1. You work as a network administrator in a company. You have been asked to block outbound traffic to a few websites based on IP address. At which layer of the OSI model,  the IP filtering would work?

Question 1 of 50

2. Layer 2 switches represent multiple collision domains but a single broadcast domain

Question 2 of 50

3. You have captured some network traffic and while analyzing it using Wireshark, you notice that some of the packets are destined for TCP port 20 and 21. What type of network traffic is this?

Question 3 of 50

4. Which of the following protocols do not encrypt data?

Question 4 of 50

5. Bob is a network administrator and has been asked to allow HR users to modify few HR documents stored on a file server. Which information security goal Bob will satisfy?

Question 5 of 50

6. Being a network administrator, Bob's duty is to download and test the latest software updates and security patches before applying to users PCs. To which security goal does this example apply?

Question 6 of 50

7. You receive the e-mail message shown here. What type of threat is this?

Local Postage Service

CONGRATULATIONS

This email was sent only to 10 Selected Customers in your area. In this way. we would like to thank you for being here for us.
You are one of the current customers to win an Exclusive Reward.
All you have to do is confirm receipt of this email. Please click here to confirm.

Thanks and good luck.

Question 7 of 50

8. Which policy specifies details about data storage for various types of information including storage location, the length of time data is retained, the type of storage media such as magnetic tape or cloud archiving?

Question 8 of 50

9. A buffer overflow attack occurs when a hacker sends more data to an application or service than it is expecting

Question 9 of 50

10. Which social engineering tactic involves an attacker fabricating fake reviews to convince the victim that other people have used the software or service that the attacker is offering?

Question 10 of 50

11. Which attack involves tricking the user into clicking an object that does not do what the user expects it to do?

Question 11 of 50

12. In which type of threat the victim's data is encrypted and a demand is made from the victim, in the form of payment to decrypt the data

Question 12 of 50

13. The primary function of the Stuxnet attack was to hide its presence while reprogramming industrial computer systems. Stuxnet was spread through USB flash drives and it replicated itself. Which of the following apply to Stuxnet attack?

Question 13 of 50

14. Match the type of attack with its description
Virus
A piece of malicious code that can replicate itself

Unselect

Gains access to a computer and encrypts all files

Unselect

A piece of code that performs malicious actions without the user's consent

Unselect

Stores every keystroke from the machine it is installed on

Unselect

Worm
A piece of malicious code that can replicate itself

Unselect

Gains access to a computer and encrypts all files

Unselect

A piece of code that performs malicious actions without the user's consent

Unselect

Stores every keystroke from the machine it is installed on

Unselect

Key-logger
A piece of malicious code that can replicate itself

Unselect

Gains access to a computer and encrypts all files

Unselect

A piece of code that performs malicious actions without the user's consent

Unselect

Stores every keystroke from the machine it is installed on

Unselect

Crypto-malware
A piece of malicious code that can replicate itself

Unselect

Gains access to a computer and encrypts all files

Unselect

A piece of code that performs malicious actions without the user's consent

Unselect

Stores every keystroke from the machine it is installed on

Unselect

Question 14 of 50

15. Which standard requires that devices be authenticated before being given network access?

Question 15 of 50

16. Which method involves the customer, in the development of the product and can create basic versions of working software quickly?

Question 16 of 50

17. What primary benefit does Git provide to manage changed code by giving each change its own unique identifier?

Question 17 of 50

18. A host-based intrusion prevention system (HIPS) detects and stops attacks on a computer system and also monitor the content of LAN network traffic

Question 18 of 50

19. Which protocol is a WPA2 standard that uses an AES block cipher with counter mode and makes pattern detection difficult, thus making this a strong protocol?

Question 19 of 50

20. You are configuring a wireless network for your home. Which options are not applicable to a home network?

Question 20 of 50

21. Which attack involves an attacker creating enough interference that legitimate clients cannot communicate with the wireless access point?

Question 21 of 50

22. Transport Layer Security (TLS) replaces which protocol and offers more secure data authentication to ensure data has not been tampered with while in transit?

Question 22 of 50

23. Which protocol reports on network congestion and the reachability of network nodes?

Question 23 of 50

24. Which term describes the intentional altering of communications in an attempt to make it more difficult for unauthorized parties to make sense of the message?

Question 24 of 50

25. Which of the following statements are true regarding the certificates containing private keys?

Question 25 of 50

26. Which security solution uses PKI certificate keys to encrypt and decrypt hard disk contents?

Question 26 of 50

27. Which algorithm uses one-way encryption that transforms a string of characters into a fixed-length value or key and ensure the integrity of data?

Question 27 of 50

28. You want to authenticate the wireless users and also to log connection sessions. Which of the following should be used?

Question 28 of 50

29. Which of the following physical access control methods identify entry into a secure area?

Question 29 of 50

30. You work as a system administrator in a company. You have recently migrated locally hosted email exchange to cloud. How does this apply to the concept of risk?

Question 30 of 50

31. Your company has decided not to launch a new product in a market due to economic uncertainty and ongoing COVID -19 pandemic. Which term best describes your company's decision?

Question 31 of 50

32. You work as a system administrator in a company. You have been asked to migrate the file server and email server data to the cloud. What step should you take to make sure access to files and emails is always available to users?

Question 32 of 50

33. Which document lists lessons learned from previous incidents in order to improve upon identified problems that obstructed incident response?

Question 33 of 50

34. What type of evidences would be easy for the perpetrator to forge?

Question 34 of 50

35. Annual loss expectancy (ALE) is used when performing a risk assessment and used to calculate the probability of asset failure over a year

Question 35 of 50

36. Which type of analysis refers to using specialized tools or algorithms to analyze large volumes of data?

Question 36 of 50

37. Which Windows tool is used to measure and monitor performance metrics of a Windows computer?

Question 37 of 50

38. In what type of testing, testers are given details regarding the item they are testing, such as software source code or network diagrams?

Question 38 of 50

39. A packet sniffer captures transmitted network traffic and it can also determine whether RDP is available on a particular IP address

Question 39 of 50

40. Match the type of testing with its description
Black box
Testers have minimal knowledge about how software or network is designed

Unselect

It is final part of testing process

Unselect

Testers have knowledge about how software or network is designed

Unselect

Testers have no information about how software or network is designed

Unselect

White box
Testers have minimal knowledge about how software or network is designed

Unselect

It is final part of testing process

Unselect

Testers have knowledge about how software or network is designed

Unselect

Testers have no information about how software or network is designed

Unselect

Grey box
Testers have minimal knowledge about how software or network is designed

Unselect

It is final part of testing process

Unselect

Testers have knowledge about how software or network is designed

Unselect

Testers have no information about how software or network is designed

Unselect

Red box
Testers have minimal knowledge about how software or network is designed

Unselect

It is final part of testing process

Unselect

Testers have knowledge about how software or network is designed

Unselect

Testers have no information about how software or network is designed

Unselect

Question 40 of 50

41. Which two commands use ICMP to test whether or not a network host responds to an incoming packet?

Question 41 of 50

42. To adhere to new corporate security guidelines, your branch offices must analyze network traffic for irregularities and then triggers alarms or notifications. What should you install?

Question 42 of 50

43. What can be done to prevent malicious users from tampering with log files?

Question 43 of 50

44. Which tool is used to permanently remove the data stored on a memory device?

Question 44 of 50

45. Which protocol is used to collect and organize information about managed devices with enhanced security on an IP network?

Question 45 of 50

46. What refers to the theft of information from a Bluetooth enabled device through a Bluetooth connection?

Question 46 of 50

47. In what type of attack, the attacker enters malicious code in an application and the malicious code is passed to the backend database?

Question 47 of 50

48. In a man in the middle attack, an attacker captures and replays network data between two parties without their knowledge

Question 48 of 50

49. Which of the following is the best security practice to counter brute force attack to prevent hackers from accessing the user's account?

Question 49 of 50

50. Which type of policy states about, how and where data is stored, how long it must be kept, and how it is to be backed up or disposed of?

Question 50 of 50