Cyber Security Trivia Questions

116 Questions | Total Attempts: 5139

SettingsSettingsSettings
Please wait...
Cyber Security Trivia Questions

Security.


Questions and Answers
  • 1. 
    Which of the following elements of PKI are found in a browser's trusted root CA?
    • A. 

      Private key

    • B. 

      Public key

    • C. 

      Symetric key

    • D. 

      Recovery key

  • 2. 
    Which of the following protocols only encrypts password packets from client to server?
    • A. 

      XTACACS

    • B. 

      TACACS

    • C. 

      RADIUS

    • D. 

      TACACS+

  • 3. 
    Where are revoked certificates stored?     
    • A. 

      Recovery agent

    • B. 

      Key escrow

    • C. 

      CRL

    • D. 

      Registration

  • 4. 
    DRPs should contain which of the following?     
    • A. 

      Hierarchical list of non-critical personnel

    • B. 

      Hierarchical list of critical systems

    • C. 

      Hierarchical access control lists

  • 5. 
    A system administrator could have a user level account and an administrator account to prevent:     
    • A. 

      Password sharing

    • B. 

      Escalation of privelages

    • C. 

      Implicit deny

    • D. 

      Admin account lockout

  • 6. 
    Which of the following is the BEST way to mitigate data loss if a portable device is compromised?     
    • A. 

      Full disc encryption

    • B. 

      Common access card

    • C. 

      Password complexity

    • D. 

      Biometric authentication

  • 7. 
    Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices?     
    • A. 

      HTTPS

    • B. 

      SSH

    • C. 

      IPv4

    • D. 

      ICMP

  • 8. 
    Which of the following is specific to a buffer overflow attack
    • A. 

      Memory addressing

    • B. 

      Directory traversal

    • C. 

      Initial vector

    • D. 

      Session cookies

  • 9. 
    Which of the following asymmetric encryption keys is used to encrypt data to ensure only the intended recipient can decrypt the cipher text?     
    • A. 

      Private

    • B. 

      Escrow

    • C. 

      Public

    • D. 

      Pre-Shared

  • 10. 
    Which of the following should a security administrator implement to prevent users from disrupting network connectivity, if a user connects both ends of a network cable to different switch ports?     
    • A. 

      VLAN separation

    • B. 

      Access Control

    • C. 

      Loopback protection

    • D. 

      DMZ

  • 11. 
    Question: 11     A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the product, various vulnerability scans were performed. It was determined that the product is not a threat but has the potential to introduce additional vulnerabilities. Which of the following assessment types should the security administrator also take into consideration while evaluating this product?     
    • A. 

      Threat assessment

    • B. 

      Vulnerability assessment

    • C. 

      Code assessment

    • D. 

      Risk assessment

  • 12. 
    Which of the following requires special handling and explicit policies for data retention and data distribution?     
    • A. 

      Personally identifiable information

    • B. 

      Phishing attacks

    • C. 

      Zero day exploits

    • D. 

      Personal electronic devices

  • 13. 
    Centrally authenticating multiple systems and applications against a federated user database is an example of:     
    • A. 

      Smart Card

    • B. 

      Common Access Card

    • C. 

      Single sign on

    • D. 

      Access control list

  • 14. 
    WEP is seen as an unsecure protocol based on its improper use of which of the following?     
    • A. 

      RC6

    • B. 

      RC4

    • C. 

      3DES

    • D. 

      AES

  • 15. 
    Which of the following should be performed if a smartphone is lost to ensure no data can be retrieved from it?  
    • A. 

      Device Encryption

    • B. 

      Remote Wipe

    • C. 

      Screen Lock

    • D. 

      GPS Tracking

  • 16. 
    In an 802.11n network, which of the following provides the MOST secure method of both encryption and authorization?     
    • A. 

      WEP with 802.1x

    • B. 

      WPA enterprise

    • C. 

      WPA2 PSK

  • 17. 
    Which of the following methods of access, authentication, and authorization is the MOST secure by default?     
    • A. 

      Kerberos

    • B. 

      TACACS

    • C. 

      RADIUS

    • D. 

      LDAP

  • 18. 
    Which of the following facilitates computing for heavily utilized systems and networks? 
    • A. 

      Remote access

    • B. 

      Provider Cloud

    • C. 

      VPN Concentrator

    • D. 

      Telephony

  • 19. 
    With which of the following is RAID MOST concerned?     
    • A. 

      Integrity

    • B. 

      Confidentiality

    • C. 

      Availability

    • D. 

      Baselining

  • 20. 
    Which of the following reduces the likelihood of a single point of failure when a server fails?     
    • A. 

      Clustering

    • B. 

      Virtualization

    • C. 

      RAID

    • D. 

      Cold Site

  • 21. 
     A user downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?     
    • A. 

      Logic Bomb

    • B. 

      Worm

    • C. 

      Trojan

    • D. 

      Adware

  • 22. 
    Which of the following is used in conjunction with PEAP to provide mutual authentication between peers
    • A. 

      LEAP

    • B. 

      MSCHAPv2

    • C. 

      PPP

    • D. 

      MSCHAPv1

  • 23. 
    A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following?     
    • A. 

      Whaling

    • B. 

      Blue Snarfing

    • C. 

      Vishing

    • D. 

      Dumpster Diving

  • 24. 
    Which of the following uses TCP port 22 by default?     
    • A. 

      SSL SCP TFTP

    • B. 

      SSH SCP SFTP

    • C. 

      HTTPS TFTP SFTP

  • 25. 
    Actively monitoring data streams in search of malicious code or behavior is an example of:     
    • A. 

      Load balancing

    • B. 

      An internet proxy

    • C. 

      Url filtering

    • D. 

      Content inspection