窗体顶端

Question 1: What is the most effective guidance for a network analyst aiming
to configure a new firewall in accordance with the organization's
requirements?

Use industry best practices for firewall configuration.

Apply personal expertise to determine the optimal configuration.

Refer to the organization's security policy and follow documented procedures.
(Correct)

Consult with external cybersecurity experts for advice.

Question 2: Which type of recovery facility may take more than a day or two
to be activated?

Hot site

Warm site (Correct)

Cold site

Mobile site


窗体底端
窗体顶端
Question 3: Which access control model grants access based on attributes like
date and time?

Mandatory Access Control (MAC)

Role-Based Access Control (RBAC)

Discretionary Access Control (DAC)

Attribute-Based Access Control (ABAC) (Correct)

窗体底端
窗体顶端
Question 4: Which of the following is a set of tools aimed at maintaining
elevated access to a system and capable of evading detection?

Malware

 Virus

APT

Rootkit (Correct)

窗体底端
窗体顶端
Question 5: Which of the following describes data in transit?

Data stored on a local server

Data at rest in a database

Data archived for long-term storage

Data moving between devices in a network (Correct)

窗体底端
窗体顶端
Question 6: Which control is both physical and administrative and can deter
an intruder?

Warning sign (Correct)

Tailgating

Policy

Attendance register

Question 7: Which type of control is a fence?


Detective

Preventive(Correct)

Corrective

Compensating
 窗体底端
窗体顶端
Question 8: Which of the following is an administrative control?

Soft Token

Patch

Algorithm

Guideline (Correct)

窗体底端
窗体顶端
Question 9: Which mechanism enables worms to self-propagate?

Firewall setting

Encryption techniques

User authentication

Vulnerabilities(Correct)

窗体底端
窗体顶端
Question 10: Which encryption method uses a single key for ciphering and
deciphering?

Public key

Symmetric(Correct)

Hybrid key

Asymmetric
 窗体底端
窗体顶端
Question 11: What term is used to describe a security incident that resulted in
unauthorized access to information?

Vulnerability

Compromise(Correct)

Phishing

Malware

窗体底端
窗体顶端
Question 12: What type of control is CCTV that will give you digital access to
an information system?

Administrative

Physical

Technical(Correct)

Detective

Question 13: Which of the following techniques can be used to prevent XSS
attacks?

Encryption

Input Validation(Correct)

Firewall Configuration

Password Complexity

窗体底端
窗体顶端
 Question 14: Which of the following is not an administrative control?

Antivirus (Correct)

Security Awareness Training


Incident Response Policy

Mandatory Vacation

窗体底端
窗体顶端
Question 15: What is a list that displays all the objects in which a subject has
access to and the associated permissions for each object?

Capability list(Correct)

Object list

Subject list

Control matrix

Question 16: Which of the following access control models is best suited for a
user who wants to have full control of the files they create and who can access
them?

Mandatory Access Control (MAC)

Role-Based Access Control (RBAC)

Discretionary Access Control (DAC)(Correct)

Attribute-Based Access Control (ABAC)

窗体底端
窗体顶端
Question 17: Which of the following methods ensures that the appropriate
people are timely informed of an incident or disaster?

Call tree(Correct)
 Backup schedule

Email notifications

Social media updates

窗体底端
窗体顶端
Question 18: Which of the following is considered an effective threat
intelligence source?

Dark Web forums (Correct)

Social media chats


Local news channel

Newspaper

窗体底端
窗体顶端
Question 19: Which of the following terms represents the product of the
probability of a harmful event taking place with the impact it will have on the
organization?

Vulnerability

Threat

Risk (Correct)

Exploit

窗体底端
窗体顶端
Question 20: Which access control model is predominantly utilized by military
personnel and government officials?

Discretionary Access Control (DAC)
 Mandatory Access Control (MAC)(Correct)

Role-Based Access Control (RBAC)

Attribute-Based Access Control (ABAC)

窗体底端
窗体顶端
Question 21: Which of the following strategies is primarily focused on
minimizing the risk of potential attacks on the organization's network?

Incident Response Planning

Security Awareness Training

Network Encryption

Vulnerability Management (Correct)

窗体底端
窗体顶端
Question 22: Which of the following represents the primary goal of security
governance?

Ensuring compliance with industry regulations

Managing day-to-day security operations

Implementing the latest cybersecurity technologies

Aligning the security strategy with the organizational objectives (Correct)

窗体底端
窗体顶端
Question 23: Which of the following backup solutions backs up all files that
have changed since the last backup of any kind?

 Full

Incremental(Correct)

Differential

Snapshot

Question 24: Which critical activity is part of the risk identification process in
cybersecurity

Patch management

Vulnerability scanning

Asset inventory population(Correct)

Firewall configuration

Question 25: Which of the following information can a hacker easily obtain
from running passive scans on a network?

User credentials and passwords

Hardware configurations

Network settings

Open ports and services(Correct)

窗体底端
窗体顶端
Question 26: Which of the following is a recommended way to prevent buffer
overflow attacks?

Network segmentation

Strong password policies

Encryption

Static code analysis (Correct)
 窗体底端
窗体顶端
Question 27: Which of the following is considered an administrative control?

Incident Response Plan (Correct)

IPS (Intrusion Prevention System)

Metal Detector

ID Card

窗体底端
窗体顶端
Question 28: Which access control model is designed to grant object access to
a subject based on their role?

Mandatory Access Control (MAC)

Role-Based Access Control (RBAC)(Correct)

Discretionary Access Control (DAC)


Rule-Based Access Control (RuBAC)

窗体底端
窗体顶端
Question 29: Which of the following control types is a vulnerability scanner?

Technical (Correct)

Administrative

Physical

Detective

Question 30: Which of the following represents the primary goal of

implementing risk management in an organization?

Ensuring 100% security

Identifying and assessing risks to apply appropriate security controls(Correct)

Implementing the latest cybersecurity tools

Achieving regulatory compliance

窗体底端
窗体顶端
Question 31: Which of the following principles aims to prevent any single
individual from having complete control over all processes in a sensitive
transaction?

Least Privilege

Separation of Powers

Segregation of Duties(Correct)

Two-Factor Authentication

窗体底端
窗体顶端
Question 32: What is the primary objective of implementing logical controls?

Monitor network traffic

Administer access to computing and networking devices(Correct)


Encrypt data in transit

Detect and prevent malware

窗体底端
窗体顶端
 Question 33: In implementing rules and defining access control permissions
within Discretionary Access Control (DAC), what is a fundamental concept that
can be employed?

Security Labels

Policy

Roles

Access Control Matrix(Correct)

窗体底端
窗体顶端
Question 34: Which of the following uses radio waves for contactless
communication with a reader?

RFID card(Correct)

Smart card

Access card

Magnetic stripe card

窗体底端
窗体顶端
Question 35: Which of the following represents the fundamental process that
converts ciphertext to plaintext?

Key generation

Encryption

Hashing

Decryption(Correct)

窗体底端
窗体顶端
Question 36: Which of the following aims at reducing the probability and
impacts that result from a security incident?

Threat assessment

Security control(Correct)

Security awareness training

Incident response plan


Question 37: Which of the following represents DAC?


Users must request access rights from administrators.

Access rights are automatically assigned based on user roles.

Users themselves assign access rights based on their discretion.(Correct)

Access rights are predefined and cannot be changed.

窗体底端
窗体顶端
Question 38: What is a benefit of CIDR notation?

Enhanced security measures

Improved data transfer speeds

Simplified device configuration

Flexibility in segmenting the network address space (Correct)

Question 39: Which process transforms unreadable data into a readable

format?

Encryption

Hashing

Compression

Decryption (Correct)
 窗体底端
窗体顶端
Question 40: Which portable device features a chip embedded mainly for
access control?

Smartphone

USB Flash Drive


Laptop

Smart Card(Correct)

窗体底端
窗体顶端
Question 41: Which of the following activities is less likely to be a primary
objective in the context of system hardening?

Enforcing strong password policies

Regularly updating and patching software


Conducting security awareness training for users

Allowing users to install and update software without restriction(Correct)

窗体底端
窗体顶端
Question 42: Which of the following represents the primary process aimed at
remediation of discovered vulnerabilities in information assets?

Threat modelling

Security awareness training


Patch Management(Correct)

Penetration testing

Question 43: Which of the following activities is involved in determining the

critical organizational functions to establish their recovery prioritization?

Risk assessment

Business Impact Analysis (BIA)(Correct)

Incident response

Configuration management

窗体底端
窗体顶端

Question 44:
Which of the following represents the primary source for the security
requirements that all members of the organization should abide by?

Security framework

Security guideline

Security procedure

Security policy(Correct)


Question 45: Which activity involves analyzing potential threat situations and
assets to rank the consequences and impacts to the organization?

Incident response

Vulnerability assessment

Quantitative risk assessment

Qualitative risk assessment(Correct)

窗体底端
窗体顶端
Question 46: What tool may be used to alert about and prevent abnormal
activity observed in the network?

IDS

 IPS(Correct)

SIEM

Logging

Question 47: What is a significant drawback of qualitative risk analysis?


Lack of documentation

Subjectivity(Correct)

Overemphasis on quantitative metrics

Rigidity in risk assessment methodologies

窗体底端
窗体顶端
Question 48:Which of the following are detective controls?

Alarms

Keypad lock

Lighting

Camera (Correct)

窗体底端
窗体顶端
Question 49: Which cybersecurity concept involves the implementation of
multiple security control layers to provide a comprehensive defense against
various threats?

Perimeter security

Defense-in-Depth(Correct)

Endpoint protection

Access control
 窗体底端
窗体顶端
Question 50: Which of the following represents the primary purpose of
ransomware in a cybersecurity attack?

Data exfiltration

System infiltration

Unauthorized access

File encryption (Correct)

窗体底端
窗体顶端
Question 51: Which of the following is an access control model?

DLP

NGF

IPS

MAC (Correct)

窗体底端
窗体顶端
Question 52: Which security measure can concurrently safeguard
confidentiality and integrity without explicitly ensuring availability?

Firewall

Intrusion Detection System

Cryptography(Correct)

Access Control List
 窗体底端
窗体顶端
Question 53: Which of the following is the most reliable source of evidence in
a cybersecurity forensic investigation focusing on access events in a system?

Configuration settings

System backups

Antivirus reports

Logs(Correct)

窗体底端
窗体顶端
Question 54: Which of the following types of malware can pretend to be a
legitimate word document?

Adware

Worm

Spyware

Trojan(Correct)

窗体底端
窗体顶端
Question 55: Which of the following terms refers to a table that contains
subjects, objects, and permissions along with how they are related to each
other?

Security Policy

Access Control List

Access Control Matrix(Correct)

Authentication Protocol
 窗体底端
窗体顶端

Question 56: Which of the following represents a primary consideration when

implementing an Acceptable Use Policy (AUP) in cybersecurity?

Encryption methods

User authentication

Employee training and awareness(Correct)

Network segmentation

Question 57: What is a primary consideration when implementing a BYOD

policy?

Providing unlimited access to corporate resources

Restricting employees from using personal devices

Enforcing compliance with various types of devices(Correct)


Ignoring security implications

窗体底端
窗体顶端
Question 58: Which of the following is the primary objective focused on
recognizing and ranking potential threats confronted by an organization to
implement appropriate measures for reduction or elimination?

Threat intelligence

Vulnerability assessment

Risk Management(Correct)

Incident detection

窗体底端
窗体顶端
 Question 59: Which of the following poses a threat to physical security?

Malware

SQL injection

DoS

Vandalism (Correct)

窗体底端
窗体顶端
Question 60: Which process produces fixed output strings from variable
inputs?

Hashing(Correct)

Encryption

Compression

Encoding

Question 61: Which of the following represents a network of compromised

machines that are remotely controlled by an attacker?

Botnet(Correct)

Infected Network

Incognito

Tor Browser

窗体底端
窗体顶端
Question 62: What document shall set requirements for the creation,
updating, and management of passwords?

Security Policy

Password Policy (Correct)
 Access Control Policy

Encryption Policy

窗体底端
窗体顶端
Question 63: Which control is most effective in deterring unarmed intruders
from a cold site?

Guard dogs(Correct)

Fence

Warning sign

Policy


Question 64: What security measure is capable of reducing the attack surface?

Intrusion Detection System (IDS)

Antivirus Software

System hardening(Correct)

Network segmentation
Question 65: What is a key advantage of quantitative risk analysis?

Increased stakeholder communication

Subjective risk assessment


Enhanced risk awareness

Objectivite (Correct)

窗体底端
窗体顶端
 Question 66: Which of the following best describes a condition in which a
system, network, or application has a weakness that could be intentionally
triggered or exploited to compromise the confidentiality, integrity, or
availability of information?

Vulnerability

Threat

Exposure(Correct)

Risk

Question 67: What security principle is impacted when a botnet army floods
packets to a server?

Confidentiality

Integrity

Authentication

Availability(Correct)

窗体底端
窗体顶端
Question 68: Which of the following terms is used to describe a system or
network weakness that can be exploited or compromised by a threat source?

Threat

Exploit

Risk

Vulnerability(Correct)

Question 69: Which of the following methods could an attacker employ to

gather information about devices in the target network?

Phishing

Scanning(Correct)
 Encryption

Authentication

窗体底端
窗体顶端
Question 70: What is a major cause of buffer overflow vulnerabilities?

Insufficient network monitoring

Poor programming practice(Correct)

Weak password policies


Inadequate firewall protection

\窗体底端
窗体顶端
Question 71: Which of the following is a crucial and ongoing activity necessary
to uphold the business continuity plan?

Network monitoring

System patching

Data backup

Training and re-assessment of personnel(Correct)

窗体底端
窗体顶端
Question 72: Which of the following attack vectors allows an attacker to
execute malicious scripts on a victim’s machine through a website trusted by
the target?

Cross-Site Scripting (XSS)(Correct)

SQL Injection
 Man-in-the-Middle (MitM) Attack

Distributed Denial of Service (DDoS) Attack

Question 73: What method is considered the most effective for testing a
business continuity plan to simulate a real disaster scenario?

Tabletop exercise

Checklist review

Partial interruption test

Executing a full interruption test(Correct)

窗体底端
窗体顶端
Question 74: Which tool is commonly employed for managing authentication
and identities in cybersecurity?

Antivirus software

Firewall

Intrusion Detection System

Directory Services(Correct)

窗体底端
窗体顶端
Question 75: Which of the following CIDR notations represents the subnet
mask 255.0.0.0?

/8(Correct)

/16

/24

/32

窗体底端
 窗体顶端
Question 76: What type of malware is designed to capture events occurring
on a system and transmit them to a remote attacker?

Adware

Ransomware

Spyware(Correct)

Worm

Question 77: Which of the following are preventive controls?


Mantrap(Correct)

Guideline

Awareness Training

Proximity Sensor

窗体底端
窗体顶端
Question 78: Which of the following represents rules established by
governmental agencies to enforce legal requirements?

Policies

Procedures

Standards

Laws(Correct)

窗体底端
窗体顶端
Question 79: Which of the following documents within an organization
consists of executive leadership statements outlining requirements for the
security program?

Incident response plan

Security awareness training materials

 Security Policy(Correct)

Risk management framework

窗体底端
窗体顶端
Question 80: During which phase of the incident response plan are the goals,
mission, and strategy defined?

Detection

Preparation (Correct)

Containment

Eradication

Question 81: Which of the following aspects of change management involves

maintaining a record of changes to a system to facilitate the rollback to
previous states?

Version Control(Correct)

Risk mitigation

Incident detection

Compliance monitoring

窗体底端
窗体顶端
Question 82: What is a malicious software program aimed at compromising a
system, network, or information asset?

Spim

Spam

Patch

Malware (Correct)
 窗体底端
窗体顶端
Question 83: Which of the following are administrative controls?

Firewall, antivirus, disk encrypter

Bollard, cameras, locks

Fence, gates, walls

Background checks, mandatory vacation, job rotation (Correct)



Question 84: Which of the following are physical controls?


Policy, guideline, standard

Bollards, fences, cameras(Correct)

IDS, IPS, SIEM

MAC, DAC, RBAC

窗体底端
窗体顶端
Question 85: Which technical control can be employed to regulate and
manage network traffic based on specified rules?

Intrusion Detection System (IDS)

Antivirus Software

Firewall(Correct)

Virtual Private Network (VPN)

Question 86: Which technical control is commonly employed to identify and

detect malicious activity within network traffic?

Antivirus software

Firewall
 Intrusion Detection System (IDS)(Correct)

Virtual Private Network (VPN)

Question 87: Which of the following is a social engineering attack?


Password Cracking

Jailbreaking

Reverse Engineering

Shoulder Surfing(Correct)

窗体底端
窗体顶端
Question 88: Which of the following measures is least effective in preventing
physical attacks?

Sealed door

Wall

Bollards

CCTV(Correct)

窗体底端
窗体顶端
Question 89: Which of the following represents the primary goal of
implementing data security measures?

Enhancing system performance

Ensuring data availability

Preventing unauthorized access to the information(Correct)

Streamlining data storage

 Question 90: Which of the following terms is used to denote the acceptable
amount of data loss when a disaster occurs?

RTO

RPO(Correct)

MTBF

MTTR

窗体底端
窗体顶端
Question 91: After a disaster has occurred, what is the maximum allowable
time that can elapse before business services must become operational?

RPO

MTBF

MTTR

RTO (Correct)

窗体底端
窗体顶端
Question 92: Which activity is not commonly part of security awareness
training?

Security policy guidance

Advanced hacking demonstrations(Correct)

Password best practices


Clear desk policy

Question 93: Which of the following represents a method a hacker uses to

compromise security without the use of technical skills?

Installing malware

Exploiting software vulnerabilities

Brute force attacks

Social engineering(Correct)

窗体底端
窗体顶端
Question 94: Which method is considered the most secure for exchanging a
symmetric cryptographic key?

Out-of-band distribution(Correct)

Public key exchange


In-band distribution

Key escrow


Question 95: What is the primary success factor of social engineering?


Lack of awareness(Correct)

Hacker technical skills


Lack of sophisticated security tools

Insufficient artificial intelligence

Question 96: At which layer of the OSI model does SMTP operate?

Physical

Data Link

Network

Application(Correct)
 窗体底端
窗体顶端
Question 97: Which of the following represents the correct order of layers in
the OSI model from layer 1 to 7?

Physical, Data Link, Network, Transport, Session, Presentation, Application.
(Correct)

Data Link, Physical, Network, Session, Transport, Presentation, Application.


Application, Presentation, Session, Transport, Network, Data Link, Physical.

Physical, Network, Data Link, Transport, Presentation, Session, Application.

窗体底端
窗体顶端
Question 98:In the TCP/IP model, what is the correct order of layers from
bottom to top?

Internet → Network Access → Transport → Application.

Network Access → Internet → Transport → Application.(Correct)

Transport → Internet → Network Access → Application.

Application → Transport → Internet → Network Access.

Question 99: Which of the following are frameworks that provide best
practices for achieving an objective?

Standards (Correct)

Regulations

Guidelines

Policies
 窗体底端
窗体顶端
Question 100: Which of the following represents a passive attack?

Phishing

Side Channel (Correct)

Malware

DDoS