Download 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ and more Exams Nursing in PDF only on Docsity! 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ Question 1 An act which involves leaking sensitive information to other employees or competitors is an example of which type of behaviour? a. Malicious behaviour b. Accidental behaviour c. Non-accidental behaviour d. Negligent behaviour The correct answer is: Malicious behaviour Question 2 A manager in a security firm was caught using company’s resources for personal gain. This behavious is an example of a. Malicious behaviour b. Negligent behaviour c. Non-accidental behaviour d. Accidental behaviour The correct answer is: Malicious behaviour Question 3 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ The human resource department has just informed you about the termination of employment of an employee. As the Information security manager, which of the following action should you take with immediate effect? a. Check the CCTV footage for any suspcious activity. b. Invite the employee to hand over anything that belongs to the I.T department. c. Revoke access to all authorised applications and software. d. Compile a report about what the employee has been up to. The correct answer is: Revoke access to all authorised applications and software. Question 4 refers to the extent to which staff understands the importance of information security. a. Security culture b. Security policy c. Security behaviour d. Security awareness The correct answer is: Security awareness Question 5 refers to the extent to which staff demonstrates expected security behaviour in line with their individual security responsibilities. a. Security policy 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ As an information security manager, one of your security officers comes to you complaining about an application that the company uses, but is blocked by the security tools you have recently implemented. Which of the option below will be the best course of action to take? a. Whitelisting the application. b. Blacklisting the application. c. Acquire a new application that won’t be blocked by the new system. d. Turning off the new security tools. The correct answer is: Whitelisting the application. Question 11 The facilities needed to evaluate the behaviour of managed objects and the effectiveness of communication activities is a. Fault management b. Configuration management c. Accounting management d. Performance management The correct answer is: Performance management Question 12 A type of IP address assigned by DHCP is known as a. Multicast Address b. Dynamic IP Address 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ c. DHCP Address d. Static IP Address The correct answer is: Dynamic IP Address Question 13 As the I.T technical officer of a security sensitive company, you receive a call that everyone at your busiest branch in town cannot access the company’s multi million-dollar application, what are the four steps that you should take to fix the problem? a. Isolate location from the rest, reconfigure or modify to minimise damage, repair or replace, and finally inform your supervisor. b. Inform your supervisor about the problem, ask those affected, and fix the problem. c. Determine fault location, isolate location from the rest, reconfigure or modify to minimise damage and finally repair or replace. d. Inform your supervisor about the problem, determine fault location, isolate location from the rest and finally assign best person to fix the problem. The correct answer is: Determine fault location, isolate location from the rest, reconfigure or modify to minimise damage and finally repair or replace. Question 14 The Acronym “IP” in IP address stands for a. Internet protocol b. International protocol c. Internal protocol d. Intranet protocol 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ The correct answer is: Internet protocol Question 15 is concerned with initialising a network and gracefully shutting down part or all of the network. a. Configuration management b. Performance management c. Security management d. Fault management The correct answer is: Configuration management Question 16 A type of IP address assigned by a user or network administrator is known as a. Dynamic IP Address b. DHCP Address c. Static IP Address d. Administrator Address The correct answer is: Static IP Address Question 17 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ Question 22 is a protocol that assures accurate local timekeeping on computer systems, network devices, and other system components. a. OTP b. NTP c. MTP d. LTP The correct answer is: NTP Question 23 A category of threat that occurs as a result of Individuals, groups, organizations, or states that seek to exploit the organization’s dependence on cyber resources can be categorized as ……………. a. Environmental b. Accidental c. Structural d. Adversarial The correct answer is: Adversarial Question 24 The knowledge established as a result of analyzing information about potential or current attacks that threaten an organization is called ………………………. 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ a. None of the options listed b. Threat analysis c. Threat information d. Threat intelligence The correct answer is: Threat intelligence Question 25 is an occurrence considered by an organization to have potential security implications to a system or its environment. a. Security damage b. Security incident c. Security policy d. Security event The correct answer is: Security event Question 26 is the process of identifying, gathering, monitoring, analyzing, and reporting security-related events a. Security information b. Security event management c. Security policy d. Security log 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ The correct answer is: Security event management Question 27 is a process that involves extracting and categorizing qualitative and quantitative data to identify and analyze onsite and offsite patterns and trends. a. Web analytics b. Pattern analytics c. Data analytics d. Trend analytic The correct answer is: Web analytics Question 28 A type of Phishing that is targeted against a group, a company, or individuals within a company is called ……………… a. Targeted phishing b. Group phishing c. Single phishing d. Spear phishing The correct answer is: Spear phishing Question 29 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ The correct answer is: Security monitoring and performance Question 34 Which of the following is a process that produces information systems reports that address threats, capabilities, vulnerabilities, and inherent risk changes? a. Risk identification b. Risk reporting c. Risk assessing d. Risk Information gathering The correct answer is: Risk reporting Question 35 is/are used to detect security violations in an application or to detect flaws in the application’s interaction with the system a. Intelligence gathering trail b. System-level audit trail c. Application-level audit trail d. Security-level audit trail The correct answer is: Application-level audit trail Question 36 The process by which you verify an information when conducting a security investigation is referred to as …………. 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ a. Authentication b. Access control c. Non repudiation d. Integrity The correct answer is: Authentication Question 37 Which one of the following is an objective of Internal Audit? a. All of the options listed b. It provides an opportunity to improve the information security management system c. It identifies security weaknesses d. It provides management with information about the status of security The correct answer is: All of the options listed Question 38 Which of the option below is used to trace the activity of an individual user over time a. User-level audit trail b. Design-level audit trail c. Unit-level audit trail d. System-level audit trail 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ The correct answer is: User-level audit trail Question 39 The process that ensures that data or information has not been altered during transmission is called …………. a. Authorisation b. Access control c. Authentication d. Integrity The correct answer is: Integrity Question 40 The protocol TCP stands for ………………… a. Transmission control protocol b. Transfer control protocol c. Transreceiver control protocol d. Transmit control protocol The correct answer is: Transmission control protocol Question 41 A type of patch management technique that uses one or more servers that perform network scanning of each host to be patched and determine what patches each host needs is ………………………… 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ Question 46 In which of the following log below does the system captures successful user logon/logoff; failed user logon; user account change or deletion? a. Operating system logs b. Network device log c. Web server log d. Computer log The correct answer is: Operating system logs Question 47 A category of threat that occurs as a result of failures of equipment, environmental controls, or software due to aging, resource depletion, or other circumstances that exceed expected operating parameters falls under which category? a. Environmental b. Accidental c. Structural d. Adversarial The correct answer is: Structural Question 48 A management technique that monitors local network traffic to identify applications (and, in some cases, operating systems) that are in need of patching is ……………………. 2023 CYBER SUCURITY EXAM QUESTIONS WITH 100% VERIFIED ANSWERS GRADED A+ a. Agent-based scanning b. Passive networking monitoring c. Agentless Scanning d. None of the options listed The correct answer is: Passive networking monitoring Question 49 IPS stands for a. Intrusion prevention signal b. Intrusion Prevention system c. Intrusion prevention service d. Intrusion prevention software The correct answer is: Intrusion Prevention system Question 50 DDoS Attack stands for a. Distributed denial of software attack b. Distributed denial of service attack c. Distributed denial of server attack d. Distributed denial of system attack The correct answer is: Distributed denial of service attack