About Donate Endpoint F.A.Q. Privacy Sales Status T.O.S. Contact

Practice Quiz

This quiz simulation covers the concepts you need to know to pass cybersecurity exams and certifications. See how you measure up with these 20 random questions.

1) Who is accountable for implementing information security?

Everyone

Senior management

Security officer

Data owners

2) When sensitive information is no longer critical but still within the scope of a record retention policy , that information is BEST?

Destroyed

Re-categorized

Degaussed

Released

3) What is optimal placement for network based intrusion detection system (NIDS)?

External Service Provider

Network Operation Center (NOC)

Network segments with business critical systems (DMZ) and certain intranet segments

Network perimeter to alert network admins of suspicious traffic

4) Which of the following can help with ensuring that only the needed logs are collected for monitoring?

Clipping

Aggregation

Inference

XML Parsing

5) Which of the following is not addressed by the data retention policy?

What data to keep

For whom data is kept

How long data is kept

Where data is kept

6) Security is likely to be most expensive when addressed in which phase?

Implementation

Testing

Design

Prototyping

7) Many privacy laws dictate which of the following rules?

Individuals have a right to remove any data they do not want others to know

Agencies do not need to ensure that the data is accurate

Agencies need to allow all government agencies access to the data

Agencies cannot use collected data for a purpose different from what they were collected for

8) What is the process of making digital data unreadable to unauthorized users?

VPN

Encryption

FTP

Deserialization

9) Technical evaluation of assurance to ensure that security requirements have been met is known as?

Accreditation

Evaluation

Validation

Verfication

10) When receiving an email from an unknown contact that has an attachment, you should:

Open the attachment and view the contents

Delete the email

Report the email as Phishing

Forward to your personal email

11) If speed is preferred over resilience, which of the following RAID configurations is best?

Raid 1

Raid 10

Raid 5

Raid 0

12) The process used in most block ciphers to increase their strength is what?

Step function

Diffusion

SP-network

Confusion

13) Tactical security plans are best used to do what?

Deploy new security technology

Enable enterprise security management

Establish high-level security policies

Reduce downtime

14) The running key cipher is based on what?

Modular math

Exponentiation

Substitution cipher

XOR math

15) Which of the following is a security risk of wireless LANs?

War driving

Demonstrable insecure standards

Lack of physical access control

Implementation weakness

16) A disadvantage of single sign-on is?

Consistent time-out enforcement across platforms

A compromised password exposes all authorized resources

Use of multiple passwords to remember

Password change control

17) In the OSI reference model, on which layer is Ethernet?

Layer 1 - Physical layer

Layer 2 - Data-link layer

Layer 3 - Network layer

Layer 4 - Transport layer

18) A SOC Type 2 report commonly covers what?

9-month period

12-month period

18-month period

Minimum of 6-month period

19) When selecting a security testing method or tool, the practitioner needs to consider many different things, such as:

Surface and supported technology

Security roles and responsibilities for staff

Culture of the organization and likelihood of exposure

Local annual frequency estimate and standard annual frequency estimate

20) A botnet can be characterized as?

An network used solely for internal communications

An automatic security alerting tool for corporate networks

A group of dispersed, compromised machines controlled remotely for illicit reasons

A type of virus