


















































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
This foundational certification validates core cybersecurity knowledge across offensive and defensive domains. Topics include networking, operating systems, basic security concepts, threat awareness, and security operations fundamentals. It is designed for individuals beginning a cybersecurity career or validating baseline technical security competence.
Typology: Exams
1 / 90
This page cannot be seen from the preview
Don't miss anything!



















































































Question 1. Which CIA‑triad principle guarantees that information is accessible to authorized users when needed? A) Confidentiality B) Integrity C) Availability D) Non‑repudiation Answer: C Explanation: Availability ensures that systems and data are usable by authorized parties whenever required. Question 2. In the NIST CSF, which function focuses on developing and implementing appropriate safeguards to limit or contain the impact of a potential cybersecurity event? A) Identify B) Protect C) Detect D) Respond Answer: B Explanation: The Protect function is about establishing safeguards such as access controls, training, and data security to limit impact. Question 3. Which ISO standard provides requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS)? A) ISO 27001 B) ISO 9001 C) ISO 20000 D) ISO 22301
Answer: A Explanation: ISO 27001 is the globally recognized standard for ISMS. Question 4. In Linux, which command changes the ownership of a file to user alice and group dev? A) chmod alice dev file.txt B) chown alice:dev file.txt C) chgrp alice dev file.txt D) setfacl - m u:alice:rwx file.txt Answer: B Explanation: chown user:group file changes both user and group ownership. Question 5. What numeric permission set (rwx) corresponds to the octal value 750? A) rwx r-x --- B) rw- r-x --- C) rwx rwx --- D) r-- r-- r-- Answer: A Explanation: 7 = rwx for owner, 5 = r-x for group, 0 = --- for others. Question 6. Which Windows component enforces the principle of least privilege by prompting for elevation when a program attempts a privileged operation? A) BitLocker B) User Account Control (UAC) C) Windows Defender
C) Enable NAT traversal D) Indicate a /24 CIDR block for IPv Answer: A Explanation: 255.255.255.0 means the first 24 bits are the network portion. Question 10. Which DNS record type maps a domain name to an IPv6 address? A) A B) AAAA C) CNAME D) MX Answer: B Explanation: AAAA records store IPv6 addresses. Question 11. In a typical enterprise network, which device operates at Layer 3 and makes forwarding decisions based on IP addresses? A) Switch B) Router C) Hub D) Bridge Answer: B Explanation: Routers route packets between networks using IP information. Question 12. Which security technology inspects network traffic for known malicious signatures and can block them in real time? A) IDS (Intrusion Detection System)
B) IPS (Intrusion Prevention System) C) Load Balancer D) VPN Gateway Answer: B Explanation: An IPS not only detects but also prevents malicious traffic. Question 13. In AWS, who is responsible for encrypting data at rest in an S3 bucket? A) AWS only B) Customer only C) Both AWS and Customer share responsibility D) No encryption is required Answer: C Explanation: Under the Shared Responsibility Model, AWS manages the infrastructure, while the customer configures encryption. Question 14. Which cloud service model provides the highest level of control to the consumer over the operating system and applications? A) SaaS B) PaaS C) IaaS D) FaaS Answer: C Explanation: IaaS gives customers control over OS, storage, and deployed applications. Question 15. Which of the following is a symmetric encryption algorithm?
B) open("data.txt", "r") C) open("data.txt", "a") D) open("data.txt", "x") Answer: B Explanation: The mode "r" opens the file for reading. Question 19. In Python, which library is commonly used to parse JSON data? A) csv B) json C) xmltodict D) yaml Answer: B Explanation: The built‑in json module provides load and loads functions. Question 20. Which PowerShell cmdlet retrieves the event log named Security from the local computer? A) Get-EventLog - LogName Security B) Get-Log - Name Security C) Get-LogEvent Security D) Get-LogSecurity Answer: A Explanation: Get-EventLog with -LogName specifies the log to retrieve. Question 21. Which PowerShell cmdlet is used to export objects to a CSV file? A) Export-CSV
B) ConvertTo-CSV C) Out-File D) Set-Content Answer: A Explanation: Export-CSV writes objects as comma‑separated values. Question 22. Base64 encoding is primarily used for which purpose? A) Encrypting data with a secret key B) Compressing files to reduce size C) Representing binary data in ASCII text D) Generating cryptographic hashes Answer: C Explanation: Base64 maps binary data to printable ASCII characters. Question 23. Which serialization format is human‑readable and widely used for configuration files in many programming languages? A) BSON B) CSV C) JSON D) Protocol Buffers Answer: C Explanation: JSON is text‑based and easy for humans and machines to read. Question 24. During active reconnaissance, which tool is most commonly used to discover open ports on a target host?
A) A1 – Injection B) A2 – Broken Authentication C) A7 – Cross‑Site Scripting (XSS) D) A10 – Insufficient Logging & Monitoring Answer: C Explanation: XSS injects scripts that run in victims’ browsers. Question 28. Which HTTP method is most often abused in SQL injection attacks because it sends data in the request body? A) GET B) POST C) HEAD D) OPTIONS Answer: B Explanation: POST requests carry parameters in the body, a common vector for SQLi. Question 29. In Metasploit, which command loads the exploit module exploit/windows/smb/ms08_067_netapi? A) use exploit/windows/smb/ms08_067_netapi B) load exploit/windows/smb/ms08_067_netapi C) set exploit windows/smb/ms08_067_netapi D) run exploit/windows/smb/ms08_067_netapi Answer: A Explanation: use selects the desired module.
Question 30. Which Linux command can be used to discover the current user’s UID and GID? A) id B) whoami C) groups D) pwd Answer: A Explanation: id prints UID, GID, and group memberships. Question 31. Which privilege‑escalation technique exploits a misconfigured SUID binary on Linux? A) DLL hijacking B) Kernel module insertion C) SUID abuse D) Credential dumping Answer: C Explanation: An SUID binary runs with elevated privileges; exploiting it can give root. Question 32. Which Windows built‑in tool can be used to dump password hashes from the SAM database? A) netstat B) regedit C) mimikatz D) tasklist Answer: C Explanation: Mimikatz extracts credentials, including NTLM hashes, from memory or SAM.
Answer: B Explanation: Triage assesses alerts, sets priority, and decides next steps. Question 36. Which defense‑in‑depth control focuses on limiting the execution of unauthorized binaries on endpoints? A) Network segmentation B) Application whitelisting C) Data loss prevention D) Multi‑factor authentication Answer: B Explanation: Application whitelisting ensures only approved executables can run. Question 37. CVSS base score 9.0–10.0 indicates which severity level? A) Low B) Medium C) High D) Critical Answer: D Explanation: Scores 9.0–10.0 are classified as Critical severity. Question 38. Which static analysis technique examines source code without executing it to find insecure function calls? A) Fuzzing B) Code review C) Symbolic execution
D) Binary instrumentation Answer: B Explanation: Manual or automated code review looks for insecure APIs such as strcpy. Question 39. In dynamic malware analysis, which sandbox tool captures system calls made by a Windows executable? A) YARA B) Cuckoo Sandbox C) Wireshark D) Nmap Answer: B Explanation: Cuckoo runs the sample in a virtual environment and logs API calls. Question 40. Which phase of the Incident Response process involves restoring systems to normal operation after the threat has been removed? A) Containment B) Eradication C) Recovery D) Lessons Learned Answer: C Explanation: Recovery brings services back online safely. Question 41. In a SIEM, which type of correlation rule would detect lateral movement by looking for a successful RDP login followed by a SMB connection to another host? A) Threshold rule B) Time‑based rule
B) Whitelisting (allow‑list) validation C) Blacklisting (deny‑list) validation D) Escaping characters Answer: B Explanation: Whitelisting accepts only known‑good patterns, preventing injection. Question 45. In AWS VPC design, which construct provides stateful filtering of inbound and outbound traffic at the subnet level? A) Network ACLs B) Security Groups C) Route Tables D) DHCP Options Set Answer: B Explanation: Security groups are stateful firewalls attached to ENIs. Question 46. Which principle of least privilege is best illustrated by granting a Lambda function only the IAM permissions it needs to write to a specific S3 bucket? A) Role‑based access control B) Separation of duties C) Need‑to‑know D) Granular permission scoping Answer: D Explanation: Granular scoping limits the function to the minimal required actions. Question 47. Which automated security testing tool is primarily used for static application security testing (SAST) of source code?
A) Burp Suite B) OWASP ZAP C) SonarQube D) Metasploit Answer: C Explanation: SonarQube performs static analysis to find code smells and vulnerabilities. Question 48. Which hardening step reduces the attack surface of a Linux server by disabling unnecessary services? A) Enabling SELinux B) Installing antivirus C) Running systemctl disable on unused daemons D) Adding users to the sudoers file Answer: C Explanation: Disabling unneeded services prevents them from being exploited. Question 49. Which of the following is a characteristic of a “defense‑in‑depth” architecture? A) Single point of failure B) Multiple, overlapping security controls C) Relying solely on perimeter firewalls D) No monitoring after deployment Answer: B Explanation: Defense‑in‑depth uses layered controls to mitigate failures in any single layer.
Question 53. Which DNS record can be used to verify domain ownership for SSL certificate issuance? A) TXT B) SRV C) PTR D) CAA Answer: A Explanation: Certificate authorities often ask you to publish a specific TXT record. Question 54. Which of the following best describes a “passive” reconnaissance technique? A) Scanning ports with Nmap B) Querying public WHOIS databases C) Exploiting a vulnerable service D) Sending phishing emails Answer: B Explanation: Passive techniques gather information without interacting with the target. Question 55. Which HTTP response header can mitigate reflected XSS attacks? A) Content-Type B) X-Frame-Options C) X-XSS-Protection D) Server Answer: C Explanation: X-XSS-Protection enables the browser’s built‑in XSS filter.
Question 56. Which command in PowerShell retrieves the list of installed Windows updates? A) Get-HotFix B) Get-Update C) Get-WindowsUpdateLog D) Get-Package Answer: A Explanation: Get-HotFix returns installed patches and KB numbers. Question 57. Which AWS service provides a centralized view of security alerts and compliance status across accounts? A) GuardDuty B) Security Hub C) Config D) CloudTrail Answer: B Explanation: Security Hub aggregates findings from multiple AWS security services. Question 58. Which cryptographic mode provides confidentiality and integrity simultaneously? A) ECB B) CBC C) GCM D) OFB Answer: C Explanation: Galois/Counter Mode (GCM) offers authenticated encryption.