CERTIFIED CYBER SECURITY PROFESSIONAL

Welcome to your Certificate in Security Essentials

Instructions

All 40 questions should be attempted.
You have 1 hours to complete this paper
You must achieve 26 or more out of possible 40 marks (65%) to pass this exam

Name

DOB (dd/mm/yyyy)

7. What term is used to describe a starting point for a minimum security standard?

Baseline

Configuration guide

Policy

Outline

11. Michael is responsible for forensic investigations and is investigating a medium severity security incident that involved the defacement of a corporate website. The web server in question ran on a virtualization platform, and the marketing team would like to get the website up and running as quickly as possible. What would be the most reasonable next step for Michael to take?

Ignore the incident and focus on quickly restoring the website.

Keep the website offline until the investigation is complete.

Take the virtualization platform offline as evidence.

Take a snapshot of the compromised system and use that for the investigation.

28. What major issue often results from decentralized access control?

Control is not consistent

Access outages may occur

Training costs are high

Control is too granular

27. What type of attack can be prevented by using a trusted path?

Brute force attacks

Dictionary attacks

Man-in-the-middle attacks

35. Toni responds to the desk of a user who reports slow system activity. Upon checking outbound network connections from that system, Toni notices a large amount of social media traffic originating from the system. The user does not use social media, and when Toni checks the accounts in question, they contain strange messages that appear encrypted. What is the most likely cause of this traffic?

Someone else is using Toni’s computer when she is not present.

Toni is lying about her use of social media.

Other users are relaying social media requests through Toni’s computer.

Toni’s computer is part of a botnet.

13. When Bob receives the encrypted message from Alice, what key does he use to decrypt the message?

Refer to the following scenario.

Alice and Bob would like to use an asymmetric cryptosystem to communicate with each other. They are located in different parts of the country but have exchanged encryption keys by using digital certificates signed by a mutually trusted certificate authority.

a. Alice’s public key

d. Bob’s private key

b. Alice’s private key

c. Bob’s public key

18. Sarah is manually reviewing a packet capture of TCP traffic and finds that a system is setting the RST flag in the TCP packets it sends repeatedly during a short period of time. What does this flag mean in the TCP packet header?

RST flags mean “Rest.” The server needs traffic to briefly pause.

RST means “Reset.” The TCP session will be disconnected.

RST flags mean “Resume Standard.” Communications will resume in their normal format.

RST flags mean “Relay-set.” The packets will be forwarded to the address set in the packet.

29. Jim has been contracted to perform a penetration test of a bank’s primary branch. In order to make the test as real as possible, he has not been given any information about the bank other than its name and address. What type of penetration test has Jim agreed to perform?

A white box penetration test

A gray box penetration test

A black box penetration test

A crystal box penetration test

8. When media is labelled based on the classification of the data it contains, what rule is typically applied regarding labels?

The media is labeled with the lowest level of classification of the data it contains.

The media is labeled with all levels of classification of the data it contains.

The data is labeled based on its integrity requirements.

The media is labeled based on the highest classification level of the data it contains.

10.

5. In 1991, the federal sentencing guidelines formalized a rule that requires senior executives to take personal responsibility for information security matters. What is the name of this rule?

Due process rule

Prudent man rule

Due diligence rule

Personal liability rule

11.

Enter your DOB (dd/mm/yyyy)

12.

24. Which of the following is best described as an access control model that focuses on subjects and identifies the objects that each subject can access?

A capability table

A rights management matrix

An access control list

An implicit denial list

13.

37. Which one of the following statements is not true about code review?

Code review may be automated.

Code review should be a peer-driven process that includes multiple developers.

Code reviewers may expect to review several hundred lines of code per hour.

Code review occurs during the design phase.

14.

4. Which one of the following elements of information is not considered personally identifiable information that would trigger most US state data breach laws?

Social Security number

Driver’s license number

Student identification number

Credit card number

15.

2. FlyAway Travel has offices in both the European Union and the United States and transfers personal information between those offices regularly. Which of the seven requirements for processing personal information states that organizations must inform individuals about how the information they collect is used?

Enforcement

Notice

Choice

Onward Transfer

16.

6. COBIT, Control Objectives for Information and Related Technology, is a framework for IT management and governance. Which data management role is most likely to select and apply COBIT to balance the need for security controls against business requirements?

Data processors

Business owners

Data owners

Data stewards

17.

14. Which one of the following keys would Bob not possess in this scenario?

Refer to the following scenario.

c. Bob’s public key

b. Alice’s private key

d. Bob’s private key

a. Alice’s public key

18.

16. What name is given to the random value added to a password in an attempt to defeat rainbow table attacks?

c. Extender

b. Salt

a. Hash

d. Rebar

19.

22. What network topology is shown in the image below?

A mesh

A ring

A bus

A star

20.

40. When using the SDLC, which one of these steps should, you take before the others?

Functional requirements determination

Code review

Design review

Control specifications development

21.

1. An evil twin attack that broadcasts a legitimate SSID for an unauthorized network is an example of what category of threat?

Information disclosure

Spoofing

Repudiation

Tampering

22.

19. Gary is deploying a wireless network and wants to deploy the fastest possible wireless technology. Of the 802.11 standards listed below, which is the fastest 2.4 GHz option he has?

802.11g

802.11ac

802.11a

802.11n

23.

12. If Alice wishes to send Bob an encrypted message, what key does she use to encrypt the message?

Refer to the following scenario.

c. Bob’s public key

d. Bob’s private key

b. Alice’s private key

a. Alice’s public key

24.

17. Ben has connected his laptop to his tablet PC using an 802.11g connection. What wireless network mode has he used to connect these devices?

Stand-alone mode

Ad hoc mode

Wired extension mode

Infrastructure mode

25.

3. Which one of the following is not one of the three common threat modeling techniques?

Focused on attackers

Focused on assets

Focused on software

Focused on social engineering

26.

25. If Susan’s organization requires her to log in with her username, a PIN, a password, and a retina scan, how many distinct types of factor has she used?

Four

One

Two

Three

27.

15. Alice would also like to digitally sign the message that she sends to Bob. What key should she use to create the digital signature?

Refer to the following scenario.

b. Alice’s private key

a. Alice’s public key

d. Bob’s private key

c. Bob’s public key

28.

26. Which of the following items are not commonly associated with restricted interfaces?

Shells

Menus

Keyboards

Database views

29.

20. Joe is the security administrator for an ERP system. He is preparing to create accounts for several new employees. What default access should he give to all of the new employees as he creates the accounts?

Administrator

Read only

Editor

No access

30.

34. Which one of the following trusted recovery types does not fail into a secure operating state?

Automated recovery without undue loss

Function recovery

Automated recovery

Manual recovery

31.

18. Which of the following is not a potential problem with active wireless scanning?

Accidently scanning apparent rogue devices that actually belong to guests

Scanning devices that belong to nearby organizations

Causing alarms on the organization’s wireless IPS

Misidentifying rogue devices

32.

33. Which one of the following individuals is most likely to lead a regulatory investigation?

CIO

Government agent

Private detective

CISO

33.

23. Ben has configured his network to not broadcast a SSID. Why might Ben disable SSID broadcast, and how could his SSID be discovered?

Disabling SSID broadcast prevents issues with beacon frames. The SSID can be recovered by reconstructing the BSSID.

Disabling SSID broadcast hides networks from unauthorized personnel. The SSID can be discovered using a wireless sniffer.

Disabling SSID broadcast helps avoid SSID conflicts. The SSID can be discovered by attempting to connect to the network.

Disabling SSID broadcast prevents attackers from discovering the encryption key. The SSID can be recovered from decrypted packets.

34.

21. Which of the following options is not a common best practice for securing a wireless network?

Enable MAC filtering if used for a relatively small group of clients.

Separate the access point from the wired network using a firewall, thus treating it as external access.

Enable SSID broadcast.

Turn on WPA2.

35.

38.Which process is responsible for ensuring that changes to software include acceptance testing?

Release control

Change control

Request control

Configuration control

36.

20. What common applications are associated with each of the following TCP ports: 23, 25, 143, and 515?

Telnet, SMTP, POP3, and X Windows

SSH, SMTP, POP3, and ICMP

Telnet, SFTP, NetBIOS, and LPD

Telnet, SMTP, IMAP, and LPD

37.

30. Which one of the following is not a privileged administrative activity that should be automatically sent to a log of superuser actions?

Restoring a system from backup

Purging log entries

Managing user accounts

Logging into a workstation

38.

9. The need to protect sensitive data drives what administrative process?

Remanence

Clearing

Information classification

Transmitting data

39.

36. Which of the following is a common way that attackers leverage botnets?

All of the above

Scanning for vulnerable systems

Sending spam messages

Conducting brute-force attacks

40.

39. Which one of the following attack types attempts to exploit the trust relationship that a user’s browser has with other websites by forcing the submission of an authenticated request to a third-party site?

CSRF

XSS

SQL injection

Session hijacking

41.

10. Fran’s company is considering purchasing a web-based email service from a vendor and eliminating its own email server environment as a cost-saving measure. What type of cloud computing environment is Fran’s company considering?

PaaS

CaaS

SaaS

IaaS

Time is Up!