Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

Cybersecurity Concepts and Protocols, Exams of Advanced Education

A wide range of cybersecurity topics, including web 3.0, cloud computing models, network protocols, port scanning techniques, malware types, social engineering attacks, vulnerability management, and network security devices. It provides an overview of key cybersecurity concepts, threats, and mitigation strategies. The document could be useful for students studying computer science, information technology, or cybersecurity-related fields, as it covers fundamental principles and practical applications in these domains. The content could serve as study notes, lecture materials, or supplementary resources for courses on network security, ethical hacking, or information assurance.

Typology: Exams

2024/2025

Available from 10/23/2024

studyroom
studyroom 🇺🇸

5

(1)

2.3K documents

Partial preview of the text

Download Cybersecurity Concepts and Protocols and more Exams Advanced Education in PDF only on Docsity!

Justin PCCET Study Guide Part 1latest exam

questions and answers 2023

True or False: Business intelligence (BI) software consists of tools and techniques used to surface large amounts of raw unstructured data to perform a variety of tasks, including data mining, event processing, and predictive analytics. - ANS True True or False: The process in which end users find personal technology and apps that are more powerful or capable, more convenient, less expensive, quicker to install, and easier to use than enterprise IT solutions is known as consumerization. - ANS True Which action is associated with Web 1.0? A. checking CNN's website for news B. posting on Facebook C. adding information to Wikipedia D. asking Apple's Siri a question - ANS A Which action is associated with Web 3.0? A. checking CNN's web site for new B. posting on Facebook C. adding information to Wikipedia D. asking Apple's Siri a question - ANS D

  1. Gmail is associated with which cloud computing model? A. SaaS B. PaaS C. IaaS D. DaaS - ANS A Which two port numbers are associated with HTTP? (Choose two.) A. 80 B. 389 C. 8080 D. 25 - ANS A & C Which port number is associated with HTTPS?

A. 21

B. 23

C. 443

D. 53 - ANS C

Which port is used for encrypted communication? A. 22 B. 80 C. 389 D. 25 - ANS A Which protocol distinguishes between applications using port numbers? A. TCP B. ICMP C. ESP D. UDP - ANS A How do attackers prevent port scans from being noticed by monitoring software? A. Scan ports so quickly it is finished before it can be detected and stopped B. scan ports so slowly it looks like random attempts to connect, rather than a concerted attack C. scan ports from an internal device D. scan ports through WiFi instead of Ethernet - ANS A Which potentially risky attribute is the most serious? A. Pervasive B. malware C. excessive bandwidth D. tunnels - ANS B Which one of these applications can be used as a tunnel for other applications? A. Telnet B. SMTP C. HTTPS D. SSH - ANS D Which two devices or systems require the configuration of non-standard ports to be able to use an application on a non-standard port? (Choose two.) A. firewall B. client C. server D. operating system E. certificate - ANS B & C

If you are responsible for the application's security, but not the operating system's security, which cloud computing service model are you using? A. your own data center B. IaaS C. PaaS D. SaaS - ANS C Which kind of security always is the responsibility of the cloud customer? A. physical security B. network security C. application security D. data security - ANS D Where is your data typically stored in a SaaS application? A. in your data center, in a database under your control B. in your data center, in a database controlled by the SaaS provider C. in the cloud, in a database you control D. in the cloud, in a database controlled by the SaaS provider - ANS D Who is responsible for the security settings in an enterprise SaaS application? (choose the best answer) A. SaaS provider B. IT administrator of the customer organization C. user, typically an employee of the customer organization D. Both IT administrators and users - ANS D When is it impossible to secure SaaS data? A. when a user uses an unmanaged device to access an unsanctioned SaaS B. when a user uses a managed device to access an unsanctioned SaaS instance C. when a user uses an unmanaged device to access a sanctioned SaaS instance D. when a user uses a managed device to access a sanctioned SaaS instance - ANS A True or False. An organization can be compliant with all applicable security and privacy regulations for its industry yet still not be secure. - ANS True Which three data fields are considered personally identifiable information (PII)? (select three) A. unique identification number (such as driver's license number) B. honorific (Mr., Mrs., Dr., etc.) C. telephone number D. blood pressure (when not connected to other fields) E. fingerprints - ANS A, C, & E Which risk is eliminated in an organization that is 100% compliant? A. having confidential information become public

B. having an advanced persistent threat change your information C. having the regulator punish you for being non-compliant D. having malicious insiders steal information - ANS C What does CVE mean? A. Computer Vulnerabilities and their Exploits B. Computer Vulnerabilities and Exposures C. Common Vulnerabilities and their Exploits D. Common Vulnerabilities and Exposures - ANS D What is the difference between CVE and CVSS? A. CVE tells you what the vulnerabilities are. CVSS gives vulnerabilities a score (0- 10) to evaluate how serious they are. B. CVE is on a scale of low, medium, high, critical. CVSS is on a scale of 0-100. C. CVSS tells you what the vulnerabilities are. CVE gives vulnerabilities a score (0- 10) to evaluate how serious they are. D. CVE is on a scale of 0-100. CVSS is on a scale of 0-10. - ANS A True or False. External threat actors have accounted for the majority of data breaches over the past five years. - ANS False Which group is likely to attack indiscriminately, whether you are a valuable target or not? A. hacktivists B. cybercriminals C. cyberterrorists D. state-affiliated groups - ANS C Which group is primarily motivated by money? A. hacktivists B. cybercriminals C. cyberterrorists D. state-affiliated groups - ANS B True or False: The cyberattack lifecycle is a seven-step process. - ANS True True or False: An attacker needs to succeed in executing only one step of the cyberattack lifecycle to infiltrate a network, whereas a defender must "be right every time" and break every step of the chain to prevent an attack. - ANS False True or False: The key to breaking the cyberattack lifecycle during the Installation phase is to implement network segmentation, a Zero Trust model, and granular control of applications to limit or restrict an attacker's lateral movement within the network. - ANS True Which stage of the cyberattack lifecycle can be identified by port scans from external sources?

A. Reconnaissance B. Weaponization and Delivery C. Exploitation D. Installation - ANS A Which stage of the cyberattack lifecycle involves querying public databases and testing exploits in the attacker's internal network? A. Reconnaissance B. Weaponization and Delivery C. Exploitation D. Installation - ANS B Which step is involved in getting malware to run on the inside of the targeted organization? A. Weaponization and Delivery B. Exploitation and Installation C. Command and Control D. Actions on the Objective - ANS B In which stage of the cyberattack lifecycle would you identify unusual communication between an internal database that should not access the internet and an external server? A. Exploitation B. Installation C. Command and Control D. Actions on the Objective - ANS C Which two malware types are self-replicating? (Choose two.) A. logic bomb B. back door C. virus D. trojan horse E. worm - ANS C & E Which two malware types are likely to be left behind by a disgruntled employee? (Choose two.) A. logic bomb B. back door C. virus D. trojan horse - ANS A & B Which two malware types require external communication channels? (Choose two.) A. ransomware NO B. spyware C. adware D. logic bomb - ANS B & C

What is the term for an unauthorized remote access program? A. logic bomb B. back door C. virus D. trojan horse - ANS B Which statement is correct? A. A security researcher might write a vulnerability to demonstrate an exploit. B. A security researcher might write an exploit to demonstrate a vulnerability. C. Exploits often are the result of poorly trained programmers. D. Exploits always are the vendor's responsibility. - ANS B A zero-day exploit uses which type of vulnerability? A. one that hasn't been discovered yet, by anybody B. one that hasn't been disclosed to the vendor (or published) C. one that the vendor knows about, but hasn't released a patch for D. one that has a patch, but the patch hasn't been installed everywhere yet - ANS B Which time interval describes a "window of vulnerability"? A. between when a vulnerability is discovered and when a patch is published B. between when a patch is published and when the patch is installed on your system C. between when a vulnerability is discovered and when the patch is installed on your system D. between when a vulnerability is discovered and when it is disclosed to the vendor - ANS C Which type of attack would include an email advertisement for a dry-cleaning service? A. spamming B. phishing C. spear phishing D. whaling - ANS A Which type of attack would include an email with an attachment not-a-trojan.exe? A. spamming B. phishing C. spear phishing D. whaling - ANS B Which type of attack would include an e-mail with your name that claims to be from your bank and tells you to click the link https://chase.bankofamerica.mysite.ru.? A. spamming B. phishing C. spear phishing D. whaling - ANS C

Your CFO receives an email with her name that claims to be the company's bank and tells her to click the link https://chase.bankofamerica.mysite.ru.What type of attack is this? A. spamming B. phishing C. spear phishing D. whaling - ANS D Which two techniques do "social engineers" use to distract their targets so they'll do whatever the attacker wants? (Choose two.) A. autopilot, requesting an action that the user does automatically without thinking B. phishing, sending email that asks for specific actions NO C. masquerading as a trojan horse D. infecting programs with a virus E. emotional distraction, such as yelling that the target would be fired - ANS A & E Who is the most likely target of social engineering? A. executive management, because it has the most permissions B. senior IT engineers, because the attacker hopes to get them to disable the security infrastructure C. junior people, because they are easier to stress and probably not as well trained D. the accounting department, because it can wire money directly to the attacker's account - ANS C In the cyberattack lifecycle, what does C2 mean? A. Configuration and Communication B. Configuration Control C. Command and Control D. Communication Control - ANS C A server that has a bug that lets a single transaction take it offline is susceptible to which type of attack? A. Denial of Service (DoS) B. Distributed Denial of Service (DDoS) C. trojan horses D. worms - ANS A Which two attacks typically use a botnet? (Choose two.) A. social engineering B. DoS C. DDoS D. sending spam to a lengthy mailing list E. spear phishing - ANS C & D Which option is least likely to be the purpose of an advanced persistent threat?

A. wire money to an offshore bank account B. steal classified information C. expand a botnet to send more spam D. be able to destroy an enemy's infrastructure in case of a war - ANS C Which behavior does an advanced persistent threat use to elude detection? A. do everything at night, when nobody is monitoring B. rely exclusively on insiders with privileged access C. do everything quickly with scripting so that the effect of the threat is achieved by the time it is detected D. use a low and slow approach to avoid triggering alarms - ANS D Which two types of behavior could enable someone to eavesdrop on a WiFi network? (Choose two.) A. passive B. inactive C. yielding D. active E. agile NO - ANS A & D What is the name of the attack in which the attacker gets the victim to connect to an access point the attack controls? A. person in the middle B. man in the middle C. access point in the middle D. access point masquerading - ANS B What is the name of the "authentication" method that lets anybody with the password to access a WiFi network? A. Pre-Shared Key (PSK) B. Password Authentication C. Extensible Authentication Protocol (EAP) D. service set identifier (SSID) - ANS A A Zero Trust network security model is based on which security principle? A. due diligence B. least privilege C. non-repudiation D. negative control - ANS B What does Zero Trust mean? A. Systems never trust the information they get from other systems B. Systems don't trust each other implicitly. C. Systems don't trust each other explicitly.

D. Systems only trust each other within the same data center. - ANS B In a full Zero Trust architecture, can two devices communicate except through a security checkpoint? A. Yes, but only if they are in the same trust zone. B. Yes, but only if the client's trust zone level is higher than the servers. C. No, unless they belong to the same application. D. No, all traffic needs to be secured - ANS D Which Palo Alto Networks product suite is used to secure the data center? A. Strata B. Prisma C. Cortex D. WildFire - ANS A Which Palo Alto Networks product suite is used to secure remote access and cloud native technologies? A. Strata B. Prisma C. Cortex D. WildFire - ANS B Which Palo Alto Networks product suite is used to manage alerts, obtain additional information, and orchestrate responses? A. Strata B. Prisma C. Cortex D. WildFire - ANS C Which device does not process addresses? A. hub B. switch C. WiFi access point D. router - ANS A Which device processes logical addresses? A. hub B. switch C. WiFi access point D. router - ANS D On which device do you configure VLANs? A. wireless repeater B. hub

C. switch D. router - ANS C Which option is an example of a static routing protocol? A. Open Shortest Path First (OSPF) B. Border Gateway Protocol (BGP) C. Routing Information Protocol (RIP) D. split horizon - ANS B Which is a routed protocol? A. Open Shortest Path First (OSPF) B. Internet Protocol (IP) C. Border Gateway Protocol (BGP) D. Routing Information Protocol (RIP) - ANS B Which device type uses routing protocols to exchange information? A. switches B. hubs C. routers D. servers - ANS C What is the primary purpose of the information exchanged by routing protocols? A. dynamic routing B. static routing C. billing for network access D. advertising MAC addresses - ANS A True or False: The internet is an example of a wide-area network (WAN). - ANS True Which network technology is used for WANs? A. Ethernet B. token-ring C. digital subscriber line (DSL) D. FDDI - ANS C Which device creates a collision domain that includes all the interfaces to which it is connected? A. hub B. switch C. router D. web server - ANS A Which requirement must be fulfilled for a client device to use a DHCP server, assuming there are no DHCP relay agents?

A. be on the same collision domain B. be on the same broadcast domain C. have latency below 20msec D. have the same subnet mask - ANS B What kind of network is most likely to use point to point links? A. LAN B. WAN C. SD WAN (only) D. WAN (only if it is not SD WAN) - ANS B Which DNS record type do you use to find the IPv4 address of a host? A. A B. AAAA C. PTR D. MX - ANS A Which devices is M2M (machine to machine)? A. internet-connected TV B. home alarm that dials the police for response C. car GPS D. temperature sensor connected to a fire suppression system - ANS D Sensors for a cultivated field must report the results once a day. These sensors are powered by batteries that need to last for years. Which form of connectivity do you use? A. Bluetooth B. Wi-Fi C. LoRaWAN D. Satellite C-Band - ANS C Which two advantages make 2G a popular choice for cellular IoT devices? (Choose two.) A. low latency B. high latency C. low hardware cost D. high bandwidth E. low power consumption - ANS C & E Why are IoT devices so often insecure? A. rushed development B. long release and patch cycles C. insufficient time for quality assurance D. low development budget - ANS B Which option is an example of a logical address?

A. IP

B. hardware C. MAC D. burned-in - ANS A How many bytes are in an IPv6 address? A. 4 B. 8 C. 16 D. 32 - ANS C Which two components are in an IPv4 address? (Choose two.) A. network B. MAC address C. host D. device type E. route number - ANS A & C In which two scenarios does network address translation (NAT) reduce the number of needed IP addresses? (Choose two.) A. devices are clients, dynamic NAT that hides them behind a single IP B. devices are servers, dynamic NAT for load balancing that makes them appear a single device C. devices are clients, static NAT to let them share an IP address D. devices are servers, static NAT to let them share an IP address - ANS A & B How does ARP translate logical addresses? A. IPv6 to IPv4 logical addresses B. IPv4 to IPv6 logical addresses C. IPv4 to MAC addresses D. IPv6 to MAC addresses - ANS C What is the purpose of NDP? A. IPv6 to IPv4 logical addresses B. IPv4 to IPv6 logical addresses C. IPv4 to MAC addresses D. IPv6 to MAC addresses - ANS D What is the subnet mask for the network 10.2.0.0/20? A. 255.0.0. B. 255.255.0. C. 255.255.240. D. 255.255.255.0 - ANS C Which two networks are subnets of 10.2.0.0/20? (Select two)

A. 10.2.0.0/

B. 10.2.5.0/

C. 10.2.20.0/

D. 10.2.14.0/

E. 10.2.0.0/16 - ANS B & D

What is the theoretical maximum number of devices in a class B? A. 2^24-2 = 16777214 B. 2^20-2 = 1048574 C. 2^16-2 = 65534 D. 2^8-2 = 254 - ANS C How many /28 subnets can you fit in a class C? A. 2 B. 4 C. 8 D. 16 - ANS D The OSI model consists of how many layers? A. four B. six C. seven D. nine - ANS C Which two protocols function at the Transport layer of the OSI model? (Choose two.). A. Transmission Control Protocol (TCP) B. Internet Protocol (IP) C. User Datagram Protocol (UDP) D. Hypertext Transfer Protocol (HTTP) - ANS A & C Which four layers comprise the TCP/IP model? (Choose four.) A. Application B. Transport C. Physical D. Internet E. Network Access - ANS A, B, D, & E Which option shows the ISO layers in the correct order (bottom layer to top)? A. Physical, Transport, Network, Session, Data link, Presentation, Application B. Physical, Data link, Network, Application, Presentation, Transport, Session C. Physical, Data link, Transport, Session, Presentation, Network, Application D. Physical, Data link, Network, Transport, Session, Presentation, Application - ANS D Ethernet and WiFi include elements of which two layers? (Choose two.)

A. Session B. Transport C. Network D. Data link E. Physical - ANS D & E The Internet Protocol itself provides the functionality of which layer? A. Transport B. Network C. Data link D. Physical - ANS B When HTTP is used directly to server webpages, it is a protocol of which layer? A. Application B. Presentation C. Session D. Transport - ANS A When HTTP is used to send REST requests, it is a protocol of which layer? A. Application B. Presentation C. Session D. Transport - ANS C In a TCP packet sent over Ethernet, what is the order of data? A. Ethernet header, TCP header, and then TCP data B. IP header, TCP header, and then TCP data C. Ethernet header, IP header, TCP header, and then TCP data D. Ethernet header, IP header, IP data, TCP header, and then TCP data - ANS C Which header does not appear in all packets of an HTTP file transfer over Ethernet? A. Ethernet B. IP C. TCP D. HTTP - ANS D True or False: A dynamic packet filtering (also known as stateful packet inspection) firewall only inspects individual packet headers during session establishment to determine whether the traffic should be allowed, blocked, or dropped by the firewall. After a session is established, individual packets that are part of the session are not inspected. - ANS False Which DNS record type do you use to find the IPv6 address of a host? A. A B. AAAA

C. PTR

D. MX - ANS B