About Donate Endpoint F.A.Q. Privacy Sales Status T.O.S. Contact

Practice Quiz

This quiz simulation covers the concepts you need to know to pass cybersecurity exams and certifications. See how you measure up with these 20 random questions.

1) What is the CIA triad?

Confidentiality, Integrity, and Availability

Confidentiality, Integrity, and Awesomeness

Confidentiality, Inaudible, and Availability

Capacity, Integrity, and Availability

2) If speed is preferred over resilience, which of the following RAID configurations is best?

Raid 1

Raid 10

Raid 5

Raid 0

3) Single loss expectancy (SLE) is calculated by using?

Asset value and annualized rate of occurrence (ARO)

Asset value, local annual frequency estimate (LAFE), and standard annual frequency estimate (SAFE)

Asset value and exposure factor

Local annual frequency estimate and annualized rate of occurrence

4) Which one is the most common security threat with IoT devices?

Logical Network Segmentation

Lack of device management

Lack of system updates against a new vulnerability

Backdoor

5) A SOC Type 2 report commonly covers what?

9-month period

12-month period

18-month period

Minimum of 6-month period

6) What is the process of making digital data unreadable to unauthorized users?

VPN

Encryption

FTP

Deserialization

7) The process used in most block ciphers to increase their strength is what?

Step function

Diffusion

SP-network

Confusion

8) A disadvantage of single sign-on is?

Consistent time-out enforcement across platforms

A compromised password exposes all authorized resources

Use of multiple passwords to remember

Password change control

9) Business impact analysis is performed to best identify what?

Exposure to loss the organization faces

Impacts of a threat to the organization operations

Cost-effcient way to eliminate threats

Impacts of a risk to the organization

10) Which of the following is not true about continuous monitoring?

It involves ad hoc processes that provide agility in responding to novel attacks

Its main goal is to support organizational risk management

It helps determine whether security controls remain effective

It relies on carefully chosen metrics and measurements

11) Triage encompasses which of the following incident response sub-phases?

Collection, transport, testimony

Traceback, feedback, loopback

Detection, identification, notification

Confidentiality, integrity, availability

12) Formal acceptance of an evaluated system by management is known as what?

Authorization

Verification

Certification

Validation

13) Tactical security plans are best used to do what?

Deploy new security technology

Enable enterprise security management

Establish high-level security policies

Reduce downtime

14) Which of the following is a security risk of wireless LANs?

War driving

Demonstrable insecure standards

Lack of physical access control

Implementation weakness

15) Which of the following is not addressed by the data retention policy?

What data to keep

For whom data is kept

How long data is kept

Where data is kept

16) A way to defeat frequency analysis as a method to determine the key is to use what?

Inversion ciphers

Transposition ciphers

Substitution ciphers

Confusion

17) When receiving an email from an unknown contact that has an attachment, you should:

Open the attachment and view the contents

Delete the email

Report the email as Phishing

Forward to your personal email

18) Which of the following best determines access of an individual?

Role

Clearance

Partnership with security team

Job rank or title

19) Which item is not part of a Kerberos authentication implementation?

Message authentication code

Ticket granting service

Authentication service

Users, programs, and services

20) When sensitive information is no longer critical but still within the scope of a record retention policy , that information is BEST?

Destroyed

Re-categorized

Degaussed

Released