Cybersecurity Fundamentals Prep Quiz
(163).jpg "Cybersecurity Fundamentals Prep Quiz")
This is a quiz for the Cybersecurity Fundamentals Certificate. It's based on sample questions and the end of topic questions in the workbook. Good luck!
- 1.Choose three. According to the NIST framework, which of the following are considered key functions necessary for the protection of digital assets?
- A.
Encrypt
- B.
Protect
- C.
Investigate
- D.
Recover
- E.
Identify
- 2.Which element of an incident response plan involves obtaining and preserving evidence?
- A.
Preparation
- B.
Identification
- C.
Containment
- D.
Eradication
- 3.To which of the following layers of the Open Systems Interconnect (OSI) model would one map Ethernet?
- A.
Data Link
- B.
Network
- C.
Application
- D.
Transport
- 4.Which of the following interpret requirements and apply them to specific situations?
- A.
Policies
- B.
Standards
- C.
Guidelines
- D.
Procedures
- 5.Business continuity plans (BCPs) associated with organizational information systems should be developed primarily on the basis of:
- A.
Available resources
- B.
Levels of effort
- C.
Projected costs
- D.
Business needs
- 6.A segmented network:
- A.
Offers defense in depth superior to a concentric-layers model
- B.
Consists of two or more security zones
- C.
Maximizes the delay experienced by an attacker
- D.
Delivers superior performance for internal applications
- 7.Which cybersecurity principle is most important when attempting to trace the source of malicious activity?
- A.
Availability
- B.
Integrity
- C.
Nonrepudiation
- D.
Confidentiality
- 8.Which of the following offers the strongest protection for wireless network traffic?
- A.
Wireless Protected Access 2 (WPA2)
- B.
Wireless Protected Access-Advanced Encryption Standard (WPA-AES)
- C.
Wired Equivalent Protection 128-bit (WEP-128)
- D.
Wireless Protected Access-Temporary Key Integrity Protocol (WPA-TKIP)
- 9.Outsourcing poses the greatest risk to an organization when it involves
- A.
Business support services
- B.
Technology infrastructure
- C.
Cybersecurity capabilities
- D.
Core business functions
- 10.Risk assessments should be performed
- A.
At the start of a program
- B.
On a regular basis
- C.
When an asset changes
- D.
When a vulnerability is discovered
- 11.Maintaining a high degree of confidence regarding the integrity of evidence requires a(n):
- A.
Power of attorney
- B.
Sworn statement
- C.
Chain of custody
- D.
Affidavit
- 12.A firewall that tracks open connection-oriented protocol sessions is said to be:
- A.
State-sponsored
- B.
Stateless
- C.
Stateful
- D.
Stated
- 13.During which phase of the system development lifecycle (SDLC) should security first be considered?
- A.
Planning
- B.
Analysis
- C.
Design
- D.
Implementation
- 14.A cybersecurity architecture designed around the concept of a perimeter is said to be:
- A.
Data-centric
- B.
User-centric
- C.
Integrated
- D.
System-centric
- 15.A passive network hub operates at which layer of the OSI model?
- A.
Data Link
- B.
Physical
- C.
Network
- D.
Transport
- 16.Updates in cloud-computing environments can be rolled out quickly because the environment is:
- A.
Homogeneous
- B.
Distributed
- C.
Diversified
- D.
Secure
- 17.During which phase of the six-phase incident response model is the root cause determined?
- A.
Recovery
- B.
Identification
- C.
Containment
- D.
Eradication
- 18.The attack mechanism directed against a system is commonly called a(n):
- A.
Exploit
- B.
Vulnerability
- C.
Payload
- D.
Attack Vector
- 19.Where should an organization’s network terminate virtual private network (VPN) tunnels?
- A.
At an interior router, to reduce network traffic congestion
- B.
At a dedicated “honey pot” system in the demilitarized zone (DMZ)
- C.
At the destination system, to prevent loss of confidentiality
- D.
At the perimeter, to allow for effective internal monitoring
- 20.In practical applications:
- A.
Symmetric key encryption is used to securely distribute asymmetric keys
- B.
Asymmetric key encryption is used to securely obtain symmetric keys
- C.
Symmetric key encryption is used only for short messages, such as digital signatures
- D.
Asymmetric key encryption is used in cases where speed is important
- 21.Which two factors are used to calculate the likelihood of an event?
- A.
Threat and vulnerability
- B.
Vulnerability and asset value
- C.
Asset count and asset value
- D.
Threat and asset count
- 22.What is one advantage of a firewall implemented in software over a firewall appliance?
- A.
Performance
- B.
Power consumption
- C.
Flexibility
- D.
Resiliency
- 23.A business continuity plan (BCP) is not complete unless it includes:
- A.
Dedicated resources
- B.
Detailed procedures
- C.
Network diagrams
- D.
Critical processes
- 24.Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following?
- A.
Improper usage
- B.
Investigation
- C.
Denial of service (DoS)
- D.
Malicious code
- 25.An interoperability error is what type of vulnerability?
- A.
Technical
- B.
Process
- C.
Emergent
- D.
Organizational
Questions: 10 | Attempts: 11284 | Last updated: May 30, 2017
-
Sample QuestionTHE SECURITY OFFICER MOTTO IS
Questions: 6 | Attempts: 11160 | Last updated: Dec 7, 2017
-
Sample QuestionTim is a shop owner and athief. He automatically accuses anyone who looks suspicious in his store of stealing. This is an example of what defense mechanism?
Questions: 112 | Attempts: 3706 | Last updated: May 30, 2017
-
Sample QuestionA "Dead Zone" in a PIR motion detectors field of view is
Back to top