Time limit: 0
Quiz Summary
0 of 90 Questions completed
Questions:
Information
You have already completed the quiz before. Hence you can not start it again.
Quiz is loading…
You must sign in or sign up to start the quiz.
You must first complete the following:
Results
Quiz complete. Results are being recorded.
Results
0 of 90 Questions answered correctly
Your time:
Time has elapsed
You have reached 0 of 0 point(s), (0)
Earned Point(s): 0 of 0, (0)
0 Essay(s) Pending (Possible Point(s): 0)
Categories
- Not categorized 0%
-
Unfortunately, you didn’t pass the practice exam, but hey, you have unlimited access.π Practice makes you perfect! π
-
Congratulations! π₯³ You have passed the practice exam successfully! You are one step closer to pass the real exam! We hope to see you again on another certification path.βοΈ Good luck with the exam! Stay strong. π
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- Current
- Review
- Answered
- Correct
- Incorrect
-
Question 1 of 90
1. Question
You have been hired by a company to identify and document all aspects of an asset’s configurations in order to create a secure template against which all subsequent configurations will be measured. What type of configuration management will you implement?
CorrectIncorrect -
Question 2 of 90
2. Question
Your organization is working with a contractor to build a database. You need to find a way to hide the actual data from being exposed to the contractor. Which of the following technique will you use in order to allow the contractor to test the database environment without having access to actual sensitive customer information?
CorrectIncorrect -
Question 3 of 90
3. Question
The software that monitors user activity and automatically prevents malware between cloud service users and cloud applications is known as:
CorrectIncorrect -
Question 4 of 90
4. Question
Which of the following types of disaster recovery sites allows a company to continue normal business operations, within a very short period of time after a disaster?
CorrectIncorrect -
Question 5 of 90
5. Question
A company hired you as a security expert. You have been tasked to implement a solution to deceive and attract hackers who attempt to gain unauthorized access to their network in order to gain information about how they operate.
Which of the following technique will you implement to meet this requirement as cost-effective as possible?
CorrectIncorrect -
Question 6 of 90
6. Question
The developers of your company thinking to switch the development process to the cloud, so they donβt need to start from scratch when creating applications with the purpose of saving a lot of time and money on writing code.
Which of the following cloud service models the developers of your company will use to create unique, customizable software on the Cloud?
CorrectIncorrect -
Question 7 of 90
7. Question
Your company is migrating to the cloud due to a strict budget. The primary reason is to avoid spending money on purchasing hardware and time on maintaining it. The company needs to pay only for the cloud computing resources it uses.
Which of the following cloud computing architecture should your company use to deploy the cloud services?
CorrectIncorrect -
Question 8 of 90
8. Question
Which of the following companies is not a cloud service provider?
CorrectIncorrect -
Question 9 of 90
9. Question
A Managed Service Provider (MSP) is a company that remotely manages a customerβs IT infrastructure and/or end-user systems, typically on a proactive basis and under a subscription model. (True/False)
CorrectIncorrect -
Question 10 of 90
10. Question
Answer the fill-in-the-blank by typing one of the following type of attacks:
Fog
Β Β ΒEdge
Β Β ΒDistributed
Β Β ΒCloud
-
A decentralized computing infrastructure in which data, compute, storage, and applications are located between the data source and the cloud is called computing. In this environment, intelligence is at the local area network (LAN) and data is transmitted from endpoints only.
CorrectIncorrect -
-
Question 11 of 90
11. Question
You are working for a startup and recently the application you are developing experienced a large amount of traffic. As a result, the performance of the application was decreased. You have been instructed to implement a solution to efficiently distributing incoming network traffic across a group of backend servers to increase the performance of the APP.
Which of the following solutions will you implement to meet the requirement?
CorrectIncorrect -
Question 12 of 90
12. Question
Recently the physical network adapter card from your company’s server broke. As a result, your co-workers couldn’t access important resources for hours. You have been instructed to implement a solution to eliminate this from happening again in the event of a network adapter failure.
Which of the following solutions will you implement to meet the requirement?
CorrectIncorrect -
Question 13 of 90
13. Question
Which of the following backup types only back up the data that has changed since the previous backup?
CorrectIncorrect -
Question 14 of 90
14. Question
Cloud backup is a strategy for sending a copy of files or database to a secondary server, which is usually hosted by a third-party service provider for preservation, in case of equipment failure or catastrophe. (True/False)
CorrectIncorrect -
Question 15 of 90
15. Question
You have been instructed to connect a storage device that allows storage and retrieval of data from a central location for authorized network users and varied clients.
Which of the following storage type will you use to meet the requirement?
CorrectIncorrect -
Question 16 of 90
16. Question
Match the following social engineering techniques with their meaning.
Sort elements
- Phishing
- Smishing
- Vishing
- Spear phishing
-
An attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message
-
The user is tricked into downloading a Trojan horse, virus or other malware onto his cellular phone or other mobile devices
-
Individuals are tricked into revealing critical financial or personal information to unauthorized entities through voice email or VoIP (voice over IP)
-
Is an email or electronic communications scam targeted towards a specific individual, organization or business.
CorrectIncorrect -
Question 17 of 90
17. Question
Which of the following types of social engineering techniques is the use of messaging systems to send an unsolicited message to large numbers of recipients for the purpose of commercial advertising, or for the purpose of non-commercial proselytizing?
CorrectIncorrect -
Question 18 of 90
18. Question
Which of the following types of social engineering is a method in which the attacker seeks to compromise a specific group of end-users by infecting websites that members of that group are known to visit?
CorrectIncorrect -
Question 19 of 90
19. Question
Answer the fill-in-the-blank by typing one of the following type of attacks:
Trojan
Β Β ΒRansomware
Β Β ΒWorm
Β Β ΒSpyware
-
The type of malicious code or software that looks legitimate but can take control of your computer is known as . It is designed to damage, disrupt, steal, or in general, inflict some other harmful action on your data or network.
CorrectIncorrect -
-
Question 20 of 90
20. Question
Which of the following attacks isn’t intended to steal data but to remain in place for as long as possible, quietly mining in the background?
CorrectIncorrect -
Question 21 of 90
21. Question
A method by which authorized and unauthorized users are able to get around normal security measures and gain high-level user access (root access) on a computer system, network, or software application is known as:
CorrectIncorrect -
Question 22 of 90
22. Question
Match the following password attack techniques with their meaning.
Sort elements
- Brute force attack
- Rainbow table attack
- Dictionary attack
- Plaintext Attack
-
An attacker submitting many passwords or passphrases with the hope of eventually guessing correctly
-
A type of hacking wherein the perpetrator tries to crack the passwords stored in a database system
-
A method of breaking into a password-protected computer or server by systematically entering every word in a dictionary as a password
-
An attack model for cryptanalysis where the attacker has access to both the plaintext (called a crib), and its encrypted version (ciphertext).
CorrectIncorrect -
Question 23 of 90
23. Question
Which of the following attacks occurs when someone infiltrates a system through an outside partner or provider with access to the systems and data?
CorrectIncorrect -
Question 24 of 90
24. Question
Adversarial machine learning is a machine learning technique that attempts to fool models by supplying deceptive input. (True/False)
CorrectIncorrect -
Question 25 of 90
25. Question
Which of the following cryptographic attacks force victims to use older, more vulnerable versions of software in order to exploit known vulnerabilities against them?
CorrectIncorrect -
Question 26 of 90
26. Question
A hacker introduced corrupt Domain Name System (DNS) data into a DNS resolverβs cache with the aim of redirecting users either to the wrong websites or to his own computer. What type of DNS attack did the hacker implement in this scenario?
CorrectIncorrect -
Question 27 of 90
27. Question
Which of the following attacks is a Network Layer DDoS attack?
CorrectIncorrect -
Question 28 of 90
28. Question
The type of hackers that violates computer security systems without permission, stealing the data inside for their own personal gain or vandalizing the system is commonly known as:
CorrectIncorrect -
Question 29 of 90
29. Question
A hacker wants to attack a network with the aim of maintaining ongoing access to the targeted network rather than to get in and out as quickly as possible with the ultimate goal of stealing information over a long period of time. What type of attacking technique will the hacker use in this case?
CorrectIncorrect -
Question 30 of 90
30. Question
Which of the following terms refers to Information Technology (IT) applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department?
CorrectIncorrect -
Question 31 of 90
31. Question
______________ is a set of rules designed to give EU citizens more control over their personal data.
CorrectIncorrect -
Question 32 of 90
32. Question
A _______________ is an agreement between two or more parties outlined in a formal document. It is not legally binding but signals the willingness of the parties to move forward with a contract.
CorrectIncorrect -
Question 33 of 90
33. Question
The ____________ is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in continuity.
CorrectIncorrect -
Question 34 of 90
34. Question
_________________ is a strategy that ensures continuity of operations with minimal service outage or downtime. It is designed to protect personnel or assets and make sure they can function quickly when a disaster strikes such as natural disasters or cyber-attacks.
CorrectIncorrect -
Question 35 of 90
35. Question
The _________________ is described as an estimated frequency of the threat occurring in one year.
CorrectIncorrect -
Question 36 of 90
36. Question
You have been tasked to access a remote computer for handling some administrative tasks over an unsecured network in a secure way.
Which of the following protocols will you use to access the remote computer to handle the administrative tasks?
CorrectIncorrect -
Question 37 of 90
37. Question
Your manager is trying to understand the difference between SFTP and FTPS. So, he asked you to explain the difference between them.
Which of the following statements are correct? (Choose all that apply.)
CorrectIncorrect -
Question 38 of 90
38. Question
One of the features of SNMPv3 is called message integrity.
CorrectIncorrect -
Question 39 of 90
39. Question
You have been hired as a security expert to implement a security solution to protect an organization from external threats. The solution should provide the organization with a superior ability to identify attacks, malware, and other threats and also provide packet filtering capabilities, VPN support, and network monitoring.
Which of the following security solutions will you implement to meet the requirement?
CorrectIncorrect -
Question 40 of 90
40. Question
Application whitelisting prevents undesirable programs from executing, while application blacklisting is more restrictive and allows only programs that have been explicitly permitted to run. (True/False)
CorrectIncorrect -
Question 41 of 90
41. Question
You have been tasked to implement a solution to encrypt data as it is written to the disk and decrypt data as it is read off the disk.
Which of the following solution will you implement to meet the requirement?
CorrectIncorrect -
Question 42 of 90
42. Question
In which of the following load balancer modes does two or more servers aggregate the network traffic load and work as a team to distribute the workload across all servers in order to prevent any single node from getting overloaded?
CorrectIncorrect -
Question 43 of 90
43. Question
You have been tasked to implement a solution to increase the security of your company’s local area network (LAN). All of the company’s external-facing servers (Web server, Mail server, FTP server) should be placed in a separate area in order to be accessible from the internet, but the rest of the internal LAN to be unreachable.
Which of the following techniques will you implement to meet the requirement?
CorrectIncorrect -
Question 44 of 90
44. Question
Which of the following VPN solutions is used to connect two local area networks utilized by businesses that want to provide their employees with secure access to network resources?
CorrectIncorrect -
Question 45 of 90
45. Question
The network administrator from your company notices that the network performance has been degraded due to a broadcast storm.
Which of the following techniques will you recommend to the network administrator in order to reduce broadcast storms? (Choose all that apply)
CorrectIncorrect -
Question 46 of 90
46. Question
Which of the following Public key infrastructure (PKI) terms is known as an organization that acts to validate the identities of entities (such as websites, email addresses, companies, or individual persons) and bind them to cryptographic keys through the issuance of electronic documents known as digital certificates?
CorrectIncorrect -
Question 47 of 90
47. Question
Assuming you have the domain yourcompany.com with the following sub-domains:
www.yourcompany.com
mail.yourcompany.com
intranet.yourcompany.com
secure.yourcompany.com
me.yourcompany.comWhich of the following types of certificates will you choose to secure all the first-level sub-domains on a single domain name?
CorrectIncorrect -
Question 48 of 90
48. Question
In the form of Role-Based Access Control, data are accessible or not accessible based on the user’s IP address.
CorrectIncorrect -
Question 49 of 90
49. Question
In the form of Rule-Based Access Control, data are accessible or not accessible based on the user’s IP address.
CorrectIncorrect -
Question 50 of 90
50. Question
Which of the following types of certificates will you use to digitally sign your apps as a way for end-users to verify that the code they receive has not been altered or compromised by a third party?
CorrectIncorrect -
Question 51 of 90
51. Question
Assuming you are working on a Windows environment. For troubleshooting reasons, you need to discover your IP information, including DHCP and DNS server addresses from your current workstation.
Which of the following commands will help you to troubleshoot the network?
CorrectIncorrect -
Question 52 of 90
52. Question
Assuming you are working on a Windows environment, what command will you type to identify the number of hops and the time it takes for a packet to travel between your local computer and your web server?
CorrectIncorrect -
Question 53 of 90
53. Question
You have noticed that the email server doesnβt work. Your manager said that someone from the company changed the DNS records (MX) of the email server.
Which of the following commands will you type to find the new MX records of the server?
CorrectIncorrect -
Question 54 of 90
54. Question
PC1 can ping the printer on the Marketing team network but canβt ping the printer on the Sales team network. Assuming you are working on a Windows environment, type the command to get details about the route that packets go through from PC1 to the printer on the Sales team network?
-
C:\Users\ExamsDigest\PC1>
CorrectIncorrect -
-
Question 55 of 90
55. Question
Which of the following tools can you use to perform manual DNS lookups? Assuming you are working on a Linux environment. (Choose all that apply)
CorrectIncorrect -
Question 56 of 90
56. Question
Which of the following options is a network architecture approach that enables the network to be intelligently and centrally controlled using software applications, and helps operators manage the network consistently, regardless of the underlying network technology?
CorrectIncorrect -
Question 57 of 90
57. Question
Which of the following types of disaster recovery sites doesnβt have any pre-installed equipment and it takes a lot of time to properly set it up so as to fully resume business operations?
CorrectIncorrect -
Question 58 of 90
58. Question
The security process that relies on unique traits such as retinas, irises, voices, facial characteristics, and fingerprints of an individual to verify that he is who he says he is, is called:
CorrectIncorrect -
Question 59 of 90
59. Question
Authentication, ______________, and Accounting is the term for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.
CorrectIncorrect -
Question 60 of 90
60. Question
You are developing a new system that requires users to be authenticated using temporary passcode which is generated by an algorithm that uses the current time of the day.
Which of the following authentication methods will you use to authenticate the users?
CorrectIncorrect -
Question 61 of 90
61. Question
Answer the fill-in-the-blank by typing one of the following type of attacks:
Control
Β Β ΒElasticity
Β Β ΒScalability
Β Β ΒCompiler
-
Version keeps track of every modification to the code in a special kind of database. If a mistake is made, you can turn back the clock and compare earlier versions of the code to help fix the mistake.
CorrectIncorrect -
-
Question 62 of 90
62. Question
Which of the following process is designed to trigger automatic code integration in the main code base instead of developing in isolation and then integrating them at the end of the development cycle?
CorrectIncorrect -
Question 63 of 90
63. Question
You are working for a client as a web developer and your client asked you to check the new update of the app without making the updates live for the users. In which environment will you push the update so your client can look it over in a stable format before it gets pushed to the users?
CorrectIncorrect -
Question 64 of 90
64. Question
What type of architecture developers use to build and run applications and services without having to manage infrastructure?
CorrectIncorrect -
Question 65 of 90
65. Question
The solution to the problem of how to get a software to run reliably when moved from one computing environment to another is known as:
CorrectIncorrect -
Question 66 of 90
66. Question
Which of the following actions should be taken to increase the security of SCADA networks? (Choose all that apply)
CorrectIncorrect -
Question 67 of 90
67. Question
Which of the following cryptographic technique will you use to validate the authenticity and integrity of a message or digital document?
CorrectIncorrect -
Question 68 of 90
68. Question
Asymmetrical encryption uses a single key that needs to be shared among the people who need to receive the message while symmetric encryption uses a pair of a public key and a private key to encrypt and decrypt messages when communicating. (True/False)
CorrectIncorrect -
Question 69 of 90
69. Question
Which of the following options allows your application to interact with an external service using a simple set of commands rather than having to create complex processes yourself?
CorrectIncorrect -
Question 70 of 90
70. Question
Which of the following technique will you use to hide secret data within a non-secret file or message with the purpose of avoiding data detection?
CorrectIncorrect -
Question 71 of 90
71. Question
You are developing a new web application using Python for the back-end and ReactJs for the front-end. After launching the app, your co-worker Eliot discovered that the app does not always handle multithreading properly, particularly when multiple threads access the same variable, allowing an attacker to exploit it and crash the server.
What sort of error you have just discovered?
CorrectIncorrect -
Question 72 of 90
72. Question
You have just downloaded a video from a file-sharing website. When you open the video using media player software which is installed on your workstation, you hear ONLY sound but get no picture.
Whatβs the most likely problem and solution?
CorrectIncorrect -
Question 73 of 90
73. Question
A malicious user is trying to get access to your company’s network. He is sending users on your network a link to an executable file. However, the executable file also includes software that will allow the attacker to get access to any workstation that it is installed on.
Based on the scenario, what type of attack is this?
CorrectIncorrect -
Question 74 of 90
74. Question
You discover that the Wi-Fi of your company has been compromised. The malicious user used the username and password that came with the Wi-Fi device. Then the attacker logged in to the device through his browser and started making changes to the DHCP and DNS configuration.
What caused this vulnerability to exist and the attacker got access to the wireless access point (WAP)?
CorrectIncorrect -
Question 75 of 90
75. Question
Which of the following is a self-spreading malware that often exploits vulnerabilities to spread via a network?
CorrectIncorrect -
Question 76 of 90
76. Question
Which of the following is a type of malicious code or software that looks legitimate but can take control of your computer?
CorrectIncorrect -
Question 77 of 90
77. Question
Which of the following is a type of malware that prevents users from accessing their system or personal files and demands a ransom payment in order to regain access?
CorrectIncorrect -
Question 78 of 90
78. Question
Spyware is an example of what type of malicious software?
CorrectIncorrect -
Question 79 of 90
79. Question
What best describes an attack that attaches some malware to a legitimate program so that when the user installs the legitimate program, they inadvertently install the malware?
CorrectIncorrect -
Question 80 of 90
80. Question
What type of attack forces a user to take undesired actions on their online account by spoofing requests from the trusted user?
CorrectIncorrect -
Question 81 of 90
81. Question
You have been asked to include IP schema management as part of your configuration management efforts. Which of the following is considered a security advantage of IP schema configuration management?
CorrectIncorrect -
Question 82 of 90
82. Question
You scan a web server that hosts two web applications. You believe that the server is fully patched and not vulnerable to exploits. Later, you discover that the Nginx version on the server is reported as vulnerable to an exploit. When you check to see if you are missing patches, Nginx is fully patched.
What has occurred?
CorrectIncorrect -
Question 83 of 90
83. Question
You have been asked to identify the difference between an intrusive and a nonintrusive vulnerability scan.
Which of the following statements is true? (Select TWO.)
CorrectIncorrect -
Question 84 of 90
84. Question
Your company hired a full-stack developer to develop a new e-learning application for a school. After testing the application, you discover that the developer has an open way to log in and bypass all the security measurements of the app. What best describes this?
CorrectIncorrect -
Question 85 of 90
85. Question
Your website uses Cloudflare to resolve the DNS. Upon checking the records, you have discovered that there are A and MX record entries that point to unknown and potentially harmful IP addresses.
What sort of attack you have just discovered?
CorrectIncorrect -
Question 86 of 90
86. Question
You have been tasked to create a new Access Control List on the company’s firewall to prevent any HTTP traffic from/to the network. Type the port number that needs to be added to the ACL rule.
-
ACL rule: access-list 100 deny tcp any any eq
CorrectIncorrect -
-
Question 87 of 90
87. Question
Given the following firewall configuration requirements, type the correct port number to complete the access control rules.
-
Firewall configuration requirement #1: Allow SMTP and POP3 traffic but prevent IMAP.
Rule #1: access-list 100 allow tcp eq allow tcp eq deny tcp eq
Firewall configuration requirement #2: Allow the DNS server to resolve domain names and prevent DHCP requests from the network.
Rule #2: access-list 100 allow tcp eq deny udp eq
CorrectIncorrect -
-
Question 88 of 90
88. Question
Given the following firewall configuration requirements, type the correct port number to complete the access control rules.
-
Firewall configuration requirement #1: Allow SSH connections but prevent Telnet connections.
Rule #1: access-list 100 allow tcp eq deny tcp eq
Firewall configuration requirement #2: Allow HTTPS traffic but prevent HTTP traffic from/to the network.
Rule #2: access-list 100 allow tcp eq deny tcp eq
CorrectIncorrect -
-
Question 89 of 90
89. Question
Drag and drop the TCP/UDP port numbers into their respective protocol name.
Sort elements
- Port 80
- Port 548
- Port 110
- Port 23
-
HTTP
-
AFP
-
POP3
-
Telnet
CorrectIncorrect -
Question 90 of 90
90. Question
You have been tasked to create a new Access Control List on the companyβs firewall to prevent any FTP access to the webserver and permit any SSH access to the webserver.
Type the port numbers that need to be added to the ACL rule to complete the task.
-
ACL rule: access-list 100 deny tcp any any eq
ACL rule: access-list 100 permit tcp any any eq
CorrectIncorrect -