Security - take the quiz | Take the Quiz

Generate an image of a person taking a cybersecurity quiz on a laptop, surrounded by security icons like locks, firewalls, and data shields. The background should feature a bright and engaging workspace.

Master Your Security Knowledge

Welcome to the ultimate quiz designed for those who want to deepen their understanding of cybersecurity and compliance. Test your knowledge on essential topics such as HIPAA safeguards, risk management, and the latest security technologies!

Key features of the quiz:

43 comprehensive questions
A mix of multiple choice and checkbox answers
Immediate feedback on selected answers

43 Questions11 MinutesCreated by SecureGuard412

You work for a community health care organization that uses an electronic health record (EHR) system. You need to implement the physical and technical safeguards required by HIPAA Which two approaches should you use to verify that the EHR system is compliant with those safeguards? (Choose 2.) Note: You will receive partial credit for each correct selection.

Penetration testing

Security awareness training

IT auditing

Automatic log-off implementation

While conducting a risk evaluation at your company, you identify risks that are related to the web server located in the office. The risks include hardware and software failure as well as web service interruption caused by cyber attacks. You recommend purchasing insurance and a maintenance contract to help mitigate the risks. Which risk mitigation strategy is this an example of?

Risk reduction

Risk acceptance

Risk transfer

Risk avoidance

Which classification of security alert is the greatest threat to an organization because it represent undetected exploits?

True negative

False positive

False negative

True positive

What does hashing provide for data communication?

Data non-reputation

Data integrity

Origin authentication

Data confidentiality

You are a security technician. You just completed a full scan of a Windows 10 PC. Where should you go to view the scan result?

Windows Application Logs

Windows Security

Windows System Logs

Windows Task Manager

Which data type is protected through hard disk encryption?

Data in transit

Data in use

Data at rest

Data in process

You need to allow employees to access your company's secure network from their homes. Which type of security should you implement?

IDS

SNMP

VPN

BYOD

In order to do online banking, you enter a strong password and then enter the 5-digit code sent to you on your smartphone. Which type of authentication does this situation describe?

AAA

Multifactor

VPN

RADIUS

After an administrator install an operating system update on a laptop, the laptop user can no longer print to their wireless printer.

Reinstall the same service pack

Update the firmware on the laptop

Check for patches for wireless printers

Install a new device river for the wireless printer

Which command displays both the configured DNS server information and the IP address resolution for a URL?

Nslookup

Traceroute

Ping

Nmap

A security analyst discover that a hacker was able to gain root access to an enterprise (Linux server.) root user

Privilege escalation

DDos

Brute force

Buffer overflow

You need to filter the websites that are available to employees on the company network. Which type of device should you deploy?

Honeypot

IPS

Proxy server

IDS

The analyst enters the ls -l command in the terminal.

To display the file permissions and ownership of the executable file

To display the content of a text file

To navigate to the folder that is passed as an argument to the command

To open a text editor

Which three authentication factors are valid for use in a multifactor authentication scenario? (Choose 3)

Your organization's SIEM system + URL

Block the URL by placing it on the network block list

Ask users why the visited the website

Visit the URL to determine whether the website is legitimate

Submit the URL to a threat intelligence portal for analysis

What are two natural disasters that would cause a company to implement a disaster recovery plan? (Choose 2)

Nuclear contamination

Floods

Hazardous material spills

Volcanic eruptions

Your home network seems to have slowed down considerably.

Create an IP access control list

Change the network SSID

Implement MAC address filtering

Block the host IP address

You issue the netstat -l command to display all TCP ports that are in the Listening state

The ports are open on the system and are waiting for connection

The state of the connection on the ports is unknown

The ports are actively connected to another system process

The remote end disconnected and the ports are closing

Several staff members are experiencing unexplained computer crashes (Choose 2)

Deploy a policy to install and automatically update antivirus and anti-malware software

Reinstall Widows on the affected workstations

Scan affected workstations and remove malware

Configure the network firewall to block malware from entering the internal network

As a security officer, you notice that the hyperlink points to an unknown party.

Spear phishing

Vishing

Smishing

Ransomware

You are working with the senior administration team to identify which risks are acceptable. Which paste of risk management are you in?

Determining a risk profile

Choosing risk strategies

Mitigating risks

Measuring residual risk

Which activity by an adversary is an example of exploit that is attempting to gain users credential

Obtaining a directory listing of files located on the web database server

Executing a remote port scan of all enterprise registered IP adresses

Installing a backdoor in order to enable two way communication with the devices

Sending an email with a link to a fictitious web portal login page

What is the purpose of a hypervisor?

It provides and monitor firewall services fro cloud computing.

It provides and services a gateway users and the internet

It creates and runs virtual machine

It monitors and logs network traffic for malicious packets

Which two basic metrics should be taken into consideration when assigning a severity to a vulnerability during an assessment? (Choose 2)

The impacts than an exploit of the vulnerability will have on the organization

The age of the hardware running the software that contains the vulnerability

The likelihood that an adversary can and will exploit the vulnerability

The time involved in choosing replacement software to replace older systems

Which two private IPv4 addresses would be blocked on the internet to prevent security and performance issues? (Choose 2)

224.0.2.172

192.168.18.189

203.0.113.168

172.18.100.78

Which activity is an example of active reconnaissance performed during a penetration test?

Using a browser to view the HTTP source code of company webpages

Gathering employee information from available web directories and social media

Searching the WHOIS database for the owner and technical contact information for domain

Performing an Nmap port scan on the LAN to determine types of connected devices and open ports

What enables the network security team to keep track of the operating system versions, security updates, and patches on end users devices?

Asset management

Security policies and procedures

Incident management

Business continuity planning

A remote worker is visiting a branch office to attend face to face meetings

The WAP is using open authentication.

The IP address of the laptop is not correct

The WAP is configured for MAC address filtering

The SSID is not broadcasting

National Institute of Standards and Technology (NIST) guidelines for user password security

4 characters

8 characters

16 characters

No minimum length

You are planning to work from home. Your company requires that you connect to the company networks the company (Choose 3)

A client connect to the corporate web server. You discover a large number of half open TCP connection to the server.

Ignore the half open connections because this is a normal part of the TCP three way handshake

Flush the DNS cache information

Change the connection protocol from HTTP to HTTPS

Take action to stop the TCP SYN flood attack

What is the main purpose of a disaster recovery plan as compared to a business continuity plan?

Limiting operational downtime

Allowing staff to continue to serve customers throughout a disaster

Keeping the business open in some capacity during a disaster

Restoring data access an an IT infrastructure as quickly as possible

What are two disadvantages of public vulnerability databases? (Choose 2.)

Threat actors can access the databases to learn how to vary their threats to avoid detection

It can take a long time for reported vulnerabilities to be investigated and approved for addition to the databases

It is costly for intelligene analysts to document and submit newly discovered vulnerabilities

Publicly available databases are incompatible with most security platformms

Which network security technology passively monitors network traffic and compares the captured packet stream with known malicious signatures?

Proxy Server

Honeypot

IDS

IPS

What should you create to prevent spoofing of the internet network?

An ACL

A DNS record

A NAT rule

A record in the host file

Which macOS security features encrypts the entire macOS volume?

Gatekeeper

FileVault

XProtect

System Integrity Protection (SIP)

A new operating system security patch has been released. Before deploying it to endpoints, you need to test the patched operating system in a safe and isolated environment. Which technology provides these testing benefits?

Honeypot

Virtual Machine

Demilitarized zone

Quarantined network

Which type of attack occurs when threat actors utilize botnets on several computers to overwhelm a targeted web server?

DoS

DDoS

Ransomware

Man-in-the-middle

Unlock and Upgrade

Remove all limits from your Quizzes

Security - take the quiz

Master Your Security Knowledge

More Quizzes