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the different frameworks and models for managing information security.
Hint
A cybersecurity specialist needs to be familiar with the different frameworks and models for managing information security.
-
Question 6 of 50
6. Question
1 pointsWhich technology can be used to ensure data confidentiality?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
Hint
A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
-
Question 7 of 50
7. Question
1 pointsWhich data state is maintained in NAS and SAN services?Correct
Incorrect
A cybersecurity specialist must be familiar with the types of technologies used to store, transmit, and process data.
Hint
A cybersecurity specialist must be familiar with the types of technologies used to store, transmit, and process data.
-
Question 8 of 50
8. Question
1 pointsA security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?Correct
Incorrect
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
Hint
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
-
Question 9 of 50
9. Question
1 pointsA penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 10 of 50
10. Question
1 pointsWhat type of attack has an organization experienced when an employee installs an unauthorized device on the network to view network traffic?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 11 of 50
11. Question
2 pointsWhat are the two most effective ways to defend against malware? (Choose two.)Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 12 of 50
12. Question
1 pointsThe employees in a company receive an email stating that the account password will expire immediately and requires a password reset within 5 minutes. Which statement would classify this email?Correct
Incorrect
Social engineering uses several different tactics to gain information from victims.
Hint
Social engineering uses several different tactics to gain information from victims.
-
Question 13 of 50
13. Question
3 pointsWhat three best practices can help defend against social engineering attacks? (Choose three.)Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 14 of 50
14. Question
1 pointsWhich statement describes a distributed denial of service attack?”Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 15 of 50
15. Question
1 pointsWhat is an impersonation attack that takes advantage of a trusted relationship between two systems?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 16 of 50
16. Question
1 pointsSmart cards and biometrics are considered to be what type of access control?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 17 of 50
17. Question
1 pointsWhich statement describes a characteristics of block ciphers?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 18 of 50
18. Question
1 pointsBefore data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?Correct
Incorrect
Technologies exist to confuse attackers by changing data and using techniques to hide the original data.
Hint
Technologies exist to confuse attackers by changing data and using techniques to hide the original data.
-
Question 19 of 50
19. Question
1 pointsWhich access control should the IT department use to restore a system back to its normal state?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 20 of 50
20. Question
1 pointsIn which situation would a detective control be warranted?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 21 of 50
21. Question
1 pointsAn organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 22 of 50
22. Question
1 pointsA user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 23 of 50
23. Question
1 pointsAlice and Bob are using public key encryption to exchange a message. Which key should Alice use to encrypt a message to Bob?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 24 of 50
24. Question
1 pointsWhich hashing technology requires keys to be exchanged?Correct
Incorrect
The difference between HMAC and hashing is the use of keys.
Hint
The difference between HMAC and hashing is the use of keys.
-
Question 25 of 50
25. Question
1 pointsWhat kind of integrity does a database have when all its rows have a unique identifier called a primary key?
Correct
Incorrect
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.
Hint
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.
-
Question 26 of 50
26. Question
1 pointsWhat technology should be implemented to verify the identity of an organization, to authenticate its website, and to provide an encrypted connection between a client and the website?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 27 of 50
27. Question
1 pointsYou have been asked to work with the data collection and entry staff in your organization in order to improve data integrity during initial data entry and data modification operations. Several staff members ask you to explain why the new data entry screens limit the types and size of data able to be entered in specific fields. What is an example of a new data integrity control?Correct
Incorrect
Data integrity deals with data validation.
Hint
Data integrity deals with data validation.
-
Question 28 of 50
28. Question
1 pointsYou have been asked to describe data validation to the data entry clerks in accounts receivable. Which of the following are good examples of strings, integers, and decimals?Correct
Incorrect
A string is a group of letters, numbers and special characters. An integer is whole number. A decimal is a number that is not a fraction.
Hint
A string is a group of letters, numbers and special characters. An integer is whole number. A decimal is a number that is not a fraction.
-
Question 29 of 50
29. Question
1 pointsWhich hashing algorithm is recommended for the protection of sensitive, unclassified information?Correct
Incorrect
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.
Hint
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used ensure data integrity.
-
Question 30 of 50
30. Question
1 pointsWhat technology should you implement to ensure that an individual cannot later claim that he or she did not sign a given document?Correct
Incorrect
A digital signature is used to establish authenticity, integrity, and nonrepudiation.
Hint
A digital signature is used to establish authenticity, integrity, and nonrepudiation.
-
Question 31 of 50
31. Question
1 pointsA VPN will be used within the organization to give remote users secure access to the corporate network. What does IPsec use to authenticate the origin of every packet to provide data integrity checking?Correct
Incorrect
HMAC is an algorithm used to authenticate. The sender and receiver have a secret key that is used along with the data to ensure the message origin as well as the authenticity of the data.
Hint
HMAC is an algorithm used to authenticate. The sender and receiver have a secret key that is used along with the data to ensure the message origin as well as the authenticity of the data.
-
Question 32 of 50
32. Question
1 pointsThere are many environments that require five nines, but a five nines environment may be cost prohibitive. What is one example of where the five nines environment might be cost prohibitive?Correct
Incorrect
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
Hint
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
-
Question 33 of 50
33. Question
1 pointsWhich technology would you implement to provide high availability for data storage?Correct
Incorrect
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to provide redundancy.
Hint
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to provide redundancy.
-
Question 34 of 50
34. Question
1 pointsAn organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?Correct
Incorrect
One of the most important steps in risk management is asset classification.
Hint
One of the most important steps in risk management is asset classification.
-
Question 35 of 50
35. Question
1 pointsKeeping data backups offsite is an example of which type of disaster recovery control?Correct
Incorrect
A disaster recovery plan enables an organization to prepare for potential disasters and minimize the resulting downtime.
Hint
A disaster recovery plan enables an organization to prepare for potential disasters and minimize the resulting downtime.
-
Question 36 of 50
36. Question
1 pointsWhat approach to availability involves using file permissions?Correct
Incorrect
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
Hint
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
-
Question 37 of 50
37. Question
1 pointsBeing able to maintain availability during disruptive events describes which of the principles of high availability?Correct
Incorrect
High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.
Hint
High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.
-
Question 38 of 50
38. Question
1 pointsWhat approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?Correct
Incorrect
Defense in depth utilizes multiple layers of security controls.
Hint
Defense in depth utilizes multiple layers of security controls.
-
Question 39 of 50
39. Question
2 pointsWhat are two incident response phases? (Choose two.)Correct
Incorrect
When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
Hint
When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
-
Question 40 of 50
40. Question
1 pointsWhat is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?Correct
Incorrect
An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.
Hint
An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.
-
Question 41 of 50
41. Question
1 pointsWhich of the following products or technologies would you use to establish a baseline for an operating system?Correct
Incorrect
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
Hint
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
-
Question 42 of 50
42. Question
1 pointsWhich protocol would be used to provide security for employees that access systems remotely from home?Correct
Incorrect
Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
Hint
Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
-
Question 43 of 50
43. Question
1 pointsWhich wireless standard made AES and CCM mandatory?Correct
Incorrect
Wireless security depends on several industry standards and has progressed from WEP to WPA and finally WPA2.
Hint
Wireless security depends on several industry standards and has progressed from WEP to WPA and finally WPA2.
-
Question 44 of 50
44. Question
1 pointsWhich utility uses the Internet Control Messaging Protocol (ICMP)?Correct
Incorrect
ICMP is used by network devices to send error messages.
Hint
ICMP is used by network devices to send error messages.
-
Question 45 of 50
45. Question
1 pointsMutual authentication can prevent which type of attack?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 46 of 50
46. Question
1 pointsWhat Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.
-
Question 47 of 50
47. Question
3 pointsWhich three protocols can use Advanced Encryption Standard (AES)? (Choose three.)Correct
Incorrect
Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
Hint
Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
-
Question 48 of 50
48. Question
1 pointsWhich website offers guidance on putting together a checklist to provide guidance on configuring and hardening operating systems?Correct
Incorrect
There are several cybersecurity information websites that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization. Some of these websites are the National Vulnerability Database, CERT, the Internet Storm Center, and the Advanced Cyber Security Center.
Hint
There are several cybersecurity information websites that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization. Some of these websites are the National Vulnerability Database, CERT, the Internet Storm Center, and the Advanced Cyber Security Center.
-
Question 49 of 50
49. Question
1 pointsWhich threat is mitigated through user awareness training and tying security awareness to performance reviews?Correct
Incorrect
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization. Each domain has various countermeasures available to manage threats.
Hint
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization. Each domain has various countermeasures available to manage threats.
-
Question 50 of 50
50. Question
1 pointsWhich law was enacted to prevent corporate accounting-related crimes?Correct
Incorrect
New laws and regulations have come about to protect organizations, citizens, and nations from cybersecurity attacks.
Hint
New laws and regulations have come about to protect organizations, citizens, and nations from cybersecurity attacks.