CISCO
Cybersecurity Mastery Quiz
Test your knowledge and skills in cybersecurity with our comprehensive quiz designed for enthusiasts and professionals alike. With 50 challenging questions, you can assess your understanding of critical security concepts and practices.
This quiz covers various topics related to cybersecurity, including:
- Authentication methods
- Malware defense strategies
- Security protocols
- Data integrity and encryption
What is an example of early warning systems that can be used to thwart cybercriminals?
CVE database
Infragard
ISO/IEC 27000 program
Honeynet project
Technologies like GIS and IoE contribute to the growth of large data stores. What are two reasons that these technologies increase the need for cybersecurity specialists? (Choose two.)
They require 24-hour monitoring.
They collect sensitive information.
They contain personal information.
They increase processing requirements.
They require more equipment.
They make systems more complicated
Which two groups of people are considered internal attackers? (Choose two.)
Ex-employees
Amateurs
Black hat hackers
Hacktivists
Trusted partners
Which methods can be used to implement multifactor authentication?
IDS and IPS
Tokens and hashes
VPNs and VLANs
Passwords and fingerprints
Which technology should be used to enforce the security policy that a computing device must be checked against the latest antivirus update before the device is allowed to connect to the campus network?
NAC
VPN
SAN
NAS
A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?
Implement a firewall.
Implement intrusion detection systems.
Implement a VLAN.
Implement RAID.
Which technology can be used to ensure data confidentiality?
Hashing
Identity management
RAID
Encryption
An organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted?
VPN
VLANS
RAID
SHS
What are the two most effective ways to defend against malware? (Choose two.)
Implement a VPN.
Implement strong passwords.
Install and update antivirus software.
Implement RAID.
Implement network firewalls.
Update the operating system and other application software.
An executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?
Familiarity
Intimidation
Trusted partners
Urgency
Which statement describes a distributed denial of service attack?”
An attacker sends an enormous quantity of data that a server cannot handle.
An attacker views network traffic to learn authentication credentials.
An attacker builds a botnet comprised of zombies.
One computer accepts data packets based on the MAC address of another computer.
What type of attack will make illegitimate websites higher in a web search result list?
DNS poisoning
Browser hijacker
Spam
SEO poisoning
What is a nontechnical method that a cybercriminal would use to gather sensitive information from an organization?
Man-in-the-middle
Social engineering
Pharming
Ransomeware
A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?
Look for usernames that do not have passwords.
Look for unauthorized accounts.
Look for policy changes in Event Viewer.
Scan the systems for viruses
Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?
DoS attack
Trojan horse
Ransomeware
Man-in-the-middle attack
A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?
RSA
Diffie-Hellman
3DES
ECC
What happens as the key length increases in an encryption application?
Keyspace decreases exponentially.
Keyspace increases exponentially.
Keyspace decreases proportionally.
Keyspace increases proportionally
Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?
RSA
DES
AES
3DES
Before data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?
Data masking substitution
Steganography
Software obfuscation
Steganalysis
In which situation would a detective control be warranted?
When the organization needs to repair damage
After the organization has experienced a breach in order to restore everything back to a normal state
When the organization needs to look for prohibited activity
When the organization cannot use a guard dog, so it is necessary to consider an alternative
An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?
Administrative
Technological
Physical
Logical
An organization has implemented antivirus software. What type of security control did the company implement?
Deterrent control
Detective control
Recovery control
Compensative control
Passwords, passphrases, and PINs are examples of which security term?
Authorization
Access
Authentication
Identification
An organization has determined that an employee has been cracking passwords on administrative accounts in order to access very sensitive payroll information. Which tools would you look for on the system of the employee? (Choose three)
Password digest
Reverse lookup tables
Lookup tables
Rouge access points
Algorithm tables
Rainbow tables
What technique creates different hashes for the same password?
SHA-256
HMAC
CRC
Salting
Which hashing technology requires keys to be exchanged?
HMAC
Salting
MD5
AES
You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?
SHA-1
AES
MD5
SHA-256
What kind of integrity does a database have when all its rows have a unique identifier called a primary key?
Entity integrity
Referential integrity
Domain integrity
User-defined integrity
Technicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)
The systems use different hashing algorithms.
Both systems use MD5.
Both systems scramble the passwords before hashing.
One system uses hashing and the other uses hashing and salting.
One system uses symmetrical hashing and the other uses asymmetrical hashing.
Alice and Bob are using a digital signature to sign a document. What key should Alice use to sign the document so that Bob can make sure that the document came from Alice?
Public key from Bob
Private key from Alice
Private key from Bob
Username and password from Alice
The X.509 standards defines which security technology?
Digital certificates
Security tokens
Strong passwords
Biometrics
What is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?
Asset standardization
Asset identification
Asset classification
Asset availability
Being able to maintain availability during disruptive events describes which of the principles of high availability?
Single point of failure
System resiliency
Fault tolerance
Uninterruptible services
An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?
Stronger encryption systems
Remote access to thousands of external users
Limiting access to the data on these systems
Improving reliability and uptime of the servers
What approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?
Layering
Obscurity
Diversity
Limiting
The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?
Qualitative analysis
Loss analysis
Protection analysis
Quantitative analysis
Which two values are required to calculate annual loss expectancy? (Choose two.)
Asset value
Exposure factor
Frequency factor
Annual rate of occurrence
Single loss expectancy
Quantitative loss value
An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?
Asset identification
Asset availability
Asset standardization
Asset classification
What approach to availability involves using file permissions?
Layering
Simplicity
Obscurity
Limiting
What are two incident response phases? (Choose two.)
Prevention and containment
Containment and recovery
Mitigation and acceptance
Detection and analysis
Risk analysis and high availability
Confidentiality and eradication
What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?
Local Security Policy tool
Event Viewer security log
Active Directory Security tool
Computer Management
In a comparison of biometric systems, what is the crossover error rate?
Rate of false negatives and rate of false positives
Rate of false positives and rate of acceptability
Rate of rejection and rate of false negatives
Rate of acceptability and rate of false negatives
What describes the protection provided by a fence that is 1 meter in height?
It deters casual trespassers only.
The fence deters determined intruders
It offers limited delay to a determined intruder.
It prevents casual trespassers because of its height
Mutual authentication can prevent which type of attack?
Wireless poisoning
Man-in-the-middle
Wireless sniffing
Wireless IP spoofing
Which protocol would be used to provide security for employees that access systems remotely from home?
SSH
WPA
Telnet
SCP
Which technology can be used to protect VoIP against eavesdropping?
Encrypted voice messages
Strong authentication
SSH
ARP
Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)
WPA
802.11q
802.11i
TKIP
WPA2
WEP
HVAC, water system, and fire systems fall under which of the cybersecurity domains?
Network
User
Device
Physical facilities
Which national resource was developed as a result of a U.S. Executive Order after a ten-month collaborative study involving over 3,000 security professionals?
ISO OSI model
NIST Framework
ISO/IEC 27000
The National Vulnerability Database (NVD)
Which cybersecurity weapon scans for use of default passwords, missing patches, open ports, misconfigurations, and active IP addresses?
Packet sniffers
Vulnerability scanners
Password crackers
Packet analyzers
{"name":"CISCO", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your knowledge and skills in cybersecurity with our comprehensive quiz designed for enthusiasts and professionals alike. With 50 challenging questions, you can assess your understanding of critical security concepts and practices.This quiz covers various topics related to cybersecurity, including:Authentication methodsMalware defense strategiesSecurity protocolsData integrity and encryption","img":"https:/images/course7.png"}