Network Security Essentials Exam, Exams of Technology

This entry-level certification evaluates foundational knowledge of network security, including firewalls, VPNs, encryption, IDS/IPS, malware prevention, and best practices for risk management and compliance. It suits those entering cybersecurity roles.

Typology: Exams

2024/2025

Available from 05/17/2025

nicky-jone
nicky-jone 🇮🇳

2.9

(43)

28K documents

1 / 131

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Network Security Essentials Exam
Question 1
What are the three primary goals of network security, commonly referred
to as the CIA triad?
A. Confidentiality, Integrity, Availability
B. Control, Inspection, Authentication
C. Compliance, Investigation, Authorization
D. Confidentiality, Investigation, Access
Correct: A
Explanation: The CIA triad stands for Confidentiality, Integrity, and
Availability, which are the three core principles of network security.
Confidentiality ensures data privacy, integrity protects data from
unauthorized modification, and availability makes sure resources are
accessible when needed.
Question 2
Which term best describes a flaw or weakness in a system that can be
exploited by a threat?
A. Risk
B. Vulnerability
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Network Security Essentials Exam and more Exams Technology in PDF only on Docsity!

Question 1 What are the three primary goals of network security, commonly referred to as the CIA triad? A. Confidentiality, Integrity, Availability B. Control, Inspection, Authentication C. Compliance, Investigation, Authorization D. Confidentiality, Investigation, Access Correct: A Explanation: The CIA triad stands for Confidentiality, Integrity, and Availability, which are the three core principles of network security. Confidentiality ensures data privacy, integrity protects data from unauthorized modification, and availability makes sure resources are accessible when needed. Question 2 Which term best describes a flaw or weakness in a system that can be exploited by a threat? A. Risk B. Vulnerability

C. Control D. Policy Correct: B Explanation: A vulnerability is a weakness in a system that can be exploited by a threat to cause harm. Risks arise when threats exploit vulnerabilities. Question 3 What is the main purpose of a security policy in an organization? A. To restrict access to the internet B. To define and communicate security expectations and rules C. To install antivirus software D. To monitor network traffic Correct: B Explanation: Security policies are formal documents that define security expectations, responsibilities, and rules within an organization to guide behavior and protect resources. Question 4 Which incident is considered a major event that shaped the evolution of network security?

Question 6 Why is regular security awareness training important for all employees? A. To teach employees how to code B. To ensure employees understand and recognize security threats C. To replace antivirus software D. To reduce network bandwidth Correct: B Explanation: Training helps employees recognize potential security threats such as phishing, reducing the risk of successful attacks. Question 7 Which model divides networking tasks into seven distinct layers? A. TCP/IP Model B. OSI Model C. SSL Model D. Firewall Model Correct: B Explanation: The OSI (Open Systems Interconnection) Model divides networking into seven layers, each with specific functions.

Question 8 At which OSI layer does encryption typically occur? A. Physical B. Data Link C. Presentation D. Network Correct: C Explanation: The Presentation layer is responsible for data translation, encryption, and compression. Question 9 Which device is primarily responsible for forwarding packets between different networks? A. Switch B. Router C. Access Point D. Proxy Correct: B

Explanation: Public IP addresses are assigned for devices that need to communicate over the internet. Question 12 Which protocol uses port 443 by default? A. HTTP B. HTTPS C. FTP D. DNS Correct: B Explanation: HTTPS (Hypertext Transfer Protocol Secure) uses port 443 for encrypted web communications. Question 13 Which protocol is connectionless and does not guarantee delivery of packets? A. TCP B. UDP C. ICMP D. HTTP

Correct: B Explanation: UDP (User Datagram Protocol) is connectionless and does not guarantee packet delivery, making it faster but less reliable. Question 14 A secure alternative to Telnet is: A. FTP B. SSH C. SMTP D. HTTP Correct: B Explanation: SSH (Secure Shell) provides encrypted communications and is a secure alternative to Telnet. Question 15 Which of the following is an example of an insider threat? A. Hacker from another country B. Disgruntled employee stealing data C. Ransomware from the internet D. Natural disaster

D. Scan for vulnerabilities Correct: B Explanation: In a MITM attack, the attacker secretly intercepts and possibly alters the communication between two parties. Question 18 Which attack involves sending fake ARP messages to a local network? A. DNS Poisoning B. ARP Spoofing C. MAC Flooding D. SQL Injection Correct: B Explanation: ARP Spoofing sends falsified Address Resolution Protocol messages to associate the attacker’s MAC address with the IP address of another host. Question 19 Which malware is characterized by demanding payment to restore access to data? A. Virus

B. Trojan C. Ransomware D. Worm Correct: C Explanation: Ransomware encrypts files and demands payment for the decryption key. Question 20 A zero-day exploit is: A. A vulnerability that has been fixed B. An attack that occurs on the first day of a month C. An exploit for a previously unknown vulnerability D. A virus that activates at midnight Correct: C Explanation: Zero-day exploits take advantage of vulnerabilities that are unknown to the software vendor and have no available fix. Question 21 What is the main purpose of vulnerability scanning? A. To encrypt network traffic

A. Anomaly-based IDS B. Heuristic IDS C. Signature-based IDS D. Host-based IDS Correct: C Explanation: Signature-based IDS detect threats by comparing traffic against a database of known attack signatures. Question 24 Which VPN protocol operates at the network layer and is widely used for secure site-to-site connections? A. SSL B. IPSec C. PPTP D. PPP Correct: B Explanation: IPSec operates at the network layer and is commonly used for secure communications between sites.

Question 25 What does Network Access Control (NAC) primarily enforce? A. Encryption of all network traffic B. Policies for device and user access to the network C. Physical security D. Wireless standards Correct: B Explanation: NAC enforces access policies, allowing only compliant and authorized devices and users onto the network. Question 26 Which encryption method uses the same key for both encryption and decryption? A. Asymmetric encryption B. Symmetric encryption C. Hashing D. Digital signature Correct: B

Correct: B Explanation: PKI manages the issuance, renewal, and revocation of digital certificates and public/private keys. Question 29 Which tool is best for capturing and analyzing network packets? A. SIEM B. Wireshark C. Firewall D. VPN Correct: B Explanation: Wireshark is a widely used packet sniffer for capturing and analyzing network traffic. Question 30 Which protocol is commonly used for centralized network authentication and supports AAA? A. HTTP B. RADIUS C. DNS

D. FTP

Correct: B Explanation: RADIUS (Remote Authentication Dial-In User Service) is used for centralized authentication, authorization, and accounting. Question 31 What is a benefit of multi-factor authentication? A. It allows unlimited access B. It requires two or more forms of verification, increasing security C. It reduces the need for passwords D. It disables user accounts Correct: B Explanation: Multi-factor authentication strengthens security by requiring multiple forms of verification, such as something you know, have, or are. Question 32 Role-Based Access Control (RBAC) assigns permissions based on: A. User’s age B. User’s job role C. User’s location

C. To optimize network performance D. To assign IP addresses Correct: B Explanation: Audit trails help track and analyze security incidents by providing a record of events and activities. Question 35 Which IEEE standard defines wireless LANs? A. IEEE 802.1X B. IEEE 802. C. IEEE 802. D. IEEE 802. Correct: B Explanation: IEEE 802.11 is the standard for wireless local area networks (WLANs). Question 36 Which wireless security protocol is considered obsolete due to weak encryption? A. WPA

B. WPA

C. WEP

D. WPA

Correct: C Explanation: WEP is easily cracked and should not be used for wireless security. Question 37 Which attack involves setting up an unauthorized wireless access point? A. Evil Twin B. Rogue AP C. Jamming D. Replay Correct: B Explanation: Rogue access points are unauthorized APs set up to bypass or compromise network security. Question 38 A common method for securing a wireless network is: A. Disabling DHCP