Introduction to Cybersecurity: My Knowledge Check Answers

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer. If the question is not here, find it in Questions Bank.

NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

Introduction to Cybersecurity: My Knowledge Check Answers

1. What action will an IDS take upon detection of malicious traffic?

Block or deny all traffic
Drop only packets identified as malicious
Create a network alert and log the detection
Reroute malicious traffic to a honeypot

Explanation: An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.

2. Which of the following is an example of two factor authentication?

Your account number and your name
Your answer to a general knowledge question and your password
Your fingerprint and your password
Your password and your username

3. Which of the statements correctly describes cybersecurity?

Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks
Cybersecurity is the ongoing effort to protect individuals, organizations and governments from crimes that happen only in cyberspace
Cybersecurity is the ongoing effort to protect computers, networks and data from malicious attacks

Explanation: Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm.

4. Which of the following certifications tests your understanding and knowledge in how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner?

Microsoft Technology Associate Security Fundamentals
Palo Alto Networks Certified Cybersecurity Associate
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
EC Council Certified Ethical Hacker
ISC2 Certified Information Systems Security Professional

Explanation: This certification tests your understanding and knowledge of how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker but in a lawful and legitimate manner.

5. Carrying out a multi-phase, long-term, stealthy and advanced operation against a specific target is often referred to as what?

Network sniffing
Advanced persistent threat
Social engineering
Script kiddies
Rainbow tables

6. Can you identify the cyber attacker type from the following descriptions?

Make political statements in order to raise awareness about issues that are important to them – Hacktivists
Gather intelligence or commit sabotage on specific goals on behalf of their government – State-sponsored attackers
Use existing tools on the Internet to launch a cyber attack – Script kiddies

7. What is a security playbook?

A collection of repeatable queries or reports that outline a standardized process for incident detection and response
A collection of security alerts, logs and historical data from the network
A step-by-step guide on how to carry out IT-related procedures

8. Which of the following characteristics describe a worm? (Choose two.)

Executes when software is run on a computer
Is self-replicating
Hides in a dormant state until needed by an attacker
Infects computers by attaching to software code
Travels to new computers without any intervention or knowledge of the user

Explanation: Worm is a type of malware that replicates itself in order to spread from one computer to another. Unlike a virus, which requires a host program to run, worms can run by themselves. Other than the initial infection of the host, they do not require user participation and can spread very quickly over the network.

9. What is the main purpose of cyberwarfare?

To protect cloud-based data centers
To gain advantage over adversaries
To develop advanced network devices
To simulate possible war scenarios among nations

Explanation: Cyberwarfare is Internet-based conflict that involves the penetration of the networks and computer systems of other nations. The main purpose of cyberwarfare is to gain advantage over adversaries, whether they are nations or competitors.

10. During a meeting with the Marketing department, a representative from IT discusses features of an upcoming product that will be released next year. Is this employee’s behavior ethical or unethical?

Ethical
Unethical

11. What is the only way of ensuring that deleted files on your computer are irrecoverable?

Using a software program such as SDelete or Secure Empty Trash
Emptying your computer’s recycle bin
Physically destroying your computer’s hard drive

Explanation: The only way to be certain that data or files are not recoverable is to physically destroy the hard drive or storage device.

12. Which of the following items are states of data? (Choose three.)

Storage
Text
ASCII
Transmission
Binary
Processing

Explanation: Processing refers to data that is being used to perform an operation such as updating a database record (data in process).
Storage refers to data stored in memory or on a permanent storage device such as a hard drive, solid-state drive or USB drive (data at rest).
Transmission refers to data traveling between information systems (data in transit).

13. Which of the following actions should an organization take in the event of a security breach? (Choose two.)

Contain the information so that it does not go public
Communicate a call to action to all employees
Carry out research to uncover what caused the breach
Assume this type of breach won’t happen again
Advise employees to be more careful

14. In networking, what name is given to the identifier at both ends of a transmission to ensure that the right data is passed to the correct application?

IP address
Sequence number
MAC address
Port number

15. ‘Cryptocurrencies are handled on a centralized exchange.’ Is this statement true or false?

True
False

16. Which of the following are examples of on-path attacks? (Choose two.)

SEO poisoning
Man-in-the-Mobile
Ransomware
DDoS
Man-in-the-Middle
Worms

17. Which of the following firewalls filters traffic based on the user, device, role, application type and threat profile?

Network layer firewall
Application layer firewall
Network address translation firewall
Host-based firewall
Context aware application firewall

18. Which of the following security vulnerabilities could result in the receipt of malicious information that could force a program to behave in an unintended way?

Non-validated input
Buffer overflow
Race condition
Access control problem

Explanation: Programs often require data input, but this incoming data could have malicious content, designed to force the program to behave in an unintended way.

19. Which of the following is an entry-level certification for newcomers who are preparing to start their career in cybersecurity?

Microsoft Technology Associate Security Fundamentals
Palo Alto Networks Certified Cybersecurity Associate
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
EC Council Certified Ethical Hacker
ISC2 Certified Information Systems Security Professional

Explanation: This is an entry-level certification for newcomers who are preparing to start their career in the cybersecurity field.

20. Can you identify why each of the following organizations might be interested in your online identity?

Internet service providers:
– They may be legally required to share your online information with government surveillance agencies or authorities

Advertisers:
– To monitor your online activities and send targeted ads your way

Social media platforms:
– To gather information based on your online activity, which is then shared with or sold to advertisers for a profit

Websites:
– To track your activities using cookies in order to provide a more personalized experience

21. What can the skills developed by cybersecurity professionals be used for?

Cybersecurity professionals develop many skills that can be only be used for good
Cybersecurity professionals develop many skills that can only be used for evil
Cybersecurity professionals develop many skills that cannot be used for evil
Cybersecurity professionals develop many skills that can be used for good or evil

22. One of your colleagues has lost her identification badge. She is in a hurry to get to a meeting and does not have time to visit Human Resources to get a temporary badge. You lend her your identification badge until she can obtain a replacement. Is this behavior ethical or unethical?

Ethical
Unethical

23. Which of the following statements best describes cybersecurity?

It is a framework for security policy development
It is a standard-based model for developing firewall technologies to fight against cybercrime
It is the name of a comprehensive security application for end users to protect workstations from being attacked
It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm

24. Why might internal security threats cause greater damage to an organization than external security threats?

Internal users have better hacking skills
Internal users have direct access to the infrastructure devices
Internal users can access the organizational data without authentication
Internal users can access the infrastructure devices through the Internet

Explanation: Internal threats have the potential to cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices. Internal users may not have better hacking skills than external attackers. Both internal users and external users can access the network devices through the Internet. A well designed security implementation should require authentication before corporate data is accessed, regardless of whether the access request is from within the corporate campus or from the outside network.

25. What is the most common goal of search engine optimization (SEO) poisoning?

To trick someone into installing malware or divulging personal information
To overwhelm a network device with maliciously formed packets
To build a botnet of zombies
To increase web traffic to malicious sites

Explanation: A malicious user could create a SEO so that a malicious website appears higher in search results. The malicious website commonly contains malware or is used to obtain information via social engineering techniques.

26. What should you do in order to make sure that people you live with do not have access to your secure data?

Turn on a firewall
Increase the privacy settings on your browser
Install antivirus software
Set up password protection

27. Which of these is the most recognizable and popular security certification, requiring at least five years’ relevant industry experience before you can take the exam?

Microsoft Technology Associate Security Fundamentals
Palo Alto Networks Certified Cybersecurity Associate
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
EC Council Certified Ethical Hacker
ISC2 Certified Information Systems Security Professional

28. ____ is the use of technology to penetrate and attack another nation’s computer systems and networks in an effort to cause damage or disrupt services, such as shutting down a power grid.

Cyberwarfare
Cyberterrorism
A cyber attack
A cyber campaign

29. Who is responsible for overseeing a blockchain electronic ledger?

Anyone belonging to the blockchain network
A central blockchain authority
A central bank
A government regulatory body

30. A medical office employee sends emails to patients about their recent visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?

Contact information
Next appointment
Patient records
First and last name

Explanation: An email message is transmitted in plain text and can be read by anyone who has access to the data while it is en route to a destination. Patient records include confidential or sensitive information that should be transmitted in a secure manner.

31. What tool can identify malicious traffic by comparing packet contents to known attack signatures?

IDS
Zenmap
Nmap
NetFlow

32. Which of the following firewalls hides or masquerades the private addresses of network hosts?

Network layer firewall
Host-based firewall
Reverse proxy firewall
Proxy server
Network address translation firewall

33. Improper management of physical access to a resource, such as a file, can lead to what type of security vulnerability?

Buffer overflow
Non-validated input
Race conditions
Weaknesses in security practices
Access control problems

34. Which of the following methods is used to check the integrity of data?

Backup
Hashes or checksums
Encryption
Authentication

Explanation: Integrity ensures that system information or processes are protected from intentional or accidental modification. One way to ensure integrity is to use a hash function or checksum.

35. ‘Data coming into a program should be sanitized, as it could have malicious content, designed to force the program to behave in an unintended way.’ This statement describes what security vulnerability?

Weaknesses in security practices
Access control problems
Buffer overflow
Non-validated input
Race conditions

36. What is the best approach for preventing a compromised IoT device from maliciously accessing data and devices on a local network?

Install a software firewall on every network device
Place all IoT devices that have access to the Internet on an isolated network
Disconnect all IoT devices from the Internet
Set the security settings of workstation web browsers to a higher level

Explanation: The best approach to protect a data network from a possibly compromised IoT device is to place all IoT devices on an isolated network that only has access to the Internet.

37. How do Cisco ISE and TrustSec work?

They enforce access to network resources by creating role-based access control policies
They stop sensitive data from being stolen or escaping a network
They block network traffic based on a positive rule or signature match

38. Which of the following certifications does not expire or require periodic recertification and is geared towards post-secondary graduates and those interested in a career change?

Microsoft Technology Associate Security Fundamentals
Palo Alto Networks Certified Cybersecurity Associate
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
EC Council Certified Ethical Hacker
ISC2 Certified Information Systems Security Professional

39. ‘Securing physical access to target equipment is an organization’s best defense against a cyber attack.’ Is this true or false?

True
False

40. Which of the following firewalls filters ports and system service calls on a single computer operating system?

Network layer firewall
Application layer firewall
Transport layer firewall
Network address translation firewall
Host-based firewall

41. What is the correct definition of risk management?

The process of transferring risks that cannot be eliminated or mitigated
The process of identifying and assessing risk to determine the severity of threats
The process of accepting risks that cannot be eliminated, mitigated or transferred
The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities

Explanation: Risk management is the formal process of continuously identifying and assessing risk in an effort to reduce the impact of threats and vulnerabilities.

42.Which of the following security implementations use biometrics? (Choose two.)

Fingerprint
Phone
Credit card
Voice recognition
Fob

43. Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government?

EC Council Certified Ethical Hacker
Microsoft Technology Associate Security Fundamentals
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
ISC2 Certified Information Systems Security Professional
Palo Alto Networks Certified Cybersecurity Associate

Explanation: This is an entry-level security certification that meets the U.S. Department of Defense Directive 8570.01-M requirements, which is an important item for anyone looking to work in IT security for the federal government.

44. ‘Cryptocurrencies are handled on a centralized exchange.’ Is this statement true or false?

True
False

45. Stuxnet malware was designed for which primary purpose?

To hijack and take control of targeted computers
To cause physical damage to equipment controlled by computers
To cause serious harm to workers in a nuclear enrichment plant

Explanation: Stuxnet malware that was designed not just to hijack targeted computers but to actually cause physical damage to equipment controlled by computers

46. The risk management process consists of four steps. Can you put these in the right order?

Frame the risk
Assess the risk
Respond to the risk
Monitor the risk

47. What is the main aim of a Cyber Security Incident Response Team (CSIRT)?

To help ensure organization, system and data preservation by performing investigations into computer security incidents
To enforce access to network resources by creating role-based control policies
To provide guidance on the implementation of safeguards and personnel training
To help client organizations improve their incident management capabilities

48. What names are given to a database where all cryptocurrency transactions are recorded? (Choose two.)

Blockchain
Table
Ledger
Spreadsheet

Explanation: Cryptocurrency owners keep their money in encrypted, virtual ‘wallets.’ When a transaction takes place between the owners of two digital wallets, the details are recorded in a decentralized, electronic ledger or blockchain system. This means it is carried out with a degree of anonymity and is self-managed, with no interference from third parties such as central banks or government entities.

49. What of the following are examples of cracking an encrypted password? (Choose four.)

Intimidation
Brute force attack
Network sniffing
Rainbow tables
Social engineering
Spraying
Dictionary attack

50. ‘An employee does something as an organization representative with the knowledge of that organization and this action is deemed illegal. The organization is legally responsible for this action.’ Is this statement true or false?

True
False

51. What is the purpose of a rootkit?

To masquerade as a legitimate program
To deliver advertisements without user consent
To replicate itself independently of any other programs
To gain privileged access to a device while concealing itself

Explanation: Most rootkits take advantage of software vulnerabilities to gain access to resources that normally shouldn’t be accessible (privilege escalation) and modify system files.

Malware can be classified as follows:

– Virus (self replicates by attaching to another program or file)
– Worm (replicates independently of another program)
– Trojan Horse (masquerades as a legitimate file or program)
– Rootkit (gains privileged access to a machine while concealing itself)
– Spyware (collects information from a target system)
– Adware (delivers advertisements with or without consent)
– Bot (waits for commands from the hacker)
– Ransomware (holds a computer system or data captive until payment is received)ent)

52. You are configuring access settings to require employees in your organization to authenticate first before accessing certain web pages. Which requirement of information security is addressed through this configuration?

Integrity
Scalability
Availability
Confidentiality

Explanation: Confidentiality is a set of rules that prevents sensitive information from being disclosed to unauthorized people, resources and processes. Methods to ensure confidentiality include data encryption, identity proofing and two factor authentication.

53. How can you prevent others from eavesdropping on network traffic when operating a PC on a public Wi-Fi hotspot?

Connect with a VPN service
Use WPA2 encryption
Disable Bluetooth
Create unique and strong passwords

Explanation: You should use an encrypted VPN service to prevent others from intercepting your information (known as ‘eavesdropping’) over a public wireless network. This service gives you secure access to the Internet, by encrypting the connection between your device and the VPN server. Even if hackers intercept a data transmission in an encrypted VPN tunnel, they will not be able to decipher it.

54. Which of the following certifications is aimed at high school and early college students, as well as anyone interested in a career change?

Microsoft Technology Associate Security Fundamentals
Palo Alto Networks Certified Cybersecurity Associate
ISACA CSX Cybersecurity Fundamentals
CompTIA Security+
EC Council Certified Ethical Hacker
ISC2 Certified Information Systems Security Professional

55. Can you identify the software vulnerability from the following descriptions?

Occurs when data is written beyond the limits of memory areas that are allocated to an application	Buffer overflow
Occurs when an ordered or timed set of processes is disrupted or altered by an exploit	Race condition
Occurs through the improper use of practices that manage equipment, data or applications	Access control

56. Which of the following is a key motivation of a white hat attacker?

Taking advantage of any vulnerability for illegal personal gain
Fine tuning network devices to improve their performance and efficiency
Studying operating systems of various platforms to develop a new system
Discovering weaknesses of networks and systems to improve the security level of these systems

57. Which of the following statements describes cyberwarfare?

Cyberwarfare is an attack carried out by a group of script kiddies
Cyberwarfare is simulation software for Air Force pilots that allows them to practice under a simulated war scenario
Cyberwarfare is a series of personal protective equipment developed for soldiers involved in nuclear war
Cyberwarfare is an Internet-based conflict that involves the penetration of information systems of other nations

Explanation: Cyberwarfare, as its name suggests, is the use of technology to penetrate and attack another nation’s computer systems and networks in an effort to cause damage or disrupt services, such as shutting down a power grid.

58. ‘A data breach does not impact the reputation of an organization.’ Is this statement true or false?

True
False

59. You have stored your data on a local hard disk. Which method would secure this data from unauthorized access?

Data encryption
Duplication of the hard drive
Deletion of sensitive files
Two factor authentication

Explanation: Encryption is the process of converting information into a form in which unauthorized parties cannot read it. Only a trusted, authorized person with the secret key or password can decrypt the data and access it in its original form.

60. An individual user profile on a social network site is an example of an ….. identity.

online
offline

61. You are having difficulty remembering passwords for all of your online accounts. What should you do?

Write the passwords down and keep them out of sight
Save the passwords in a centralized password manager program
Create a single strong password to be used across all online accounts
Share the passwords with a network administrator or computer technician