Module I Certification Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Vtgamer
V
Vtgamer
Community Contributor
Quizzes Created: 5 | Total Attempts: 3,931
| Attempts: 197 | Questions: 114
Please wait...
Question 1 / 114
0 %
0/100
Score 0/100
1.   Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?

Explanation

Single sign-on is the process by which a single user name and password can be used to access multiple computer applications. This eliminates the need for users to remember multiple login credentials for different applications, simplifying the authentication process and improving user experience. With single sign-on, users only need to authenticate once, and their credentials are then securely shared across multiple applications, allowing them to seamlessly access various systems without the need for repeated logins.

Submit
Please wait...
About This Quiz
Online Exam Quizzes & Trivia

Just a try to see if it can be done before Odie wakes up.

Personalize your quiz and earn a certificate with your name on it!
2.   Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?

Explanation

Smart cards increase the security of the authentication process because they must be in your physical possession. Smart cards are small, portable devices that contain an embedded microchip. They require a user to insert the card into a card reader and provide a personal identification number (PIN) to access the information stored on the card. This two-factor authentication method adds an extra layer of security by requiring both something you have (the physical card) and something you know (the PIN) to authenticate. This makes it more difficult for unauthorized individuals to gain access to sensitive information or systems.

Submit
3.   The authentication process where the user can access several resources without the need for multiple credentials is known as:

Explanation

Single sign-on is the correct answer because it refers to the authentication process where a user can access multiple resources without having to enter separate credentials for each resource. This streamlines the user experience and improves efficiency by eliminating the need for multiple logins. With single sign-on, users only need to authenticate once, and then they can seamlessly access various resources and applications without the need for additional credentials.

Submit
4.   Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept?

Explanation

Buffer overflows occur when a program receives more data than it is programmed to accept. This can lead to the overwriting of adjacent memory locations and can be exploited by attackers to execute arbitrary code or crash the program. This vulnerability is commonly found in software written in languages like C or C++ that do not have built-in protections against buffer overflows.

Submit
5.   In order to recover discarded company documents, which of the following might an attacker resort to?

Explanation

An attacker might resort to dumpster diving in order to recover discarded company documents. Dumpster diving refers to the act of searching through trash or recycling bins to find valuable or sensitive information. This method can be used to gather confidential documents, such as financial records, customer data, or internal memos, that have been improperly disposed of by the company. By retrieving these discarded documents, the attacker can potentially gain access to sensitive information and use it for malicious purposes.

Submit
6.   From the following items, which will permit a user to float a domain registration for a maximum of five days?

Explanation

Kiting is a fraudulent practice where a person registers a domain and then cancels the payment or uses a stolen credit card to pay for it. This allows the user to float the domain registration for a maximum of five days before the payment is flagged as fraudulent and the registration is canceled. DNS poisoning, domain hijacking, and spoofing are not related to floating a domain registration.

Submit
7.   Which of the below options would you consider as a program that constantly observes data traveling over a network?

Explanation

A sniffer is a program that constantly observes data traveling over a network. It is used for network monitoring and analysis purposes. A sniffer captures and analyzes network packets, allowing users to examine network traffic and identify any abnormal or suspicious activities. It is commonly used by network administrators and security professionals to troubleshoot network issues, detect network vulnerabilities, and monitor for unauthorized access or malicious activities.

Submit
8.   Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?

Explanation

The principle of least privilege states that users should only be given the minimum level of access necessary to perform their job functions. By giving each user or group of users only the access they need, organizations can minimize the risk of unauthorized access or misuse of sensitive information. This principle helps to limit the potential damage that can be caused by a compromised account or insider threat.

Submit
9.   Which of the following access control models uses roles to determine access permissions?

Explanation

RBAC (Role-Based Access Control) is an access control model that uses roles to determine access permissions. In RBAC, users are assigned specific roles, and these roles define the permissions and privileges that the users have within the system. By assigning roles to users, access can be easily managed and controlled, as permissions are granted based on the roles assigned to the user. This model provides a more efficient and scalable way to manage access control compared to individually assigning permissions to each user.

Submit
10.   Which of the following is a major reason that social engineering attacks succeed?

Explanation

Social engineering attacks often succeed due to a lack of security awareness. This means that individuals are not properly educated or trained on how to recognize and respond to potential threats. Without this awareness, people may be easily manipulated or deceived by attackers posing as trustworthy individuals or organizations. This can lead to the disclosure of sensitive information or the execution of unauthorized actions, ultimately compromising the security of systems and networks.

Submit
11.   A person pretends to be a telecommunications repair technician, enters a building stating that there is a networking trouble work order and requests that a security guard unlock the wiring closet. The person connects a packet sniffer to the network switch in the wiring closet and hides the sniffer behind the switch against the wall. This is an example of:

Explanation

This scenario describes a form of social engineering. Social engineering involves manipulating or deceiving individuals to gain unauthorized access to systems or information. In this case, the person pretends to be a technician and tricks the security guard into granting access to the wiring closet. The intention is to install a packet sniffer to intercept and capture network traffic. This type of attack exploits human vulnerabilities rather than technical vulnerabilities.

Submit
12.   Which of the following describes an attacker encouraging a person to perform an action in order to be successful?

Explanation

Social engineering is a tactic used by attackers to manipulate and deceive individuals into performing certain actions that benefit the attacker. This can involve tricking someone into revealing sensitive information, such as passwords or personal data, or persuading them to click on malicious links or download harmful files. The attacker relies on the victim's trust and vulnerability to achieve their goals.

Submit
13. The first step in creating a security baseline would be?

Explanation

The first step in creating a security baseline would be creating a security policy. A security policy outlines the guidelines and procedures for protecting an organization's assets and information. By creating a security policy, an organization can define its security objectives, identify potential risks, and establish rules and practices to mitigate those risks. This policy serves as a foundation for implementing security controls and measures to ensure the confidentiality, integrity, and availability of the organization's resources.

Submit
14.   As a network administrator, your company uses the RBAC (Role Based Access Control) model. You must plan the security strategy for user to access resources on the network. These resources include mailboxes and files and printers. The departments in your company are Finance, Sales, Research and Development, and Production. Users access the resources based on the department wherein he/she works. Which roles should you create to support the RBAC (Role Based Access Control) model?

Explanation

The RBAC (Role Based Access Control) model is based on assigning roles to users based on their job responsibilities or departments. In this scenario, the company has different departments such as Finance, Sales, Research and Development, and Production. To support the RBAC model, it is necessary to create roles for each department. This will allow users to access resources such as mailboxes, files, and printers based on the department they work in. Therefore, creating Finance, Sales, Research and Development, and Production roles is the correct answer.

Submit
15.   Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?

Explanation

Piggybacking refers to the act of unauthorized individuals gaining access to a restricted area by following closely behind an authorized person. Turnstiles, double entry doors, and security guards are all prevention measures aimed at stopping piggybacking incidents.

Submit
16. A representative from the human resources department informs a security specialist that an employee has been terminated.  Which of the following would be the BEST action to take?

Explanation

When an employee is terminated, it is important to disable their user accounts to prevent unauthorized access. However, it is also necessary to keep the data for a specified period for legal and compliance purposes. This allows the organization to retain any necessary information or evidence related to the employee's activities during their tenure. By disabling the accounts, the organization ensures that the terminated employee cannot access any sensitive information or systems while still maintaining the data for a specified period.

Submit
17.   Which of the following definitions BEST suit Buffer Overflow?

Explanation

Buffer Overflow occurs when a program or process receives more data than it is programmed to accept. This can lead to the excess data overflowing into adjacent memory locations, potentially causing the program to crash, behave unexpectedly, or even allow an attacker to execute malicious code.

Submit
18.   Disguising oneself as a reputable hardware manufacturer’s field technician who is picking up a server for repair would be described as:

Explanation

Social engineering involves manipulating individuals to gain unauthorized access or obtain sensitive information. In this scenario, the attacker is using deception by pretending to be a trusted field technician from a reputable hardware manufacturer to trick someone into handing over a server. This tactic relies on exploiting human trust and is a form of social engineering.

Submit
19.   For the following items, which is an example of an attack that executes once a year on a certain date?

Explanation

A logic bomb is a type of malicious code that is programmed to execute a specific action at a predetermined time or when certain conditions are met. In this case, the logic bomb is set to activate once a year on a certain date. This type of attack is often used to cause damage or disruption to a system or network. Unlike a virus or worm, which can spread and replicate, a logic bomb remains dormant until triggered, making it a stealthy and targeted form of attack. A rootkit, on the other hand, is a type of software that allows unauthorized access to a computer system, but it does not necessarily have a time-based trigger.

Submit
20. You work as a network administrator for your company.  Your company has just detected a malware incident.  Which will be your first response?

Explanation

In the event of a malware incident, the first response should be containment. This involves isolating the infected system or network to prevent the malware from spreading further. By containing the malware, the network administrator can minimize the impact of the incident and prevent it from affecting other systems or compromising sensitive data. Monitoring, removal, and recovery are important steps that follow containment, but containment is the initial response to limit the damage and protect the network.

Submit
21.   In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is known as:

Explanation

In a classified environment, individuals with a clearance into a Top Secret compartment are only granted access to specific information within that compartment based on their "need to know." This means that they are only given access to information that is necessary for them to perform their duties and responsibilities, ensuring that sensitive information is only shared with those who require it. This principle helps to protect classified information and prevent unauthorized access or disclosure.

Submit
22.   Which of the following access attacks would involve looking through your files in the hopes of finding something interesting?

Explanation

Snooping is an access attack that involves looking through someone's files in the hopes of finding something interesting. It refers to the unauthorized access and examination of data or information that is stored on a computer or network. This type of attack is typically carried out by individuals who are trying to gain unauthorized access to sensitive or confidential information for malicious purposes. It is important to protect against snooping by implementing strong security measures such as encryption and access controls.

Submit
23.   Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?

Explanation

A worm is a type of malicious software that can spread across computer networks without the need for user distribution. Unlike viruses, which require a host file to attach to, worms are standalone programs that can replicate themselves and spread from one computer to another. They exploit vulnerabilities in network protocols to propagate and can cause significant damage by consuming network bandwidth, slowing down systems, and even deleting files. This makes worms a particularly dangerous type of malware as they can quickly infect multiple computers and networks without the user's knowledge or involvement.

Submit
24.   Which of the following describes a server or application that is accepting more input than the server or application is expecting?

Explanation

A buffer overflow occurs when a server or application receives more input than it can handle, causing the excess data to overwrite adjacent memory locations. This can lead to unexpected behavior, crashes, or even security vulnerabilities. Unlike a syntax error, which is a mistake in the code structure, a buffer overflow is a runtime issue. Denial of service (DoS) and brute force attacks are unrelated to the concept of accepting more input than expected.

Submit
25.   A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:

Explanation

Phishing is the correct answer because it involves the act of tricking users into revealing personal information, such as bank account numbers, by disguising as a trustworthy entity. In this scenario, the email from the mortgage company is likely a fraudulent attempt to obtain sensitive information, rather than a legitimate request.

Submit
26.   Which of the following types of programs autonomously replicates itself across networks?

Explanation

A worm is a type of program that can autonomously replicate itself across networks. Unlike viruses, which require a host program to spread, worms can spread independently by exploiting vulnerabilities in network protocols. Worms can cause significant damage by consuming network bandwidth, overloading servers, and spreading malware to other computers. They can also create backdoors, allowing unauthorized access to infected systems. Unlike Trojan horses and spyware, which are typically hidden within legitimate programs, worms are standalone programs designed specifically for self-replication and spreading.

Submit
27. Human resource personel should be trained about security policy:

Explanation

Human resource personnel should be trained about security policy because they play a crucial role in ensuring that employees adhere to the guidelines and policies related to security. By being trained in guidelines and enforcement, HR personnel can effectively communicate and enforce security policies throughout the organization. This training will enable them to educate employees about the importance of following security protocols, monitor compliance, and take appropriate enforcement actions when necessary. Ultimately, their understanding and implementation of security guidelines will contribute to a safer and more secure work environment.

Submit
28.   Which item can be commonly programmed into an application for ease of administration?

Explanation

A back door can be commonly programmed into an application for ease of administration. A back door is a hidden entry point in a software or system that allows authorized individuals to bypass normal authentication measures and gain access to the system. It is often used by system administrators or developers to troubleshoot or perform maintenance tasks without going through normal procedures. This can make administration tasks easier and more efficient, as it provides a convenient way to access and manage the application.

Submit
29.   Choose the statement that best details the difference between a worm and a Trojan horse?

Explanation

The correct answer is "Worms self replicate while Trojan horses do not." This statement accurately describes the main difference between worms and Trojan horses. Worms are a type of malicious code that can replicate and spread themselves to other systems without the need for human intervention. On the other hand, Trojan horses are malicious programs that disguise themselves as legitimate software but do not have the ability to self-replicate.

Submit
30.   On the topic of comparing viruses and hoaxes, which statement is TRUE?

Explanation

Hoaxes can create as much damage as a real virus because they can spread misinformation, cause panic, and disrupt normal operations. Even though hoaxes may not have a malicious payload like a virus, their impact can be significant. They can lead to wasted time and resources as people try to investigate and respond to the hoax. Additionally, hoaxes can also undermine trust in legitimate information sources and make it more difficult to effectively communicate important information about real threats. Therefore, it is important to take hoaxes seriously and not dismiss them as harmless pranks.

Submit
31. In order to allow for more oversight of past transactions, a company decides to exchange positions of the purchasing agent and the accounts recievable agent.  Which is an example of this?

Explanation

Job rotation is when employees are moved between different roles or departments within a company. In this scenario, the company decides to exchange positions of the purchasing agent and the accounts receivable agent, which is an example of job rotation. This allows for more oversight of past transactions as different employees will have the opportunity to review and understand the responsibilities of both roles, reducing the risk of fraud or errors going unnoticed.

Submit
32.   Which one of the following options will permit an attacker to hide the presence of malicious code through altering the systems process and registry entries?

Explanation

A rootkit is a type of malicious software that allows an attacker to gain unauthorized access to a computer system and alter its processes and registry entries. By doing so, the attacker can hide the presence of any malicious code or activity, making it difficult for the victim to detect or remove the rootkit. This enables the attacker to maintain control over the compromised system and carry out further malicious actions without being detected.

Submit
33.   Which of the following common attacks would the attacker capture the user’s login information and replay it again later?

Explanation

A replay attack is a type of attack where an attacker captures the user's login information and then replays it at a later time. This allows the attacker to gain unauthorized access to the user's account or system. In a replay attack, the attacker intercepts the login information, such as usernames and passwords, and then uses that information to impersonate the user and gain access to their account. This type of attack can be particularly dangerous because it does not require the attacker to have any knowledge of the user's credentials, and can be executed even if the user's login credentials are encrypted.

Submit
34.   The ability to logon to multiple systems with the same credentials is typically known as:

Explanation

Single sign-on refers to the ability to log in to multiple systems or applications using the same set of credentials. This eliminates the need for users to remember and enter different usernames and passwords for each system, improving convenience and user experience. With single sign-on, users only need to authenticate once, and their credentials are then used to access multiple systems seamlessly. This reduces the risk of password fatigue and simplifies the management of user accounts.

Submit
35.   Both the server and the client authenticate before exchanging data. This is an example of which of the following?

Explanation

Mutual authentication refers to a process where both the server and the client verify each other's identities before exchanging data. In this case, both the server and the client authenticate themselves, ensuring that they are communicating with the intended party and not an imposter. This helps establish a secure and trusted connection between the two parties, preventing unauthorized access and ensuring data confidentiality and integrity. Mutual authentication is commonly used in secure communication protocols like SSL/TLS to provide a robust level of security.

Submit
36.   Malicious software that travels across computer networks without user assistance is an example of a:

Explanation

A worm is a type of malicious software that can spread across computer networks without any user assistance. Unlike a virus, which requires a host program to spread, a worm is standalone and can replicate itself to infect other computers. It can exploit vulnerabilities in network protocols or use social engineering techniques to trick users into executing it. Once inside a system, a worm can perform various harmful actions, such as stealing information, corrupting files, or slowing down network performance. Therefore, a worm is the correct answer in this case.

Submit
37.   Social engineering attacks would be MOST effective in which of the following environments (Select TWO).

Explanation

Social engineering attacks are most effective in environments where there is a lack of security awareness and protocols. In a public building with shared office space, there may be a higher likelihood of individuals with malicious intent gaining access to sensitive information or manipulating unsuspecting individuals. Similarly, in a company with a help desk whose personnel have minimal training, there may be a higher vulnerability to social engineering tactics as employees may be more easily tricked into providing sensitive information or granting unauthorized access.

Submit
38.   Which scanner can find a rootkit?

Explanation

A malware scanner is designed to detect and remove various types of malware, including rootkits. Rootkits are a type of malicious software that are specifically designed to hide themselves and other malware on a system, making them difficult to detect and remove. Therefore, a malware scanner is the most appropriate tool for finding and removing rootkits. An email scanner is focused on scanning and filtering emails for potential threats, while an anti-spam scanner is designed to identify and block spam emails. An adware scanner is specifically designed to detect and remove adware, which is a type of software that displays unwanted advertisements.

Submit
39.   Access controls based on security labels associated with each data item and each user are known as:

Explanation

Mandatory Access Control (MAC) is a type of access control that uses security labels associated with each data item and each user to determine access permissions. In MAC, access decisions are based on predefined rules and policies set by the system administrator, rather than the discretion of individual users or their roles. This ensures a higher level of security as access is strictly controlled and enforced based on the sensitivity of the data and the clearance level of the user.

Submit
40.   Study the following items carefully; which one will permit a user to float a domain registration for a maximum of five days?

Explanation

Kiting is a fraudulent practice where a user can float a domain registration for a maximum of five days. This means that they can temporarily register a domain without actually paying for it, allowing them to use it for a short period of time before the registration is finalized and payment is required. Spoofing, DNS poisoning, and domain hijacking are not related to the ability to float a domain registration.

Submit
41.   Which of the following definitions would be correct regarding Eavesdropping?

Explanation

Eavesdropping refers to the act of listening or overhearing parts of a conversation. It involves secretly listening in on a conversation without the knowledge or consent of the individuals involved. This can be done intentionally or unintentionally, and it is often considered a breach of privacy. Eavesdropping can occur in various settings, such as in person, over the phone, or through electronic communication channels. It is important to note that eavesdropping can be illegal in certain circumstances, especially when it involves unauthorized access to private conversations.

Submit
42.   How is access control permissions established in the RBAC access control model?

Explanation

Access control permissions in the RBAC access control model are established based on the role or responsibilities that users have in the organization. This means that users are granted specific permissions based on their assigned roles, allowing them to access certain resources and perform certain actions. The RBAC model focuses on managing access based on user roles rather than individual user identities, making it easier to administer and control access rights in large organizations.

Submit
43.   From the listing of attacks, choose the attack which exploits session initiation between a Transport Control Program (TCP)
client and server within a network?

Explanation

The correct answer is SYN attack. This type of attack exploits the session initiation process between a TCP client and server. In a SYN attack, the attacker sends a large number of SYN requests to the server, but never completes the handshake process. This causes the server to allocate resources for each incomplete connection, eventually leading to a denial of service.

Submit
44.   Which solution can be used by a user to implement very tight security controls for technicians that seek to enter the users’ datacenter?

Explanation

Biometric reader and smartcard can be used to implement very tight security controls for technicians that seek to enter the users' datacenter. Biometric reader ensures that only authorized individuals with their unique biometric data can gain access, eliminating the risk of stolen or shared access cards. Smartcards provide an additional layer of security by requiring a physical card to be present, which can be further authenticated through PIN or password. This combination of biometric reader and smartcard ensures a high level of security and prevents unauthorized access to the datacenter.

Submit
45.   Which description is correct about a tool used by organizations to verify whether or not a staff member has been involved in malicious activity?

Explanation

Mandatory vacations are a tool used by organizations to verify whether or not a staff member has been involved in malicious activity. By requiring employees to take regular vacations, organizations can ensure that other staff members have the opportunity to step into their roles and perform their duties. This can help to identify any unauthorized or malicious activities that may have been taking place while the employee is away. Additionally, mandatory vacations can also serve as a deterrent for employees who may be tempted to engage in malicious activities, as they know that their absence will be noticed and potentially investigated.

Submit
46.   Which security threat will affect PCs and can have its software updated remotely by a command and control center?

Explanation

A zombie is a type of malware that infects PCs and can be controlled remotely by a command and control center. This allows the attacker to remotely update the software on the infected PCs and use them to carry out malicious activities without the user's knowledge. Zombies are often used in botnets, which can be used for various purposes such as launching DDoS attacks or sending spam emails.

Submit
47.   Who is finally in charge of the amount of residual risk?

Explanation

The senior management is finally in charge of the amount of residual risk. As the highest level of decision-makers in an organization, they have the authority and responsibility to make strategic decisions regarding risk management. They are accountable for setting the overall risk appetite and ensuring that appropriate risk mitigation measures are in place. The senior management's involvement is crucial in determining the acceptable level of residual risk for the organization and making informed decisions on risk acceptance or further risk reduction measures.

Submit
48.   Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?

Explanation

A DDoS (Distributed Denial of Service) attack is launched from multiple zombie machines with the intention of overwhelming a service and causing it to become unavailable to legitimate users. This is done by flooding the target server or network with a high volume of traffic, making it unable to handle legitimate requests. Unlike a DoS (Denial of Service) attack, which is launched from a single source, a DDoS attack utilizes multiple sources to amplify its impact and make it more difficult to mitigate. Man-in-the-middle and TCP/IP hijacking are different types of attacks that involve intercepting and manipulating network traffic.

Submit
49.   Choose the attack of malicious code that cannot be prevented or deterred solely through using technical measures

Explanation

Social engineering is a type of attack where the attacker manipulates and deceives individuals into divulging sensitive information or performing actions that they normally wouldn't. Unlike other attacks listed, social engineering relies on human interaction and psychological manipulation rather than technical vulnerabilities. It cannot be prevented solely through technical measures because it exploits human trust and behavior, making it difficult to detect and defend against using traditional security measures such as firewalls or antivirus software.

Submit
50. Which action should be performed when discovering an unauthorized wireless access point attached to a network?

Explanation

When discovering an unauthorized wireless access point attached to a network, the appropriate action would be to unplug the Ethernet cable from the wireless access point. This helps to disconnect the unauthorized device from the network, preventing any potential security breaches or unauthorized access.

Submit
51.   Choose the terminology or concept which best describes a (Mandatory Access Control) MAC model.

Explanation

A Lattice model is the most appropriate terminology to describe a Mandatory Access Control (MAC) model. In a MAC model, access to resources is based on predefined rules and policies that are enforced by the system. A Lattice model represents the different levels of security and access permissions in a hierarchical structure, with each level having a defined set of rules and restrictions. This ensures that access to resources is strictly controlled and only allowed based on the security clearance level of the user. The Bell La-Padula, BIBA, and Clark and Wilson models are also security models but are not specifically related to MAC.

Submit
52.   Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem?

Explanation

Single Sign-On (SSO) is a strategy that can solve the problem of users having to enter credentials for each server or application they need to access. With SSO, users only need to authenticate once, usually through a central authentication server, and then they can access multiple systems and applications without having to enter their credentials again. This saves time and improves user experience by eliminating the need for repetitive login processes.

Submit
53.   Which of the following types of authentication BEST describes providing a username, password and undergoing a thumb print scan to access a workstation?

Explanation

Multifactor authentication is the best description for providing a username, password, and undergoing a thumbprint scan to access a workstation. This is because multifactor authentication involves using multiple factors or methods to verify the identity of a user. In this case, the username and password serve as one factor, while the thumbprint scan serves as another factor. By combining these two factors, the authentication process becomes more secure and reliable, as it requires both something the user knows (password) and something the user possesses (thumbprint) to gain access to the workstation.

Submit
54.   An organization has a hierarchical-based concept of privilege management with administrators having full access, human resources personnel having slightly less access and managers having access to their own department files only. This is BEST described as:

Explanation

The given scenario describes a privilege management system in which different roles have different levels of access. Administrators have full access, human resources personnel have slightly less access, and managers have access to their own department files only. This aligns with the concept of Role based access control (RBAC), where access is granted based on the roles individuals have within the organization. RBAC allows for more granular control and is commonly used in hierarchical organizations to manage privileges effectively.

Submit
55.   Which of the following viruses has the characteristic where it may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files form part of?

Explanation

A Multipartite Virus is a type of virus that has the characteristic of attempting to infect the boot sector, executable files, and destroying application files. Unlike other viruses that focus on one specific area, the Multipartite Virus spreads and causes damage in multiple ways. It is a highly destructive virus that can cause significant harm to a computer system by infecting various components and rendering them useless.

Submit
56. The staff must be cross-trained in different functional areas in order to detect fraud.  Which of the following is an example of this?

Explanation

Job rotation is an example of cross-training staff in different functional areas. This practice involves periodically rotating employees through different roles and responsibilities within an organization. By doing so, employees gain exposure to various aspects of the business and develop a broader understanding of different processes. This helps in detecting fraud as employees become familiar with different areas and can identify any irregularities or suspicious activities more easily.

Submit
57. The first step in creating a security baseline would be?

Explanation

The first step in creating a security baseline is to establish a security policy. A security policy outlines the guidelines, procedures, and rules that need to be followed to ensure the security of an organization's systems and data. It provides a framework for implementing security measures and helps in identifying potential risks and vulnerabilities. Once the security policy is in place, other steps like identifying use cases, conducting vulnerability testing, and installing software patches can be carried out based on the policy's guidelines.

Submit
58. The main objective of risk management in an organization is to reduce risk to a level:

Explanation

The main objective of risk management in an organization is to reduce risk to a level that the organization will accept. This means that the organization acknowledges that there will always be some level of risk, but it aims to minimize it to a level that is deemed acceptable. This approach allows the organization to make informed decisions about which risks to take and which to mitigate, based on their tolerance for potential negative outcomes. By accepting a certain level of risk, the organization can focus its resources on managing the most critical risks and prioritize its risk mitigation efforts accordingly.

Submit
59. A technician is conducting a forensic analysis on a computer system.  Which step should be taken FIRST?

Explanation

The first step in conducting a forensic analysis on a computer system should be to get a binary copy of the system. This is important because it allows the technician to preserve the original state of the system and its data, ensuring that no changes or modifications are made during the analysis process. By obtaining a binary copy, the technician can then proceed with analyzing the system without the risk of altering or damaging any evidence that may be present.

Submit
60.   Who is responsible for establishing access permissions to network resources in the Discretionary Access Control (DAC) access control model?

Explanation

In the Discretionary Access Control (DAC) access control model, the owner of the resource is responsible for establishing access permissions to network resources. This means that the owner has the discretion to determine who can access the resource and what level of access they have. The system administrator may assist in managing and enforcing these permissions, but ultimately it is the owner's responsibility to set them. The user requiring access to the resource does not have the authority to establish access permissions in this model.

Submit
61.   Choose the statement which best defines the characteristics of a computer virus.

Explanation

not-available-via-ai

Submit
62.   John works as a network administrator for his company. On the monthly firewall log, he discovers that many internal PCs are sending packets on a routine basis to a single external PC. Which statement correctly describes what is happening?

Explanation

The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the local PCs and using them to send packets to the external PC without the knowledge or consent of the local users. This is a common scenario in a zombie botnet, where a network of compromised computers is controlled by a central server to carry out malicious activities.

Submit
63.   What should be established immediately upon evidence seizure?

Explanation

Upon evidence seizure, it is crucial to establish the chain of custody immediately. The chain of custody refers to the documentation and tracking of the evidence from the moment it is seized until it is presented in court. This ensures the integrity and admissibility of the evidence, as it provides a clear record of who has had possession of the evidence and any changes or handling it has undergone. Establishing the chain of custody is essential for maintaining the credibility and reliability of the evidence throughout the legal process.

Submit
64. Which of the following is not a step in the incident response?

Explanation

Repudiation is not a step in the incident response process. Incident response typically involves steps such as containment, eradication, and recovery. Containment refers to isolating the incident to prevent further damage, eradication involves removing the threat or vulnerability, and recovery involves restoring systems and data to their normal state. Repudiation, on the other hand, refers to denying or disowning an action or responsibility, which is not directly related to incident response.

Submit
65.   Which access control method gives the owner control over providing permissions?

Explanation

Discretionary Access Control (DAC) is an access control method that gives the owner of a resource the control over granting or denying permissions to other users. In DAC, the owner has the discretion to determine who can access the resource and what level of access they have. This means that the owner can assign specific permissions to individuals or groups based on their needs and responsibilities. Unlike other access control methods, DAC allows for flexibility and customization in granting permissions, as it puts the control in the hands of the owner.

Submit
66.   Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized

Explanation

False rejection is the correct answer because it refers to a situation where a biometric system incorrectly identifies legitimate users as unauthorized. This means that the system is rejecting valid users, which can occur due to various reasons such as technical errors, incorrect calibration, or mismatched biometric data. False acceptance, on the other hand, would describe a scenario where unauthorized users are mistakenly identified as legitimate. False negative is a broader term that can refer to both false rejection and false acceptance, but in this specific context, false rejection is the most accurate description.

Submit
67.   Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:  

Explanation

A logic bomb is a type of malicious code that is designed to lay dormant within a target system until a specific condition is met, in this case, when a user opens a certain program. Once triggered, the logic bomb executes its destructive payload, which in this case is deleting the contents of attached network drives and removable storage devices. Unlike a worm or a Trojan horse, a logic bomb does not actively spread itself to other systems. It remains hidden within the target system, waiting for the predetermined condition to be met before causing harm.

Submit
68. An end-to-end traffic performance guarantee made by a service provider to a customer is a:

Explanation

An end-to-end traffic performance guarantee made by a service provider to a customer is referred to as an SLA, which stands for Service Level Agreement. This agreement outlines the level of service that the provider promises to deliver, including performance metrics such as uptime, response time, and reliability. SLAs are commonly used in the telecommunications and IT industries to ensure that customers receive the agreed-upon level of service and to establish accountability between the service provider and the customer.

Submit
69.   Which of the following is correct about an instance where a biometric system identifies unauthorized users and allows them access? Choose one answer.

Explanation

False acceptance refers to a situation where a biometric system incorrectly identifies unauthorized users as authorized and grants them access. In other words, the system fails to accurately distinguish between authorized and unauthorized individuals, leading to false acceptance of unauthorized users.

Submit
70.   Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.

Explanation

The MAC (Mandatory Access Control) method allows access control determinations to be performed based on the security labels associated with each user and each data item. In this method, access decisions are based on predefined rules and policies set by the system administrator or security administrator. These security labels define the sensitivity and classification of the data and the clearance level of the user. The MAC method ensures that access is granted or denied based on the security labels, regardless of the user's role or permissions.

Submit
71.   The difference between identification and authentication is that:

Explanation

Authentication is the process of verifying the identity of a user requesting credentials, such as a username and password. It ensures that the user is who they claim to be. On the other hand, identification is the process of verifying the identity of the user requesting the credentials. It confirms the user's identity before granting them access. Therefore, the correct answer is that authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials.

Submit
72.   Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?

Explanation

A virus is a type of malicious code or program that is designed to spread from file to file, typically through human interaction such as downloading or sharing infected files. Unlike a botnet, which is a network of compromised computers controlled by a central server, a virus does not automatically spread from one system to another. Instead, it relies on users unknowingly executing or opening infected files, allowing the virus to replicate and spread to other files on the same system. This distinguishes it from a worm, which is capable of self-replicating and spreading automatically across multiple systems. Adware, on the other hand, is a type of software that displays unwanted advertisements, and is not designed to spread from file to file.

Submit
73.   Choose the most effective method of preventing computer viruses from spreading throughout the network

Explanation

Enabling scanning of all email attachments is the most effective method of preventing computer viruses from spreading throughout the network. By scanning all email attachments, any potential viruses or malware can be detected and quarantined before they have a chance to infect the network. This helps to ensure that any malicious files are not able to enter the network through email communications, thus reducing the risk of virus spread. It is important to regularly update and maintain the antivirus software used for scanning to ensure its effectiveness against new and emerging threats.

Submit
74.   One of the below options are correct regarding the Distributed Denial of Service (DDoS) attack?

Explanation

A Distributed Denial of Service (DDoS) attack involves the use of multiple computers to overwhelm and disrupt the services of a single organization. These computers, often compromised by malware, are coordinated to flood the target's network or website with an overwhelming amount of traffic, rendering it inaccessible to legitimate users. This type of attack is aimed at causing disruption and denying access to the targeted organization's resources.

Submit
75.   From the listing of attacks, choose the attack which misuses the TCP (Transmission Control Protocol) three-way handshake process, in an attempt to overload network servers, so that authorized users are denied access to network resources?

Explanation

The SYN (Synchronize) attack is the correct answer because it specifically targets the TCP three-way handshake process to overload network servers. In this attack, the attacker sends a large number of SYN requests to the target server, but does not respond to the server's SYN-ACK response. This causes the server to keep waiting for the final ACK response, tying up server resources and preventing legitimate users from establishing connections. This is a form of denial-of-service (DoS) attack where the server becomes overwhelmed with half-open connections and is unable to serve legitimate users.

Submit
76.   The implicit deny will block anything you didn’t specifically allow but you may have allowed stuff that you don’t need. A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL.Which is an example of an implicit deny?

Explanation

The correct answer is "Items which are not specifically given access are denied by default". This is an example of an implicit deny because it states that any item that is not specifically allowed access will be denied by default. Implicit deny is a security measure that blocks any traffic or access that is not explicitly permitted, ensuring that only authorized items are allowed through the firewall.

Submit
77.   The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.

Explanation

The correct answer is that the DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource, which creates a security loophole for Trojan horse attacks. This means that if a user or process is compromised by a Trojan horse, the attacker can gain unauthorized access to resources that the compromised user or process has access to. This flaw in the DAC model highlights the risk of relying solely on user or process identity for access control, as it can be easily exploited by attackers.

Submit
78.   Which security action should be finished before access is given to the network?

Explanation

Before access is given to the network, the security action that should be finished is the process of identification and authentication. Identification involves providing a unique identifier, such as a username, to establish the user's identity. Authentication, on the other hand, verifies the user's claimed identity by validating credentials, such as a password or biometric information. This two-step process ensures that only authorized individuals are granted access to the network, enhancing overall security.

Submit
79.   A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?

Explanation

A Trojan horse is a type of malicious software that disguises itself as a legitimate program or file, tricking users into downloading and installing it. Once installed, it carries out unauthorized actions, such as renaming and deleting random files, without the user's knowledge or consent. Unlike viruses and worms, which can self-replicate and spread to other systems, a Trojan horse relies on the user's actions to spread and cause harm. Therefore, a Trojan horse would be the best description for the program in this scenario.

Submit
80.   Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?

Explanation

This scenario is an example of Single Sign-On (SSO). SSO allows users to access multiple applications and systems with a single set of credentials. In this case, the users need to access their email and secure applications, and the authentication system requires a username, password, and a company-issued smart card. With SSO, users only need to authenticate once, using their smart card, and they can then access all the necessary resources without having to re-enter their credentials for each application or system. This improves convenience and security by reducing the need for multiple passwords and credentials.

Submit
81. What is the name of the form used while transferring evidence?

Explanation

The form used while transferring evidence is called the "chain of custody." This form documents the chronological history of the evidence, including who has had possession of it, when it was transferred, and any changes or alterations that may have occurred. The chain of custody is crucial in maintaining the integrity and admissibility of evidence in legal proceedings, as it ensures that the evidence has not been tampered with or compromised in any way.

Submit
82. Risk assessment is a common first step in risk management process.  Risk assessment is the determination of quantative or qualitative value of risk related to a concrete situationand a recognized threat (also called hazard).  As a best practice, risk assessments should be based upon which of the following?

Explanation

The correct answer is a quantitative measurement of risk, impact, and asset value. This is because risk assessments should be based on a systematic and objective analysis of the potential risks, their potential impact on the organization or project, and the value of the assets that could be affected. By quantitatively measuring these factors, organizations can prioritize risks and allocate resources effectively to manage and mitigate them. This approach allows for a more informed decision-making process in risk management.

Submit
83.   What does the DAC access control model use to identify the users who have permissions to a resource?

Explanation

The DAC access control model uses Access Control Lists (ACLs) to identify the users who have permissions to a resource. ACLs are a list of permissions attached to an object that specify which users or groups are granted access rights to that object. This allows the system to control and manage access to resources based on user identities and their corresponding permissions listed in the ACL.

Submit
84.   Most key fob (token) based identification systems use which of the following types of authentication mechanisms?

Explanation

Token-based identification systems use tokens as a form of authentication mechanism. Tokens can be physical devices, such as key fobs or smart cards, or they can be virtual tokens generated by software applications. These tokens are used to verify the identity of the user and grant access to the system or resources. This is different from other authentication mechanisms like username/password, certificates, biometrics, or Kerberos, which do not specifically rely on tokens for authentication.

Submit
85.   A denial-of-service attack (DOS attack or distributed denial-of-service (DDoS) is an attempt to make computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS)?

Explanation

A botnet can be used to perform a denial of service (DoS) attack. A botnet is a network of infected computers that are controlled by a central command and control server. The attacker can use this network to send a massive amount of traffic or requests to a target computer or network, overwhelming its resources and making it unavailable to its intended users. This is a common method used in DDoS attacks, where multiple computers in the botnet are used to amplify the attack and make it even more powerful.

Submit
86. A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems.  Which of the following BEST describes this document.

Explanation

The document that describes the methods of and purposes for accessing the company's IT systems is called an Acceptable Use Policy. This policy outlines the rules and guidelines that employees must follow when using the company's IT systems, ensuring that they use them responsibly and for authorized purposes. It helps to protect the company's IT infrastructure and sensitive information by setting clear expectations for employee behavior and defining what is considered acceptable and unacceptable use of the systems.

Submit
87.   Which of the following access control models uses subject and object labels? Choose one answer.

Explanation

Mandatory Access Control (MAC) is the correct answer because it is an access control model that uses subject and object labels. In MAC, each subject and object is assigned a label, and access decisions are based on these labels. The labels determine the level of sensitivity or classification of the subject or object, and access is granted or denied based on the rules defined by the system administrator. This ensures that only subjects with the appropriate labels can access objects with matching labels, providing a high level of security and control.

Submit
88.   Which password management system best provides for a system with a large number of users? Choose one answer.

Explanation

Self service password reset management systems are the best option for a system with a large number of users because they allow users to reset their passwords on their own without the need for assistance from IT support. This helps to reduce the workload on IT staff and improves efficiency. Additionally, self service password reset systems often include security measures such as multi-factor authentication to ensure the security of the password reset process.

Submit
89.   Which of the following access decisions are based on a Mandatory Access control (MAC) environment?

Explanation

Sensitivity labels are a characteristic of Mandatory Access Control (MAC) environments. MAC is a security model where access to resources is determined by the sensitivity labels assigned to both the resources and the users. Sensitivity labels define the level of sensitivity or classification of the information, and access is granted or denied based on the comparison of these labels. Therefore, sensitivity labels are a key component of MAC environments and are used to make access decisions. Ownership, group membership, and access control lists are more commonly associated with discretionary access control (DAC) environments.

Submit
90.   Due to a concern about staff browsing inappropriate material on the web, your company is purchasing a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. What type of attack is similar to this product?

Explanation

The correct answer is "Man-in-the-middle." This is because a man-in-the-middle attack involves an attacker intercepting communication between two parties without their knowledge. In this scenario, the product being purchased acts as a man-in-the-middle by decrypting the SSL session, scanning the content, and then repackaging the SSL session without the staff knowing. This allows the company to monitor and control the web browsing activities of its staff.

Submit
91.   Which of the following definitions would be correct regarding Active Inception?

Explanation

Active Inception refers to the act of placing a computer system between the sender and receiver in order to capture information. This means that the computer system intercepts and collects data that is being transmitted between the sender and receiver. It does not involve someone looking through files or routine monitoring of network traffic.

Submit
92.   In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people? (Select TWO)

Explanation

Attackers commonly use flattery and assuming a position of authority as techniques to socially engineer people. Flattery involves complimenting and manipulating individuals to gain their trust and cooperation. Assuming a position of authority involves pretending to be someone with power or influence to deceive and manipulate others. These techniques are effective in manipulating individuals into disclosing sensitive information or performing actions that benefit the attacker.

Submit
93.   A programmer plans to change the server variable in the coding of an authentication function for a proprietary sales application. Which process should be followed before implementing the new routine on the production application server?

Explanation

Before implementing the new routine on the production application server, the programmer should follow the process of change management. Change management involves carefully planning, testing, and implementing changes to ensure that they are properly documented, reviewed, and approved. This process helps to minimize the risk of introducing errors or disruptions to the production environment. By following change management, the programmer can ensure that the server variable change is properly tracked, communicated, and implemented in a controlled manner.

Submit
94.   A user is assigned access rights explicitly. This is a feature of which of the following control models?

Explanation

In Discretionary Access Control (DAC), access rights are assigned explicitly by the owner of the resource. This means that the owner has the discretion to grant or revoke access to other users. In contrast, in Rule Based Access Control (RBAC), access rights are assigned based on predefined rules and roles, while in Mandatory Access Control (MAC), access rights are assigned based on system-wide policies and labels. Therefore, the fact that a user is assigned access rights explicitly aligns with the features of Discretionary Access Control (DAC).

Submit
95.   One type of network attack sends two different messages that use the same hash function to generate the same message digest. Which network attack does this?

Explanation

A birthday attack is a type of network attack where two different messages are crafted intentionally to produce the same hash value or message digest. This attack takes advantage of the birthday paradox, which states that in a random group of people, there is a higher probability of two people sharing the same birthday than one might expect. Similarly, in a hash function, there is a higher probability of finding two different inputs that result in the same output. This vulnerability can be exploited by an attacker to create malicious messages that produce the same hash value, allowing them to bypass security measures or impersonate legitimate messages.

Submit
96.   Which of the following are characteristics of a virus where the virus will attempt to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, form part of?

Explanation

A stealth virus is a type of virus that attempts to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive and form part of the operating system. This allows the virus to hide its presence and avoid detection by antivirus software.

Submit
97.   Which of the following statements regarding the MAC access control models is TRUE?

Explanation

The statement that "In the Mandatory Access Control (MAC) users cannot share resources dynamically" is true. In MAC, access to resources is determined by the system administrator or owner of the resource, rather than the individual user. Users do not have the ability to dynamically share resources with others without proper authorization. This is one of the key characteristics of the MAC model, where access privileges are strictly controlled and enforced based on predefined rules and policies.

Submit
98.   Which security measure should be used while implementing access control?

Explanation

Password complexity requirements should be used while implementing access control because they help ensure that passwords are strong and not easily guessable. By requiring users to create passwords that include a combination of uppercase and lowercase letters, numbers, and special characters, the likelihood of unauthorized access is reduced. Password complexity requirements also encourage users to regularly update their passwords, further enhancing security.

Submit
99.   The risks of social engineering can be decreased by implementing: (Select TWO)

Explanation

Implementing identity verification methods and security awareness training can decrease the risks of social engineering. Identity verification methods require individuals to prove their identity before accessing sensitive information or resources, reducing the chances of unauthorized access. Security awareness training educates individuals about social engineering tactics and how to recognize and respond to them, making them less susceptible to manipulation or deception. Both measures contribute to strengthening an organization's defenses against social engineering attacks.

Submit
100.   Which of the following attacks are being referred to if packets are not connection-oriented and do not require the synchronization process?

Explanation

UDP (User Datagram Protocol) is a connectionless protocol that does not require a synchronization process. It allows packets to be sent without any guarantee of delivery or order. Therefore, if packets are not connection-oriented and do not require the synchronization process, it refers to a UDP attack. In a UDP attack, an attacker can send a large number of UDP packets to overwhelm a target system, causing it to become unresponsive or crash.

Submit
101. Sending a patch through a testing and approval process is an example of which option?

Explanation

Sending a patch through a testing and approval process is an example of change management. Change management is the process of controlling and managing changes to a system or organization in a systematic and structured way. It involves assessing, planning, implementing, and evaluating changes to ensure they are effectively and smoothly integrated into the system. In this case, the patch is being subjected to a testing and approval process to ensure that it is safe and compatible with the existing system before being implemented.

Submit
102.   Which item is not a logical access control method?

Explanation

Biometrics is not a logical access control method because it is a physical access control method. Logical access control methods involve the use of software or digital credentials to authenticate and authorize users, while biometrics relies on physical characteristics such as fingerprints, facial recognition, or iris scans. Therefore, biometrics does not fall under the category of logical access control methods like software tokens, ACL, or group policy.

Submit
103.   Which of the following attacks are being referred to if the attack involves the attacker gaining access to a host in the network and logically disconnecting it?

Explanation

TCP/IP hijacking refers to the attack where an attacker gains unauthorized access to a host in a network and disconnects it logically. This attack involves the manipulation of TCP/IP packets to bypass security measures and gain control over the targeted host. The attacker can then disrupt the network communication by disconnecting the host, potentially causing service disruptions or unauthorized access to sensitive information.

Submit
104.   Which of the following can affect heaps and stacks?

Explanation

Buffer overflow is a type of vulnerability that occurs when a program or process tries to store more data in a buffer than it can handle. This can lead to overwriting adjacent memory locations, including the stack and heap. As a result, the integrity of the stack and heap can be compromised, leading to potential crashes, security vulnerabilities, and unauthorized access to sensitive data. Therefore, buffer overflow can directly affect both heaps and stacks.

Submit
105. A computer system containing personal identification information is being implemented by the company's sales department.  The sales department has requested that the system become operational before a security review can be completed.  Which of the following can be used to explain the reasons a security review must be completed?

Explanation

A security review must be completed before the computer system containing personal identification information can become operational because of the corporate security policy. This policy ensures that all systems and processes within the company adhere to the necessary security measures to protect sensitive information. By conducting a security review, any potential vulnerabilities or weaknesses in the system can be identified and addressed, ensuring that the personal identification information remains secure.

Submit
106. A newly hired security specialist is asked to evaluate the company's network security.  The security specialist discovers that users have installed personal software; the network has default settings and no patches have been installed and passwords are not required to be changed regularly.  Which of the following would be the FIRST step to take?

Explanation

The first step to take would be to enforce the security policy. This is because the security specialist has discovered several security vulnerabilities in the company's network, such as the installation of personal software, default settings, lack of software patches, and no password change requirements. Enforcing the security policy would address these issues by setting clear guidelines and rules for network security, ensuring that all users follow them and take necessary precautions to protect the network. This step would help establish a strong foundation for network security before addressing specific vulnerabilities like installing software patches or disabling non-essential services.

Submit
107.   During which phase of identification and authentication does proofing occur?

Explanation

During the phase of identification, proofing occurs. This is the process of verifying the identity of an individual or entity. It involves gathering and validating information such as usernames, passwords, or biometric data to ensure that the claimed identity is legitimate. Proofing helps to establish a reliable link between the identity and the person or entity being authenticated.

Submit
108.   From the listing of attacks, which method analyzes how the operating system (OS) responds to specific network traffic, in an attempt to determine which operating system is running in your networking environment?

Explanation

not-available-via-ai

Submit
109.   Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?

Explanation

Replay attack is the best description for an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client. In a replay attack, the attacker intercepts and records the communication between the client and the server. The attacker then replays this captured communication segment to the server, tricking it into believing that it is a legitimate client request. This type of attack can be used to gain unauthorized access or perform malicious actions on the server.

Submit
110.   Which of the following will restrict access to files according to the identity of the user or group? Choose one answer.

Explanation

DAC stands for Discretionary Access Control, which is a method of restricting access to files based on the identity of the user or group. With DAC, the owner of a file or directory can set permissions to determine who can access it and what actions they can perform. This allows for fine-grained control over access to files, ensuring that only authorized users or groups can access sensitive information. DAC is a commonly used access control mechanism in operating systems and file systems.

Submit
111.   Which of the following is MOST effective in preventing adware?

Explanation

A firewall is the most effective in preventing adware because it acts as a barrier between a trusted internal network and an untrusted external network, filtering out malicious traffic and preventing unauthorized access to the system. Adware often enters a system through network connections, and a firewall can block these malicious connections, reducing the risk of adware infections. While antivirus software can also detect and remove adware, a firewall provides an additional layer of protection by blocking the initial entry point. HIDS (Host-based Intrusion Detection System) can detect unauthorized access or malicious activities within a system but may not specifically target adware. A pop-up blocker only prevents unwanted pop-up advertisements, but it may not fully prevent adware infections.

Submit
112.   What does the MAC access control model use to identify the users who have permissions to a resource?

Explanation

The MAC access control model uses predefined access privileges to identify the users who have permissions to a resource. This means that access to resources is granted based on predetermined levels of access that are assigned to users. These access privileges determine what actions a user can perform on a resource, such as read, write, or delete. By using predefined access privileges, the MAC access control model ensures that only authorized users with the appropriate level of access can access a resource.

Submit
113.   Which access control system allows the system administrator to establish access permissions to network resources? Choose one answer.

Explanation

MAC (Mandatory Access Control) is the correct answer because it is an access control system that allows the system administrator to establish access permissions to network resources. MAC enforces access control based on predefined security policies, where each user and resource is assigned a security label. The system administrator can then define rules and permissions based on these labels, determining who can access which network resources.

Submit
114.   Which one of the following options overwrites the return address within a program to execute malicious code?

Explanation

A buffer overflow is a type of software vulnerability where a program writes more data into a buffer than it can hold, causing the excess data to overwrite adjacent memory locations. In the context of this question, when a buffer overflow occurs, it can overwrite the return address of a function, which is used to determine where the program should continue executing after the function finishes. By overwriting the return address with a malicious code address, an attacker can hijack the program's control flow and execute their own code, potentially causing harm or gaining unauthorized access.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 21, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 21, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Feb 19, 2010
    Quiz Created by
    Vtgamer
Cancel
  • All
    All (114)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
The first step in creating a security baseline would be?
  ...
  ...
A representative from the human resources department informs a...
  Which of the following definitions BEST suit Buffer Overflow?
  ...
  ...
You work as a network administrator for your company.  Your...
  ...
  ...
  ...
  ...
  ...
  ...
Human resource personel should be trained about security policy:
  ...
  ...
  ...
In order to allow for more oversight of past transactions, a company...
  ...
  ...
  ...
  ...
  ...
  ...
  Which scanner can find a rootkit?
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  Who is finally in charge of the amount of residual risk?
  ...
  ...
Which action should be performed when discovering an unauthorized...
  ...
  ...
  ...
  ...
  ...
The staff must be cross-trained in different functional areas in order...
The first step in creating a security baseline would be?
The main objective of risk management in an organization is to reduce...
A technician is conducting a forensic analysis on a computer...
  ...
  ...
  ...
  What should be established immediately upon evidence seizure?
Which of the following is not a step in the incident response?
  ...
  ...
  ...
An end-to-end traffic performance guarantee made by a service provider...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
What is the name of the form used while transferring evidence?
Risk assessment is a common first step in risk management...
  ...
  ...
  ...
A company's new employees are asked to sign a document that describes...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
Sending a patch through a testing and approval process is an example...
  Which item is not a logical access control method?
  ...
  Which of the following can affect heaps and stacks?
A computer system containing personal identification information is...
A newly hired security specialist is asked to evaluate the...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
  ...
Alert!

Advertisement