About Donate Endpoint F.A.Q. Privacy Sales Status T.O.S. Contact

Practice Quiz

This quiz simulation covers the concepts you need to know to pass cybersecurity exams and certifications. See how you measure up with these 20 random questions.

1) Business impact analysis is performed to best identify what?

Exposure to loss the organization faces

Impacts of a threat to the organization operations

Cost-effcient way to eliminate threats

Impacts of a risk to the organization

2) In the OSI reference model, on which layer is Ethernet?

Layer 1 - Physical layer

Layer 2 - Data-link layer

Layer 3 - Network layer

Layer 4 - Transport layer

3) What is the CIA triad?

Confidentiality, Integrity, and Availability

Confidentiality, Integrity, and Awesomeness

Confidentiality, Inaudible, and Availability

Capacity, Integrity, and Availability

4) A disadvantage of single sign-on is?

Consistent time-out enforcement across platforms

A compromised password exposes all authorized resources

Use of multiple passwords to remember

Password change control

5) Triage encompasses which of the following incident response sub-phases?

Collection, transport, testimony

Traceback, feedback, loopback

Detection, identification, notification

Confidentiality, integrity, availability

6) Which phase best defines a business disaster recovery plan?

An approved set of preparations and procedures for responding to a disaster

A set of plans for preventing a disaster

The adequate preparation and procedures for the continuation of all organization functions

A set of preparations and procedures for responding to a disaster without management approval

7) When sensitive information is no longer critical but still within the scope of a record retention policy , that information is BEST?

Destroyed

Re-categorized

Degaussed

Released

8) The process used in most block ciphers to increase their strength is what?

Step function

Diffusion

SP-network

Confusion

9) What is the right time to plan for security?

Pre-deployment

Post-deployment

Testing Phase

Monitoring Phase

10) A SOC Type 2 report commonly covers what?

9-month period

12-month period

18-month period

Minimum of 6-month period

11) A botnet can be characterized as?

An network used solely for internal communications

An automatic security alerting tool for corporate networks

A group of dispersed, compromised machines controlled remotely for illicit reasons

A type of virus

12) What best describes two-factor authentication?

A hard token and a smart card

A user name and a PIN

A password and a PIN

A PIN and a hard token

13) Which is concerned with identifying the root cause but also addressing the underlying issue?

Change management

Incident management

Configuration management

Problem management

14) Who should receive business continuity plan training in an organization?

Those with specific business continuity roles

First responders

Senior executives

Everyone

15) The elements of risk are?

Threats, assets and vulnerabilities

Risk and business impact analysis

Business impact analysis and mitigating controls

Natural disasters and man-made disasters

16) Which of the following is not addressed by the data retention policy?

What data to keep

For whom data is kept

How long data is kept

Where data is kept

17) Which of the following best determines access of an individual?

Role

Clearance

Partnership with security team

Job rank or title

18) When selecting a security testing method or tool, the practitioner needs to consider many different things, such as:

Surface and supported technology

Security roles and responsibilities for staff

Culture of the organization and likelihood of exposure

Local annual frequency estimate and standard annual frequency estimate

19) What is the term for the act of secretly observing and recording someone's keystrokes on a computer?

Keystroking

Keylogging

Logkeying

Stokelogs

20) Security is likely to be most expensive when addressed in which phase?

Implementation

Testing

Design

Prototyping