About Donate Endpoint F.A.Q. Privacy Sales Status T.O.S. Contact

Practice Quiz

This quiz simulation covers the concepts you need to know to pass cybersecurity exams and certifications. See how you measure up with these 20 random questions.

1) Technical evaluation of assurance to ensure that security requirements have been met is known as?

Accreditation

Evaluation

Validation

Verfication

2) What is the process of making digital data unreadable to unauthorized users?

VPN

Encryption

FTP

Deserialization

3) The best way to ensure that no data remanence of sensitive information that was stored on a DVD-R media is by

Deletion

Destruction

Overwritting

Degaussing

4) What is the right time to plan for security?

Pre-deployment

Post-deployment

Testing Phase

Monitoring Phase

5) Which is concerned with identifying the root cause but also addressing the underlying issue?

Change management

Incident management

Configuration management

Problem management

6) When receiving an email from an unknown contact that has an attachment, you should:

Open the attachment and view the contents

Delete the email

Report the email as Phishing

Forward to your personal email

7) Triage encompasses which of the following incident response sub-phases?

Collection, transport, testimony

Traceback, feedback, loopback

Detection, identification, notification

Confidentiality, integrity, availability

8) What is optimal placement for network based intrusion detection system (NIDS)?

External Service Provider

Network Operation Center (NOC)

Network segments with business critical systems (DMZ) and certain intranet segments

Network perimeter to alert network admins of suspicious traffic

9) A way to defeat frequency analysis as a method to determine the key is to use what?

Inversion ciphers

Transposition ciphers

Substitution ciphers

Confusion

10) Many privacy laws dictate which of the following rules?

Individuals have a right to remove any data they do not want others to know

Agencies do not need to ensure that the data is accurate

Agencies need to allow all government agencies access to the data

Agencies cannot use collected data for a purpose different from what they were collected for

11) A SOC Type 2 report commonly covers what?

9-month period

12-month period

18-month period

Minimum of 6-month period

12) Formal acceptance of an evaluated system by management is known as what?

Authorization

Verification

Certification

Validation

13) Which of the following can help with ensuring that only the needed logs are collected for monitoring?

Clipping

Aggregation

Inference

XML Parsing

14) A disadvantage of single sign-on is?

Consistent time-out enforcement across platforms

A compromised password exposes all authorized resources

Use of multiple passwords to remember

Password change control

15) Which item is not part of a Kerberos authentication implementation?

Message authentication code

Ticket granting service

Authentication service

Users, programs, and services

16) In the OSI reference model, on which layer is Ethernet?

Layer 1 - Physical layer

Layer 2 - Data-link layer

Layer 3 - Network layer

Layer 4 - Transport layer

17) Security awareness training includes?

Legislated security compliance objectives

Security roles and responsibilities for staff

The high-level outcome of vulnerability assessments

Specialized curriculum assignments, coursework and an accredited institution

18) Which of the following best determines access of an individual?

Role

Clearance

Partnership with security team

Job rank or title

19) Which factor is the most important item when it comes to ensuring security is successful in an organization?

Senior management support

Effective controls and implementation methods

Updated and relevant security policies and procedures

Security awareness by all employees

20) If speed is preferred over resilience, which of the following RAID configurations is best?

Raid 1

Raid 10

Raid 5

Raid 0