Introduction to Cybersecurity 2.1 Final Exam Simulator Online
| ITC 2.1 Final Exam Simulator Online | |
|---|---|
| Time | 60 minutes |
| Questions | 21 |
| SHOW ANSWERS | |
Leaderboard: ITC – Introduction to Cybersecurity 2.1 Final Exam Simulator
| Pos. | Name | Entered on | Points | Result |
|---|---|---|---|---|
| Table is loading | ||||
| No data available | ||||
ITC – Introduction to Cybersecurity 2.1 Final Exam Simulator
Quiz-summary
0 of 21 questions completed
Questions:
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
Information
ITC – Introduction to Cybersecurity 2.1 Final Exam Simulator
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading...
You must sign in or sign up to start the quiz.
You have to finish following quiz, to start this quiz:
Results
0 of 21 questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 points, (0)
| Average score |
|
| Your score |
|
Categories
- Not categorized 0%
| Pos. | Name | Entered on | Points | Result |
|---|---|---|---|---|
| Table is loading | ||||
| No data available | ||||
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- Answered
- Review
-
Question 1 of 21
1. Question
1 pointsWhich statement describes cybersecurity?
Correct
Incorrect
Explanation:
Cybersecurity is the ongoing effort to protect Internet-connected network systems and all of the data associated with the systems from unauthorized use or harm. -
Question 2 of 21
2. Question
2 pointsWhat are two objectives of ensuring data integrity? (Choose two.)
Correct
Incorrect
Explanation:
The objectives for data integrity include data not being altered during transit and not being changed by unauthorized entities. Authentication and encryption are methods to ensure confidentiality. Data being available all the time is the goal of availability. -
Question 3 of 21
3. Question
1 pointsA web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?
Correct
Incorrect
Explanation:
Confidentiality ensures that data is accessed only by authorized individuals. Authentication will help verify the identity of the individuals. -
Question 4 of 21
4. Question
1 pointsA company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?
Correct
Incorrect
Explanation:
Availability ensures that network services are accessible and performing well under all conditions. By load balancing the traffic destined to the main web servers, in times of a huge volume of visits the systems will be well managed and serviced. -
Question 5 of 21
5. Question
1 pointsTrue or False?
An employee does something as a company representative with the knowledge of that company and this action is deemed illegal. The company would be legally responsible for this action.Correct
Incorrect
Explanation:
This is a bit of a grey area and would also depend on local laws. In many cases, if the employee did something with the knowledge or approval of the company, then the legal responsibility would probably be with the company not the employee. In some areas or situations, both the company and employee could be held legally responsible. -
Question 6 of 21
6. Question
1 pointsWhat is the main purpose of cyberwarfare?
Correct
Incorrect
Explanation:
Cyberwarfare is Internet-based conflict that involves the penetration of the networks and computer systems of other nations. The main purpose of cyberwarfare is to gain advantage over adversaries, whether they are nations or competitors. -
Question 7 of 21
7. Question
1 pointsWhen describing malware, what is a difference between a virus and a worm?
Correct
Incorrect
Explanation:
Malware can be classified as follows:
– Virus (self replicates by attaching to another program or file)
– Worm (replicates independently of another program)
– Trojan Horse (masquerades as a legitimate file or program)
– Rootkit (gains privileged access to a machine while concealing itself)
– Spyware (collects information from a target system)
– Adware (delivers advertisements with or without consent)
– Bot (waits for commands from the hacker)
– Ransomware (holds a computer system or data captive until payment is received) -
Question 8 of 21
8. Question
1 pointsWhat type of attack uses zombies?
Correct
Incorrect
Explanation:
The hacker infects multiple machines (zombies), creating a botnet. Zombies launch the distributed denial of service (DDoS) attack. -
Question 9 of 21
9. Question
1 pointsThe IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?
Correct
Incorrect
Explanation:
Phishing, spyware, and social engineering are security attacks that collect network and user information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack, none of these attacks generate large amounts of data traffic that can restrict access to network services. -
Question 10 of 21
10. Question
1 pointsWhat is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network?
Correct
Incorrect
Explanation:
The best approach to protect a data network from a possibly compromised IoT device is to place all IoT devices on an isolated network that only has access to the Internet. -
Question 11 of 21
11. Question
1 pointsWhat is the best method to avoid getting spyware on a machine?
Correct
Incorrect
Explanation:
The best method to avoid getting spyware on a user machine is to download software only from trusted websites. -
Question 12 of 21
12. Question
2 pointsWhat are two security implementations that use biometrics? (Choose two.)
Correct
Incorrect
Explanation:
Biometric authentication can be used through the use of a fingerprint, palm print, and facial or voice recognition. -
Question 13 of 21
13. Question
1 pointsWhich technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?
Correct
Incorrect
Explanation:
Open Authorization is an open standard protocol that allows end users to access third party applications without exposing their user passwords. -
Question 14 of 21
14. Question
1 pointsA medical office employee sends emails to patients about recent patient visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?
Correct
Incorrect
Explanation:
An email message is transmitted in plain text and can be read by anyone who has access to the data while it is en route to a destination. Patient records include confidential or sensitive information that should be transmitted in a secure manner. -
Question 15 of 21
15. Question
2 pointsWhich two tools used for incident detection can be used to detect anomalous behavior, to detect command and control traffic, and to detect infected hosts? (Choose two.)
Correct
Incorrect
Explanation:
Although each of these tools is useful for securing networks and detecting vulnerabilities, only an IDS and NetFlow logging can be used to detect anomalous behavior, command and control traffic, and infected hosts. -
Question 16 of 21
16. Question
1 pointsFor what purpose would a network administrator use the Nmap tool?
Correct
Incorrect
Explanation:
Nmap allows an administrator to perform port scanning to probe computers and the network for open ports. This helps the administrator verify that network security policies are in place. -
Question 17 of 21
17. Question
1 pointsWhich stage of the kill chain used by attackers focuses on the identification and selection of targets?
Correct
Incorrect
Explanation:
It is the first stage, reconnaissance, of the the kill chain that focuses on the identification and selection of targets. -
Question 18 of 21
18. Question
1 pointsWhat is an example of the a Cyber Kill Chain?
Correct
Incorrect
Explanation:
The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases include the following:
Reconnaissance
Weaponization
Delivery
Exploitation
Installation
Command and control
Actions on objectives
In general, these phases are carried out in sequence. However, during an attack, several phases can be carried out simultaneously, especially if multiple attackers or groups are involved. -
Question 19 of 21
19. Question
1 pointsWhat tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack?
Correct
Incorrect
Explanation:
A honeypot is a tool set up by an administrator to lure an attacker so that the behavior of the attacker can be analyzed. This information can help the administrator identify weaknesses and build a stronger defense. -
Question 20 of 21
20. Question
1 pointsWhat is one main function of the Cisco Security Incident Response Team?
Correct
Incorrect
Explanation:
The time between a cyberattack and the time it takes to discover the attack is the time when hackers can get into a network and steal data. An important goal of the CSIRT is to ensure company, system, and data preservation through timely investigations into security incidents. -
Question 21 of 21
21. Question
1 pointsWhat action will an IDS take upon detection of malicious traffic?
Correct
Incorrect
Explanation:
An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.
