Cybersecurity Essentials 1.1 Final Quiz Answers Form B 100% 2018

Last Updated on by

Cybersecurity Essentials 1.1 Final Quiz Answers Form B 100% 2018

Learning with Cisco Netacad, there are many exams and lab activities to do. Some instructor require students to complete all Chapter exams, Final Exam and Chapter Quiz. No mater what instructors want you to do, PremiumExam.com offers all exams answers with clear explanation. Our Experts have verified all exam answers before we published to the website. We recommended you to chose any relevant chapter from the following:

Assignments
Answers Online Test
Final Quiz Online
Practice Quizzes
Answers Online Test
Chapter 1 Quiz Online
Chapter 2 Quiz Online
Chapter 3 Quiz Online
Chapter 4 Quiz Online
Chapter 5 Quiz Online
Chapter 6 Quiz Online
Chapter 7 Quiz Online
Chapter 8 Quiz Online
Final Quiz Form B Online

This quiz covers all of the content in Cybersecurity Essentials 1.1. It is designed to test the skills and knowledge presented in the course.

  1. What is an example of early warning systems that can be used to thwart cybercriminals?

    • CVE database
    • Infragard
    • ISO/IEC 27000 program
    • Honeynet project
      Explanation:

      Early warning systems help identify attacks and can be used by cybersecurity specialists to protect systems.
  2. Technologies like GIS and IoE contribute to the growth of large data stores. What are two reasons that these technologies increase the need for cybersecurity specialists? (Choose two.)

    • They require 24-hour monitoring.
    • They collect sensitive information.
    • They contain personal information.
    • They increase processing requirements.
    • They require more equipment.
    • They make systems more complicated.
      Explanation:

      The types of information collected by these technologies have increased the need for data protection.
  3. Which two groups of people are considered internal attackers? (Choose two.)

    • ex-employees
    • amateurs
    • black hat hackers
    • hacktivists
    • trusted partners
      Explanation:

      Threats are classified as being from an internal source or external source. A cybersecurity specialist needs to be aware of the source of various threats.
  4. Which methods can be used to implement multifactor authentication?

    • IDS and IPS
    • tokens and hashes
    • VPNs and VLANs
    • passwords and fingerprints
      Explanation:

      A cybersecurity specialist must be aware of the technologies available that support the CIA triad.
  5. Which technology should be used to enforce the security policy that a computing device must be checked against the latest antivirus update before the device is allowed to connect to the campus network?

    • NAC
    • VPN
    • SAN
    • NAS
      Explanation:

      A cybersecurity specialist must be aware of the technologies available to enforce its organization’s security policy.
  6. A security specialist is asked for advice on a security measure to prevent unauthorized hosts from accessing the home network of employees. Which measure would be most effective?

    • Implement a firewall.
    • Implement intrusion detection systems.
    • Implement a VLAN.
    • Implement RAID.
      Explanation:

      Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
  7. Which technology can be used to ensure data confidentiality?

    • hashing
    • identity management
    • RAID
    • encryption
      Explanation:

      A cybersecurity specialist must be aware of the technologies available which support the CIA triad.
  8. An organization allows employees to work from home two days a week. Which technology should be implemented to ensure data confidentiality as data is transmitted?

    • VPN
    • VLANS
    • RAID
    • SHS
      Explanation:

      Protecting data confidentiality requires an understanding of the technologies used to protect data in all three data states.
  9. What are the two most effective ways to defend against malware? (Choose two.)

    • Implement a VPN.
    • Implement strong passwords.
    • Install and update antivirus software.
    • Implement RAID.
    • Implement network firewalls.
    • Update the operating system and other application software.
      Explanation:

      A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
  10. An executive manager went to an important meeting. The secretary in the office receives a call from a person claiming that the executive manager is about to give an important presentation but the presentation files are corrupted. The caller sternly recommends that the secretary email the presentation right away to a personal email address. The caller also states that the executive is holding the secretary responsible for the success of this presentation. Which type of social engineering tactic would describe this scenario?

    • familiarity
    • intimidation
    • trusted partners
    • urgency
      Explanation:

      Social engineering uses several different tactics to gain information from victims.
  11. Which statement describes a distributed denial of service attack?”

    • An attacker sends an enormous quantity of data that a server cannot handle.
    • An attacker views network traffic to learn authentication credentials.
    • An attacker builds a botnet comprised of zombies.
    • One computer accepts data packets based on the MAC address of another computer.
      Explanation:

      A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
  12. What type of attack will make illegitimate websites higher in a web search result list?

    • DNS poisoning
    • browser hijacker
    • spam
    • SEO poisoning
      Explanation:

      A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
  13. What is a nontechnical method that a cybercriminal would use to gather sensitive information from an organization?

    • man-in-the-middle
    • social engineering
    • pharming
    • ransomeware
      Explanation:

      A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
  14. A penetration testing service hired by the company has reported that a backdoor was identified on the network. What action should the organization take to find out if systems have been compromised?

    • Look for usernames that do not have passwords.
    • Look for unauthorized accounts.
    • Look for policy changes in Event Viewer.
    • Scan the systems for viruses.
      Explanation:

      A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
  15. Users report that the database on the main server cannot be accessed. A database administrator verifies the issue and notices that the database file is now encrypted. The organization receives a threatening email demanding payment for the decryption of the database file. What type of attack has the organization experienced?

    • DoS attack
    • Trojan horse
    • ransomeware
    • man-in-the-middle attack
      Explanation:

      A cybersecurity specialist needs to be familiar with the characteristics of the different types of malware and attacks that threaten an organization.
  16. A user has a large amount of data that needs to be kept confidential. Which algorithm would best meet this requirement?

    • RSA
    • Diffie-Hellman
    • 3DES
    • ECC
      Explanation:

      Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
  17. What happens as the key length increases in an encryption application?

    • Keyspace decreases exponentially.
    • Keyspace increases exponentially.
    • Keyspace decreases proportionally.
    • Keyspace increases proportionally.
      Explanation:

      Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
  18. Which algorithm will Windows use by default when a user intends to encrypt files and folders in an NTFS volume?

    • RSA
    • DES
    • AES
    • 3DES
      Explanation:

      Encryption is an important technology used to protect confidentiality. It is important to understand the characteristics of the various encryption methodologies.
  19. Before data is sent out for analysis, which technique can be used to replace sensitive data in nonproduction environments to protect the underlying information?

    • data masking substitution
    • steganography
    • software obfuscation
    • steganalysis
      Explanation:

      Technologies exist to confuse attackers by changing data and using techniques to hide the original data.
  20. In which situation would a detective control be warranted?

    • when the organization needs to repair damage
    • after the organization has experienced a breach in order to restore everything back to a normal state
    • when the organization needs to look for prohibited activity
    • when the organization cannot use a guard dog, so it is necessary to consider an alternative
      Explanation:

      Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
  21. An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement?

    • administrative
    • technological
    • physical
    • logical
      Explanation:

      Access control prevents an unauthorized user from gaining access to sensitive data and networked systems. There are several technologies used to implement effective access control strategies.
  22. An organization has implemented antivirus software. What type of security control did the company implement?

    • deterrent control
    • detective control
    • recovery control
    • compensative control
      Explanation:

      A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
  23. Passwords, passphrases, and PINs are examples of which security term?

    • authorization
    • access
    • authentication
    • identification
      Explanation:

      Authentication methods are used to strengthen access control systems. It is important to understand the available authentication methods.
  24. An organization has determined that an employee has been cracking passwords on administrative accounts in order to access very sensitive payroll information. Which tools would you look for on the system of the employee? (Choose three)

    • password digest
    • reverse lookup tables
    • lookup tables
    • rouge access points
    • algorithm tables
    • rainbow tables
      Explanation:

      Tables that contain possible password combinations are used to crack passwords.
  25. What technique creates different hashes for the same password?

    • SHA-256
    • HMAC
    • CRC
    • salting
      Explanation:

      Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies used to ensure data integrity.
  26. Which hashing technology requires keys to be exchanged?

    • HMAC
    • salting
    • MD5
    • AES
      Explanation:

      The difference between HMAC and hashing is the use of keys.
  27. You have been asked to implement a data integrity program to protect data files that need to be electronically downloaded by the sales staff. You have decided to use the strongest hashing algorithm available on your systems. Which hash algorithm would you select?

    • SHA-1
    • AES
    • MD5
    • SHA-256
      Explanation:

      MD5 and SHA are the two most popular hashing algorithms. SHA-256 uses a 256-bit hash, whereas MD5 produces a 128-bit hash value.
  28. What kind of integrity does a database have when all its rows have a unique identifier called a primary key?

    • entity integrity
    • referential integrity
    • domain integrity
    • user-defined integrity
      Explanation:

      Data integrity is one of the three guiding security principles. A cybersecurity specialist should be familiar with the tools and technologies that are used to ensure data integrity.
  29. Technicians are testing the security of an authentication system that uses passwords. When a technician examines the password tables, the technician discovers the passwords are stored as hash values. However, after comparing a simple password hash, the technician then discovers that the values are different from those on other systems. What are two causes of this situation? (Choose two.)

    • The systems use different hashing algorithms.
    • Both systems use MD5.
    • Both systems scramble the passwords before hashing.
    • One system uses hashing and the other uses hashing and salting.
    • One system uses symmetrical hashing and the other uses asymmetrical hashing.
      Explanation:

      Hashing can be used in many different situations to ensure data integrity.
  30. Alice and Bob are using a digital signature to sign a document. What key should Alice use to sign the document so that Bob can make sure that the document came from Alice?

    • public key from Bob
    • private key from Alice
    • private key from Bob
    • username and password from Alice
      Explanation:

      Alice and Bob are used to explain asymmetric cryptography used in digital signatures. Alice uses a private key to encrypt the message digest. The message, encrypted message digest, and the public key are used to create the signed document and prepare it for transmission.
  31. The X.509 standards defines which security technology?

    • digital certificates
    • security tokens
    • strong passwords
    • biometrics
      Explanation:

      Digital certificates protect the parties involved in a secure communication
  32. What is it called when an organization only installs applications that meet its guidelines, and administrators increase security by eliminating all other applications?

    • asset standardization
    • asset identification
    • asset classification
    • asset availability
      Explanation:

      An organization needs to know what hardware and software are present as a prerequisite to knowing what the configuration parameters need to be. Asset management includes a complete inventory of hardware and software. Asset standards identify specific hardware and software products that the organization uses and supports. When a failure occurs, prompt action helps to maintain both access and security.
  33. Being able to maintain availability during disruptive events describes which of the principles of high availability?

    • single point of failure
    • system resiliency
    • fault tolerance
    • uninterruptible services
      Explanation:

      High availability can be achieved by eliminating or reducing single points of failure, by implementing system resiliency, and by designing for fault tolerance.
  34. An organization has recently adopted a five nines program for two critical database servers. What type of controls will this involve?

    • stronger encryption systems
    • remote access to thousands of external users
    • limiting access to the data on these systems
    • improving reliability and uptime of the servers
      Explanation:

      System and data availability is a critical responsibility of a cybersecurity specialists. It is important to understand the technologies, process, and controls used to provide high availability.
  35. What approach to availability provides the most comprehensive protection because multiple defenses coordinate together to prevent attacks?

    • layering
    • obscurity
    • diversity
    • limiting
      Explanation:

      Defense in depth utilizes multiple layers of security controls.
  36. The team is in the process of performing a risk analysis on the database services. The information collected includes the initial value of these assets, the threats to the assets and the impact of the threats. What type of risk analysis is the team performing by calculating the annual loss expectancy?

    • qualitative analysis
    • loss analysis
    • protection analysis
    • quantitative analysis
      Explanation:

      A qualitative or quantitative risk analysis is used to identify and prioritize threats to the organization.
  37. Which two values are required to calculate annual loss expectancy? (Choose two.)

    • asset value
    • exposure factor
    • frequency factor
    • annual rate of occurrence
    • single loss expectancy
    • quantitative loss value
      Explanation:

      Single loss expectancy, annualized rate of occurrence, and annualized loss expectancy are used in a quantitative risk analysis
  38. An organization wants to adopt a labeling system based on the value, sensitivity, and criticality of the information. What element of risk management is recommended?

    • asset identification
    • asset availability
    • asset standardization
    • asset classification
      Explanation:

      One of the most important steps in risk management is asset classification.
  39. What approach to availability involves using file permissions?

    • layering
    • simplicity
    • obscurity
    • limiting
      Explanation:

      System and data availability is a critical responsibility of a cybersecurity specialist. It is important to understand the technologies, process, and controls used to protect provide high availability.
  40. What are two incident response phases? (Choose two.)

    • prevention and containment
    • containment and recovery
    • mitigation and acceptance
    • detection and analysis
    • risk analysis and high availability
    • confidentiality and eradication
      Explanation:

      When an incident occurs, the organization must know how to respond. An organization needs to develop an incident response plan that includes several phases.
  41. What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain?

    • Local Security Policy tool
    • Event Viewer security log
    • Active Directory Security tool
    • Computer Management
      Explanation:

      A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities. Local Security Policy, Event Viewer, and Computer Management are Windows utilities that are all used in the security equation.
  42. In a comparison of biometric systems, what is the crossover error rate?

    • rate of false negatives and rate of false positives
    • rate of false positives and rate of acceptability
    • rate of rejection and rate of false negatives
    • rate of acceptability and rate of false negatives
      Explanation:

      In comparing biometric systems, there are several important factors to consider including accuracy, speed or throughput rate, and acceptability to users.
  43. What describes the protection provided by a fence that is 1 meter in height?

    • It deters casual trespassers only.
    • The fence deters determined intruders.
    • It offers limited delay to a determined intruder.
    • It prevents casual trespassers because of its height.
      Explanation:

      Security standards have been developed to assist organizations in implementing the proper controls to mitigate potential threats. The height of a fence determines the level of protection from intruders
  44. Mutual authentication can prevent which type of attack?

    • wireless poisoning
    • man-in-the-middle
    • wireless sniffing
    • wireless IP spoofing
      Explanation:

      A cybersecurity specialist must be aware of the technologies and measures that are used as countermeasures to protect the organization from threats and vulnerabilities.
  45. Which protocol would be used to provide security for employees that access systems remotely from home?

    • SSH
    • WPA
    • Telnet
    • SCP
      Explanation:

      Various application layer protocols are used to for communications between systems. A secure protocol provides a secure channel over an unsecured network.
  46. Which technology can be used to protect VoIP against eavesdropping?

    • encrypted voice messages
    • strong authentication
    • SSH
    • ARP
      Explanation:

      Many advanced technologies such as VoIP, streaming video, and electronic conferencing require advanced countermeasures.
  47. Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)

    • WPA
    • 802.11q
    • 802.11i
    • TKIP
    • WPA2
    • WEP
      Explanation:

      Various protocols can be used to provide secure communication systems. AES is the strongest encryption algorithm.
  48. HVAC, water system, and fire systems fall under which of the cybersecurity domains?

    • network
    • user
    • device
    • physical facilities
      Explanation:

      Cybersecurity domains provide a framework for evaluating and implementing controls to protect the assets of an organization.
  49. Which national resource was developed as a result of a U.S. Executive Order after a ten-month collaborative study involving over 3,000 security professionals?

    • ISO OSI model
    • NIST Framework
    • ISO/IEC 27000
    • the National Vulnerability Database (NVD)
      Explanation:

      There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.
  50. Which cybersecurity weapon scans for use of default passwords, missing patches, open ports, misconfigurations, and active IP addresses?

    • packet sniffers
    • vulnerability scanners
    • password crackers
    • packet analyzers
      Explanation:

      There are many tools that a cybersecurity specialist uses to evaluate the potential vulnerabilities of an organization.

Learning with Cisco Netacad, there are many exams and lab activities to do. Some instructor require students to complete all Chapter exams, Final Exam and Chapter Quiz. No mater what instructors want you to do, PremiumExam.com offers all exams answers with clear explanation. Our Experts have verified all exam answers before we published to the website. We recommended you to chose any relevant chapter from the following:

Assignments
Answers Online Test
Final Quiz Online
Practice Quizzes
Answers Online Test
Chapter 1 Quiz Online
Chapter 2 Quiz Online
Chapter 3 Quiz Online
Chapter 4 Quiz Online
Chapter 5 Quiz Online
Chapter 6 Quiz Online
Chapter 7 Quiz Online
Chapter 8 Quiz Online
Final Quiz Form B Online