CYBER SECURITY B
73) What is the activity performed by an organization to ensure that critical business functions will be available to customers, suppliers, regulators, and other entities that must have access to those functions.
A) Business Continuity
B) Disaster Recovery
C) Continuous Data Protection
D) Remote Backup Service
64) What setup should an administrator use for regularly testing the strength of user passwords?
A) A networked workstation so the password database can easily be copied locally and processed by the cracking program.
B) A networked workstation so that the live password database can easily be accessed by the cracking program.
C) A standalone workstation on which the password database is copied and processed by the cracking program.
D) A password-cracking program is unethical
therefore it should not be used.
93) One of the goals of Computer Forensics is to:
A) share data
B) alter data
C) destroy data
D) preserve data
98) What provides detailed documentation of every action performed on a piece of evidence to ensure its integrity?
A) chain of custody
B) message digest
C) incident response plan
D) evidence inventory
53) Which type of certificate authority (CA) has a self-signed certificate?
A) Root CA
B) Public CA
C) Bridge CA
D) Intermediate CA
100) What is the purpose of the Computer Fraud and Abuse Act of 1986?
A) Establishes a code of fair information practice that governs the collection, maintenance, use, and dissemination of personally identifiable information about individuals that is maintained in systems of records by federal agencies.
B) To improve the security and privacy of sensitive information in federal computer systems and to establish a minimum acceptable security practices for such systems. It requires the creation of computer security plans and the appropriate training of system users or owners where the systems house sensitive information.
C) Enacted as an amendment to existing computer fraud law and written to clarify and increase the scope, while in theory, limiting federal jurisdiction to cases where computers of the federal government or certain financial institutions are involved or where the crime itself is interstate in nature.
D) Served as the first comprehensive revision of the US criminal code since the 1900s and extended the United States Secret Service's jurisdiction over credit card fraud and computer fraud.
58) This security model addresses data confidentiality in computer systems and is commonly seen in military systems.
A) Bell-LaPadula model
B) Clark-Wilson model
C) Data security model
D) Biba model
86) The following is a common threat to the physical security for an organization:
A) security cameras monitoring areas containing sensitive information
B) network administrators with access to the server room
C) employees using key cards to enter restricted areas
D) cleaning crew staff with unsupervised access to all areas in a building
96) Computer-Integrity crimes are crimes that account to offenses against the Confidentiality, Integrity or Availability of digital data and computer systems. Examples of these types of crime include:
A) Hacking, Illegal Interception, Misuse of Devices
B) Hacking, Forgery, Fraud
C) Hacking, Misuse of Devices, Forgery
D) Fraud, Forgery, Illegal Interception
88) Why is asymmetric encryption better than symmetric encryption?
A) Asymmetric encryption is faster and more efficient.
B) Asymmetric encryption provides a higher level of security.
C) Asymmetric encryption requires a key to be securely shared.
D) Asymmetric encryption provides an easier exchange of encryption keys.
51) How does a message encrypted with the Public Key become decrypted with the receiver's appropriate Private Key?
A) private key contains a special function that is used to encrypt the message and which can only be reversed by the appropriate public key
B) can only be decrypted with the public key
C) encrypted message contains the functions for decryption that identifies the private key.
D) one-way function with back door is applied for the encryption
84) What is a TPM primarily used for?
A) flash storage
B) authenticating to an SSID
C) third party CA
D) stores encryption keys
80) An installation of Windows has become corrupt, what method will allow you to copy files to an external medium?
B) Fix MBR
D) Recovery Console
74) Regarding Business Continuity Planning and Disaster Recovery Planning, which one of the following IT platforms typically provide some inherent level of redundancy?
A) mainframe systems
B) distributed systems
C) Web sites
D) desktop computers
91) Sharing a private key, encrypting a message with a private key, sending a message, decrypting a message with a private key is an example of what?
A) Public Key Encryption
B) Pretty Good Privacy Encryption
D) Private Key Encryption
60) What is known as a layered approach relying on two or more authentications to establish the identity of a user?
A) multiple token
B) directed broadcast
D) strong authentication
66) When does the Challenge Handshake Authentication Protocol (CHAP) perform the handshake process?
A) only when establishing the initial connection
B) only after the connection is established
C) when establishing a connection and at any time after the connection is established
D) only when disconnecting the session
56) A user is trying to access an FTP server but gets a message saying invalid login credentials, what is the problem?
A) the user doesn't have access rights
B) the user has the wrong FTP address
C) the user has a Trojan horse
D) the user has a virus
70) What term refers to a stand-by system that is manually added to a network if the primary server fails?
A) cloud computing
B) redundant server
C) virtual server
D) fault tolerant server
What is your name?
61) Your boss does not want anyone else to have the ability to read an email except the intended recipient. What type of security ensures only the intended recipient can read your email?
75) The best method for protecting sensitive data is called:
A) Stored on a flash drive
D) Complex password
90) What is an advantage of Triple-DES over traditional DES?
A) provide three times the encryption strength
B) uses asymmetric keys
C) is simpler to implement
D) uses three keys with multiple encryption
81) Federal agencies report incidents to what organizations?
A) United States Government Forum of Incident Response and Security Teams
B) Federal Computer Incident Response Center
C) National Cybersecurity and Communications Integration Center
D) United States Computer Emergency Readiness Teams
92) Steganography refers to:
A) device management
B) L3 encryption
C) hiding files within files
D) digital signatures
79) Anti-virus software detects an infection on the hard drive but fails to remove it. After research, you decide that best course of action is to reboot the system into safe mode and proceed with removal. How do you get into safe mode?
A) type Safe Mode in the Run Dialog box
B) hold down the power key for 10 seconds
C) press F8 upon system startup
D) use the Windows Scandisk utility
83) What type of physical attack uses a special key that is cut with all notches to the maximum length and is sharply struck to unlock a door?
B) bump key
C) house key
95) Which one of the following are examples of computer forensic certifications?
A) Information Assurance Certification Review Board, Certified Reverse Engineering Analyst, and the International Society of Forensic Computer Examiners Certified Computer Examiner
B) International Society of Forensic Computer Examiners, Certified Computer Examiner, and the Information Assurance Certification Review Board Certified Data Recovery Professional
C) Information Assurance Certification Review Board, Certified Reverse Engineering Analyst, and the International Association of Computer Investigative Specialists Certified Forensic Computer Examiner
D) International Society of Forensic Computer Examiners, Certified Computer Examiner, and Information Assurance Certification Review Board Certified Computer Forensics Examiner
82) What technology is used for surveillance?
A) TV Network Protocol
B) Broadcast Television
C) Closed Circuit Television
D) Closed Circuit Digital Photography
63) Which one of these passwords is an example of a complex password?
69) A natural disaster is a major adverse event resulting from natural processes of the Earth. Which one of the following is not an effect of a natural disaster on a computer?
A) static electricity
B) power fluctuations
C) water damage
D) smoke damage to the hard drive
67) Which one of the following reduces the chances of a single point of failure if a server fails?
A) Cloud Computing
89) This method is the art and science of hiding messages in pictures or files in such a way that no one, apart from the sender and intended recipient, suspects the existence of a message.
C) public key infrastructure
85) This physical security measure reduces the likelihood for tailgating into a secure facility.
A) passcodes on doors
B) access control badges
C) closed-circuit television
68) An electrical fire that may occur in a computer data center is known as what type of fire?
A) Class D
B) Class B
C) Class E
D) Class A
76) This entity is responsible for forming the disaster recovery team.
A) Senior Management Team
B) Contingency Planning Management Team
C) Disaster Planning Management Team
D) Crisis Management Planning Team
94) This type of data is stored on the local hard drive and is present even if the computer is turned off.
C) clipboard contents
D) data in memory
55) This type of authentication system requires the user to enter a code from a token along with a PIN.
A) token based authentication
B) multi-process authentication
C) single-factor authentication
D) multifactor authentication
72) In this type of recovery plan test, the response team simulates the recovery without actually initiating recovery procedures.
A) business continuity study
B) checklist review
C) walk-through drill
D) table top exercise
62) This term is used to describe the requirement that different portions of a critical process must be performed by different people.
A) segregation of duties
B) job rotation
C) least privilege
D) defense in depth
54) What is the purpose of a digital certificate?
A) lists critical information about a user or system
B) certifies the security of a system
C) binds a public key with a user's identity
D) validates the identity of a user
77) An incremental backup backs up which one of the following?
B) data that has changed
C) data that has not changed
D) only system files
57) Which one the following allows a user to have a one-time password?
C) Pin Code
D) Key Fob
99) Practitioners use this to fully identify and assess risk factors, balance the expected costs (damages) of incidents with the cost of defenses.
A) Risk Management
B) Risk Tolerance
C) Cost/Benefit Analysis
D) Risk Analysis
52) Which PKI element verifies the authenticity of certificates?
A) Digital Signature
D) Recovery Agent
71) When mission critical systems are unavailable, organizations are at potential risk. To prevent interrupted information systems operation, which one of the following controls are typically included in an organization's disaster recovery plan?
A) backup and data transmission controls
B) data input and downtime controls
C) disaster recovery and data processing controls
D) backup and downtime controls
59) Authentication is the process of determining whether someone or something is, in fact, who or what it is supposed to be. What type of authentication methodology uses a person's physical characteristic for identification?
A) Voice Analysis
D) Facial Recognition
97) When performing a computer forensics analysis, examiners must do everything possible to preserve the original media and data. Typically, this involves making a forensic image or forensic copy of the original media, and conducting our analysis on the copy versus the original. This work is an example of what?
87) What is the primary role of a cryptologist?
A) Performing encryption and decryption
B) Designing encryption algorithms
C) Breaking encrypted text
D) Analyzing algorithms and encrypted text
78) What type of backup is to a magnetic disk, such as a RAID configuration, Storage Area Network (SAN), or large hard drive?
A) Disk to disk (D2D)
B) Disk duplexing
C) Disk to Raid (D2R)
D) Disk to Tape (D2T)
65) What authentication protocol was developed by MIT and utilizes a system of “tickets”?
Send me a copy of my responses.
Page 1 of 1
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google.
Terms of Service