TSSC
Cybersecurity Challenge: Test Your Knowledge
Welcome to the Cybersecurity Challenge! This quiz is designed for individuals looking to test their understanding of various cybersecurity concepts, protocols, and practices.
- Assess your skills across 30 engaging questions
- Improve your knowledge in data protection, network security, and cryptography
- Sharpen your skills for personal or professional development
What protocol at layer 2 will you use to enable authentication on wired Ethernet network?
802.11ac
MAC
NAC
802.1x
A system administrator has problems with the “return-to-libc” attack (i.e., hackers can compute offsets between application and libraries in an offline manner). Which security mechanism should be deployed?
ASLR
DEP
TPM
KMCI
After investigating a network, an administrator has determined that the confidential data has been stolen by concealed within a larger picture. What method did the attacker used?
OS-level
Encryption
Unused disk sectors
Steganography
In order to protect against Brute Force Attack (BFA), which system should an administrator implement?
Setuid
Key-length complexity
String sanitize
Trusted Execution Environment
A user reports that is he cannot access a file and asks the administrator for permissions. Which of the following access control models is used?
Mandatory (vrem ca doar administratorul sa aiba control pentru schimbarea permisiunilor)
Role based
Discretionary
Rule-based
When using Data Execution Prevention (DEP) for protecting the executable space, is it possible for a user to write and execute a memory page consecutively (i.e., after modifying the NX bit)?
No, DEP protects from consecutively writes and execute
Yes, only from a root/ administrator account
Yes, DEP is used to randomize memory pages that can then be writable and executable
No, DEP protects from simultaneous writes and executes
Catherine is the data owner for the ISC company. She has asked the network administrator that she has the ability to assign read/ write privileges to her files. Which of the following systems should be deployed?
Discretionary
Role-based
Mandatory
Rule-based
When investigating a computer for possible electronic fraud, what should an investigator do first?
Hire another expert for a second opinion
Make sure that all activities are logged
Shutdown the system
Pray
Emilian receives an e-mail, but the email client says that the digital signature is not valid. Which of the following concept is broken?
Availability
Confidentiality
Integrity
Remediation
When looking for an Isolated Execution Environment, which of the following hardware platforms can be used to provide this feature?
Trusted Platform Module (TPM)
Transport Layer Security (TLS)
Data Execution Prevention (DEP)
Intel Software Guard Extensions (SGX)
Making data appear as if it is coming from somewhere other than its original source is known as what?
Phishing
Hacking
Spoofing
Cracking
To handle a large number of virtual private network (VPN) connections for a corporate network, which device would you deploy?
Proxy server
Load balancer
Network firewall
VPN concentrator
When designing a web based client-server application, with a single application server and a database cluster backend, input validation should be performed on which endpoint?
Within Javascript on client side
Not required when using HTTPS
As a browser extension
On the application server
Which of the following hardware security modules can be used to encrypt Veronica’s Laptop?
HIDS
HSP
USB
TPM
Which of the following would most likely be considered for Data Loss Prevention?
USB mass storage device
Proxy server
Application server content
Print server
Which type of network monitoring system employs an unacceptable traffic pattern database?
Symmetric encryption based
Anomaly-based
Signature based
Public key cryptography based
Florin sends out an email and the company wants to prove he did so. Which concept should they implement?
Authenticity
Non-repudiation
Integrity
Confidentiality
Mugur wants to use a type-1 hypervisor, which of the following defines this type of hypervisors?
Application hypervisor
OS-level hypervisor
Hybrid hypervisor
Bare metal hypervisor
Which of the following hardware security mechanism is used to allow a secure boot for most operating systems?
Trusted Platform Module (TPM)
Address Space Layout Randomization (ASLR)
Intel Software Guard Extensions (SGX)
ARM TrustZone
If one wants to reduce the attack surface of an operating system, which of the following is the best answer to accomplish this?
Update antivirus software
Install updates
Disable unnecessary services
Install a firewall
Which of the following cryptographic related browser settings allows an organization to access remote web server securely?
3DES
TLS
Trusted sites
HMAC
Which characteristic of cryptographic keys makes them resistant to brute force attacks?
Passphrases
Encryption algorithm
Complexity
Bit length
What is it known as when an application runs in its own environment and does not interfere with other processes?
Quarantine
VPN
Honeypot
Sandbox
What type of device or service would you deploy to decrease the number of unwanted email messages your users receive?
Firewall
Antivirus software
Protocol analyzer
Spam filter
What is the protection mechanism deployed by modern mobile operating systems in order to isolate one process from another, and also from the operating system?
Vetting process
ASLR
Sandboxing
DEP
A web security administrator limits input fields on the web page and filters special characters on server-side. Which of the following attacks is trying the administrator to mitigate?
Fuzzing
XSS (Cross-site scripting)
Spoofing
Phishing
Florin wants to ensure that all external traffic reaches his front-end servers but also wants to protect access to his internal resources. What network design element is most suitable?
VLAN
NAT
DMZ
Virtualization
Which of the following is not part of the 3-level authentication methods?
Something you are
Something you own
Someone you know
Something you have
{"name":"TSSC", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Welcome to the Cybersecurity Challenge! This quiz is designed for individuals looking to test their understanding of various cybersecurity concepts, protocols, and practices.Assess your skills across 30 engaging questionsImprove your knowledge in data protection, network security, and cryptographySharpen your skills for personal or professional development","img":"https:/images/course1.png"}
More Quizzes
Directory and Files Discovery
320
Cyber 2
15822
Quiz 6
1586
2019 PCI OWASP Top Ten Quiz
12632
SSRF, impacts of SSRF, prevention of SSRF, SSRF attack scenarios, SSRF with metadata url in cloud systems
13623
CySA+ Practice Questions 1
1588
CSRF, how this attack works, prevention, impacts of csrf
13618
SIGURNOST
10452299
امن المعلومات
39200
Quiz 17
15810
Cyber
15821
IAS TERMINOLOGY REVIEWER [no caps and no commas :)]
924690