




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This practice exam explores the principles of network security and the vulnerabilities of databases. Topics include encryption, firewalls, intrusion detection systems, and SQL injection. It emphasizes securing data and protecting networks from cyber threats.
Typology: Exams
1 / 102
This page cannot be seen from the preview
Don't miss anything!





























































































Question 1. Which of the following best describes the Confidentiality component of the CIA triad? A) Ensuring data is accurate and trustworthy B) Guaranteeing that data is available when needed C) Preventing unauthorized disclosure of information D) Providing evidence that a transaction occurred Answer: C Explanation: Confidentiality focuses on restricting access to information so only authorized parties can view it. Question 2. In the AAA framework, which function is responsible for tracking user actions for later review? A) Authentication B) Authorization C) Accounting D) Auditing Answer: C Explanation: Accounting (also called auditing) records user activity, enabling accountability and forensic analysis. Question 3. Which security control type is primarily intended to discover and alert on a breach after it occurs? A) Preventive B) Detective C) Corrective
D) Deterrent Answer: B Explanation: Detective controls monitor systems to identify security events that have already happened. Question 4. A company decides to move its critical web server into a separate network segment isolated from the internal LAN. Which defense‑in‑depth principle does this illustrate? A) Least privilege B) Network segmentation C) Redundancy D) Diversity Answer: B Explanation: Segregating networks limits the spread of attacks and is a core element of defense‑in‑depth. Question 5. Which risk response strategy involves purchasing cyber‑insurance to cover potential loss? A) Avoidance B) Transference C) Mitigation D) Acceptance Answer: B Explanation: Transference shifts the financial impact of a risk to a third party, such as an insurer.
D) Stored on a separate air‑gapped system Answer: C Explanation: Public data is intended for unrestricted dissemination and does not require confidentiality safeguards. Question 9. Which of the following best describes “Data in Use”? A) Data stored on magnetic disks B) Data transmitted across a network C) Data being processed by an application’s CPU D) Data archived on tape Answer: C Explanation: Data in use refers to information actively processed by a system’s memory or CPU. Question 10. Which OSI layer is primarily responsible for end‑to‑end reliability and flow control? A) Physical B) Data Link C) Transport D) Session Answer: C Explanation: The Transport layer (TCP) provides reliability, sequencing, and flow control for end‑to‑end communication.
Question 11. Which protocol provides secure remote command‑line access by encrypting the session? A) Telnet B) FTP C) SSH D) HTTP Answer: C Explanation: SSH (Secure Shell) encrypts the entire session, protecting credentials and data. Question 12. IPv6 addresses are 128 bits long. How many total unique IPv6 addresses does this provide? A) Approximately 4.3 × 10⁹ B) Approximately 3.4 × 10³⁸ C) Approximately 2.1 × 10¹⁹ D) Approximately 1.0 × 10¹⁵ Answer: B Explanation: 2¹²⁸ ≈ 3.4 × 10³⁸ unique IPv6 addresses. Question 13. Which firewall type examines the state of active connections to make filtering decisions? A) Stateless packet filter B) Proxy firewall C) Stateful inspection firewall D) Application‑layer firewall
B) Between external users and internal web servers C) Inside a DMZ to filter outbound traffic D) Directly on the ISP’s edge router Answer: B Explanation: Reverse proxies accept client requests from the internet and forward them to internal servers. Question 17. Which of the following best describes a DMZ? A) An internal network segment isolated from the internet B) A network zone that hosts publicly accessible services while protecting the internal LAN C) A VLAN used for voice traffic only D) A secure enclave for privileged administrators Answer: B Explanation: A DMZ (demilitarized zone) hosts services (e.g., web, mail) exposed to the internet while keeping the internal LAN separate. Question 18. Micro‑segmentation is most closely associated with which technology? A) Physical firewalls B) VLANs only C) Software‑defined networking (SDN) D) VPN concentrators Answer: C
Explanation: SDN enables fine‑grained, policy‑based micro‑segmentation beyond traditional VLANs. Question 19. In a Zero Trust model, which statement is true? A) Once a user is inside the corporate network, they are trusted. B) All traffic is encrypted, but internal traffic is not inspected. C) Every access request is authenticated, authorized, and encrypted regardless of location. D) Perimeter firewalls are eliminated entirely. Answer: C Explanation: Zero Trust assumes no implicit trust and verifies each request regardless of origin. Question 20. Which AWS feature functions similarly to a traditional network ACL? A) Security Group B) IAM Role C) VPC Peering D) Route Table Answer: A Explanation: AWS Security Groups act as virtual firewalls, controlling inbound and outbound traffic at the instance level, akin to network ACLs. Question 21. WPA3 improves wireless security primarily by introducing: A) TKIP encryption B) 802.1X authentication for all devices C) Simultaneous Authentication of Equals (SAE) for stronger password‑derived keys
Question 24. A Distributed Denial of Service (DDoS) attack that overwhelms a target with UDP traffic is an example of: A) Application‑layer attack B) Network‑layer attack C) Protocol‑layer attack D) Physical‑layer attack Answer: B Explanation: Flooding with UDP packets targets the network layer, consuming bandwidth and connection resources. Question 25. ARP poisoning is a technique used to perform which type of attack? A) Replay attack B) Man‑in‑the‑Middle (MitM) C) Brute‑force password attack D) SQL injection Answer: B Explanation: By falsifying ARP entries, an attacker can intercept or modify traffic between victims, creating a MitM scenario. Question 26. DNS cache poisoning primarily compromises which security property? A) Confidentiality B) Integrity C) Availability
D) Non‑repudiation Answer: B Explanation: Cache poisoning alters DNS responses, causing users to resolve domain names to malicious IP addresses, violating data integrity. Question 27. Which scanning technique sends SYN packets and analyzes responses without completing a TCP handshake? A) Connect scan B) FIN scan C) SYN (half‑open) scan D) UDP scan Answer: C Explanation: SYN scans are stealthy because they never complete the three‑way handshake. Question 28. During the exploitation phase of a penetration test, the tester most commonly uses which type of tool? A) Vulnerability scanner B) Password cracker C) Exploit framework (e.g., Metasploit) D) Network mapper Answer: C Explanation: Exploit frameworks contain modules to trigger known vulnerabilities and gain footholds.
Answer: B Explanation: A role aggregates permissions, and users are assigned roles. Question 32. Multi‑factor authentication (MFA) typically combines which of the following factors? A) Something you know, something you have, something you are B) Username, password, security question C) IP address, MAC address, device ID D) Token, certificate, firewall rule Answer: A Explanation: MFA uses at least two of knowledge, possession, and inherence factors. Question 33. Which of the following is a common method for securely destroying magnetic hard‑drive data? A) Simple file deletion B) Formatting the drive with FAT C) Degaussing the drive D) Compressing the drive’s contents Answer: C Explanation: Degaussing applies a strong magnetic field that erases data beyond recovery. Question 34. Which NoSQL database model stores data as JSON‑like documents? A) Relational
B) Column‑family (e.g., Cassandra) C) Document (e.g., MongoDB) D) Graph (e.g., Neo4j) Answer: C Explanation: Document databases such as MongoDB use BSON/JSON documents for flexible schema. Question 35. In a relational DBMS, which SQL command revokes a previously granted privilege? A) REVOKE B) DENY C) DROP D) REMOVE Answer: A Explanation: The REVOKE statement removes specific permissions from a user or role. Question 36. Which authentication protocol relies on tickets issued by a central Key Distribution Center (KDC)? A) LDAP B) RADIUS C) Kerberos D) SAML Answer: C
B) The attacker receives no direct query output, requiring inference techniques C) It only works on NoSQL databases D) It modifies the database schema Answer: B Explanation: Blind injection relies on true/false or time‑based responses to infer data without visible output. Question 40. Which mitigation technique is most effective against stored (persistent) XSS attacks in a web application? A) Input validation only B) Output encoding/escaping of dynamic content C) Disabling JavaScript in browsers D) Using HTTP instead of HTTPS Answer: B Explanation: Properly encoding output prevents malicious scripts from executing in the client’s browser. Question 41. Which of the following is a primary advantage of using parameterized (prepared) statements? A) Faster query execution by the DBMS B) Automatic encryption of data at rest C) Elimination of SQL injection risk for the statement D) Simplified syntax for complex joins
Answer: C Explanation: Parameterized queries separate code from data, preventing attacker‑supplied input from being interpreted as SQL. Question 42. In the context of database auditing, what does “non‑repudiation” ensure? A) Data is encrypted at rest B) Users cannot deny having performed an action because it is logged with proof C) All data is backed up daily D) Access control lists are immutable Answer: B Explanation: Non‑repudiation provides evidence (e.g., signed logs) that a specific user performed an operation. Question 43. Which of the following statements about “least privilege” is FALSE? A) It reduces the attack surface if an account is compromised. B) It requires granting users all possible permissions to avoid errors. C) It is a core principle of secure system design. D) It can be enforced through role‑based access control. Answer: B Explanation: Least privilege advocates giving only necessary rights, not “all possible permissions.” Question 44. Which of the following is a common sign that a database may be experiencing a DoS attack?
Explanation: SQL injection is mitigated at the application layer by validating input and using safe query methods. Question 47. Which of the following is a characteristic of a “time‑based blind” SQL injection? A) The attacker receives error messages containing data. B) The application delays its response based on the evaluation of a condition. C. The attacker uses UNION to retrieve data. D. The attack modifies the database schema. Answer: B Explanation: Time‑based blind injection leverages intentional delays (e.g., SLEEP) to infer true/false conditions. Question 48. Which of the following is an example of a “detective” control for database activity? A. Enforcing password complexity B. Enabling audit logging of all DML statements C. Applying security patches promptly D. Disabling unused ports Answer: B Explanation: Audit logs detect and record database actions, allowing later analysis of suspicious activity. Question 49. Which cryptographic hash function is considered insecure for password storage due to speed and susceptibility to GPU attacks?
B. bcrypt C. Argon D. MD Answer: D Explanation: MD5 is fast and vulnerable to collision attacks; it should not be used for password hashing. Question 50. Which of the following is a primary purpose of a “security group” in cloud environments? A. To assign users to virtual machines B. To define inbound and outbound traffic rules at the instance level C. To encrypt data at rest automatically D. To manage DNS zones Answer: B Explanation: Security groups act as virtual firewalls, controlling network traffic for cloud instances. Question 51. In the context of IDS/IPS, what does “signature‑based detection” rely on? A. Statistical anomalies in traffic patterns B. Known patterns of malicious code or traffic C. Machine‑learning classification of packets D. User behavior analytics