Assessment Test

1. When you are concerned with preventing data from unauthorized edits you
are concerned with which of the following?
A. integrity
B. confidentiality
C. availability
D. authorization
2. When a systems administrator is issued both an administrative-level
account and a normal user account and uses the administrative account
only when performing an administrative task, it is an example of which
concept?
A. least privilege
B. split knowledge
C. dual control
D. separation of duties
3. What is the purpose of mandatory vacations?
A. cross training
B. fraud prevention
C. improves morale
D. employee retention
4. Which of the following occurs when an organizational asset is exposed to losses?
A. risk
B. threat
C. exposure
D. vulnerability
5. Which of the following is a standard used by the security automation
community to enumerate software flaws and configuration issues?
A. CSE
B. SCAP
C. CVE
D. CWE
6. Which hacker type hacks for a political cause?
A. black hats
B. white hats
C. script kiddies
D. hacktivists
7. Which of the following is an email validation system that works by using
DNS to determine whether an email sent by someone has been sent by a host
sanctioned by that domain’s administrator?
A. PGP
B. S/MIME
C. SMTP
D. SPF
8. What does the following command do?
nmap -sP 192.168.0.0-100
A. port scan
B. ping scan
C. vulnerability scan
D. penetration test
9. You just executed a half open scan and got no response. What does that tell
you?
A. the port is open
B. the port is closed
C. the port is blocked
D. it cannot be determined
10.Which of the following is a mitigation for a buffer overflow?
A. antivirus software
B. IOS updates
C. input validation
D. encryption
11.Which of the following is a Layer 2 attack?
A. buffer overflow
B. DoS
C. ARP poisoning
D. IP spoofing
12.Which of the following is not intellectual property?
A. designs
B. advertisements
C. recipes
D. contact lists
13.What is the best countermeasure to social engineering?
A. training
B. access lists
C. HIDS
D. encryption
14.Which of the following is a mitigation for ARP poisoning?
A. VLANs
B. DAI
C. DNSSec
D. STP
15.In which cryptographic attack does the attacker use recurring patterns to
reverse engineer the message?
A. side channel
B. frequency
C. plaintext only
D. ciphertext only
16.You have five users in your department. These five users only need to
encrypt information with one another. If you implement a symmetric
encryption algorithm, how many keys will be needed to support the
department?
A. 5
B. 8
C. 10
D. 12
17.Which statement is true with regard to asymmetric encryption?
A. less expensive than symmetric
B. slower than symmetric
C. harder to crack than symmetric
D. key compromise can occur more easily than with symmetric
18.Which of the following is a stream-based cipher?
A. RC4
B. DES
C. 3DES
D. AES
19.What is the purpose of an IV?
A. doubles the encryption
B. adds randomness
C. performs 16 rounds of transposition
D. hashes the message
20.Which step is not required to configure SSH on a router?
A. Set the router name
B. Set the router ID
C. Set the router domain name
D. Generate the RSA key
21.Which of the following allows you to assign a technician sets of activities
that coincide with the level they have been assigned?
A. access levels
B. job parameters
C. privilege levels
D. rules
22.Which of the following is a way to prevent unwanted changes to the
configuration?
A. router lockdown
B. resilient configuration
C. secure IOS
D. config-sec
23.Which of the following is used to hold multiple keys used in OSPF Routing
Update Authentication?
A. key store
B. keychain
C. keydb
D. keyauth
24.Which of the following characteristics of a rogue switch could cause
it to become the root bridge?
A. higher MAC address
B. higher IP address
C. a superior BPDU
D. lower router ID
25.Which of the following is used by a malicious individual to pollute the ARP
cache of other machines?
A. ping of death
B. buffer overflow
C. bound violation
D. gratuitous ARP
26.What happens when the CAM table of a switch is full of fake MAC
addresses and can hold no other MAC addresses?
A. it gets dumped
B. the switch shuts down
C. the switch start forwarding all traffic out of all ports
D. all ports are shut down
27.Which switch feature uses the concept of trusted and untrusted ports?
A. DAI
B. DHCP snooping
C. STP
D. Root Guard
28.Which command enables port security on the switch?
A. SW70(config-if)#switchport mode access
B. SW70(config-if)# switchport port-security maximum 2
C. SW70(config-if)#switchport port-security
D. SW70(config-if)# switchport port-security violation shutdown
29.Which switch feature prevents the introduction of a rogue switch to the
topology?
A. Root Guard
B. BPDU Guard
C. Loop Guard
D. DTP
30.What prevents switching loops?
A. DAI
B. DHCP snooping
C. STP
D. Root Guard
 Ch:1

1. Which of the following is not one of the CIA triad?

A. Confidentiality
B. Integrity
C. Availability
D. Accountability

2. Which of the following requires that a user or process is given only the
minimum access privilege needed to perform a particular task?
A. Least privilege
B. Separation of duties
C. Job rotation
D. Mandatory vacation

3. Which of the following occurs when a vulnerability is identified or

exploited?
A. Risk
B. Threat
C. Exposure
D. Countermeasure

4. According to NIST SP 800-30, what is the first step in the risk

management process?
A. Identify threats
B. Identify impact
C. Identify vulnerabilities
D. Identify the assets and their value
5. Which of the following is a measure of how freely data can be handled?
A. Criticality
B. Sensitivity
C. Integrity
D. Value

6. Which of the following is not a typical commercial data classification

level?
A. Sensitive
B. Confidential
C. Secret
D. Public

7. Which of the following represents data shared only within a meeting in

the TLP system?
A. Amber
B. White
C. Red
D. Green

8. Which of the following is a standard used by the security

automation community used to enumerate software flaws and
configuration issues?
A. TLP
B. CIA
C. SCAP
D. CAN
9. Which of the following is not a metric group in the Common
Vulnerability Scoring System?
A. Base
B. Access vector
C. Temporal
D. Environmental

10. Which of the following is the monetary impact of each threat

occurrence?
A. ALE
B. AV
C. ARO
D. SLE

11. Which method of handling risk involves defining the acceptable

risk level the organization can tolerate and reducing the risk to that
level?
A. Avoidance
B. Mitigation
C. Acceptance
D. Transfer

12. What part of the campus area network includes the end devices and
provides them with
access to the outside world and to the Intranet data center through the
enterprise core?
A. Intranet data center
B. Enterprise campus
C. Enterprise core
D. Enterprise WAN edge
13. Which of the following is an area where you can place a public
server for access by anyone?
A. Intranet
B. DMZ
C. Internet
D. Extranet

14. Which of the following is a logical subdivision of a switch

that segregates ports from one another?
A. VLAN
B. VPN
C. DMZ
D. STP

15. Which of the following refers to the data being unaltered by

unauthorized individuals?
A. Confidentiality
B. Integrity
C. Availability
D. Accountability

16. Which of the following refers to the practice of using multiple layers
of security between data and the resources on which it resides and
possible attackers?
A. Default to no access
B. Defense in depth
C. Separation of duties
D. Job rotation
17. Which of the following is the probability that a threat agent will
exploit a vulnerability and the impact if the threat is carried out?
A. Risk
B. Threat
C. Exposure
D. Countermeasure

18. Which of the following is a system that uses traffic light colors
to classify information assets?
A. DLP
B. VLAN
C. TLP
D. VTP

19. Which component of SCAP refers to vulnerabilities in

published operating systems and applications software?
A. CWE
B. CVE
C. CCE
D. CPE

20. Which of the following is the percent value or functionality of an

asset that will be lost when a threat event occurs?
A. SLE
B. AV
C. EF
D. ALE
 Ch:2
1. What is the typical motivation of a hacktivist?
A. Financial gain
B. Disruption
C. Geopolitical change
D. Notoriety

2. Which of the following attacks has as its goal to get through an ACL on a
router?
A. IP address spoofing
B. MAC address spoofing
C. Email spoofing
D. Buffer overflow

3. Which of the following is not a form of password attack?

A. Brute force
B. Dictionary
C. Port scan
D. Social engineering

4. When executing a NULL scan, which response indicates the port is closed on
the target?
A. No response
B. Destination unreachable
C. RST
D. ACK
5. Which of the following is a measure used to prevent buffer overflows?
A. Input validation
B. Multifactor authentication
C. Complex passwords
D. Sensitivity labels

6. Which of the following is not a DDoS attack?

A. SYN flood
B. Ping of death
C. Smurf attack
D. Man-in-the-middle

7. Which of the following is typically used to set up a man-in-the-middle attack?

A. ARP poisoning
B. Dynamic ARP inspection
C. Rogue switches
D. MAC overflow

8. Which of the following is mitigation for ARP poisoning?

A. Input validation
B. DAI
C. Multifactor authentication
D. Rootguard

9. Which of the following must be implemented to use DAI?

A. DTP
B. Authenticated ARP
C. DHCP snooping
D. NAT
10. Which of the following attaches itself to another application to replicate or
distribute itself?
A. Worm
B. Rootkit
C. Spyware

D. Virus

11. Which of the following is considered to be a unique creation of the mind?

A. PII
B. IP
C. PHI
D. IPS

12. Which of the following provides recommendations for securely handling

credit card data?
A. HIPAA
B. SOX
C. PCI-DSS
D. GLBA

13. At what OSI layer does MAC address spoofing occur?

A. 1
B. 2
C. 3
D. 4
14. Which of the following is mitigation for email spoofing?
A. SPF
B. DAI
C. DNSSec
D. DHCP snooping

15. Which of the following is a common tool used for ping and port scans?
A. Metasploit
B. Nmap
C. Netstat

D. Snort

16. Which of the following is not a flag set in an XMAS scan?

A. FIN
B. PSH
C. SYN
D. URG

17. Which of the following attacks uses an oversized ICMP packet?

A. Ping of death
B. Smurf
C. Fraggle
D. SYN flood

18. Which of the following is a reflected DDoS attack?

A. Ping of death
B. Smurf
C. Buffer overflow
D. XXS
19. Which attack type does DAI address?
A. IP spoofing
B. MAC overflow
C. ARP poisoning
D. Ping of death

20. Which of the following pollutes the contents of a computer’s DNS cache so
that requests to a legitimate site are actually routed to an alternate site?
A. Phishing
B. Pharming
C. Vishing

D. Whaling
 Ch:3
1. Which of the following is not true of symmetric algorithms?
A. They use a public key.
B. They are faster than asymmetric algorithms.
C. They present key exchange issues.
D. They are typically used for data at rest.

2. Which of the following is not true of asymmetric algorithms? A.

They provide automatic key exchange.

B. They are typically used for data at rest.

C. They use a private and public key.
D. They are slower than symmetric algorithms.

3. Which of the following is not an advantage of block ciphers?

A. The implementation is easier than stream-based cipher implementation.
B. Generally they are less susceptible to security issues.
C. Generally they are used more in software implementations.
D. They employ only substitution.

4. Which of the following ciphers perform encryption on a bit-by-bit basis?

A. Block
B. Stream
C. Asymmetric
D. Polyalphabetic
5. Which of the following is used to ensure that patterns are not produced during
encryption?
A. IVs
B. HMAC
C. RC4
D. Salting
6. In which of the following modes of DES is every 64-bit block encrypted with the same
key?
A. CBC
B. ECB
C. ECC
D. CFB
7. Which of the following is the replacement algorithm for 3DES?
A. Blowfish
B. AES
C. IDEA
D. RC4
8. Which of the following is the most popular asymmetric algorithm?
A. RSA
B. El Gamal
C. DSA
D. ECC
9. Which of the following occurs when a hash function produces the same hash value on
different messages? A. Birthday attack
B. Key exposure
C. Collision
D. Substitution
10. Which of the following hashing algorithms is required by the U.S. government?
A. MD4
B. MD5
C. SHA1
D. SHA2
11. Which of the following can help to reduce the collision rate of the hash function?
A. MAC
B. HMAC
C. Digital signatures
D. Substitution
12. Which of the following is a hash value encrypted with the sender’s private key? A.
Salt
B. Nonce
C. Digital signature
D. HMAC
13. Which of the following is true of a hybrid cryptosystem?
A. Asymmetric algorithms are used for the key exchange.
B. Symmetric keys are used for the key exchange.
C. Asymmetric keys are used for the data encryption.
D. Asymmetric keys are exchange automatically.
14. Which of the following is a digital document binding a key pair to an entity?
A. Certificate
B. Nonce
C. Salt
D. IV
15. Which of the following is the standard for digital certificates?
A. X.500
B. X.509
C. IEEE 509
D. RFC 500
16. Which of the following is a list of digital certificates that a CA has revoked?
A. OSCP
B. CRL
C. SCEP
D. REVC
17. Which of the following certificate classes is for individuals intended for email?
A. 1
B. 2
C. 3
D. 4
18. Which of the following PKI components verifies the requestor’s identity?
A. CA
B. RA
C. DN
D. CN
19. Which of the following can be used to allow one root CA to trust another root CA’s

certificates?
A. Subordination
B. Cross certification
C. Certlink
D. Trust
20. What type of certificate does the ASA use out of the box?
A. Public
B. Self-signed
C. Globally trusted
D. Locally trusted