Practice Quiz

This quiz simulation covers the concepts you need to know to pass cybersecurity exams and certifications. See how you measure up with these 20 random questions.

1) In the OSI reference model, on which layer is Ethernet?

Layer 1 - Physical layer

Layer 2 - Data-link layer

Layer 3 - Network layer

Layer 4 - Transport layer

2) Technical evaluation of assurance to ensure that security requirements have been met is known as?

Accreditation

Evaluation

Validation

Verfication

3) What is the right time to plan for security?

Pre-deployment

Post-deployment

Testing Phase

Monitoring Phase

4) Which of the following is a security risk of wireless LANs?

War driving

Demonstrable insecure standards

Lack of physical access control

Implementation weakness

5) Triage encompasses which of the following incident response sub-phases?

Collection, transport, testimony

Traceback, feedback, loopback

Detection, identification, notification

Confidentiality, integrity, availability

6) When receiving an email from an unknown contact that has an attachment, you should:

Open the attachment and view the contents

Delete the email

Report the email as Phishing

Forward to your personal email

7) Formal acceptance of an evaluated system by management is known as what?

Authorization

Verification

Certification

Validation

8) A disadvantage of single sign-on is?

Consistent time-out enforcement across platforms

A compromised password exposes all authorized resources

Use of multiple passwords to remember

Password change control

9) What is an advantage of RSA over DSA?

It can provide digital signature and encryption functionality

It uses fewer resources and encrypts faster because it uses symmetric keys

It is a block cipher rather than a stream cipher

It employs a one-time encryption pad

10) The running key cipher is based on what?

Modular math

Exponentiation

Substitution cipher

XOR math

11) The doors of a data center spring open in the event of a fire. This is an example of?

Fail-safe

Fail-secure

Fail-proof

Fail-closed

12) Business impact analysis is performed to best identify what?

Exposure to loss the organization faces

Impacts of a threat to the organization operations

Cost-effcient way to eliminate threats

Impacts of a risk to the organization

13) Many privacy laws dictate which of the following rules?

Individuals have a right to remove any data they do not want others to know

Agencies do not need to ensure that the data is accurate

Agencies need to allow all government agencies access to the data

Agencies cannot use collected data for a purpose different from what they were collected for

14) Which of the following best determines access of an individual?

Role

Clearance

Partnership with security team

Job rank or title

15) A SOC Type 2 report commonly covers what?

9-month period

12-month period

18-month period

Minimum of 6-month period

16) Which of the following can help with ensuring that only the needed logs are collected for monitoring?

Clipping

Aggregation

Inference

XML Parsing

17) Tactical security plans are best used to do what?

Deploy new security technology

Enable enterprise security management

Establish high-level security policies

Reduce downtime

18) The best way to ensure that no data remanence of sensitive information that was stored on a DVD-R media is by

Deletion

Destruction

Overwritting

Degaussing

19) Who is accountable for implementing information security?

Everyone

Senior management

Security officer

Data owners

20) The process used in most block ciphers to increase their strength is what?

Step function

Diffusion

SP-network

Confusion