Quizzes for cyber

You have excellent technical acumen. Part of your responsibilities where you work include overlooking daily operations as well as analyzing and designing security solutions in a specific area. You encounter a situation that needs to be escalated. Which of the following are you most likely to approach with the situation?

CIO
CISO
Security manager
Security administrator

Security manager

A broker launches a variety of attacks to find a weakness that will lead to financial gain. What activity is the broker most likely to engage in?

Sell information about a discovered vulnerability
Obtain, repackage, and sell pirated software
Create and sell malicious software to the highest bidder
Steal classified information against a competitor

Sell information about a discovered vulnerability

What would motivate organized crime actors to add cyberattacks to their portfolio of malicious activities?

Increased financial gain
Espionage
Create chaos
Philosophical beliefs

Increased financial gain

A criminal organization has decided to leave their traditional ways and pursue cyberattacks as their new mode of operation. Why would they do this?

Generate disruption
Less competition
Easier to hide their tracks
Political beliefs

Easier to hide their tracks

A friend gets a virus and asks if you can help them fix the problem. You boot the computer with a bootable flash drive containing security-related tools and remove the virus. What type of control did you employ?

Deterrent
Directive
Corrective
Compensating

Corrective

A new piece of hardware has a specific IP address and supports Telnet and FTP connections so that it could be configured through a network connection. Leaving the device in this state could lead to a breach due to what type of vulnerability? Select three.

Open ports and services
Default settings
Firmware
Unsecure protocols
Zero-day

Open ports and services
Default settings
Unsecure protocols

A visitor is trying to access a military base. The visitor needs to supply their license and enter other personal information via a kiosk. The visitor is eventually allowed to enter the base but is limited to certain areas only. What security principles are being employed? Select two.

Availability
Authentication
Accounting
Authorization
Confidentiality

Authentication
Authorization

A threat actor does research, including Google searches, and discovers the cleaning establishment used by the company they want to target. The threat actor gets a job with the cleaning establishment for the sole purpose of obtaining any information that will help in their malicious efforts. What type of attack is the threat actor most likely to engage in?

Google dorking
Shoulder surfing
Dumpster diving
Cyber espionage

Dumpster diving

Karlo installs an alarm system that is capable of emitting and detecting a signal in the light spectrum. The capability serves the purpose of detecting motion and how close an object is in a limited space. Which of the following best describes the type of signal the emitter can transmit?

Light-emitting
802.11
Microwave
Infrared

Infrared

What type of security buffer are you most likely to encounter at a high-security data center that enforces restricted access and requires a security clearance to gain entry.

Security guards and barriers
Access control vestibule
Restricted security waiting room
High-security reception area

Access control vestibule

Which of the following statements best describes how a Faraday cage prevents data leakage?

It is used to trigger an alarm if data devices are removed from the area.
It is used in cable conduits to protect data during transmission.
It is used in a crime scene to prevent the loss of data.
It is used to prevent EMI from escaping the enclosure.

It is used to prevent EMI from escaping the enclosure.

Which of the following examples best describes the states in which data could reside? Select three.

Data on a hard drive about to be accessed
Downloading an image from a website
Data that has been irreversibly corrupted by malware
Data that has been deleted and can no longer be recovered
Data sitting in RAM about to be transmitted

Data on a hard drive about to be accessed
Downloading an image from a website
Data sitting in RAM about to be transmitted

Which of the following statements is true regarding hashing?

Hashing is used to help secure both private and public keys.
Hashing can be used to help verify the integrity of a message.
ECC and RSA are examples of asymmetric hashing algorithms.
Hashing can be used to help encrypt a secure message digest.

Hashing can be used to help verify the integrity of a message.

Quinto wants to set up an encrypted folder on his computer running Microsoft Windows. Which of the following is Quinto most likely to use?

FileVault
GnuPG
EFS
FDE
TDE

EFS

You need to explain to the CEO of a company the differences between symmetric and asymmetric cryptographic algorithms. Which one of the following statements are you most likely to convey?

ECC is among the better asymmetric cryptographic algorithms.
Symmetric cryptographic algorithms use public key cryptography.
RSA is a sound asymmetric algorithm for low-power devices.
Symmetric cryptographic algorithms are more secure.

ECC is among the better asymmetric cryptographic algorithms.

Which of the following is a true statement regarding key exchange solutions?

Perfect forward secrecy uses random and different keys for each session.
ECDH uses elliptic curve cryptography with prime numbers to compute keys.
DHE uses the same key until the user-defined expiration timer is exhausted.
DH employs temporary keys that are used once and then they are discarded.

Perfect forward secrecy uses random and different keys for each session.

Which of the following statements best describes a challenge, if any, associated with securing low-powered devices with very fast response times?

There are no significant challenges securing low-powered devices.
Cryptographic algorithms require a lot of time and energy.
Due to their small size, it is considerably more expensive.
The response time of low-powered devices is inadequate.

Cryptographic algorithms require a lot of time and energy.

A web server is establishing a secure cryptographic connection in response to a client request. In the process, session keys will be created. Which of the following statements is true regarding session keys?

They are created immediately after the HelloServer message.
They are symmetric keys used to encrypt and decrypt traffic between a browser and web server.
They are created immediately after the ClientHello message.
They are asymmetric keys used to encrypt and decrypt traffic between a browser and web server.

They are symmetric keys used to encrypt and decrypt traffic between a browser and web server.

Onjolee wants to ensure she can use one digital certificate for www.mysite.com, www.mysite.org, and www.mysite.info. Which of the following best describes the type of digital certificate she should use?

SAN
EV
Multisite
Wildcard

SAN

You want to open an account with an online bank that is paying five percent interest because other banks are only paying two percent. You open a browser and go to bankofutopi.com but get a little suspicious. What can you do to help determine if this is a trusted site?

Check the digital signature.
Check the digital certificate.
Contact the certificate authority.
Contact the digital signature authority.

Check the digital certificate.

A company's network is infected with ransomware. They are told data has been stolen. In addition, they are told to pay a ransom to decrypt the data on their servers, or the stolen data will be released to the public. Which of the following would be the best option for the company?

There is no best option.
Decrypt the data themselves.
Restore data from their backups.
Pay the ransom.

There is no best option.

A company is developing an online app that will require users to sign in using their email and a password. What should the company do to prevent SQLi attacks?

Require an OTP
Physically secure the database servers
Filter inputs
Filter outputs

Filter inputs

A company determines that some of their computers are using specially coded attack commands that have been posted on certain social media sites. Every single one of the infected computers is considered a ________.

malicious actor
command and control node
bot herder
zombie

zombie

Jennifer's computer is infected due to a phishing scam. Based on the message presented, she is willing to pay in Bitcoin to regain access to her computer because she does not want to lose her video productions. However, she is having a difficult time launching a browser to pay the ransom. What type of malware was most likely installed?

Encrypting ransomware
Locking ransomware
Crypto ransomware
Blocking ransomware

Blocking ransomware

Florentina is analyzing a network and notices an unusual amount of traffic is being generated by some computers. Additional investigation reveals that most of the traffic is in the form of images being transmitted to an unfamiliar site. What specific type of malware was most likely installed on the compromised systems?

Exfiltration malware
Tracking software
Eavesdropping software
Software keylogger

Software keylogger

On December 15, a small company starts transitioning to a new accounting package during their holiday break. Suddenly, on January 2, when employees return to work at 9:00 a.m., all computers in the accounting department repeatedly shut down within 15 minutes of being powered up. What type of malware is likely to have infected the computers?

Backdoor
IoA triggered by an IoC
Logic bomb
Rootkit

Logic bomb

A security company is testing an unpatched server running an older OS connected to the internet in an isolated network. However, the anti-malware software installed on the server was consistently not able to detect a particular type of infection. What type of infection was least likely to be detected by the anti-malware app?

Worm
Trojan
Rootkit
Bot
Virus

Rootkit

Which of the following best describes the risks of installing bloatware that is not harmful and does not contain malware? Select two.

The bundle may contain an unpatched application.
It unnecessarily consumes resources on the computer.
It may inject advertising that interferes with web browsing.
In may contain malware unbeknownst to the user.

The bundle may contain an unpatched application.
It may inject advertising that interferes with web browsing.

A malicious actor manages to install a backdoor on a system. What are some of the most likely reasons why they would do this? Select two.

For privilege escalation purposes
To circumvent security protections
To mask impossible travel
To install bloatware

For privilege escalation purposes
To circumvent security protections

An attacker is the first malicious actor to discover a vulnerability in a software application and exploits it for considerable financial gain. What could have been done to prevent this situation?

Have the app tested by an external agency before releasing it.
There is a high probability that it could not have been prevented.
When coding, closely follow the security specifications in the requirements.
Ensure the internal software testing is more comprehensive.

There is a high probability that it could not have been prevented.

What type of entity would a threat actor most likely attack to steal design documents for a relatively recently announced government-issued contract to design and build a missile defense system?

For-profit organization
Enterprise
Individual
Government

Enterprise

which of the following accurately describes the differences or similarities between mainstream attack surfaces and specialized threat vectors? Select three.

An MSP is a typical example of a mainstream attack surface.
One targets client-based software, the other targets supply chain components.
A network is an example of a mainstream attack surface.
An imposter calling the elderly is exploiting a specialized threat vector.
Both are targeted with the same degree of frequency.

One targets client-based software, the other targets supply chain components.
A network is an example of a mainstream attack surface.
An imposter calling the elderly is exploiting a specialized threat vector.

An intruder breaks into a large storehouse. An ultrasonic sensor triggers the alarm one-quarter of a second after detecting the intruder. About how far was the intruder when the alarm was sounded?

172 meters
86 meters
343 meters
43 meters
21 meters

43 meters

A large complex is being constructed on a restricted site. They require a very high-speed, low maintenance (from a physical perspective) classified network. What type of PDS should they install?

Hardened carrier PDS
Alarmed carrier PDS
Secure carrier PDS
Protected carrier PDS

Alarmed carrier PDS

You are tasked with installing a system in a large warehouse that is capable of detecting levels of daylight to dim interior lights to conserve energy. In addition, if an intruder enters the warehouse an alarm should be triggered. The system you install will most likely support what type of signal/radio wave?

Passive infrared
Microwave
Wi-Fi
Ultrasonic

Microwave

One of the two security guards on duty at a company goes on a periodic patrol tour. The guard drives around the outside perimeter of the premises, which is under video surveillance. The guard also verifies there is no suspicious or abnormal activity in restricted areas. What type of security has this company adopted? Select two.

High-visibility security
Active security defense
Preemptive security controls
Two-person integrity
Proactive video surveillance

Active security defense
Two-person integrity

Which of the following can be included under the physical security controls umbrella? Select three.

Data leakage
Gel-based paint
Perimeter defenses
Regular chain-link fencing
Industrial camouflage

Data leakage
Gel-based paint
Perimeter defenses

Which key combination would the recipient of a message use to confirm the integrity of the message as well as the authenticity of the sender?

The sender's public key and the recipient's private key
The sender's private key and the recipient's public key
The sender's public key and the recipient's public key
The sender's private key and the recipient's private key

The sender's public key and the recipient's private key

After a recent breach in your industry, you are asked to ensure the databases your company uses are encrypted. They also request performance degradation be kept to a minimum. Which database encryption method are you most likely to implement?

Cell-level encryption
Table-level encryption
Column-level encryption
File-level encryption
Record-level encryption

File-level encryption

Weymouth works at a computer repair shop. A customer brings a hard drive claiming their computer crashed and they would like to restore the information on the drive. Weymouth installs the drive in a computer case as a secondary drive but is not able to access the data. Which of the following is a probable cause? Select two.

Partition-level encryption
FDE
BitLocker
MBR/GPT-level encryption
Volume-level encryption

FDE
BitLocker

A fifth-grade teacher shows the class a message encrypted using ROT13. After explaining how it works, the teacher challenges them to decrypt the message, which they easily accomplish. The teacher then repeats the process with the XOR cipher. Which of the following statements is true? Select two.

XOR requires some type of key.
ROT13 uses transposition.
Both methods use substitution.
XOR uses a form of metadata.
The class easily decrypts XOR messages.

XOR requires some type of key.
Both methods use substitution.

Which of the following statements correctly describes the differences or similarities between a stream cipher and a block cipher? Select two.

Block ciphers replace characters one at a time.
Stream ciphers are less secure.
Block ciphers reset after each iteration.
Both are like a one-time pad.
Stream ciphers randomize the output.

Stream ciphers are less secure.
Block ciphers reset after each iteration.

Yandelli is responsible for protecting data in transit. However, the scheme he is attempting to adopt will encapsulate encrypted information with unencrypted information. What is a potential consequence of this behavior?

You cannot transmit encrypted and unencrypted data simultaneously.
The scheme is okay but only if data is not transmitted through a public network.
Data will be transmitted securely.
The security of the transmitted data will be compromised.

Data will be transmitted securely.

Kuruvilla is looking for a new online game to play. During his exploration, the browser gives an indication that there was a network error. Which of the following may have caused this condition?

The web server Kuruvilla is trying to access is currently in an offline state. OCSP was not able to access the server it was trying to contact.
The certificate for the site he is accessing has been revoked.
The certificate on the OCSP responder server is in a revoked state.

OCSP was not able to access the server it was trying to contact.

A user retrieves the two halves of a key from two different parties and combines them to create a copy of the key. Which of the following terms best describes the process being used to manage the keys?

Key bonding
M-of-N control
Key activation
Key escrow

Key escrow

Amir uses an asymmetric algorithm to send a message along with a digital signature to a recipient. Based on this information, what conclusion can you draw?

If the message is intercepted it cannot be compromised.
The digital signature was created using Amir's public key.
The recipient can conclusively say the message was sent by Amir.
Amir may not own the key used to create the digital signature.

Amir may not own the key used to create the digital signature.

As a security compliance specialist, you are asked to produce CP and CPS documents. Which of the following statements most accurately defines these two types of documents? Select three.

A CPS is a more technical document than a CP.
A CP is a set of rules that govern the operation of a PKI.
A CP describes in detail how the CA uses and manages certificates.
The CPS provides recommended baseline security requirements for the operation of CAs.
A CPS can be referenced in the OID of a digital certificate.
A CP includes information on how end-users register for a digital certificate.

A CPS is a more technical document than a CP.
A CP is a set of rules that govern the operation of a PKI.
A CPS can be referenced in the OID of a digital certificate.

Which of the following represents valid entities for which digital certificates can be used? Select all that apply.

PDF file
Email
Printer
Word document
Software

PDF file
Email
Printer
Word document
Software

its all of them if I see this question in the exam

Which of the following is a true statement regarding the indicated block cipher mode? Select two.

Although ECB uses a basic approach, it is still among the most effective block cipher modes.
CTR requires the control engine on the sender and receiver to be synchronized.
GCM computes a MAC to ensure the message was not tampered with during transmission.
CBC uses the output of a round of encryption as input for the next round.

GCM computes a MAC to ensure the message was not tampered with during transmission.
CBC uses the output of a round of encryption as input for the next round.

Which of the following are reasons for which ransomware is considered the most serious malware threat? Select two.

They occur with very high frequency.

Payments must be made using cryptocurrency, making it difficult to track the attacker.

Even though it's expensive, it does not require a lot of skill.

Correct! The consequences are considerable.

They occur with very high frequency.