CISCO Introduction to Cyber Security Final Exam Answer

 

1.Which stage of the kill chain used by attackers focuses on the identification and selection of targets?

• delivery
• reconnaissance
• weaponization
• exploitation

2.Which statement describes cybersecurity?

• It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
• It is a standard-based model for developing firewall technologies to fight against cybercriminals.
• It is the name of a comprehensive security application for end users to protect workstations from being attacked.
• It is a framework for security policy development.

3.When describing malware, what is a difference between a virus and a worm?

• A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
• A virus can be used to deliver advertisements without user consent, whereas a worm cannot.
• A virus focuses on gaining privileged access to a device, whereas a worm does not.
• A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both DoS and DDoS attacks.

4.What type of attack uses zombies?

• Trojan horse
• SEO poisoning
• spear phishing
• DDoS
• 5.True or False?
  An employee does something as a company representative with the knowledge of that company and this action is deemed illegal. The company would be legally responsible for this action.

  • true
  • false

6.What are two security implementations that use biometrics? (Choose two.)

• credit card
• phone
• voice recognition
• fob
• fingerprint

7.What are two objectives of ensuring data integrity? (Choose two.)

• Data is not changed by unauthorized entities.
• Access to the data is authenticated.
• Data is unaltered during transit.
• Data is encrypted while in transit and when stored on disks.
• Data is available all the time.

8.A medical office employee sends emails to patients about recent patient visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?

• next appointment
• first and last name
• patient records
• contact information

9.A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?

• scalability
• availability
• confidentiality
• integrity

10What tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack?

• honeypot
• Netflow
• IDS
• Nmap

11.What action will an IDS take upon detection of malicious traffic?

• reroute malicious traffic to a honeypot
• create a network alert and log the detection
• block or deny all traffic
• drop only packets identified as malicious

12A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

• scalability
• availability
• integrity
• confidentiality

13What is an example of the a Cyber Kill Chain?

• a planned process of cyberattack
• a combination of virus, worm, and Trojan Horse
• a group of botnets
• a series of worms based on the same core code

14What is the best method to avoid getting spyware on a machine?

• Install the latest antivirus updates.
• Install the latest operating system updates.
• Install software only from trusted websites.
• Install the latest web browser updates.

15What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network?

• Place all IoT devices that have access to the Internet on an isolated network.
• Install a software firewall on every network device.
• Disconnect all IoT devices from the Internet.
• Set the security settings of workstation web browsers to a higher level.

16The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

• social engineering
• DDoS
• adware
• phishing
• spyware

17Which two tools used for incident detection can be used to detect anomalous behavior, to detect command and control traffic, and to detect infected hosts? (Choose two.)

• a reverse proxy server
  
• NetFlow
• intrusion detection system
• Honeypot
• Nmap

18For what purpose would a network administrator use the Nmap tool?

• detection and identification of open ports
• identification of specific network anomalies
• protection of the private IP addresses of internal hosts
• collection and analysis of security alerts and logs

19What is the main purpose of cyberwarfare?

• to gain advantage over adversaries
• to develop advanced network devices
• to simulate possible war scenarios among nations
• to protect cloud-based data centers

20What is one main function of the Cisco Security Incident Response Team?

• to ensure company, system, and data preservation
• to design next generation routers and switches that are less prone to cyberattacks
• to design polymorphic malware
• to provide standards for new encryption techniques

21Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?

• password manager
• Open Authorization
• VPN service
• in-private browsing mode