Final Exam MCQs

Question 1

Can disaster recovery be a task for the information security department/division?

Answer 1

True

Question 2

Can applications like John the Ripper crack passwords by looking on the Internet for matches?

Answer 2

False

Question 3

In addition to access control, what is important?

Answer 3

Authentication

Question 4

What can SQL injection attacks be prevented by?

Answer 4

Using input validation

Question 5

Why were we able to see the password in the lab even though the FTP authentication was not successful?

Answer 5

The packet submitted the password in clear text

Question 6

Is a URL/FQDN only used for accessing websites?

Answer 6

False

Question 7

What can hackers use the whois command for?

Answer 7

Pinpoint a person to socially engineer

Question 8

How can DNS be secured?

Answer 8

All of the Above

Question 9

What does an SSL certificate assure?

Answer 9

That the site is valid

Question 10

If your host wants to access the site www.thestockmans.net, who does it first ask for the IP address?

Answer 10

The host’s assigned DNS server

Question 11

What is SQL Injection?

Answer 11

An attack exploited through a webpage

Question 12

Does HTTP use a different port than HTTPS?

Answer 12

Yes

Question 13

Does formatting a drive on your computer immediately remove the files from the disk?

Answer 13

False

Question 14

How do hosts map an IP address to a MAC address for LAN traffic?

Answer 14

By querying its locally stored arp cache

Question 15

At which layer is a MAC address used?

Answer 15

Layer 2

Question 16

How are packets addressed on a LAN?

Answer 16

Using MAC addresses

Question 17

What is used once something goes across LANs?

Answer 17

IP addresses

Question 18

What is running a nmap scan on a network often considered?

Answer 18

A violation of the network use policy

Question 19

How do we enable ingress filtering?

Answer 19

By blocking incoming SYN packets

Question 20

What do host-based firewalls do?

Answer 20

Block incoming network traffic into our system; since it blocks ports

Question 21

When accessing a website, what will your computer generally connect with?

Answer 21

All of the above

Question 22

What mechanisms can reduce the insider threat?

Answer 22

Proper monitoring and logging of system usage, tracking employee satisfaction, applying the process of least privileges

Therefore, all of the above

Question 23

What is encryption used to assure?

Answer 23

Confidentiality, Identity, Integrity

Therefore, all the above

Question 24

What are zero day vulnerabilities?

Answer 24

Previously unknown vulnerabilities

Question 25

What does PII stand for?

Answer 25

Personally Identifiable Information

Question 26

What is segmenting a network an example of?

Answer 26

Defense in Depth

Question 27

What is meant by 'endpoint security'?

Answer 27

Security of the computer systems connected to the network

Question 28

What are CVEs?

Answer 28

Known software/system vulnerabilities

Question 29

What does ACL stand for?

Answer 29

Access Control List

Question 30

What is the Target data breach an example of?

Answer 30

An attack on confidentiality

Question 31

What does the phrase least privilege in cybersecurity refer to?

Answer 31

Only providing the level of access required for each person

Question 32

Should following the NIST 800-53 specifications for cybersecurity reduce the risk of an organizational issue?

Answer 32

True

Question 33

Does a password breach at LinkedIn impact every organization’s security?

Answer 33

True

Question 34

Why is identifying assets important in cybersecurity?

Answer 34

So we can identify vulnerabilities in/of each asset

Question 35

Why should risk assessments be used in addition to compliance adherence and standards?

Answer 35

Risks may be specific to your organization

Question 36

How can a key-logger steal passwords?

Answer 36

By intercepting the password prior to encryption

Question 37

Why is it important to understand web servers and traffic as an information and security professional?

Answer 37

Web sites provide an entry for hackers

Question 38

What problem does Shadow IT create?

Answer 38

Corporate data could end up on unsupervised systems, it can waste money, non-IT users may not configure security correctly ## Footnote Therefore, it’s all of the above

Question 39

What can the nmap command do?

Answer 39

Check for open ports on a network, check for open ports on a host, can be directed to systems on other subnets ## Footnote Therefore, it’s all of the above

Question 40

Dynamic web servers require more attention to security than static web servers?

Answer 40

True, because they have logins and access to data that need to be checked

Question 41

What is another name for a URL?

Answer 41

The host’s fully qualified domain name

Question 42

What are the factors in multi-factor authentication?

Answer 42

Something you know, password; Something you are, face ID; Something you have, phone ## Footnote Therefore, it’s all of the above

Question 43

If a user has RW permissions set locally but the share permissions are Everyone-Read. The user's access to the share will be...

Answer 43

Read, because it is the most restrictive

Question 44

To send something to a different LAN, a host...

Answer 44

sends packets to the MAC address of the router

Question 45

The tracert command

Answer 45

shows the routers that packets go through to reach a destination host

Question 46

Wan traffic works in

Answer 46

Layer 3

Question 47

If attackers have no physical access to our networks, we do not have to worry about ARP poisoning

Answer 47

False

Question 48

MAC addresses (48 bits)...

Answer 48

are how packets are addressed on a LAN

Question 49

255.255.255.0 and /24

Answer 49

tells a system the same thing

Question 50

Rogue DHCP servers...

Answer 50

could be a man-in-the-middle attack vector, can be created when a user plugs in their own device into the network, can cause fewer incidents with a segmented network, therefore, all of the above

Question 51

The order of the TCP three way handshake is

Answer 51

SYN SYN/ACK ACK

Question 52

Signal messages can be obtained by law enforcement even if they have been deleted

Answer 52

False

Question 53

How can hackers obtain your encrypted messages (Signal, Whatsapp)?

Answer 53

Having malware installed on one of the devices in the chat

Question 54

When you open a web browser and go to bsky.app for the first time, the first packet sent from your computer will likely be...

Answer 54

a dns request packet to your dns server

Question 55

On a web server, which port should generally NOT be opened on its firewall?

Answer 55

53

Question 56

In addition to access control, authentication is important...

Answer 56

to audit user actions on systems

Question 57

EDR is...

Answer 57

protection (AV etc.) of computers in our network

Question 58

A dictionary attack...

Answer 58

decreases the time it takes to crack passwords

Question 59

Password managers are useful because they...

Answer 59

create unique passwords for different accounts

Question 60

In cryptography, the cipher is...

Answer 60

the algorithm used to encrypt/decrypt

Question 61

Symetric encryption...

Answer 61

uses a shared private key

Question 62

SSL certificates assure...

Answer 62

confidentiality and identity

Question 63

Most encryption and hashing algorithms used in computing...

Answer 63

are publicly known

Question 64

In asymetric encryption...

Answer 64

private and public keys are combined