During the examination of the infected laptop, it is noticed that the malware loads on startup
and also loads a file called netutilities.dll every time MS Word is opened. This is an
example represents which of the following attack?
Correct
Incorrect
Question 2 of 119
2. Question
1 point(s)
While testing a new application your group noted that when 3 or more of you click ‘submit’
at the same time on a particular form, the application crashes every time. This is an example
of which error?
Correct
Incorrect
Question 3 of 119
3. Question
1 point(s)
Which one is a Passive Tool?
Correct
Incorrect
Question 4 of 119
4. Question
1 point(s)
From the following choose the example of Initial Exploitation?
Correct
Incorrect
Question 5 of 119
5. Question
1 point(s)
In which type of testing, the testers are not provided with any type of information for
performing assessment?
Correct
Incorrect
Question 6 of 119
6. Question
1 point(s)
From the following which is not correct regarding insider threat?
Correct
Incorrect
Question 7 of 119
7. Question
1 point(s)
Which of the following can be included in criminal activity on the internet? (Select all that
apply.)
Correct
Incorrect
Question 8 of 119
8. Question
1 point(s)
Which of the following have the ability to write scripts that exploit vulnerabilities and are
also able to discover new vulnerabilities?
Correct
Incorrect
Question 9 of 119
9. Question
1 point(s)
In which of the following threat category the attacks by an attacker or a small group of
attackers falls?
Correct
Incorrect
Question 10 of 119
10. Question
1 point(s)
When the input supplied to the program is more than it can process, what type of
vulnerability occurs?
Correct
Incorrect
Question 11 of 119
11. Question
1 point(s)
A user reports that he is unable to connect to the network. When you troubleshoot the
issue, you notice that the MAC address for his default gateway is not matching with the
MAC address of your company’s router. What type of attack is he facing?
Correct
Incorrect
Question 12 of 119
12. Question
1 point(s)
High traffic load is crashing your e-commerce site. When you look at the traffic logs, you
identify that thousands of requests coming from hundreds of various IP addresses for the
same URL. You are facing which of the following attacks?
Correct
Incorrect
Question 13 of 119
13. Question
1 point(s)
Which of the following can help in cracking the password of a disgruntled user who is fired
recently in the least time?
Correct
Incorrect
Question 14 of 119
14. Question
1 point(s)
The attack in which network traffic is captured and retransmitted at a later time by the
attacker is known as?
Correct
Incorrect
Question 15 of 119
15. Question
1 point(s)
You notice a man in a red shirt standing close to a locked door with a large box in his hands.
He waits for someone else to come along and open the locked door, then proceeds to follow
him inside. What type of social engineering attack is this?
Correct
Incorrect
Question 16 of 119
16. Question
1 point(s)
In your company, the desktops are being infected by a malware in a way that more and
more systems are becoming a victim of that malware every hour despite the fact that users
are not sharing any e-mails, programs, or even files. Which malware is causing this
infection?
Correct
Incorrect
Question 17 of 119
17. Question
1 point(s)
You are not able to open any of the Word document stored on the local system and when
a document is forced open for analyzation purpose you see only random characters and
there is no sign that the file is still a Word document. You are a victim of which malware?
Correct
Incorrect
Question 18 of 119
18. Question
1 point(s)
Some desktops in your company are displaying the message “Your files have been
encrypted. Pay 2 bitcoins in order to recover them.” These desktops have been affected by
which malware?
Correct
Incorrect
Question 19 of 119
19. Question
1 point(s)
A member of your company is facing issues with his laptop. Whenever he opens a browser,
he sees various pop-ups after every few minutes and whatever website he visits, the popups
appear. His laptop is affected by which malware?
Correct
Incorrect
Question 20 of 119
20. Question
1 point(s)
For what reason NAT will likely keep on being used in even IPv6 systems?
Why will NAT likely continue to be used even in IPv6 networks?
Correct
Incorrect
Question 21 of 119
21. Question
1 point(s)
You are requested to suggest a VPN methodology to a senior management of your company
for newly purchased VPN concentrators. For what reason would you
firmly recommend IPSec VPNs?
Correct
Incorrect
Question 22 of 119
22. Question
1 point(s)
Which of the following is the core technology of NIPS on which it relies?
Correct
Incorrect
Question 23 of 119
23. Question
1 point(s)
How can security be improved through a proxy server?
Correct
Incorrect
Question 24 of 119
24. Question
1 point(s)
For encryption keys, the temper protection can be provided by which of the following
device?
Correct
Incorrect
Question 25 of 119
25. Question
1 point(s)
From the following which one represents most network tools that detect an attack?
Correct
Incorrect
Question 26 of 119
26. Question
1 point(s)
The tcpdump command-line tool is a category of which of the following?
Correct
Incorrect
Question 27 of 119
27. Question
1 point(s)
A company was attacked by the bad guys multiple times and that attack results in data
violations. Therefore the company set up some vulnerable virtual machines containing fake
data that looks exactly like the company’s real machines in order to identify how the bad
guys get into the system. Which of the following mechanism was implemented by the
company?
Correct
Incorrect
Question 28 of 119
28. Question
1 point(s)
If a worm is going through your company that reaches out to other nodes on port TCP/1337.
Which of the following tools would you need to identify the affected nodes on your
network?
Correct
Incorrect
Question 29 of 119
29. Question
1 point(s)
Related to log and event anomalies which principle is valid?
Correct
Incorrect
Question 30 of 119
30. Question
1 point(s)
The most likely reason behind access violation errors is?
Correct
Incorrect
Question 31 of 119
31. Question
1 point(s)
Which statement is true regarding firewalls?
Correct
Incorrect
Question 32 of 119
32. Question
1 point(s)
Satellite communications (SATCOM) usage is most common in which of the following
scenario?
Correct
Incorrect
Question 33 of 119
33. Question
1 point(s)
For establishing trust relationship which mechanism is used by the Bluetooth?
Correct
Incorrect
Question 34 of 119
34. Question
1 point(s)
From the following which one is not a part of a proper Mobile Device Management (MDM)
policy?
Correct
Incorrect
Question 35 of 119
35. Question
1 point(s)
ANT is correctly described by which of the following?
Correct
Incorrect
Question 36 of 119
36. Question
1 point(s)
A user is receiving “cannot resolve address” error notes from his browser. Which port is
possibly an issue on his firewall?
Correct
Incorrect
Question 37 of 119
37. Question
1 point(s)
Which of the following defines the Secure Shell (SSH) protocol?
Correct
Incorrect
Question 38 of 119
38. Question
1 point(s)
Which port is used by FTPS?
Correct
Incorrect
Question 39 of 119
39. Question
1 point(s)
Which of the following statement regarding Transport Layer Security (TLS) is correct?
Correct
Incorrect
Question 40 of 119
40. Question
1 point(s)
Which of the following is the purpose of using Tunneling?
Correct
Incorrect
Question 41 of 119
41. Question
1 point(s)
The defense-in-depth is not supported by which one of the following?
Correct
Incorrect
Question 42 of 119
42. Question
1 point(s)
Which of the following can result in the highest risk if configured improperly?
Correct
Incorrect
Question 43 of 119
43. Question
1 point(s)
Why is UEFI preferred rather than BIOS?
Correct
Incorrect
Question 44 of 119
44. Question
1 point(s)
Which of the following is not performed by a Secure Boot?
Correct
Incorrect
Question 45 of 119
45. Question
1 point(s)
What is not true about hardware roots of trust?
Correct
Incorrect
Question 46 of 119
46. Question
1 point(s)
What is the simple way of improving the security of a system?
Correct
Incorrect
Question 47 of 119
47. Question
1 point(s)
Which statement is not true regarding systems on a chip?
Correct
Incorrect
Question 48 of 119
48. Question
1 point(s)
Which aspect is important to remember while dealing with the medical device’s security?
Correct
Incorrect
Question 49 of 119
49. Question
1 point(s)
Which term describes the loss of control over data during operations?
Correct
Incorrect
Question 50 of 119
50. Question
1 point(s)
In which testing environment fuzz testing works great?
Correct
Incorrect
Question 51 of 119
51. Question
1 point(s)
Which methodology proceeds through a sequence of stages, with each stage being
performed before proceeding to the next stage?
Correct
Incorrect
Question 52 of 119
52. Question
1 point(s)
Which of the following cloud deployment model is finest for the application which is
extremely scalable and can be provided on request?
Correct
Incorrect
Question 53 of 119
53. Question
1 point(s)
Which model of cloud deployment has the least security controls?
Correct
Incorrect
Question 54 of 119
54. Question
1 point(s)
What is the main drawback of a private cloud model?
Correct
Incorrect
Question 55 of 119
55. Question
1 point(s)
What is the use of Security Content Automation Protocol (SCAP)?
Correct
Incorrect
Question 56 of 119
56. Question
1 point(s)
Why is automated testing important for configuration validation?
Correct
Incorrect
Question 57 of 119
57. Question
1 point(s)
Complete the sentence with the right answer. Alarms are useful only if:
Correct
Incorrect
Question 58 of 119
58. Question
1 point(s)
Which of the following is the security benefit of a Faraday cage?
Correct
Incorrect
Question 59 of 119
59. Question
1 point(s)
Which of the following is the main problem of biometrics?
Correct
Incorrect
Question 60 of 119
60. Question
1 point(s)
Which account is used to run processes that don’t involve human interference to start or
stop?
Correct
Incorrect
Question 61 of 119
61. Question
1 point(s)
A person who works in the IT department of the bank informs you that the tellers are
permitted to access their terminal from 9 A.M. to 5 P.M., Monday through Saturday only.
This restriction is an example of which of the following?
Correct
Incorrect
Question 62 of 119
62. Question
1 point(s)
The process of assigning a computer ID to a particular user is identified as?
Correct
Incorrect
Question 63 of 119
63. Question
1 point(s)
Which is not a true category of authentication factors to be used if you are developing a
new multifactor authentication system for your company?
Correct
Incorrect
Question 64 of 119
64. Question
1 point(s)
Which one of the following passwords seems hardest to break?
Correct
Incorrect
Question 65 of 119
65. Question
1 point(s)
The process of ensuring that every account on a mail server is owned by a valid and active
employee is known as?
Correct
Incorrect
Question 66 of 119
66. Question
1 point(s)
What should occur when a user is no longer authorized or no longer desires to use a
system?
Correct
Incorrect
Question 67 of 119
67. Question
1 point(s)
For managing identities across corporates and systems, the protocols, policies, and
practices are defined by which of the following?
Correct
Incorrect
Question 68 of 119
68. Question
1 point(s)
From the following scenarios in which it is acceptable to use a shared account?
Correct
Incorrect
Question 69 of 119
69. Question
1 point(s)
For generating a one-time password which algorithm uses the secret key with a current
timestamp?
Correct
Incorrect
Question 70 of 119
70. Question
1 point(s)
Which access control system needs to be used in case your company wants a system to
restrict access to the files that contain sensitive information?
Correct
Incorrect
Question 71 of 119
71. Question
1 point(s)
Which one is not a form of hardware token?
Correct
Incorrect
Question 72 of 119
72. Question
1 point(s)
Your client wants a system that will allow them to authenticate that messages arrived from
a particular person. What authenticity providing method you might recommend them to
use?
Correct
Incorrect
Question 73 of 119
73. Question
1 point(s)
You modify a fingerprint scanner of your company and 1 out of 50 attempts fail despite
using a valid finger. The supervisor of the company says that “1 out of 50 is good enough”.
Which of the following is described by the supervisor for the fingerprint scanner?
Correct
Incorrect
Question 74 of 119
74. Question
1 point(s)
Which protocol can pass a symmetric key securely over the network that is insecure and
uses a key distribution?
Correct
Incorrect
Question 75 of 119
75. Question
1 point(s)
What is the abbreviation of RADIUS?
Correct
Incorrect
Question 76 of 119
76. Question
1 point(s)
Which of the following is allowed by OpenID Connect?
Correct
Incorrect
Question 77 of 119
77. Question
1 point(s)
Which service permits authorization across networks & single sign-on & federated identitybased
authentication?
Correct
Incorrect
Question 78 of 119
78. Question
1 point(s)
Which one of the following options represents the processes of adding and removing a
person to a team or project?
Correct
Incorrect
Question 79 of 119
79. Question
1 point(s)
Which authentication factor is not regarded as “something you are”?
Correct
Incorrect
Question 80 of 119
80. Question
1 point(s)
The requisite level of performance of a given contractual service is essentially set by which
of the following?
Correct
Incorrect
Question 81 of 119
81. Question
1 point(s)
Which of the following is responsible for defining the characteristics like privacy, security,
and retention policies for specific information?
Correct
Incorrect
Question 82 of 119
82. Question
1 point(s)
Which of the following policy describes what a company considers to be the proper use of
its resources (like computer policies, internet, network, and e-mail)?
Correct
Incorrect
Question 83 of 119
83. Question
1 point(s)
Which of the following is the step-by-step instruction that describes policies
implementation steps in a corporation?
Correct
Incorrect
Question 84 of 119
84. Question
1 point(s)
After an incident, the target time that is set for a continuation of operations is described by
which of the following term?
Correct
Incorrect
Question 85 of 119
85. Question
1 point(s)
The security control that is used post-event for minimizing the amount of damage is?
Correct
Incorrect
Question 86 of 119
86. Question
1 point(s)
A mantrap is an illustration of which of the following security control? (Select all that
apply.)
Correct
Incorrect
Question 87 of 119
87. Question
1 point(s)
From the following, which one is the best explanation of ‘Risk’?
Correct
Incorrect
Question 88 of 119
88. Question
1 point(s)
Which term describes the steps that a corporate performs after any unusual/abnormal
situation is seen in the operation of a computer system?
Correct
Incorrect
Question 89 of 119
89. Question
1 point(s)
Which step of the incident response process involves eliminating the issue?
Correct
Incorrect
Question 90 of 119
90. Question
1 point(s)
Which of the following site is partially configured (usually contain peripherals & software
but not every required thing)?
Correct
Incorrect
Question 91 of 119
91. Question
1 point(s)
The backup strategy that includes only those files that have been modified since the last
full backup is?
Correct
Incorrect
Question 92 of 119
92. Question
1 point(s)
The process for transferring to the continuity of operation version from a regular
operational capability of the business is named as?
Correct
Incorrect
Question 93 of 119
93. Question
1 point(s)
Getting all the team members in a cabin around the table for discussing simulated
emergency conditions is known as?
Correct
Incorrect
Question 94 of 119
94. Question
1 point(s)
Which one of the following is the most important issue in the process of forensics from the
initial step?
Correct
Incorrect
Question 95 of 119
95. Question
1 point(s)
Whose function is identical to the cyclic redundancy check, familiar parity
bits, or checksum?
Correct
Incorrect
Question 96 of 119
96. Question
1 point(s)
Which of the following is not “personally identifiable information (PII)”?
Correct
Incorrect
Question 97 of 119
97. Question
1 point(s)
Whose responsibility is to determine what data is required by the company?
Correct
Incorrect
Question 98 of 119
98. Question
1 point(s)
From the following methods which one is perfect for destroying DVD’s data at the desktop?
Correct
Incorrect
Question 99 of 119
99. Question
1 point(s)
Which of the following Information discloses the customer’s identity?
Correct
Incorrect
Question 100 of 119
100. Question
1 point(s)
Which of the following form of cryptography makes key management less of a concern?
Correct
Incorrect
Question 101 of 119
101. Question
1 point(s)
What is the finest way to obtain the plaintext from a hash value?
Correct
Incorrect
Question 102 of 119
102. Question
1 point(s)
Which of the following is the reason behind digitally signed messages distinction from
encrypted messages?
Correct
Incorrect
Question 103 of 119
103. Question
1 point(s)
If a huge quantity of data in the form of a streaming video file is given, what type of
encryption technique will be the best to secure the content from unauthorized live
viewing?
Correct
Incorrect
Question 104 of 119
104. Question
1 point(s)
What does Diffie-Hellman permit us to do?
Correct
Incorrect
Question 105 of 119
105. Question
1 point(s)
Your corporation wishes to set up a new encryption system that will secure the majority of
data with a symmetric cipher of at least 256 bits in strength. What is the rightest option of
cipher for the massive amount of data?
Correct
Incorrect
Question 106 of 119
106. Question
1 point(s)
In the IEEE 802.1AE standard which cipher mode is employed and accepted by NIST?
Correct
Incorrect
Question 107 of 119
107. Question
1 point(s)
The boss of your company wants you to initiate the attempt to implement digital signatures
in the company and want to get notified about what is required for appropriate security of
those signatures. Which of the following algorithm you possibly have to consider?
Correct
Incorrect
Question 108 of 119
108. Question
1 point(s)
A hash collision is bad for malware prevention. Why?
Correct
Incorrect
Question 109 of 119
109. Question
1 point(s)
For key exchange protocol why the ephemeral key is important?
Correct
Incorrect
Question 110 of 119
110. Question
1 point(s)
Which of the following is the perfect solution if you are setting up a Wi-Fi network in a
company that is meant to be used only by company members (using company’s laptops)
and must be extremely secure.
Correct
Incorrect
Question 111 of 119
111. Question
1 point(s)
Your task is to implement Wi-Fi in enterprise mode and the initial diagram of a network
presents only network switches and the updated access points. What is the missing
component in the diagram?
Correct
Incorrect
Question 112 of 119
112. Question
1 point(s)
Why is it not recommended to enable WPS?
Correct
Incorrect
Question 113 of 119
113. Question
1 point(s)
What enables RADIUS to scale to a global authentication network?
Correct
Incorrect
Question 114 of 119
114. Question
1 point(s)
What is the correct reason for “TKIP enhance security”?
Correct
Incorrect
Question 115 of 119
115. Question
1 point(s)
Which of the following does certificate authority consist?
Correct
Incorrect
Question 116 of 119
116. Question
1 point(s)
Your boss demands you to examine the corporation’s internal PKI system’s CPS
for applicability and verification and to assure that it satisfies present demands. What are
you most likely to concentrate on?
Correct
Incorrect
Question 117 of 119
117. Question
1 point(s)
To which of the following does the standard X.509 relate?
Correct
Incorrect
Question 118 of 119
118. Question
1 point(s)
Internet SSL public key infrastructure is best described by which of the following models?
Correct
Incorrect
Question 119 of 119
119. Question
1 point(s)
A certificate is delivered to you through email but the file does not contain the extension.
The email mentions that your certificate, the root CA and the intermediate CAs are all
included in the file. What is the format of the certificate?
Correct
Incorrect
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.