Cybersecurity Fundamentals Prep Quiz

64 Questions

Settings
Please wait...
Security Quizzes & Trivia

This is a quiz for the Cybersecurity Fundamentals Certificate. It's based on sample questions and the end of topic questions in the workbook. Good luck!


Questions and Answers
  • 1. 
    Choose three. According to the NIST framework, which of the following are considered key functions necessary for the protection of digital assets?
    • A. 

      Encrypt

    • B. 

      Protect

    • C. 

      Investigate

    • D. 

      Recover

    • E. 

      Identify

  • 2. 
    Which element of an incident response plan involves obtaining and preserving evidence? 
    • A. 

      Preparation

    • B. 

      Identification

    • C. 

      Containment

    • D. 

      Eradication

  • 3. 
    To which of the following layers of the Open Systems Interconnect (OSI) model would one map Ethernet?
    • A. 

      Data Link

    • B. 

      Network

    • C. 

      Application

    • D. 

      Transport

  • 4. 
    Which of the following interpret requirements and apply them to specific situations?
    • A. 

      Policies

    • B. 

      Standards

    • C. 

      Guidelines

    • D. 

      Procedures

  • 5. 
    Business continuity plans (BCPs) associated with organizational information systems should be developed primarily on the basis of:
    • A. 

      Available resources

    • B. 

      Levels of effort

    • C. 

      Projected costs

    • D. 

      Business needs

  • 6. 
    A segmented network:
    • A. 

      Offers defense in depth superior to a concentric-layers model

    • B. 

      Consists of two or more security zones

    • C. 

      Maximizes the delay experienced by an attacker

    • D. 

      Delivers superior performance for internal applications

  • 7. 
    Which cybersecurity principle is most important when attempting to trace the source of malicious activity?
    • A. 

      Availability

    • B. 

      Integrity

    • C. 

      Nonrepudiation

    • D. 

      Confidentiality

  • 8. 
    Which of the following offers the strongest protection for wireless network traffic?
    • A. 

      Wireless Protected Access 2 (WPA2)

    • B. 

      Wireless Protected Access-Advanced Encryption Standard (WPA-AES)

    • C. 

      Wired Equivalent Protection 128-bit (WEP-128)

    • D. 

      Wireless Protected Access-Temporary Key Integrity Protocol (WPA-TKIP)

  • 9. 
    Outsourcing poses the greatest risk to an organization when it involves
    • A. 

      Business support services

    • B. 

      Technology infrastructure

    • C. 

      Cybersecurity capabilities

    • D. 

      Core business functions

  • 10. 
    Risk assessments should be performed
    • A. 

      At the start of a program

    • B. 

      On a regular basis

    • C. 

      When an asset changes

    • D. 

      When a vulnerability is discovered

  • 11. 
    Maintaining a high degree of confidence regarding the integrity of evidence requires a(n):
    • A. 

      Power of attorney

    • B. 

      Sworn statement

    • C. 

      Chain of custody

    • D. 

      Affidavit

  • 12. 
    A firewall that tracks open connection-oriented protocol sessions is said to be:
    • A. 

      State-sponsored

    • B. 

      Stateless

    • C. 

      Stateful

    • D. 

      Stated

  • 13. 
    During which phase of the system development lifecycle (SDLC) should security first be considered?
    • A. 

      Planning

    • B. 

      Analysis

    • C. 

      Design

    • D. 

      Implementation

  • 14. 
    A cybersecurity architecture designed around the concept of a perimeter is said to be:
    • A. 

      Data-centric

    • B. 

      User-centric

    • C. 

      Integrated

    • D. 

      System-centric

  • 15. 
    A passive network hub operates at which layer of the OSI model?
    • A. 

      Data Link

    • B. 

      Physical

    • C. 

      Network

    • D. 

      Transport

  • 16. 
    Updates in cloud-computing environments can be rolled out quickly because the environment is:
    • A. 

      Homogeneous

    • B. 

      Distributed

    • C. 

      Diversified

    • D. 

      Secure

  • 17. 
    During which phase of the six-phase incident response model is the root cause determined?
    • A. 

      Recovery

    • B. 

      Identification

    • C. 

      Containment

    • D. 

      Eradication

  • 18. 
    The attack mechanism directed against a system is commonly called a(n):
    • A. 

      Exploit

    • B. 

      Vulnerability

    • C. 

      Payload

    • D. 

      Attack Vector

  • 19. 
    • A. 

      At an interior router, to reduce network traffic congestion

    • B. 

      At a dedicated “honey pot” system in the demilitarized zone (DMZ)

    • C. 

      At the destination system, to prevent loss of confidentiality

    • D. 

      At the perimeter, to allow for effective internal monitoring

  • 20. 
    In practical applications: 
    • A. 

      Symmetric key encryption is used to securely distribute asymmetric keys

    • B. 

      Asymmetric key encryption is used to securely obtain symmetric keys

    • C. 

      Symmetric key encryption is used only for short messages, such as digital signatures

    • D. 

      Asymmetric key encryption is used in cases where speed is important

  • 21. 
    Which two factors are used to calculate the likelihood of an event?
    • A. 

      Threat and vulnerability

    • B. 

      Vulnerability and asset value

    • C. 

      Asset count and asset value

    • D. 

      Threat and asset count

  • 22. 
    What is one advantage of a firewall implemented in software over a firewall appliance?
    • A. 

      Performance

    • B. 

      Power consumption

    • C. 

      Flexibility

    • D. 

      Resiliency

  • 23. 
    A business continuity plan (BCP) is not complete unless it includes:
    • A. 

      Dedicated resources

    • B. 

      Detailed procedures

    • C. 

      Network diagrams

    • D. 

      Critical processes

  • 24. 
    Under the US-CERT model for incident categorization, a CAT-3 incident refers to which of the following?
    • A. 

      Improper usage

    • B. 

      Investigation

    • C. 

      Denial of service (DoS)

    • D. 

      Malicious code

  • 25. 
    An interoperability error is what type of vulnerability?
    • A. 

      Technical

    • B. 

      Process

    • C. 

      Emergent

    • D. 

      Organizational

  • 26. 
    Securing Supervisory Control and Data Acquisition (SCADA) systems can be challenging because they:
    • A. 

      Operate in specialized environments and often have non-standard design elements

    • B. 

      Are subject to specialized requirements established for national security systems

    • C. 

      Support critical infrastructure processes for which any risk of compromise is unacceptable

    • D. 

      Cannot be replaced due to aging infrastructure and the complexity of included components

  • 27. 
    Virtual systems should be managed using a dedicated virtual local area network (VLAN) because:
    • A. 

      Network topologies do not always property identify the locations of virtual servers

    • B. 

      VLAN encryption provides a double layer of protection for virtual system data

    • C. 

      Insecure protocols could result in a compromise of privileged user credentials

    • D. 

      Segregation of management traffic and use traffic dramatically improves performance

  • 28. 
    Three common controls used to protect the availability of information are: 
    • A. 

      Redundancy, backups and access controls.

    • B. 

      Encryption, file permissions and access controls.

    • C. 

      Access controls, logging and digital signatures.

    • D. 

      Hashes, logging and backups.

  • 29. 
    2. Select all that apply. Governance has several goals, including: 
    • A. 

      Ensuring that objectives are achieved.

    • B. 

      Verifying that organizational resources are being used appropriately.

    • C. 

      Directing and monitoring security activities.

    • D. 

      Ascertaining whether risk is being managed properly.

    • E. 

      Providing strategic direction.

  • 30. 
    Which of the following is the best definition for cybersecurity? 
    • A. 

      The process by which an organization manages cybersecurity risk to an acceptable level

    • B. 

      The protection of information from unauthorized access or disclosure

    • C. 

      The protection of paper documents, digital and intellectual property, and verbal or visual communications

    • D. 

      Protecting information assets by addressing threats to information that is processed, stored or transported by interworked information systems

  • 31. 
    Which of the following cybersecurity roles is charged with the duty of managing incidents and remediation? 
    • A. 

      Board of directors

    • B. 

      Executive committee

    • C. 

      Cybersecurity management

    • D. 

      Cybersecurity practitioners

  • 32. 
    • A. 

      Disaster recovery objectives, resources and personnel.

    • B. 

      Who had access to the evidence, in chronological order.

    • C. 

      Labor, union and privacy regulations.

    • D. 

      Proof that the analysis is based on copies identical to the original evidence.

    • E. 

      The procedures followed in working with the evidence.

  • 33. 
    NIST defines a(n) BLANK as a “violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices.” 
    • A. 

      Disaster

    • B. 

      Event

    • C. 

      Threat

    • D. 

      Incident

  • 34. 
    Select all that apply. A business impact analysis (BIA) should identify:
    • A. 

      The circumstances under which a disaster should be declared.

    • B. 

      The estimated probability of the identified threats actually occurring.

    • C. 

      The efficiency and effectiveness of existing risk mitigation controls.

    • D. 

      A list of potential vulnerabilities, dangers and/or threats.

    • E. 

      Which types of data backups (full, incremental and differential) will be used.

  • 35. 
    ____________________ is defined as “a model for enabling convenient, on-demand network access to a shared pool of configurable resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management or service provider interaction.” 
    • A. 

      Software as a Service (SaaS)

    • B. 

      Cloud computing

    • C. 

      Big data

    • D. 

      Platform as a Service (PaaS)

  • 36. 
    • A. 

      APTs typically originate from sources such as organized crime groups, activists or governments.

    • B. 

      APTs use obfuscation techniques that help them remain undiscovered for months or even years.

    • C. 

      APTs are often long-term, multi-phase projects with a focus on reconnaissance.

    • D. 

      The APT attack cycle begins with target penetration and collection of sensitive information.

    • E. 

      Although they are often associated with APTs, intelligence agencies are rarely the perpetrators of APT attacks.

  • 37. 
    Smart devices, BYOD strategies and freely available applications and services are all examples of: 
    • A. 

      The reorientation of technologies and services designed around the individual end user.

    • B. 

      The primacy of external threats to business enterprises in today’s threat landscape.

    • C. 

      The stubborn persistence of traditional communication methods.

    • D. 

      The application layer’s susceptibility to APTs and zero-day exploits.

  • 38. 
    Choose three. Which types of risk are typically associated with mobile devices? 
    • A. 

      Organizational risk

    • B. 

      Compliance risk

    • C. 

      Technical risk

    • D. 

      Physical risk

    • E. 

      Transactional risk

  • 39. 
    Which three elements of the current threat landscape have provided increased levels of access and connectivity, and therefore increased opportunities for cybercrime? 
    • A. 

      Text messaging, Bluetooth technology and SIM cards

    • B. 

      Web applications, botnets and primary malware

    • C. 

      Financial gains, intellectual property and politics

    • D. 

      Cloud computing, social media and mobile computing

  • 40. 
    The core duty of cybersecurity is to identify, respond to and manage [Blank] to an organization's digital assets.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 41. 
    A(n) [Blank] is anything capable of acting against an asset in a manner that can cause harm.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 42. 
    A(n) [Blank] is something of value worth protecting.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 43. 
    An [Blank] is a weakness in the design, implementation, operation or internal controls in a process that could be exploited to violate the system security.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 44. 
    The path or route used to gain access to the target asset is known as a(n) [Blank].Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 45. 
    In an attack, the container that delivers the exploit to the target is called a(n) [Blank].Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 46. 
    [Blank] communicate required and prohibited activities and behaviors.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 47. 
    [Blank] is a class of malware that hides the existence of other malware by modifying the underlying operating system.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 48. 
    [Blank] provide details on how to comply with policies and standards.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 49. 
    [Blank], also called malicious code, is software designed to gain access to targeted computer systems, steal information or disrupt computer operations.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 50. 
    [Blank] provide general guidance and recommendations on what to do in particular circumstances.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 51. 
    [Blank] are used to interpret policies in specific situations.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 52. 
    [Blank] are solutions to software programming and coding errors.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 53. 
    [Blank] includes many components such as directory services, authentication and authorization services, and user management capabilities such as provisioning and deprovisioning.Word options: Standards, Vulnerability, Guidelines, Attack Vector, Policies, Risk, Threat, Asset, Patches, Identity Management, Malware, Rootkit, Payload, Procedure
  • 54. 
    System hardening should implement the principle of ________ or ________.
    • A. 

      Governance, compliance

    • B. 

      Least privilege, access control

    • C. 

      Stateful inspection, remote access

    • D. 

      Vulnerability assessment, risk mitigation

  • 55. 
    Select all that apply. Which of the following are considered functional areas of network management as defined by ISO?
    • A. 

      Accounting management

    • B. 

      Fault management

    • C. 

      Firewall management

    • D. 

      Performance management

    • E. 

      Security management

  • 56. 
    Virtualization involves:
    • A. 

      The creation of a layer between physical and logical access controls.

    • B. 

      Multiple guests coexisting on the same server in isolation of one another.

    • C. 

      Simultaneous use of kernel mode and user mode.

    • D. 

      DNS interrogation, WHOIS queries and network sniffing.

  • 57. 
    Vulnerability management begins with an understanding of cybersecurity assets and their locations, which can be accomplished by:
    • A. 

      Vulnerability scanning.

    • B. 

      Penetration testing.

    • C. 

      Maintaining an asset inventory

    • D. 

      Using command line tools.

  • 58. 
    • A. 

      Detect and block traffic from infected internal end points.

    • B. 

      Eliminate threats such as email spam, viruses and worms.

    • C. 

      Format, encrypt and compress data.

    • D. 

      Control user traffic bound toward the Internet.

    • E. 

      Monitor and detect network ports for rogue activity.

  • 59. 
    The [Blank] layer of the OSI model ensures that data are transferred reliably in the correctsequence, and the [Blank] layer coordinates and manages user connections.
    • A. 

      Presentation, data link

    • B. 

      Transport, session

    • C. 

      Physical, application

    • D. 

      Data link. network

  • 60. 
    Choose three. The key benefits of the DMZ system are:
    • A. 

      DMZs are based on logical rather than physical connections.

    • B. 

      An intruder must penetrate three separate devices.

    • C. 

      Private network addresses arc not disclosed to the Internet.

    • D. 

      Excellent performance and scalability as Internet usage grows.

    • E. 

      Internal systems do not have direct access to the Internet.

  • 61. 
    • A. 

      Encryption is the primary means of securing digital assets.

    • B. 

      Encryption depends upon shared secrets anti is therefore an unreliable means of control.

    • C. 

      A program's encryption elements should be handled by a third-party cryptologist.

    • D. 

      Encryption is an essential but incomplete form of access control.

  • 62. 
    The number and types of layers needed for defense in depth are a function of:
    • A. 

      Asset value, criticality, reliability of each control and degree of exposure.

    • B. 

      Threat agents, governance, compliance and mobile device policy.

    • C. 

      Network configuration, navigation controls, user interface and VPN traffic.

    • D. 

      Isolation, segmentation, internal controls and external controls.