- web.groovymark@gmail.com
- December 3, 2024
Question 41
A company wants to prevent employees from accessing malicious websites while using company-issued devices. Which of the following is the best solution?
A. IDS
B. VPN
C. Content filter
D. Firewall
Correct Answer: C. Content filter
Explanation: A content filter can block access to malicious websites by inspecting and filtering web traffic based on predefined rules. IDS, VPN, and firewalls are important for network security but are not as effective at preventing access to specific websites.
Question 42
Which of the following best describes the purpose of encryption in a cybersecurity context?
A. To detect unauthorized access
B. To protect the confidentiality of data
C. To prevent data from being deleted
D. To authenticate users to a system
Correct Answer: B. To protect the confidentiality of data
Explanation: Encryption protects the confidentiality of data by converting it into an unreadable format that can only be decrypted with the correct key. It does not directly prevent unauthorized access, data deletion, or user authentication.
Question 43
A security analyst notices that traffic from an internal network is being sent to an unknown external server. The analyst suspects that the network has been compromised by malware. Which of the following is the best tool to confirm this suspicion?
A. IDS
B. Protocol analyzer
C. VPN
D. Firewall
Correct Answer: B. Protocol analyzer
Explanation: A protocol analyzer captures and analyzes network traffic, helping the analyst confirm whether suspicious or malicious traffic is being sent to an external server. IDS detects intrusions, VPN secures communication, and firewalls block traffic but do not analyze it in the same way.
Question 44
An attacker modifies a legitimate web page to include malicious code that executes when users visit the page. This type of attack is known as which of the following?
A. SQL injection
B. Cross-site scripting (XSS)
C. Man-in-the-middle attack
D. Phishing
Correct Answer: B. Cross-site scripting (XSS)
Explanation: Cross-site scripting (XSS) occurs when an attacker injects malicious code into a legitimate web page, causing it to execute in users' browsers. SQL injection attacks target databases, MitM attacks intercept communication, and phishing attempts to trick users into revealing sensitive information.
Question 45
A company wants to ensure that users are authenticated before accessing internal systems. Which of the following is the best method to achieve this?
A. Firewall
B. VPN
C. Two-factor authentication
D. IDS
Correct Answer: C. Two-factor authentication
Explanation: Two-factor authentication (2FA) requires users to provide two forms of authentication, such as a password and a security token, before accessing internal systems. Firewalls, VPNs, and IDS do not provide the same level of user authentication.
Question 46
Which of the following protocols is used to securely transfer files between systems?
A. FTP
B. HTTP
C. SFTP
D. Telnet
Correct Answer: C. SFTP
Explanation: SFTP (Secure File Transfer Protocol) uses SSH to securely transfer files between systems. FTP, HTTP, and Telnet do not provide secure file transfer capabilities.
Question 47
Which of the following is a common method used to prevent replay attacks in a secure communication protocol?
A. Digital certificates
B. Session tokens
C. VPN
D. Content filtering
Correct Answer: B. Session tokens
Explanation: Session tokens are commonly used to prevent replay attacks by ensuring that each session is unique and cannot be reused by an attacker. Digital certificates verify identity, VPNs secure connections, and content filtering does not address replay attacks.
Question 48
Which of the following best describes the purpose of a digital certificate in a Public Key Infrastructure (PKI) environment?
A. To provide encryption for sensitive data
B. To authenticate the identity of a user or device
C. To monitor network traffic for malicious activity
D. To manage access control lists
Correct Answer: B. To authenticate the identity of a user or device
Explanation: A digital certificate is used to authenticate the identity of a user or device in a PKI environment. It is not directly used for encryption, traffic monitoring, or access control management.
Question 49
A security administrator wants to implement a control that limits network access to devices based on their MAC addresses. Which of the following is the best solution?
A. VPN
B. MAC filtering
C. IDS
D. Firewall
Correct Answer: B. MAC filtering
Explanation: MAC filtering allows a network administrator to restrict access based on the MAC addresses of devices. VPNs, IDS, and firewalls do not provide this level of control over device access.
Question 50
Which of the following is the best method to ensure that data stored in a cloud environment is protected from unauthorized access?
A. Firewall
B. Encryption
C. VPN
D. IDS
Correct Answer: B. Encryption
Explanation: Encryption ensures that data stored in a cloud environment is protected from unauthorized access, even if the data is intercepted or accessed by an unauthorized party. Firewalls, VPNs, and IDS do not directly protect stored data in the same way as encryption.