- web.groovymark@gmail.com
- December 3, 2024
Question 21
A security administrator needs to ensure that data on a network is encrypted and that its integrity is verified during transmission. Which of the following protocols should be used?
A. HTTP
B. FTP
C. TLS
D. Telnet
Correct Answer: C. TLS
Explanation: TLS (Transport Layer Security) ensures that data is encrypted and its integrity is verified during transmission. HTTP, FTP, and Telnet do not offer this level of security.
Question 22
Which of the following security controls is used to protect a system from unauthorized changes by limiting user privileges?
A. Role-based access control
B. MAC filtering
C. VPN
D. IDS
Correct Answer: A. Role-based access control
Explanation: Role-based access control (RBAC) limits user privileges based on their role within the organization, preventing unauthorized changes to the system.
Question 23
Which of the following encryption methods is commonly used for securing wireless networks?
A. AES
B. MD5
C. SHA
D. RSA
Correct Answer: A. AES
Explanation: AES (Advanced Encryption Standard) is commonly used to secure wireless networks, especially in WPA2 encryption. MD5, SHA, and RSA are not typically used for wireless network encryption.
Question 24
Which of the following best describes the function of a honeypot in network security?
A. To block unauthorized access
B. To detect malware
C. To attract and monitor attackers
D. To encrypt sensitive data
Correct Answer: C. To attract and monitor attackers
Explanation: A honeypot is a security mechanism designed to attract and monitor attackers, allowing administrators to observe their behavior and gather intelligence. It does not block access, detect malware, or encrypt data.
Question 25
An attacker modifies the database query in a web form to gain unauthorized access to data. This attack is known as which of the following?
A. SQL injection
B. Cross-site scripting
C. Brute-force attack
D. Phishing
Correct Answer: A. SQL injection
Explanation: SQL injection occurs when an attacker inserts or modifies SQL queries to access or manipulate a database. Cross-site scripting, brute-force attacks, and phishing are different types of attacks.
Question 26
Which of the following types of malware is primarily designed to steal sensitive information from a system?
A. Worm
B. Spyware
C. Ransomware
D. Virus
Correct Answer: B. Spyware
Explanation: Spyware is a type of malware designed to collect sensitive information from a user’s system without their knowledge. Worms, ransomware, and viruses have different purposes.
Question 27
Which of the following security measures is used to ensure that the identity of a user can be verified and that they cannot deny their actions later?
A. Encryption
B. Non-repudiation
C. IDS
D. MAC filtering
Correct Answer: B. Non-repudiation
Explanation: Non-repudiation ensures that a user’s identity can be verified and that they cannot deny their actions. This is often achieved through digital signatures. Encryption, IDS, and MAC filtering do not provide non-repudiation.
Question 28
Which of the following types of attacks involves overwhelming a network or system with traffic, making it unavailable to legitimate users?
A. Phishing
B. Man-in-the-middle attack
C. Denial of Service (DoS) attack
D. Brute-force attack
Correct Answer: C. Denial of Service (DoS) attack
Explanation: A Denial of Service (DoS) attack involves overwhelming a network or system with traffic, causing it to become unavailable to legitimate users. Phishing, MitM, and brute-force attacks have different methods and goals.
Question 29
Which of the following is a primary function of an Intrusion Detection System (IDS)?
A. To block malicious traffic
B. To monitor for suspicious activity
C. To encrypt network communication
D. To manage access control lists
Correct Answer: B. To monitor for suspicious activity
Explanation: An IDS monitors network traffic for suspicious activity and potential security breaches. It does not block traffic, encrypt communication, or manage access control lists.
Question 30
An attacker sends a large number of requests to a server, causing it to crash. This is an example of which of the following attacks?
A. Phishing
B. Man-in-the-middle attack
C. Denial of Service (DoS) attack
D. Brute-force attack
Correct Answer: C. Denial of Service (DoS) attack
Explanation: A DoS attack involves overwhelming a server or network with traffic, causing it to crash or become unavailable. Phishing, MitM, and brute-force attacks have different objectives and methods.
Question 31
Which of the following best describes the purpose of two-factor authentication?
A. To block unauthorized access
B. To verify the identity of a user
C. To monitor network traffic
D. To encrypt sensitive data
Correct Answer: B. To verify the identity of a user
Explanation: Two-factor authentication (2FA) verifies the identity of a user by requiring two forms of authentication (e.g., password and a security token). It does not block access, monitor traffic, or encrypt data.
Question 32
Which of the following attacks involves an attacker tricking a user into visiting a malicious website by disguising it as a legitimate site?
A. Phishing
B. SQL injection
C. Cross-site scripting
D. Brute-force attack
Correct Answer: A. Phishing
Explanation: Phishing involves tricking users into visiting malicious websites or revealing sensitive information by disguising the attack as legitimate. SQL injection, cross-site scripting, and brute-force attacks are different methods.
Question 33
A company wants to prevent sensitive data from being sent outside the network via email. Which of the following solutions is the best option?
A. Content filtering
B. Firewalls
C. VPN
D. Data Loss Prevention (DLP)
Correct Answer: D. Data Loss Prevention (DLP)
Explanation: Data Loss Prevention (DLP) solutions monitor and control sensitive data to prevent it from leaving the network, such as via email or file transfers. Content filtering, firewalls, and VPNs do not offer this specific protection.
Question 34
Which of the following describes the purpose of hashing in cybersecurity?
A. To encrypt sensitive data
B. To verify the integrity of data
C. To monitor network traffic
D. To authenticate users
Correct Answer: B. To verify the integrity of data
Explanation: Hashing is used to verify the integrity of data by generating a fixed-length hash value from the original data. It does not encrypt data, monitor traffic, or authenticate users.
Question 35
Which of the following attacks involves the exploitation of a vulnerability in software to gain unauthorized access to a system?
A. SQL injection
B. Phishing
C. Man-in-the-middle attack
D. Exploit
Correct Answer: D. Exploit
Explanation: An exploit takes advantage of a software vulnerability to gain unauthorized access to a system. SQL injection, phishing, and MitM attacks are specific attack types.
Question 36
Which of the following types of malware encrypts a user’s files and demands payment for the decryption key?
A. Virus
B. Trojan
C. Worm
D. Ransomware
Correct Answer: D. Ransomware
Explanation: Ransomware encrypts a user’s files and demands payment for the decryption key. Viruses, Trojans, and worms operate differently.
Question 37
Which of the following protocols is used to ensure secure communication over a network by providing encryption, authentication, and integrity?
A. HTTP
B. FTP
C. Telnet
D. TLS
Correct Answer: D. TLS
Explanation: TLS (Transport Layer Security) ensures secure communication by providing encryption, authentication, and data integrity. HTTP, FTP, and Telnet do not provide the same level of security.
Question 38
An administrator wants to ensure that users accessing the company’s internal systems are required to provide a password and a security token. Which of the following should be implemented?
A. Single sign-on
B. Role-based access control
C. Two-factor authentication
D. MAC filtering
Correct Answer: C. Two-factor authentication
Explanation: Two-factor authentication (2FA) requires users to provide two forms of identification, such as a password and a security token, to access internal systems.
Question 39
Which of the following is the primary purpose of a Virtual Private Network (VPN)?
A. To block unauthorized access
B. To encrypt network traffic
C. To monitor for malicious activity
D. To manage access control lists
Correct Answer: B. To encrypt network traffic
Explanation: A VPN encrypts network traffic, ensuring that data transmitted over the network is secure and protected from interception. It does not block access, monitor activity, or manage access control lists.
Question 40
Which of the following types of attacks involves overwhelming a system with traffic until it becomes unavailable?
A. Phishing
B. Denial of Service (DoS) attack
C. Brute-force attack
D. Cross-site scripting
Correct Answer: B. Denial of Service (DoS) attack
Explanation: A Denial of Service (DoS) attack overwhelms a system with traffic, making it unavailable to legitimate users. Phishing, brute-force attacks, and cross-site scripting are different methods of attack.