Alpha
Bravo
Charlie
Delta
Echo
Foxtrot
100

 Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government? 

  • EC Council Certified Ethical Hacker
  • Microsoft Technology Associate Security Fundamentals
  • ISACA CSX Cybersecurity Fundamentals
  • CompTIA Security+
  • ISC2 Certified Information Systems Security Professional
  • Palo Alto Networks Certified Cybersecurity Associate
  • CompTIA Security+
100

 If developers attempt to create their own security algorithms, it will likely introduce what type of vulnerabilities?

  • Buffer overflow
  • Race conditions
  • Weaknesses in security practices
  • Non-validated input
  • Access control problems
  • Weaknesses in security practices
100

What do you call a digital asset designed to work as a medium of exchange that uses strong encryption to secure a financial transaction?

  • Apple Pay
  • Google Pay
  • Near Field Communications
  • Cryptocurrency
  • Cryptocurrency
100

 A port scan returns an ‘open’ response. What does this mean?

  • A service is listening on the port
  • Connections to the port will be denied
  • There was no reply from the host
  • A service is listening on the port
100

Which of the following firewalls filters web content requests such as URLs and domain names?

  • Application layer firewall
  • Proxy server
  • Reverse proxy server
  • Network layer firewall
  • Network address translation firewall
  • Proxy server
100

Several @Apollo employees have reported that the network access is slow. After investigation, the network administrator has learned that one employee downloaded a third-party scanning program for the printer. What type of malware might have been introduced that is causing slow performance of the network? 


  • Spam
  • Phishing
  • Worm
  • Virus
  • Worm
200

 What are the objectives of ensuring data integrity? (Choose two correct answers)

  • Data is unaltered during transit
  • Data is not changed by unauthorized entities
  • Data is encrypted while in transit and when stored on disks
  • Access to the data is authenticated
  • Data is available all the time
  • Data is unaltered during transit
  • Data is not changed by unauthorized entities
200

What action will an IDS take upon detection of malicious traffic?

  • Block or deny all traffic
  • Create a network alert and log the detection
  • Drop only packets identified as malicious
  • Reroute malicious traffic to a honeypot

 

  • Create a network alert and log the detection
200

What type of attack disrupts services by overwhelming network devices with bogus traffic?

  • DDoS
  • Zero-day
  • Brute force
  • Port scans
  • DDoS
200

What of the following are examples of cracking an encrypted password? (Choose four correct answers)

  • Intimidation
  • Brute force attack
  • Network sniffing
  • Rainbow tables
  • Social engineering
  • Spraying
  • Dictionary attack
  • Brute force attack
  • Rainbow tables
  • Spraying
  • Dictionary attack
200

You are surfing the Internet using a laptop at a public Wi-Fi cafe. What should you check first before you connect to the public network?

  • That the Bluetooth adapter is disabled
  • If the laptop requires user authentication for file and media sharing
  • That the laptop web browser is operating in private mode
  • If the laptop has a master password set to secure the passwords stored in the password manager
  • If the laptop requires user authentication for file and media sharing
200

What tool is used to lure an attacker so that an administrator can capture, log and analyze the behavior of the attack?

  • NetFlow
  • Honeypot
  • IDS
  • Nmap
  • Honeypot
300

Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability?

  • Weaknesses in security practices
  • Race conditions
  • Access control problems
  • Buffer overflow
  • Non-validated input
  • Access control problems
300

Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what? 

  • Advanced persistent threat
  • Network sniffing
  • Social engineering
  • Script kiddies
  • Rainbow tables
  • Advanced persistent threat
300

 Which of the following firewalls are placed in front of web services to protect, hide, offload and distribute access to web servers?

  • Application layer firewall
  • Proxy server
  • Transport layer firewall
  • Network layer firewall
  • Reverse proxy server
  • Reverse proxy server
300

. What is the best way to avoid getting spyware on a machine?


  • Install the latest antivirus updates
  • Install the latest web browser updates
  • Install software only from trusted websites
  • Install the latest operating system updates
  • Install software only from trusted websites
300

In networking, what name is given to the identifier at both ends of a transmission to ensure that the right data is passed to the correct application?

  • IP address
  • Port number
  • MAC address
  • Sequence number
  • Port number
300

Which of the following items are states of data? (Choose three correct answers)

  • Storage
  • Text
  • ASCII
  • Transmission
  • Binary
  • Processing
  • Storage
  • Transmission
  • Processing
400

What type of infiltration method allows attackers to quietly capture two-step verification SMS messages sent to users in a Man-in-the-Mobile (MITMO) attack?

  • Pretexting
  • Botnet
  • Dos
  • On-Path attack
  • On-Path attack
400

 An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

  • Scalability
  • Integrity
  • Confidentiality
  • Availability

 

  • Availability
400

Which of the following firewalls filters traffic based on source and destination data ports and filtering based on connection states?

  • Network address translation firewall
  • Network layer firewall
  • Transport layer firewall
  • Application layer firewall
  • Host-based firewall
  • Transport layer firewall
400

What type of infiltration method allows attackers to quietly capture two-step verification SMS messages sent to users in a Man-in-the-Mobile (MITMO) attack?

  • Pretexting
  • Botnet
  • Dos
  • On-Path attack
  • On-Path attack
400

Which of the following certifications tests your understanding and knowledge in how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner?

  • Palo Alto Networks Certified Cybersecurity Associate
  • ISC2 Certified Information Systems Security Professional
  • Microsoft Technology Associate Security Fundamentals
  • CompTIA Security+
  • ISACA CSX Cybersecurity Fundamentals
  • EC Council Certified Ethical Hacker
  • EC Council Certified Ethical Hacker
400

 Which of the following firewalls filters ports and system service calls on a single computer operating system?

  • Network address translation firewall
  • Transport layer firewall
  • Host-based firewall
  • Network layer firewall
  • Application layer firewall
  • Host-based firewall
500

 Which of the following are commonly used port scanning applications? (Select two correct answers)

  • Zenmap
  • Port number
  • Sequence number
  • Nmap
  • Zenmap
  • Nmap
500

 An organization is experiencing overwhelming visits to a main web server. You are developing a plan to add a couple of more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?


  • Scalability
  • Integrity
  • Confidentiality
  • Availability
  • Availability
500

 Which of the following firewalls filters traffic based on the user, device, role, application type and threat profile?

  • Context aware application firewall
  • Host-based firewall
  • Network address translation firewall
  • Network layer firewall
  • Application layer firewall
  • Context aware application firewall
500

What vulnerability occurs when data is written beyond the memory areas allocated to an application?

  • Buffer overflow
  • Access control problems
  • Race conditions
  • Weaknesses in security practices
  • Non-validated input
  • Buffer overflow
500

‘Data coming into a program should be sanitized, as it could have malicious content, designed to force the program to behave in an unintended way.’ This statement describes what security vulnerability? 

  • Weaknesses in security practices
  • Access control problems
  • Buffer overflow
  • Non-validated input
  • Race conditions
  • Non-validated input
500
What is the purpose of a backdoor?


  • To enable software vendors to update software
  • For government access
  • To gain unauthorized access to a system without normal authentication procedures
  • To allow developers to debug software
  • To gain unauthorized access to a system without normal authentication procedures
M
e
n
u