Security - take the quiz
Master Your Security Knowledge
Welcome to the ultimate quiz designed for those who want to deepen their understanding of cybersecurity and compliance. Test your knowledge on essential topics such as HIPAA safeguards, risk management, and the latest security technologies!
Key features of the quiz:
- 43 comprehensive questions
- A mix of multiple choice and checkbox answers
- Immediate feedback on selected answers
You work for a community health care organization that uses an electronic health record (EHR) system. You need to implement the physical and technical safeguards required by HIPAA Which two approaches should you use to verify that the EHR system is compliant with those safeguards? (Choose 2.) Note: You will receive partial credit for each correct selection.
Penetration testing
Security awareness training
IT auditing
Automatic log-off implementation
While conducting a risk evaluation at your company, you identify risks that are related to the web server located in the office. The risks include hardware and software failure as well as web service interruption caused by cyber attacks. You recommend purchasing insurance and a maintenance contract to help mitigate the risks. Which risk mitigation strategy is this an example of?
Risk reduction
Risk acceptance
Risk transfer
Risk avoidance
Which classification of security alert is the greatest threat to an organization because it represent undetected exploits?
True negative
False positive
False negative
True positive
What does hashing provide for data communication?
Data non-reputation
Data integrity
Origin authentication
Data confidentiality
You are a security technician. You just completed a full scan of a Windows 10 PC. Where should you go to view the scan result?
Windows Application Logs
Windows Security
Windows System Logs
Windows Task Manager
Which data type is protected through hard disk encryption?
Data in transit
Data in use
Data at rest
Data in process
You need to allow employees to access your company's secure network from their homes. Which type of security should you implement?
IDS
SNMP
VPN
BYOD
In order to do online banking, you enter a strong password and then enter the 5-digit code sent to you on your smartphone. Which type of authentication does this situation describe?
AAA
Multifactor
VPN
RADIUS
After an administrator install an operating system update on a laptop, the laptop user can no longer print to their wireless printer.
Reinstall the same service pack
Update the firmware on the laptop
Check for patches for wireless printers
Install a new device river for the wireless printer
Which wireless encryption technology requires (AES) to secure home wireless networks?
WPA2
WEP
WPA3
WPA
Which command displays both the configured DNS server information and the IP address resolution for a URL?
Nslookup
Traceroute
Ping
Nmap
A security analyst discover that a hacker was able to gain root access to an enterprise (Linux server.) root user
Privilege escalation
DDos
Brute force
Buffer overflow
You need to filter the websites that are available to employees on the company network. Which type of device should you deploy?
Honeypot
IPS
Proxy server
IDS
The analyst enters the ls -l command in the terminal.
To display the file permissions and ownership of the executable file
To display the content of a text file
To navigate to the folder that is passed as an argument to the command
To open a text editor
Which three authentication factors are valid for use in a multifactor authentication scenario? (Choose 3)
Something you see
Something you know
Something you have
Something you earn
Something you are
Something you do
Your organization's SIEM system + URL
Block the URL by placing it on the network block list
Ask users why the visited the website
Visit the URL to determine whether the website is legitimate
Submit the URL to a threat intelligence portal for analysis
What are two natural disasters that would cause a company to implement a disaster recovery plan? (Choose 2)
Nuclear contamination
Floods
Hazardous material spills
Volcanic eruptions
Your home network seems to have slowed down considerably.
Create an IP access control list
Change the network SSID
Implement MAC address filtering
Block the host IP address
You issue the netstat -l command to display all TCP ports that are in the Listening state
The ports are open on the system and are waiting for connection
The state of the connection on the ports is unknown
The ports are actively connected to another system process
The remote end disconnected and the ports are closing
Several staff members are experiencing unexplained computer crashes (Choose 2)
Deploy a policy to install and automatically update antivirus and anti-malware software
Reinstall Widows on the affected workstations
Scan affected workstations and remove malware
Configure the network firewall to block malware from entering the internal network
As a security officer, you notice that the hyperlink points to an unknown party.
Spear phishing
Vishing
Smishing
Ransomware
You are working with the senior administration team to identify which risks are acceptable. Which paste of risk management are you in?
Determining a risk profile
Choosing risk strategies
Mitigating risks
Measuring residual risk
Which activity by an adversary is an example of exploit that is attempting to gain users credential
Obtaining a directory listing of files located on the web database server
Executing a remote port scan of all enterprise registered IP adresses
Installing a backdoor in order to enable two way communication with the devices
Sending an email with a link to a fictitious web portal login page
What is the purpose of a hypervisor?
It provides and monitor firewall services fro cloud computing.
It provides and services a gateway users and the internet
It creates and runs virtual machine
It monitors and logs network traffic for malicious packets
Which two basic metrics should be taken into consideration when assigning a severity to a vulnerability during an assessment? (Choose 2)
The impacts than an exploit of the vulnerability will have on the organization
The age of the hardware running the software that contains the vulnerability
The likelihood that an adversary can and will exploit the vulnerability
The time involved in choosing replacement software to replace older systems
Which two private IPv4 addresses would be blocked on the internet to prevent security and performance issues? (Choose 2)
224.0.2.172
192.168.18.189
203.0.113.168
172.18.100.78
A corporation hires a group of experienced cyber criminals
DDos
Ransomware
APT
Man-in-the-middle
You need to transfer configuration files to a router across an unsecured network.
Telnet
HTTP
TFTP
SSH
Which activity is an example of active reconnaissance performed during a penetration test?
Using a browser to view the HTTP source code of company webpages
Gathering employee information from available web directories and social media
Searching the WHOIS database for the owner and technical contact information for domain
Performing an Nmap port scan on the LAN to determine types of connected devices and open ports
After 30 minutes, the website crashes again
Spear phishing
Ransomware
Denial of service
Social engineering
What enables the network security team to keep track of the operating system versions, security updates, and patches on end users devices?
Asset management
Security policies and procedures
Incident management
Business continuity planning
A remote worker is visiting a branch office to attend face to face meetings
The WAP is using open authentication.
The IP address of the laptop is not correct
The WAP is configured for MAC address filtering
The SSID is not broadcasting
National Institute of Standards and Technology (NIST) guidelines for user password security
4 characters
8 characters
16 characters
No minimum length
You are planning to work from home. Your company requires that you connect to the company networks the company (Choose 3)
Authorization of users
WAN management
Authentication of users
Password management
Confidentially of information
Integrity of data
A client connect to the corporate web server. You discover a large number of half open TCP connection to the server.
Ignore the half open connections because this is a normal part of the TCP three way handshake
Flush the DNS cache information
Change the connection protocol from HTTP to HTTPS
Take action to stop the TCP SYN flood attack
What is the main purpose of a disaster recovery plan as compared to a business continuity plan?
Limiting operational downtime
Allowing staff to continue to serve customers throughout a disaster
Keeping the business open in some capacity during a disaster
Restoring data access an an IT infrastructure as quickly as possible
What are two disadvantages of public vulnerability databases? (Choose 2.)
Threat actors can access the databases to learn how to vary their threats to avoid detection
It can take a long time for reported vulnerabilities to be investigated and approved for addition to the databases
It is costly for intelligene analysts to document and submit newly discovered vulnerabilities
Publicly available databases are incompatible with most security platformms
Which network security technology passively monitors network traffic and compares the captured packet stream with known malicious signatures?
Proxy Server
Honeypot
IDS
IPS
What should you create to prevent spoofing of the internet network?
An ACL
A DNS record
A NAT rule
A record in the host file
Which macOS security features encrypts the entire macOS volume?
Gatekeeper
FileVault
XProtect
System Integrity Protection (SIP)
A new operating system security patch has been released. Before deploying it to endpoints, you need to test the patched operating system in a safe and isolated environment. Which technology provides these testing benefits?
Honeypot
Virtual Machine
Demilitarized zone
Quarantined network
Which type of attack occurs when threat actors utilize botnets on several computers to overwhelm a targeted web server?
DoS
DDoS
Ransomware
Man-in-the-middle
{"name":"Security - take the quiz", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Welcome to the ultimate quiz designed for those who want to deepen their understanding of cybersecurity and compliance. Test your knowledge on essential topics such as HIPAA safeguards, risk management, and the latest security technologies!Key features of the quiz:43 comprehensive questionsA mix of multiple choice and checkbox answersImmediate feedback on selected answers","img":"https:/images/course5.png"}
More Quizzes
ITEC MIDTERMS
452225
Security Plus 10q Part 2
10525
Understanding Information Security
211015
Quiz 16
10512
Cybersecurity Knowledge Challenge
1058
الرشودي صح | خطاء
28140
Part 1
251219
Security Plus 10Q P3
10514
CISSP CR
1160
Info Security Chapter 1
20100
IAS Midterm Reviewer (all answers lower letters)
1497452
Seguridad 7
1059