Total No. of Questions = 35

Q1. What is the focus of a security audit or vulnerability assessment?

  • A) Locating vulnerabilities
  • B) Locating threats
  • C) Enacting threats
  • D) Exploiting vulnerabilities

Show Answer

The Correct Answer is:- A

2. What kind of physical access device restricts access to a single individual at any one time?

  • A) Checkpoint
  • B) Perimeter security
  • C) Security zones
  • D) Mantrap

Show Answer

The Correct Answer is:- D

3. Which of the following is a mechanism for managing digital certificates through a system of trust?

  • A) PKI
  • B) PKCS
  • C) ISA
  • D) SSL

Show Answer

The Correct Answer is:- A

4. Which protocol is used to create a secure environment in a wireless network?

  • A) WAP
  • B) WPA
  • C) WTLS
  • D) WML

Show Answer

The Correct Answer is:- B

5. What type of exercise is conducted with full knowledge of the target environment?

  • A) White box
  • B) Gray box
  • C) Black box
  • D) Glass box

Show Answer

The Correct Answer is:- A

6. You want to establish a network connection between two LANs using the Internet. Which technology would best accomplish that for you?

  • A) IPSec
  • B) L2TP
  • C) PPP
  • D) SLIP

Show Answer

The Correct Answer is:- B

7. Which design concept limits access to systems from outside users while protecting users and systems inside the LAN?

  • A) DMZ
  • B) VLAN
  • C) I&A
  • D) Router

Show Answer

The Correct Answer is:- A

8. In the key recovery process, which key must be recoverable?

  • A) Rollover key
  • B) Secret key
  • C) Previous key
  • D) Escrow key

Show Answer

The Correct Answer is:- D

9. Which kind of attack is designed to overload a system or resource, taking it temporarily or permanently offline?

  • A) Spoofing
  • B) Trojan
  • C) Man in the middle
  • D) SYN flood

Show Answer

The Correct Answer is:- D

10. Which component of an NIDS collects data?

  • A) Data source
  • B) Sensor
  • C) Event
  • D) Analyzer

Show Answer

The Correct Answer is:- B

11. What is the process of making an operating system secure from attack called?

  • A) Hardening
  • B) Tuning
  • C) Sealing
  • D) Locking down

Show Answer

The Correct Answer is:- A

12. The integrity component provides which feature of the CIA triad?

  • A) Verification that information is accurate
  • B) Verification that ethics are properly maintained
  • C) Establishment of clear access control of data
  • D) Verification that data is kept private and secure

Show Answer

The Correct Answer is:- A

13. Which mechanism is used by PKI to allow immediate verification of a certificate’s validity?

  • A) CRL
  • B) MD5
  • C) SSHA
  • D) OCSP

Show Answer

The Correct Answer is:- D

14. Which of the following is used to create a VLAN from a physical security perspective?

  • A) Hub
  • B) Switch
  • C) Router
  • D) Firewall

Show Answer

The Correct Answer is:- B

15. A user has just reported that he downloaded a file from a prospective client using IM. The user indicates that the file was called account.doC) The system has been behaving unusually since he downloaded the file. What is the most likely event that occurred?

  • A) Your user inadvertently downloaded a macro virus using IM.
  • B) Your user may have downloaded a rootkit.
  • C) Your user may have accidently changed a setting on the system.
  • D) The system is unstable due to the use of IM.

Show Answer

The Correct Answer is:- A

16. Which mechanism or process is used to enable or disable access to a network resource based on attacks that have been detected?

  • A) NIDS
  • B) NIPS
  • C) NITS
  • D) NADS

Show Answer

The Correct Answer is:- B

17. Which of the following would provide additional security to an Internet web server?

  • A) Changing the default port for traffic to 80
  • B) Changing the default port for traffic to 1019
  • C) Changing the default port for traffic to 443
  • D) Changing the default port for traffic to 161

Show Answer

The Correct Answer is:- C

18. What type of program exists primarily to propagate and spread itself to other systems and can do so without interaction from users?

  • A) Virus
  • B) Trojan horse
  • C) Logic bomb
  • D) Worm

Show Answer

The Correct Answer is:- D

19. An individual presents herself at your office claiming to be a service technician. She is attempting to discuss technical details of your environment such as applications, hardware, and personnel used to manage it. This may be an example of what type of attack?

  • A) Social engineering
  • B) Access control
  • C) Perimeter screening
  • D) Behavioral engineering

Show Answer

The Correct Answer is:- A

20. Which of the following is a major security problem with FTP?

  • A) Password files are stored in an unsecure area on disk.
  • B) Memory traces can corrupt file access.
  • C) User IDs and passwords are unencrypted.
  • D) FTP sites are unregistered.

Show Answer

The Correct Answer is:- C

21. Which system would you install to provide detective capabilities within a network?

  • A) NIDS
  • B) HIDS
  • C) NIPS
  • D) HIPS

Show Answer

The Correct Answer is:- A

22. The process of maintaining the integrity of evidence and ensuring no gaps in possession occur is known as what?

  • A) Security investigation
  • B) Chain of custody
  • C) Three As of investigation
  • D) Security policy

Show Answer

The Correct Answer is:- B

23. What encryption process uses one piece of information as a carrier for another?

  • A) Steganography
  • B) Hashing
  • C) MDA
  • D) Cryptointelligence

Show Answer

The Correct Answer is:- A

24. Which policy dictates how assets can be used by employees of a company?

  • A) Security policy
  • B) User policy
  • C) Use policy
  • D) Enforcement policy
  • E. Acceptable use policy

Show Answer

The Correct Answer is:- E

25. Which algorithm is an asymmetric encryption protocol?

  • A) RSA
  • B) AES
  • C) DES
  • D) 3DES

Show Answer

The Correct Answer is:- A

26. Which of the following is an example of a hashing algorithm?

  • A) ECC
  • B) PKI
  • C) SHA
  • D) MD

Show Answer

The Correct Answer is:- C

27. Which of the following creates a fixed-length output from a variable-length input?

  • A) MD5
  • B) MD7
  • C) SHA12
  • D) SHA8

Show Answer

The Correct Answer is:- A

28. Granting access to a system based on a factor such as an individual’s retina during a scan is an example of what type of authentication method?

  • A) Smart card
  • B) I&A
  • C) Biometrics
  • D) CHAP

Show Answer

The Correct Answer is:- C

29. What item is also referred to as a physical address to a computer system?

  • A) MAC
  • B) DAC
  • C) RBAC
  • D) STAC

Show Answer

The Correct Answer is:- A

30. What is the process of investigating a computer system for information relating to a security incident?

  • A) Computer forensics
  • B) Virus scanning
  • C) Security policy
  • D) Evidence gathering

Show Answer

The Correct Answer is:- A

31. Which of the following is seen as a replacement for protocols such as Telnet and FTP?

  • A) SSL
  • B) SCP
  • C) Telnet2
  • D) SSH

Show Answer

The Correct Answer is:- D

32. Which of the following is commonly used to create thumbprints for digital certificates?

  • A) MD5
  • B) MD7
  • C) SHA12
  • D) SHA8

Show Answer

The Correct Answer is:- A

33. Granting access to a system based on a factor such as a password is an example of what?

  • A) Something you have
  • B) Something you know
  • C) Something you are
  • D) Something you smell

Show Answer

The Correct Answer is:- B

34. What item is also referred to as a logical address to a computer system?

  • A) IP address
  • B) IPX address
  • C) MAC address
  • D) SMAC address

Show Answer

The Correct Answer is:- A

35. How many bits are in an IPv6 address?

  • A) 32
  • B) 64
  • C) 128
  • D) 256

Show Answer

The Correct Answer is:- C