Академический Документы
Профессиональный Документы
Культура Документы
Final Quiz
Started: Feb 10 at 9:05pm
There are multiple task types that may be available in this quiz.
NOTE: Quizzes allow for partial credit scoring on all item types to foster learning. Points on quizzes can
also be deducted for answering incorrectly.
Question 1 2 pts
Question 2 2 pts
What is an example of early warning systems that can be used to thwart cybercriminals?
Honeynet project
CVE database
Infragard
Question 3 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 1/18
10/2/2019 Quiz: Final Quiz
Which two groups of people are considered internal attackers? (Choose two.)
ex-employees
trusted partners
amateurs
hacktivists
Question 4 2 pts
data in-transit
stored data
encrypted data
data in-process
Question 5 2 pts
hashing
identity management
RAID
encryption
Question 6 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 2/18
10/2/2019 Quiz: Final Quiz
Which technology should be used to enforce the security policy that a computing device
must be checked against the latest antivirus update before the device is allowed to
connect to the campus network?
SAN
VPN
NAS
NAC
Question 7 2 pts
SHA-1 hash
a virtual fingerprint
a Mantrap
Question 8 2 pts
What are three states of data during which data is vulnerable? (Choose three.)
data encrypted
data in-transit
purged data
stored data
data in-process
data decrypted
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 3/18
10/2/2019 Quiz: Final Quiz
Question 9 2 pts
man-in-the-middle
spamming
sniffing
spoofing
Question 10 2 pts
What three best practices can help defend against social engineering attacks? (Choose
three.)
Enable a policy that states that the IT department should supply information over the phone only
to managers.
Question 11 2 pts
phishing
spoofing
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 4/18
10/2/2019 Quiz: Final Quiz
sniffing
spamming
Question 12 2 pts
The employees in a company receive an email stating that the account password will
expire immediately and requires a password reset within 5 minutes. Which statement
would classify this email?
It is an impersonation attack.
It is a DDoS attack.
It is a hoax.
It is a piggy-back attack.
Question 13 2 pts
An executive manager went to an important meeting. The secretary in the office receives
a call from a person claiming that the executive manager is about to give an important
presentation but the presentation files are corrupted. The caller sternly recommends that
the secretary email the presentation right away to a personal email address. The caller
also states that the executive is holding the secretary responsible for the success of this
presentation. Which type of social engineering tactic would describe this scenario?
trusted partners
intimidation
urgency
familiarity
Question 14 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 5/18
10/2/2019 Quiz: Final Quiz
What type of application attack occurs when data goes beyond the memory areas
allocated to the application?
RAM spoofing
RAM Injection
buffer overflow
SQL injection
Question 15 2 pts
Users report that the network access is slow. After questioning the employees, the
network administrator learned that one employee downloaded a third-party scanning
program for the printer. What type of malware might be introduced that causes slow
performance of the network?
virus
spam
phishing
worm
Question 16 2 pts
authorization
access
authentication
identification
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 6/18
10/2/2019 Quiz: Final Quiz
Question 17 2 pts
Smart cards and biometrics are considered to be what type of access control?
logical
physical
administrative
technological
Question 18 2 pts
A user has a large amount of data that needs to be kept confidential. Which algorithm
would best meet this requirement?
3DES
ECC
RSA
Diffie-Hellman
Question 19 2 pts
An organization has implemented antivirus software. What type of security control did the
company implement?
compensative control
detective control
deterrent control
recovery control
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 7/18
10/2/2019 Quiz: Final Quiz
Question 20 2 pts
Which access control strategy allows an object owner to determine whether to allow
access to the object?
ACL
MAC
RBAC
DAC
Question 21 2 pts
Which access control should the IT department use to restore a system back to its
normal state?
preventive
corrective
detective
compensative
Question 22 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 8/18
10/2/2019 Quiz: Final Quiz
Question 23 2 pts
Which algorithm will Windows use by default when a user intends to encrypt files and
folders in an NTFS volume?
AES
DES
RSA
3DES
Question 24 2 pts
algorithm tables
lookup tables
rainbow tables
password digest
Question 25 2 pts
What kind of integrity does a database have when all its rows have a unique identifier
called a primary key?
entity integrity
referential integrity
domain integrity
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 9/18
10/2/2019 Quiz: Final Quiz
user-defined integrity
Question 26 2 pts
SHA-256
HMAC
CRC
salting
Question 27 2 pts
A VPN will be used within the organization to give remote users secure access to the
corporate network. What does IPsec use to authenticate the origin of every packet to
provide data integrity checking?
salting
CRC
password
HMAC
Question 28 2 pts
AES
HMAC
salting
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 10/18
10/2/2019 Quiz: Final Quiz
MD5
Question 29 2 pts
digital signature
digital certificate
asymmetric encryption
salting
Question 30 2 pts
3DES
MD5
SHA-256
AES-256
Question 31 2 pts
You have been asked to describe data validation to the data entry clerks in accounts
receivable. Which of the following are good examples of strings, integers, and decimals?
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 11/18
10/2/2019 Quiz: Final Quiz
Question 32 2 pts
There are many environments that require five nines, but a five nines environment may
be cost prohibitive. What is one example of where the five nines environment might be
cost prohibitive?
Question 33 2 pts
An organization has recently adopted a five nines program for two critical database
servers. What type of controls will this involve?
Question 34 2 pts
Which technology would you implement to provide high availability for data storage?
N+1
RAID
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 12/18
10/2/2019 Quiz: Final Quiz
hot standby
software updates
Question 35 2 pts
The team is in the process of performing a risk analysis on the database services. The
information collected includes the initial value of these assets, the threats to the assets
and the impact of the threats. What type of risk analysis is the team performing by
calculating the annual loss expectancy?
loss analysis
qualitative analysis
quantitative analysis
protection analysis
Question 36 2 pts
Which risk mitigation strategies include outsourcing services and purchasing insurance?
transfer
acceptance
reduction
avoidance
Question 37 2 pts
NIST/NICE framework
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 13/18
10/2/2019 Quiz: Final Quiz
Infragard
Question 38 2 pts
An organization wants to adopt a labeling system based on the value, sensitivity, and
criticality of the information. What element of risk management is recommended?
asset identification
asset availability
asset classification
asset standardization
Question 39 2 pts
layering
diversity
obscurity
limiting
Question 40 2 pts
Which two values are required to calculate annual loss expectancy? (Choose two.)
exposure factor
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 14/18
10/2/2019 Quiz: Final Quiz
frequency factor
asset value
Question 41 2 pts
Which three protocols can use Advanced Encryption Standard (AES)? (Choose three.)
WPA2
TKIP
WPA
802.11q
802.11i
WEP
Question 42 2 pts
Question 43 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 15/18
10/2/2019 Quiz: Final Quiz
Question 44 2 pts
ARP
SSH
strong authentication
Question 45 2 pts
ping
RIP
NTP
DNS
Question 46 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 16/18
10/2/2019 Quiz: Final Quiz
WEP
WPA2
WEP2
WPA
Question 47 2 pts
STP
IP
RIP
WPA2
ARP
ICMP
Question 48 2 pts
HVAC, water system, and fire systems fall under which of the cybersecurity domains?
device
user
physical facilities
network
Question 49 2 pts
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 17/18
10/2/2019 Quiz: Final Quiz
CERT
Question 50 2 pts
Which national resource was developed as a result of a U.S. Executive Order after a ten-
month collaborative study involving over 3,000 security professionals?
ISO/IEC 27000
NIST Framework
https://210561797.netacad.com/courses/743376/quizzes/6673458/take 18/18