Professional Documents
Culture Documents
Is & Cyber Security 06082019 PDF
Is & Cyber Security 06082019 PDF
Is & Cyber Security 06082019 PDF
Which of the following is / are the types of Packet Filtering Dual Homed Screen Host All of the
4 firewall? Firewall Gateway Firewall Firewall mentioned
5 A proxy firewall filters at the Physical layer Application layer Data link layer Network layer
Application or Network &
6 A packet filter firewall filters at the transport Data link layer Physical Layer transport layer
What is major drawback of anomaly detection These are very It generates many It doesnt detect
15 IDS ? slow at detection false alarms old attacks None of these
Using key
pre shared secret distribution center public key-
16 What is preferred way of encryption ? key (KDC) encryption symmetric key
It is used to protect
data from
unauthorized It is used to ensure
access during It is used to ensure data corruption It is used to ensure
17 What is not a role of encryption ? transmission user authentication doesn't happens data integrity
User should access Companies should User must be able User must be able
all the information have only a few to access only the to access only the
stored in the employees with information and information and
Which of the following is the BEST example for business to better full access to the resources that are resources that are
the principle of least privilege as a system execute his/her information of the necessary for necessary for
26 security control? functions business legitimate purpose legitimate purpose
By decreasing an
By using informal By sharing security employee's
networks of secrets with vacation time,
communication, employees, By implementing addressing ad-hoc
establishing secret enabling written security employment
passing employees to procedures, clauses, and
procedures, and share secrets, and enabling employee ensuring that
immediately establishing a security training, managers know
How can a policy help improve an employee's terminating consultative help and promoting the employee
33 security awareness? employees line benefits of security strengths
Which solution can be used to emulate
computer services, such as mail and ftp, and to
capture information related to logins or
34 actions? Core server Honeypot Layer 4 switch Firewall
Remove current
If the final set of security controls does not controls since they Continue to apply If the residual risk
eliminate all risk in a system, what could be Ignore any are not completely controls until is low enough, it
43 done next? remaining risk effective there is zero risk can be accepted
To reduce the attack surface of a system,
administrators should perform which of the
following processes to remove unnecessary
software, services, and insecure configuration
44 settings? Windowing Harvesting Hardening Stealthing
Which of the following is considered an
45 acceptable option when managing a risk? Deny the risk Mitigate the risk Reject the risk Initiate the risk
88 Keyloggers are a form of ______________. Spyware Shoulder surfing Trojan Social engineering
n attempt to crack An attempt to
An attempt to An attempt to passwords using a crack passwords by
crack passwords crack passwords by combination of replacing
using words that using both characters, characters with
can be found in dictionary words numbers, and numbers and
89 What are hybrid password attacks? dictionary. and bruteforce symbols. symbols.
90 Which form of encryption does WPA use? Shared key LEAP TKIP AES
What is the best statement for taking
advantage of a weakness in the security of an IT
91 system? Threat Attack Exploit Vulnerability
92 Which database is queried by Whois? ICANN ARIN APNIC DNS
118 Telnet protocol is an example of Application layer Presentation layer transport layer None of the Above
119 A device operating at the network layer is ? bridge Router repeater Hub
The performance of a data communication The number of The transmission The hardware and
120 network depends on users media software All of the Above
121 Which device operates at a physical layer? Bridge Router repeater Switch
Connection
122 UDP is __________ protocol Connectionless oriented neither Both
The physical Layer most popularly used in wired
123 LANs nowadays uses UTP cables STP cables coaxial cables Radio frequency
124 Which layer defines the physical topology? Transport Network Data Link Physical
125 Which of the following is a hashing algorithm? AES MD5 DES PGP
time-efficiency and reduce network
126 VLANs provides security traffic both a and b None of the Above
Membership in a VLAN can be based on
127 _________. port numbers MAC addresses A&B none
Which of the following is not an option of the
128 security tringle Security Ease of use Functionality Cost
To overload a
What is the purpose of a Denial of Service Exploit a weakness To execute a system so it is no To start services by
161 attack? in the TCP/IP stack Trojan on a system longer operational turning them on
Changing
manufacturer, or Balancing security
recommended, Additional unused concerns with
What are some of the most common settings of a newly features on Utilizing open functionality and
vulnerabilities that exist in a network or installed commercial source application ease of use of a
162 system? application. software packages. code system.
163 What is the sequence of a TCP connection? SYN-ACK-FIN SYN-SYN ACK-ACK SYN-ACK SYN-SYN-ACK
168 A packet with no flags set is which type of scan? TCP XMAS IDLE NULL
169 Types of Sniffing Active Passive A&B none
TELNET,FTP,TFTP protocols fall in the following
170 layer of OSI model Transport Layer Presentation layer Application layer Data Link layer
Updating and
Node-to-Node Process-to-process maintanance of
171 The main function of Transport layer is delivery delivery Synchronization routing table
The layer responsible for end to end delivery of
172 the entire message is Network layer Transport Layer Session layer Application layer
In OSI model,which of the following layer
173 provides error-free delivery of data ? Network layer Transport Layer Session layer Application layer
Which of the following is not an example of
174 standard at the data link layer HDLC ADCCP TCP None of the Layer
217 Which among these is not a SIEM application Alienvault OSSIM HP ArcSight IBM Qradar McAfee endpoint
Which website can be used to find the location whatismyipaddres
218 where a server has been hosted? whois.net technicalinfo.net s.com google.com
Recommending
Which of the following is not a job of an ethical Auditing the Patching the the security
219 hacker Network Vulnerabilities patches None of above
Which website can be used to find information
about a vulnerability along with the exploit and
220 solution. netcraft.com Securityfocus.com Cve.mitre.com technicalinfo.net
Administrator password can be cleared using
221 hiren's boot cd TRUE FALSE
Cisco password Cisco level 7 Windows user Linux user
222 Tomas can be used to crack which passwords hashes passwords passwords passwords
keylogger can be classified into what category
223 of malware virus worm adware spyware
Promiscuous mode is useful to capture
passwords, which application is used to enable
224 promiscuous mode Airpcap Winpcap Tcpdump None
Use a non- Use a numeric
How to defend against dictionary based dictionary word as character as Use a simple
225 password cracking attacks password password password None
How is password cracking generally classified Online and Offline Stealth password Active password passive password
233 into password cracking cracking cracking cracking
How to detect the missing security patches and Using windows Using belarc
234 updates on a windows pc update advisor Using ccleaner Using anti-virus
235 Belarc advisor is a free software used to identify Virus infections Keyloggers Open ports Running services
236 Phishing is a form of ____________________. Spamming Identify Theft Impersonation Scanning
HTTP is a easy
To identify proxy Web activity is not To bypass a protocol to work
237 Why would HTTP Tunneling be used? servers scanned firewall with
An attack between
the time a new
software
vulnerability is
discovered and the An attack on the An attack on the
time a patch for first day a software first day a
Which of the following is known as a zero-day fixing the problem program is software program
241 attack? is released. released. is released. None of the above.
What process does a ransomware hacker Encrypting Moving operating Deleting key Copying a users
242 perform on a user's system? important files system data system data personal data
_________ describe(s) users working from
243 home. SOHO Branch Office Regional Office Corporate Office
Which of the following is a valid subnet mask
244 value? 255.0.255.255 0.0.0.255 255.255.254.0 255.255.255.256
_______ are rules that govern a communication
245 exchange media Interfaces protocols All of the Above
246 Encryption and Decryption are functions of Transport Layer Session Layer Presentation Layer Network Layer
247 Flow control in OSI model is done by Data Link Layer Session Layer Transport Layer Network Layer
248 In respect of OSI model, LANs implement Lower two layers All Seven layers Upper five layers Session layer
UDP in the INTERNET protocol suite is related
249 to layer 4 Layer3 Layer2 layer1
The Media access Control sublayer resides in
250 which layer Transport Layer Network layer Physical layer Data Link layer