All

Question 1

What is the main goal of knowledge sharing in an organization?

Answer 1

To improve absorptive and innovation capacity for sustained competitive advantage

Question 2

What is the primary role of daily checkpoints in project management?

Answer 2

To ensure objectives and deadlines are met

Question 3

What should be documented in a Project Escalation Matrix?

Answer 3

Escalation paths, personnel, and their roles

Question 4

Why are team leaders typically not included in escalation matrices?

Answer 4

They do not possess the necessary level of power

Question 5

What is the purpose of using secure Out-of-Band (OOB) communication channels?

Answer 5

To ensure communication remains independent and secure from network attacks

Question 6

What is the benefit of regular project updates to stakeholders?

Answer 6

It helps in identifying risks early and managing the budget

Question 7

What is the first phase in the Project Management Engagement Life Cycle?

Answer 7

Initiating

Question 8

What is included in the scoping stage of project management?

Answer 8

Report requirements, communication processes, and objectives

Question 9

What is a Non-Disclosure Agreement (NDA)?

Answer 9

A contract that binds two parties to not disclose sensitive information

Question 10

In the review phase of a project, what is a key activity?

Answer 10

Evaluating whether objectives were achieved and the project was successful

Question 11

How should reports be communicated to C-level executives?

Answer 11

Simplified and concise

Question 12

What is a link analysis graph used for?

Answer 12

To present complicated links between related intelligence

Question 13

Which of the following is a key risk posed by threat engagements?

Answer 13

Impacting live systems and scope creep

Question 14

What does ISO 31000 provide guidelines for?

Answer 14

Managing risk faced by organizations

Question 15

What is ISO 27001 focused on?

Answer 15

Establishing and improving information security management systems (ISMS)

Question 16

What is ISO 27001 focused on?

Answer 16

c) Establishing and improving information security management systems (ISMS)

Question 17

What does ISO 22301 address in an organization?

Answer 17

b) Business continuity during disruptive incidents

Question 18

What is the purpose of ISO 27005?

Answer 18

b) To describe risk management processes for information and cybersecurity

Question 19

What is the role of a CERT?

Answer 19

c) To respond to cyber emergencies

Question 20

Which regulatory scheme is designed for the financial sector?

Answer 20

b) CBEST

Question 21

What does the NCSC Cyber Incident Response Scheme aim to achieve?

Answer 21

b) Making the UK more cyber resilient

Question 22

What is the primary purpose of IPv4?

Answer 22

b) To assign a unique IP address to devices for Internet connectivity

Question 23

What is a public IP address used for?

Answer 23

c) Identifying a device on the wider Internet

Question 24

Why was IPv6 developed?

Answer 24

c) To solve IPv4 address exhaustion

Question 25

What does TCP ensure in a network conversation?

Answer 25

c) Data packets are delivered in sequence and without errors

Question 26

Which protocol is primarily used for low-latency, loss-tolerating communication?

Answer 26

b) UDP

Question 27

What is the main function of ICMP?

Answer 27

b) To send error messages and operational information

Question 28

Which VPN protocol is the most secure but has the drawback of being slow and potentially cracked by NSA?

Answer 28

c) L2TP/IPSec

Question 29

Which VPN protocol is owned by Microsoft and supports AES-256 encryption but is not open for public review?

Answer 29

c) SSTP

Question 30

Which tunneling protocol is known for being open-source, fast, and modern but still considered experimental?

Answer 30

c) Wireguard

Question 31

In an amplification attack, what does the attacker primarily exploit?

Answer 31

b) A vulnerable service that responds with a large reply

Question 32

What type of attack is TCP/IP hijacking?

Answer 32

b) A man-in-the-middle attack

Question 33

Which cryptographic method uses two keys, a public key, and a private key?

Answer 33

b) Asymmetric encryption

Question 34

Which encryption algorithm is symmetric and applies the DES cipher algorithm three times to each data block?

Answer 34

c) Triple DES

Question 35

Which cryptographic algorithm is considered a standard for secure communications and can use 128, 192, or 256-bit encryption?

Answer 35

c) AES

Question 36

What type of vulnerability is considered highly valuable because it is unknown to the vendor or product owner?

Answer 36

b) Zero-day vulnerability

Question 37

Which of the following is an intrusion vector where attackers compromise a website that the target frequently visits?

Answer 37

b) Watering hole attack

Question 38

What is OWASP known for?

Answer 38

c) Offering free resources for web application security

Question 39

Which attack method involves hiding information in an image or video file to exfiltrate data?

Answer 39

b) Steganography

Question 40

Which ransomware group is known to be linked with North Korean threat actors?

Answer 40

c) Lazarus

Question 41

Which term refers to the process of removing event logs or other forensic evidence from a compromised system?

Answer 41

c) Indicator removal from hosts