-
web.groovymark@gmail.com
- December 3, 2024
Question 01
Which of the following is a primary benefit of implementing network segmentation?
A. Increased bandwidth
B. Improved security
C. Enhanced device compatibility
D. Faster patching
Correct Answer: B. Improved security
Explanation: Network segmentation improves security by isolating different segments of the network, limiting the spread of attacks and providing better control over access to resources. It does not inherently increase bandwidth or compatibility or lead to faster patching.
Question 02
A system administrator needs to ensure the availability of critical systems in the event of a hardware failure. Which of the following technologies should be implemented?
A. IDS
B. Full disk encryption
C. RAID
D. DNSSEC
Correct Answer: C. RAID
Explanation: RAID (Redundant Array of Independent Disks) improves system availability by providing redundancy in the event of a disk failure. It is not related to intrusion detection, encryption, or DNS security.
Question 03
Which of the following best describes the function of a firewall in network security?
A. To monitor for malicious activity
B. To block unauthorized traffic
C. To encrypt network communication
D. To detect malware
Correct Answer: B. To block unauthorized traffic
Explanation: A firewall is primarily used to block unauthorized traffic entering or leaving the network. It does not monitor for malicious activity (IDS/IPS), encrypt communication, or detect malware (antivirus does this).
Question 04
An attacker is attempting to obtain passwords by trying all possible combinations. This attack is known as which of the following?
A. Phishing
B. SQL injection
C. Brute-force attack
D. Spoofing
Correct Answer: C. Brute-force attack
Explanation: A brute-force attack involves trying all possible combinations of passwords until the correct one is found. Phishing, SQL injection, and spoofing are different attack methods.
Question 05
Which of the following can be implemented to ensure that sensitive data remains confidential even if intercepted during transmission?
A. Antivirus software
B. Firewalls
C. Encryption
D. IDS
Correct Answer: C. Encryption
Explanation: Encryption ensures that sensitive data remains confidential by converting it into an unreadable format that can only be deciphered with the correct decryption key. Firewalls, antivirus software, and IDS do not provide this level of data protection.
Question 06
A company wants to implement a solution that will prevent users from visiting malicious websites. Which of the following is the best option?
A. VPN
B. DNS filtering
C. Antivirus
D. Full disk encryption
Correct Answer: B. DNS filtering
Explanation: DNS filtering blocks access to websites based on their domain name, preventing users from visiting known malicious websites. VPN, antivirus, and encryption do not specifically provide this type of protection.
Question 07
Which of the following is primarily designed to block unauthorized access while permitting authorized communication to and from a network?
A. VPN
B. Antivirus
C. Firewall
D. IDS
Correct Answer: C. Firewall
Explanation: A firewall controls incoming and outgoing network traffic by blocking or allowing communication based on predetermined security rules. VPNs, antivirus software, and IDS serve different security functions.
Question 08
Which of the following security measures ensures that a password cannot be reused for a certain number of password changes?
A. Password expiration
B. Password complexity
C. Password history
D. Two-factor authentication
Correct Answer: C. Password history
Explanation: Password history prevents users from reusing old passwords for a specified number of password changes. Password expiration enforces regular password changes, and complexity ensures strong passwords, while two-factor authentication is a separate security layer.
Question 09
An administrator wants to make sure that users accessing a server from outside the company network do so through a secure, encrypted connection. Which of the following should be used?
A. VPN
B. IDS
C. DNS
D. MAC filtering
Correct Answer: A. VPN
Explanation: A VPN (Virtual Private Network) encrypts the connection between a remote user and the internal network, ensuring secure communication. IDS, DNS, and MAC filtering do not provide this function.
Question 10
Which of the following types of malware can replicate itself without human intervention to spread across networks?
A. Trojan
B. Virus
C. Worm
D. Ransomware
Correct Answer: C. Worm
Explanation: A worm is a type of malware that can replicate itself and spread across networks without any human interaction. A virus typically requires user action to spread, while Trojans and ransomware operate differently.
Question 11
Which of the following security controls is designed to limit access to data based on the clearance level of the user?
A. Discretionary access control
B. Mandatory access control
C. Role-based access control
D. MAC filtering
Correct Answer: B. Mandatory access control
Explanation: Mandatory access control (MAC) limits access to data based on the user’s security clearance level and classification of data. Discretionary access control and role-based access control provide different types of access control.
Question 12
Which of the following protocols is designed to provide secure file transfer over a network?
A. FTP
B. HTTP
C. SFTP
D. Telnet
Correct Answer: C. SFTP
Explanation: SFTP (Secure File Transfer Protocol) uses SSH to provide secure file transfers over a network. FTP, HTTP, and Telnet do not provide the same level of security.
Question 13
An attacker sends a fraudulent email that appears to be from a legitimate source, tricking the recipient into revealing sensitive information. This is an example of which of the following attacks?
A. Phishing
B. Brute-force attack
C. Denial of service attack
D. Spoofing
Correct Answer: A. Phishing
Explanation: Phishing is an attack where an attacker impersonates a legitimate entity in emails or messages to trick users into revealing sensitive information, such as login credentials.
Question 14
Which of the following is the best way to ensure that unauthorized users cannot access files on a lost or stolen laptop?
A. Antivirus software
B. Full disk encryption
C. VPN
D. Firewalls
Correct Answer: B. Full disk encryption
Explanation: Full disk encryption ensures that data stored on a laptop is encrypted and cannot be accessed by unauthorized individuals if the device is lost or stolen. Antivirus, VPN, and firewalls provide different security measures.
Question 15
Which of the following terms refers to the use of a single authentication process to access multiple systems without re-entering login credentials?
A. Two-factor authentication
B. Single sign-on
C. Role-based access control
D. MAC filtering
Correct Answer: B. Single sign-on
Explanation: Single sign-on (SSO) allows users to authenticate once and gain access to multiple systems without needing to log in again for each one. Two-factor authentication, role-based access control, and MAC filtering are unrelated.
Question 16
Which of the following is used to verify the identity of a user before granting access to a system?
A. Encryption
B. Two-factor authentication
C. Intrusion detection system
D. Firewall
Correct Answer: B. Two-factor authentication
Explanation: Two-factor authentication (2FA) uses two forms of identity verification (e.g., password and security token) to ensure that only authorized users gain access to systems.
Question 17
A company requires that any data transferred between its servers and cloud storage must be encrypted to prevent unauthorized access. Which of the following is the best method to ensure this?
A. Firewalls
B. VPN
C. Data encryption
D. MAC filtering
Correct Answer: C. Data encryption
Explanation: Data encryption ensures that all data transferred between servers and cloud storage is protected from unauthorized access. Firewalls, VPNs, and MAC filtering do not directly encrypt data in transit.
Question 18
Which of the following best describes the function of a proxy server?
A. It blocks unauthorized access to a network
B. It monitors for suspicious traffic
C. It acts as an intermediary for client requests
D. It encrypts data during transmission
Correct Answer: C. It acts as an intermediary for client requests
Explanation: A proxy server acts as an intermediary between clients and servers, handling requests on behalf of clients. It does not block access, monitor for suspicious activity, or encrypt data by default.
Question 19
Which of the following attacks attempts to intercept and alter communication between two parties without their knowledge?
A. Man-in-the-middle attack
B. SQL injection
C. Denial of service attack
D. Brute-force attack
Correct Answer: A. Man-in-the-middle attack
Explanation: A man-in-the-middle (MitM) attack occurs when an attacker intercepts and alters communication between two parties without their knowledge. SQL injection, DoS attacks, and brute-force attacks have different methods and goals.
Question 20
Which of the following types of malware disguises itself as legitimate software to trick users into installing it?
A. Trojan
B. Worm
C. Ransomware
D. Virus
Correct Answer: A. Trojan
Explanation: A Trojan is malware that pretends to be legitimate software to deceive users into installing it. Worms, viruses, and ransomware have different behaviors and methods of infection.
