Last Updated on October 29, 2019 by Admin
Cybersecurity Essentials 1.1 Final Quiz Online Form B
CE -- Final Quiz Form B
Quiz-summary
0 of 50 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
Information
CE — Final Quiz Form B
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 50 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
Average score |
|
Your score |
|
Categories
- Not categorized 0%
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- Answered
- Review
-
Question 1 of 50
1. Question
1 pointsWhat is an example of early warning systems that can be used to thwart cybercriminals?Correct
Incorrect
Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
Hint
Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
-
Question 2 of 50
2. Question
2 pointsTechnologies like GIS and IoE contribute to the growth of large data stores. What are two reasons that these technologies increase the need for cybersecurity specialists? (Choose two.)Correct
Incorrect
The types of information collected by these technologies have increased the need for data protection.
Hint
The types of information collected by these technologies have increased the need for data protection.
-
Question 3 of 50
3. Question
2 pointsWhich two groups of people are considered internal attackers? (Choose two.)Correct
Incorrect
Threats are classified as being from an internal source or external source. A cybersecurity specialist needs to be aware of the source of various threats.
Hint
Threats are classified as being from an internal source or external source. A cybersecurity specialist needs to be aware of the source of various threats.
-
Question 4 of 50
4. Question
1 pointsWhich methods can be used to implement multifactor authentication?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies available that support the CIA triad.
Hint
A cybersecurity specialist must be aware of the technologies available that support the CIA triad.
-
Question 5 of 50
5. Question
1 pointsWhich technology should be used to enforce the security policy that a computing device must be checked against the latest antivirus update before the device is allowed to connect to the campus network?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies available to enforce its organization’s security policy.
Hint
A cybersecurity specialist must be aware of the technologies available to enforce its organization’s security policy.
-
Question 6 of 50
6. Question
1 pointsA security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?Correct
Incorrect
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
Hint
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
-
Question 7 of 50
7. Question
1 pointsWhich technology can be used to ensure data confidentiality?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
Hint
A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
-
Question 8 of 50
8. Question
1 pointsAn organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted?Correct
Incorrect
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
Hint
Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
-
Question 9 of 50
9. Question
2 pointsWhat are the two most effective ways to defend against malware? (Choose two.)Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 10 of 50
10. Question
1 pointsAn executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?Correct
Incorrect
Social engineering uses several different tactics to gain information from victims.
Hint
Social engineering uses several different tactics to gain information from victims.
-
Question 11 of 50
11. Question
1 pointsWhich statement describes a distributed denial of service attack?”Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 12 of 50
12. Question
1 pointsWhat type of attack will make illegitimate websites higher in a web search result list?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 13 of 50
13. Question
1 pointsWhat is a nontechnical method that a cybercriminal would use to gather sensitive information from an organization?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 14 of 50
14. Question
1 pointsA penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 15 of 50
15. Question
1 pointsUsers report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?Correct
Incorrect
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
Hint
A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
-
Question 16 of 50
16. Question
1 pointsA user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 17 of 50
17. Question
1 pointsWhat happens as the key length increases in an encryption application?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 18 of 50
18. Question
1 pointsWhich algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?Correct
Incorrect
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
Hint
Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
-
Question 19 of 50
19. Question
1 pointsBefore data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?Correct
Incorrect
Technologies exist to confuse attackers by changing data and using techniques to hide the original data.
Hint
Technologies exist to confuse attackers by changing data and using techniques to hide the original data.
-
Question 20 of 50
20. Question
1 pointsIn which situation would a detective control be warranted?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 21 of 50
21. Question
1 pointsAn organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?Correct
Incorrect
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
Hint
Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
-
Question 22 of 50
22. Question
1 pointsAn organization has implemented antivirus software. What type of security control did the company implement?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 23 of 50
23. Question
1 pointsPasswords, passphrases, and PINs are examples of which security term?Correct
Incorrect
Authentication methods are used to strengthen access control systems. It is important to understand the available authentication methods.
Hint
Authentication methods are used to strengthen access control systems. It is important to understand the available authentication methods.
-
Question 24 of 50
24. Question
3 pointsAn organization has determined that an employee has been cracking passwords on administrative accounts in order to access very sensitive payroll information. Which tools would you look for on the system of the employee? (Choose three)Correct
Incorrect
Tables that contain possible password combinations are used to crack passwords.
Hint
Tables that contain possible password combinations are used to crack passwords.
-
Question 25 of 50
25. Question
1 pointsWhat technique creates different hashes for the same password?Correct
Incorrect
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used to ensure data integrity.
Hint
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used to ensure data integrity.
-
Question 26 of 50
26. Question
1 pointsWhich hashing technology requires keys to be exchanged?Correct
Incorrect
The difference between HMAC and hashing is the use of keys.
Hint
The difference between HMAC and hashing is the use of keys.
-
Question 27 of 50
27. Question
1 pointsYou have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?Correct
Incorrect
MD5 and SHA are the two most popular hashing algorithms. SHA-256 uses a 256-bit hash, whereas MD5 produces a 128-bit hash value.
Hint
MD5 and SHA are the two most popular hashing algorithms. SHA-256 uses a 256-bit hash, whereas MD5 produces a 128-bit hash value.
-
Question 28 of 50
28. Question
1 pointsWhat kind of integrity does a database have when all its rows have a unique identifier called a primary key?
Correct
Incorrect
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.
Hint
Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.
-
Question 29 of 50
29. Question
2 pointsTechnicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)Correct
Incorrect
Hashing can be used in many different situations to ensure data integrity.
Hint
Hashing can be used in many different situations to ensure data integrity.
-
Question 30 of 50
30. Question
1 pointsAlice and Bob are using a digital signature to sign a document. What key should Alice use to sign the document so that Bob can make sure that the document came from Alice?Correct
Incorrect
Alice and Bob are used to explain asymmetric cryptography used in digital signatures. Alice uses a private key to encrypt the message digest. The message, encrypted message digest, and the public key are used to create the signed document and prepare it for transmission.
Hint
Alice and Bob are used to explain asymmetric cryptography used in digital signatures. Alice uses a private key to encrypt the message digest. The message, encrypted message digest, and the public key are used to create the signed document and prepare it for transmission.
-
Question 31 of 50
31. Question
1 pointsThe X.509 standards defines which security technology?Correct
Incorrect
Digital certificates protect the parties involved in a secure communication
Hint
Digital certificates protect the parties involved in a secure communication
-
Question 32 of 50
32. Question
1 pointsWhat is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?Correct
Incorrect
An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.
Hint
An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.
-
Question 33 of 50
33. Question
1 pointsBeing able to maintain availability during disruptive events describes which of the principles of high availability?Correct
Incorrect
High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.
Hint
High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.
-
Question 34 of 50
34. Question
1 pointsAn organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?Correct
Incorrect
System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.
Hint
System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.
-
Question 35 of 50
35. Question
1 pointsWhat approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?Correct
Incorrect
Defense in depth utilizes multiple layers of security controls.
Hint
Defense in depth utilizes multiple layers of security controls.
-
Question 36 of 50
36. Question
1 pointsThe team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?Correct
Incorrect
A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.
Hint
A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.
-
Question 37 of 50
37. Question
2 pointsWhich two values are required to calculate annual loss expectancy? (Choose two.)Correct
Incorrect
Single loss expectancy, annualized rate of occurrence, and annualized loss expectancy are used in a quantitative risk analysis
Hint
Single loss expectancy, annualized rate of occurrence, and annualized loss expectancy are used in a quantitative risk analysis
-
Question 38 of 50
38. Question
1 pointsAn organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?Correct
Incorrect
One of the most important steps in risk management is asset classification.
Hint
One of the most important steps in risk management is asset classification.
-
Question 39 of 50
39. Question
1 pointsWhat approach to availability involves using file permissions?Correct
Incorrect
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
Hint
System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
-
Question 40 of 50
40. Question
2 pointsWhat are two incident response phases? (Choose two.)Correct
Incorrect
When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
Hint
When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
-
Question 41 of 50
41. Question
1 pointsWhat Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.
-
Question 42 of 50
42. Question
1 pointsIn a comparison of biometric systems, what is the crossover error rate?Correct
Incorrect
In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.
Hint
In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.
-
Question 43 of 50
43. Question
1 pointsWhat describes the protection provided by a fence that is 1 meter in height?Correct
Incorrect
Security standards have been developed to assist organizations in implementing the proper controls to mitigate potential threats. The height of a fence determines the level of protection from intruders
Hint
Security standards have been developed to assist organizations in implementing the proper controls to mitigate potential threats. The height of a fence determines the level of protection from intruders
-
Question 44 of 50
44. Question
1 pointsMutual authentication can prevent which type of attack?Correct
Incorrect
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
Hint
A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
-
Question 45 of 50
45. Question
1 pointsWhich protocol would be used to provide security for employees that access systems remotely from home?Correct
Incorrect
Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
Hint
Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
-
Question 46 of 50
46. Question
1 pointsWhich technology can be used to protect VoIP against eavesdropping?Correct
Incorrect
Many advanced technologies such as VoIP, streaming video, and electronic conferencing require advanced countermeasures.
Hint
Many advanced technologies such as VoIP, streaming video, and electronic conferencing require advanced countermeasures.
-
Question 47 of 50
47. Question
3 pointsWhich three protocols can use Advanced Encryption Standard (AES)? (Choose three.)Correct
Incorrect
Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
Hint
Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
-
Question 48 of 50
48. Question
1 pointsHVAC, water system, and fire systems fall under which of the cybersecurity domains?Correct
Incorrect
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization.
Hint
Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization.
-
Question 49 of 50
49. Question
1 pointsWhich national resource was developed as a result of a U.S. Executive Order after a ten-month collaborative study involving over 3,000 security professionals?Correct
Incorrect
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
Hint
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
-
Question 50 of 50
50. Question
1 pointsWhich cybersecurity weapon scans for use of default passwords, missing patches, open ports, misconfigurations, and active IP addresses?Correct
Incorrect
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
Hint
There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.