Professional Documents
Culture Documents
Certified in Cybersecurity MCQS
Certified in Cybersecurity MCQS
Which one of the following is not one of the canons of the (ISC)2 code of ethics?
Protect society, the common good, necessary public trust and confidence, and the
infrastructure.
Avoid any activity that may be perceived as malicious.
Act honorably, honestly, justly, responsibly, and legally.
Advance and protect the profession.
Security Concepts:
Question 1 of 8
digital certificates
hash values
symmetric encryption
digital signatures
Question 2 of 8
password and security questions
retinal scan and fingerprint
Correct
ID card and key
Question 3 of 8
FERPA
PCI DSS
GLBA
HIPAA
Correct
Question 4 of 8
switch
firewall
Correct
endpoint detection and response platform
intrusion detection system
Question 5 of 8
complexity
Correct
length
history
reuse
Question 6 of 8
During what phase of the access control process does a user prove his or her identity?
authentication
Correct
authorization
identification
remediation
Question 7 of 8
In what type of attack does the attacker capture and then reuse login information?
man-in-the-middle attack
Smurf attack
DDoS attack
replay attack
Correct
Question 8 of 8
anti-malware software
data loss prevention tools
shredding
Correct
Risk Management:
Question 1 of 5
risk deterrence
risk transference
Correct
risk mitigation
Question 2 of 5
Correct
criticality and likelihood
impact and criticality
frequency and likelihood
Question 3 of 5
baselining
Correct
documenting
diagramming
versioning
Question 4 of 5
What type of security control is designed to stop a security issue from occurring in the
first place?
recovery
administrative
preventive
Correct
detective
Question 5 of 5
external
intranet
internal
Correct
extranet
Security Governance:
Question 1 of 3
Which element of the security policy framework includes suggestions that are not
mandatory?
procedures
guidelines
Correct
standards
policies
Question 2 of 3
What law applies to the use of personal information belonging to European Union
residents?
GDPR
Correct
PCI DSS
HIPAA
GLBA
Question 3 of 3
What type of security policy normally describes how users may access business
information with their own devices?
BYOD policy
Correct
change management policy
password policy
acceptable use policy
Business Continuity:
Question 1 of 3
non-repudiation
availability
Correct
confidentiality
integrity
Question 2 of 3
2
1
3
Correct
4
Question 3 of 3
What type of control are we using if we supplement a single firewall with a second
standby firewall ready to assume responsibility if the primary firewall fails?
clustering
high availability
Correct
load balancing
component redundancy
Incidence Response:
Question 1 of 3
Which one of the following individuals would not normally be found on the incident
response team?
information security professional
CEO
Correct
legal counsel
Question 2 of 3
collecting evidence
restoring operations
containing the damage
Question 3 of 3
You are normally required to report security incidents to law enforcement if you believe
a law may have been violated.
TRUE
FALSE
This was the correct answer
Disaster Recovery:
Question 1 of 4
What type of backup includes only those files that have changed since the most recent
full or incremental backup?
incremental
Correct
full
partial
differential
Question 2 of 4
What disaster recovery metric provides the targeted amount of time to restore a service
after a failure?
TLS
RPO
RTO
Correct
MTO
Question 3 of 4
Which one of the following disaster recovery tests involves the actual activation of the
DR site?
parallel test
Correct
simulation
read-through
walk-through
Question 4 of 4
What type of disaster recovery site is able to be activated most quickly in the event of a
disruption?
warm site
lukewarm site
cold site
hot site
Correct
Question 1 of 3
CSA
NSA
CPTED
Correct
NIST
Question 2 of 3
What type of lock always requires entering a code to enter the facility?
magnetic stripe card lock
proximity card lock
biometric lock
cipher lock
Correct
Question 3 of 3
What type of physical security control should always be disclosed to visitors when used?
fences
cameras
Correct
intrusion alarms
security guards
Question 1 of 1
What principle states that individuals should only have the minimum set of permissions
necessary to carry out their job functions?
Least privilege
Correct
Two person control
Job rotation
Separation of privileges
Computer Networking:
Question 1 of 6
PSH
SYN
Correct
RST
URG
Question 2 of 6
What type of network is most often used to connect peripherals to computers and
mobile devices?
WiFi
Bluetooth
Correct
WAN
LAN
Question 3 of 6
Which one of the following ports is not normally used by email systems?
25
139
Correct
110
143
Question 4 of 6
What technology provides the translation that assigns public IP addresses to privately
addressed systems that wish to communicate on the Internet?
TLS
HTTP
SSL
NAT
Correct
Question 5 of 6
What command may be used to determine the network path between two locations?
tracert
Correct
ping
arp
dig
Question 6 of 6
Brad is configuring a new wireless network for his small business. What wireless security
standard should he use?
WPA
WEP2
WPA2
Correct
WEP
Network threats:
Question 1 of 2
What type of malware spreads under its own power?
worm
Correct
spyware
virus
Trojan horse
Question 2 of 2
man-in-the-middle
full disk encryption
session tokens
Correct
mobile device management
Threat Identification and Preventing:
Question 1 of 4
behavior analysis
signature detection
Correct
anomaly detection
heuristic detection
Question 2 of 4
Rachel recently investigated a security alert from her intrusion detection system and,
after exhaustive research, determined that the alert was not the result of an intrusion.
What type of error occurred?
true positive
false negative
true negative
false positive
Correct
Question 3 of 4
Nmap is an example of a _____ tool.
port scanning
Correct
protocol analyzing
Question 4 of 4
port scanning
protocol analyzing
Correct
Question 1 of 8
What is the piece of software running on a device that enables it to connect to a NAC-
protected network?
SNMP agent
authenticator
supplicant
Correct
authentication server
Question 2 of 8
88
80
1521
443
Correct
Question 3 of 8
intrusion detection
application firewalls
wrappers
network segmentation
Question 4 of 8
switch
router
Correct
AP
wireless controller
Question 5 of 8
Ricky would like to separate his network into three distinct security zones. Which one of
the following devices is best suited to that task?
IPS
Router
Switch
Firewall
Correct
Question 6 of 8
What security principle does a firewall implement with traffic when it does not have a
rule that explicitly defines an action for that communication?
least privilege
separation of duties
informed consent
implicit deny
Correct
Question 7 of 8
switch
Correct
router
firewall
hub
Question 8 of 8
What is the minimum acceptable temperature for a data center?
80.6 degrees Fahrenheit
Correct
72.4 degrees Fahrenheit