ALBERTA NETWORK SECURITY ENGINEER EXAM, Exams of Network security

ALBERTA NETWORK SECURITY ENGINEER EXAM QUESTIONS AND CORRECT ANSWER (VERIFIED ANSWERS) PLUS RATIONALE 2026 Q&A|INSTANT DOWNLOAD PDF

Typology: Exams

2025/2026

Available from 04/25/2026

wergnkses254
wergnkses254 šŸ‡ŗšŸ‡ø

4.4

(8)

5.5K documents

1 / 23

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
ALBERTA NETWORK SECURITY ENGINEER EXAM
QUESTIONS AND CORRECT ANSWER (VERIFIED
ANSWERS) PLUS RATIONALE 2026 Q&A|INSTANT
DOWNLOAD PDF
1. What is the primary goal of network security engineering?
A. Increase bandwidth
B. Protect network infrastructure from unauthorized access and attacks
C. Improve CPU speed
D. Reduce storage usage
Answer: B
Rationale: Network security engineering focuses on confidentiality, integrity, and availability of
network resources.
2. What does the OSI model provide?
A. Encryption method
B. Framework for network communication layers
C. Firewall rules
D. Data compression
Answer: B
Rationale: The OSI model standardizes network communication into layers for design and
troubleshooting.
3. Which OSI layer handles routing?
A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 7
Answer: B
Rationale: The network layer (Layer 3) manages logical addressing and routing.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17

Partial preview of the text

Download ALBERTA NETWORK SECURITY ENGINEER EXAM and more Exams Network security in PDF only on Docsity!

ALBERTA NETWORK SECURITY ENGINEER EXAM

QUESTIONS AND CORRECT ANSWER (VERIFIED

ANSWERS) PLUS RATIONALE 2026 Q&A|INSTANT

DOWNLOAD PDF

1. What is the primary goal of network security engineering? A. Increase bandwidth B. Protect network infrastructure from unauthorized access and attacks C. Improve CPU speed D. Reduce storage usage Answer: B Rationale: Network security engineering focuses on confidentiality, integrity, and availability of network resources. 2. What does the OSI model provide? A. Encryption method B. Framework for network communication layers C. Firewall rules D. Data compression Answer: B Rationale: The OSI model standardizes network communication into layers for design and troubleshooting. 3. Which OSI layer handles routing? A. Layer 2 B. Layer 3 C. Layer 4 D. Layer 7 Answer: B Rationale: The network layer (Layer 3) manages logical addressing and routing.

4. What is a VLAN used for? A. Encryption B. Logical network segmentation C. DNS resolution D. Packet routing Answer: B Rationale: VLANs isolate network segments to improve security and performance. 5. What is network segmentation? A. Combining networks B. Dividing network into isolated segments C. Increasing bandwidth D. Encrypting traffic Answer: B Rationale: Segmentation reduces lateral movement of attackers. 6. What is a firewall rule? A. Backup policy B. Instruction controlling network traffic C. Encryption key D. Log file Answer: B Rationale: Firewall rules define allowed or blocked traffic. 7. What is a stateful firewall? A. Ignores traffic state B. Tracks connection state C. Only filters IP addresses D. Only filters ports Answer: B Rationale: Stateful firewalls analyze the context of traffic flows.

12. What is ARP poisoning? A. Encrypting ARP B. Sending false ARP messages C. Blocking ARP D. Compressing ARP Answer: B Rationale: Used in MITM attacks. 13. What is TLS used for? A. Routing B. Encrypting communication C. Logging D. Compression Answer: B Rationale: Secures data in transit. 14. What is IPSec? A. Email protocol B. Secure IP communication suite C. DNS service D. Firewall Answer: B Rationale: Provides encryption and authentication at IP layer. 15. What is a VPN? A. Public network B. Secure encrypted tunnel C. Backup system D. DNS server Answer: B Rationale: Protects data over public networks.

16. What is zero trust architecture? A. Trust internal users B. Never trust, always verify C. Disable authentication D. Open access Answer: B Rationale: Every request must be authenticated and authorized. 17. What is least privilege? A. Full access B. Minimum required access C. No access D. Public access Answer: B Rationale: Reduces attack surface. 18. What is DDoS mitigation? A. Increasing traffic B. Preventing overload attacks C. Encrypting data D. Logging traffic Answer: B Rationale: Protects service availability. 19. What is IDS? A. Intrusion Detection System B. Internet Data Service C. Internal Data Storage D. Integrated Device Security Answer: A Rationale: Detects suspicious activity.

Answer: B Rationale: Improves availability and resilience.

24. What is high availability? A. System downtime B. Continuous system uptime C. Encryption only D. Backup only Answer: B Rationale: Ensures service reliability. 25. What is redundancy? A. Removing systems B. Duplicate systems for reliability C. Encryption method D. Logging method Answer: B Rationale: Prevents single points of failure. 26. What is packet filtering? A. Encryption B. Inspecting packets against rules C. Backup process D. Compression Answer: B Rationale: Core firewall function. 27. What is deep packet inspection? A. Ignoring packet content B. Inspecting packet payload C. Encrypting packets D. Routing packets

Answer: B Rationale: Provides detailed traffic analysis.

28. What is SSL inspection? A. Blocking SSL B. Decrypting and inspecting encrypted traffic C. Encrypting traffic D. Routing traffic Answer: B Rationale: Detects hidden threats. 29. What is network baseline? A. Attack pattern B. Normal traffic behavior C. Encryption key D. Backup file Answer: B Rationale: Used to detect anomalies. 30. What is anomaly detection? A. Normal traffic B. Identifying unusual patterns C. Encrypting traffic D. Blocking traffic Answer: B Rationale: Detects unknown threats.

  1. What is route summarization in networking? A. Encrypting routes B. Combining multiple routes into a single advertisement C. Blocking routing protocols D. Logging routing activity

D. Routing internal traffic Answer: B Rationale: Forward proxies manage outbound client traffic.

  1. What is reverse proxy primarily used for? A. Protecting internal users B. Protecting backend servers and load balancing C. Encrypting data D. Blocking traffic Answer: B Rationale: Reverse proxies hide server infrastructure and distribute traffic.
  2. What is the main purpose of DNSSEC? A. Speed up DNS B. Provide DNS data integrity and authenticity C. Encrypt DNS queries D. Compress DNS responses Answer: B Rationale: DNSSEC ensures DNS responses are not tampered with.
  3. What is a man-in-the-middle (MITM) attack? A. Encryption attack B. Intercepting communication between two parties C. Blocking network traffic D. Logging packets Answer: B Rationale: MITM allows attackers to eavesdrop or modify data.
  4. What is network sniffing? A. Encrypting traffic B. Capturing and analyzing network packets C. Blocking packets

D. Routing packets Answer: B Rationale: Used for both troubleshooting and malicious interception.

  1. What is secure routing protocol authentication? A. Ignoring authentication B. Verifying routing updates are legitimate C. Encrypting packets only D. Blocking routes Answer: B Rationale: Prevents malicious route injection.
  2. What is BGP route filtering? A. Encrypting routes B. Controlling which routes are accepted or advertised C. Logging routes D. Blocking DNS Answer: B Rationale: Prevents route hijacking and misconfigurations.
  3. What is DHCP snooping? A. Encrypting DHCP B. Monitoring and filtering DHCP messages C. Blocking DHCP D. Logging DHCP only Answer: B Rationale: Prevents rogue DHCP servers.
  4. What is IP spoofing? A. Encrypting IP B. Forging source IP address C. Blocking IP

D. Routing ports Answer: B Rationale: Used for analysis and intrusion detection.

  1. What is secure SNMP configuration? A. Using default settings B. Using SNMPv3 with authentication and encryption C. Disabling SNMP always D. Logging SNMP only Answer: B Rationale: SNMPv3 adds security features missing in earlier versions.
  2. What is network access control (NAC)? A. Blocking all traffic B. Enforcing device and user access policies C. Encrypting data D. Logging traffic Answer: B Rationale: Ensures only compliant devices access network.
  3. What is 802.1X authentication? A. Encryption method B. Port-based network access control C. Routing protocol D. Firewall rule Answer: B Rationale: Requires authentication before granting network access.
  4. What is wireless WPA3 security improvement? A. No encryption B. Stronger encryption and authentication C. Faster speed only

D. Logging traffic Answer: B Rationale: WPA3 improves protection against brute-force attacks.

  1. What is rogue access point? A. Secure AP B. Unauthorized wireless access point C. Backup AP D. Encryption AP Answer: B Rationale: Can be used for attacks like MITM.
  2. What is wireless deauthentication attack? A. Encrypting Wi-Fi B. Forcing clients to disconnect C. Blocking routers D. Logging traffic Answer: B Rationale: Disrupts connections or enables attacks.
  3. What is network segmentation enforcement? A. Ignoring segments B. Applying controls between segments C. Encrypting segments D. Logging segments Answer: B Rationale: Ensures segmentation is effective.
  4. What is firewall zone-based policy? A. Single rule B. Grouping interfaces into zones C. Encrypting zones

D. Switch Answer: B Rationale: Enables trust in PKI systems.

  1. What is certificate revocation? A. Creating certificates B. Invalidating compromised certificates C. Encrypting certificates D. Logging certificates Answer: B Rationale: Prevents use of compromised credentials. 61. What is microsegmentation? A. Large networks B. Fine-grained segmentation C. No segmentation D. Encryption Answer: B Rationale: Limits lateral movement. 62. What is SDN security? A. Hardware-only security B. Securing software-defined networks C. Encryption only D. Backup system Answer: B Rationale: Protects programmable networks. 63. What is CASB? A. Cloud Access Security Broker B. Certificate Authority System Base C. Central Access Security Backup D. Cloud Authentication Service Block

Answer: A Rationale: Enforces cloud security policies.

64. What is SASE? A. Secure Access Service Edge B. System Access Secure Engine C. Security Application Service Endpoint D. Secure Authentication Service Engine Answer: A Rationale: Combines networking and security services. 65. What is DNS filtering? A. Encrypting DNS B. Blocking malicious domains C. Routing DNS D. Logging DNS Answer: B Rationale: Prevents access to harmful sites. 66. What is threat intelligence integration? A. Backup system B. Using external threat data C. Encryption method D. Firewall rule Answer: B Rationale: Improves detection accuracy. 67. What is network visibility? A. Ignoring traffic B. Monitoring all network activity C. Encrypting logs D. Blocking users

Answer: B Rationale: Analyzes evidence of attacks.

72. What is packet replay attack? A. Encryption B. Re-sending captured packets C. Blocking traffic D. Logging traffic Answer: B Rationale: Used to bypass authentication. 73. What is certificate pinning? A. Removing certificates B. Binding certificates to applications C. Encrypting certificates D. Logging certificates Answer: B Rationale: Prevents MITM attacks. 74. What is PKI? A. Public Key Infrastructure B. Private Key Integration C. Packet Key Index D. Protocol Key Interface Answer: A Rationale: Manages digital certificates. 75. What is forward secrecy? A. Key reuse B. Session keys not compromised if long-term key leaks C. Encryption removal D. Backup encryption

Answer: B Rationale: Protects past communications.

76. What is threat modeling in networks? A. Malware creation B. Identifying attack paths C. Encryption method D. Backup system Answer: B Rationale: Predicts vulnerabilities. 77. What is network policy enforcement? A. Ignoring rules B. Applying security policies C. Encrypting traffic D. Deleting logs Answer: B Rationale: Ensures compliance. 78. What is zero-day attack? A. Known vulnerability B. Unknown vulnerability exploit C. Backup system D. Encryption method Answer: B Rationale: No patch exists. 79. What is secure routing? A. Open routing B. Protecting routing protocols C. Blocking routing D. Logging routing