Implementing a Security Awareness training program would be an example of which type of control?

1 point

Operational control

Physical control

Technical control

Administrative control

2.

Question 2

Requiring all employees to complete annual security awareness training is an example of which type of control?

1 point

Corrective

Deterrent

Administrative

Preventative

3.

Question 3

What would a piece of malicious code that gets installed on a computer and reports back to the controller your keystrokes and other information it can gather from your system be called?

1 point

A virus

A worm

Spyware

A Trojan Horse

4.

Question 4

Implementing a filter to remove flooded packets before they reach the host is a countermeasure to which form of attack?

1 point

A Denial of Service (DoS) attack

An IP Spoofing attack

A Phishing attack

All of the above

5.

Question 5

An email message that is encrypted, uses a digital signature and carries a hash value would address which aspects of the CIA Triad?

1 point

Confidentiality and Integrity

Confidentiality and Availability

Integrity and Availability

Confidentiality, Integrity and Availability

6.

Question 6

Trudy intercepts a romantic plain-text message from Alice to her boyfriend Sam. The message upsets Trudy so she forwards it to Bob, making it look like Alice intended it for Bob from the beginning. Which aspect of the CIA Triad has Trudy violated?

1 point

Confidentiality

Integrity

Availability

All of the above

7.

Question 7

A penetration tester that gains access to a system without permission and then exploits it for personal gain is said to wear what color hat?

1 point

White

Gray

Green

Black

8.

Question 8

What is an advantage symmetric key encryption has over asymmetric key encryption?

1 point

Symmetric key encryption is harder to break than asymmetric key encryption

Symmetric key encryption provides better security against Man-in-the-middle attacks than is possible with asymmetric key encryption

Symmetric key encryption is faster than asymmetric key encryption

Symmetric keys can be exchanged more securely than asymmetric keys

9.

Question 9

Which position is in charge of testing the security and effectiveness of computer information systems?

1 point

Information Security Auditor

Chief Information Officer (CIO)

Information Security Analyst

Information Security Architect

10.

Question 10

Which three (3) roles are typically found in an Information Security organization? (Select 3)

1 point

Security Guard

Finance

Vulnerability Assessor

Chief Information Security Officer (CISO)

Penetration Tester

11.

Question 11

ITIL is best described as what?

1 point

A collection of IT Service Management best practices

Privacy regulations for IT systems

A collection of IT Service Management controls

A framework for the development of information systems audit procedures

12.

Question 12

Alice sends a message to Bob that is intercepted by Trudy. Which scenario describes a confidentiality violation?

1 point

Trudy cannot read it because it is encrypted but allows it to be delivered to Bob in its original form

Trudy changes the message and then forwards it on

Trudy reads the message

Trudy deletes the message without forwarding it

13.

Question 13

What does the "A" in the CIA Triad stand for?

1 point

Architecture

Authenticity

Availability

Accountability

14.

Question 14

Which type of access control is based upon the subject's clearance level and the objects classification?

1 point

Hierarchical Access Control (HAC)

Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

Role Based Access Control (RBAC)

15.

Question 15

Ali must grant access to any individual or group he wants to allow access to the files he owns. Which access control type is in use in Ali's organization?

1 point

Hierarchical Access Control (HAC)

Mandatory Access Control (MAC)

Role Based Access Control (RBAC)

Discretionary Access Control (DAC)

16.

Question 16

If you are setting up a Windows 10 laptop with a 32Gb hard drive, which two (2) file system could you select? (Select 2)

1 point

APFS

HPFS

FAT32

NTFS

17.

Question 17

In a Linux file system, which files are contained in the \bin folder?

1 point

All user binary files, their libraries and headers

Directories such as /home and /usr

Executable files such as grep and ping

Configuration files such as fstab and inittab

18.

Question 18

Which form of Cloud computing combines both public and private clouds?

1 point

Binary cloud

Mixed cloud

Hybrid cloud

Open cloud

Universal cloud

19.

Question 19

Which security concerns follow your workload even after it is successfully moved to the cloud?

1 point

Data security

Disaster Recovery/Business Continuity Planning

Identity and Access Management

Compliance

All of the above

20.

Question 20

Which of the following is a self-regulating standard set up by the credit card industry in the US?

1 point

ISO27000 series

HIPAA

NIST 800-53A

PCI-DSS

GDPR

21.

Question 21

Which two (2) of the following attack types target endpoints?

1 point

SQL Injection

Ad Network

Denial of Service (DoS)

Spear Phishing

22.

Question 22

A good Endpoint Detection and Response system (EDR) should have which three (3) of these capabilities? (Select 3)

1 point

Automatically quarantine noncompliant endpoints

Manage encryption keys for each endpoint

Manage thousands of devices at once

Deploying devices with network configurations

23.

Question 23

Which statement about drivers running in Windows kernel mode is true?

1 point

The Windows Virtual Address Manager protects processes in the kernel from interfering with each others assigned memory space

The Windows Process Director prevents processes running in the kernel from interfering with each others operations

Each process running in kernel mode is assigned its own dedicated virtual address space, so it is safe to load any driver into the kernel for faster execution

Only critical processes are permitted to run in kernel mode since there is nothing to prevent a misbehaving driver from impacting other processes that are also sharing the same memory space

24.

Question 24

In Linux, Bash, tcsh and sh are what?

1 point

Commands

Distros

Shells

Directories