Practice Free 100-160 Exam Online Questions
Question #11
Which of the following is NOT a typical phase of the planning process in cybersecurity?
- A . Policy development
- B . Risk assessment
- C . Vulnerability scanning
- D . Incident response planning
Correct Answer: C
C
Explanation:
The planning process in cybersecurity typically includes several phases, such as risk assessment, policy development, and incident response planning. Vulnerability scanning, although an important activity in cybersecurity, is considered a technical control rather than a specific phase of the planning process.
C
Explanation:
The planning process in cybersecurity typically includes several phases, such as risk assessment, policy development, and incident response planning. Vulnerability scanning, although an important activity in cybersecurity, is considered a technical control rather than a specific phase of the planning process.
Question #12
Which of the following statements about multi-factor authentication (MFA) is correct?
- A . MFA is a security measure that requires users to provide two or more forms of identification to gain access to a system or application.
- B . MFA is a security measure that requires users to provide only one form of identification to gain access to a system or application
- C . MFA is a security measure that is no longer recommended due to its complexity and potential for user errors.
- D . MFA is a security measure that only applies to physical access control systems.
Correct Answer: A
A
Explanation:
Option 1: This is the correct statement. MFThis is a security measure that requires users to provide two or more forms of identification to gain access to a system or application. It adds an extra layer of security by combining multiple credentials, such as passwords, one-time passcodes, biometrics, or smart cards, to verify a user’s identity.
Option 2: This statement is incorrect. MFA requires users to provide two or more forms of identification, not just one.
Option 3: This statement is incorrect. MFThis is still recommended as an effective security measure and is widely used in many industries.
Option 4: This statement is incorrect. MFA can be used for both physical and logical access control systems.
A
Explanation:
Option 1: This is the correct statement. MFThis is a security measure that requires users to provide two or more forms of identification to gain access to a system or application. It adds an extra layer of security by combining multiple credentials, such as passwords, one-time passcodes, biometrics, or smart cards, to verify a user’s identity.
Option 2: This statement is incorrect. MFA requires users to provide two or more forms of identification, not just one.
Option 3: This statement is incorrect. MFThis is still recommended as an effective security measure and is widely used in many industries.
Option 4: This statement is incorrect. MFA can be used for both physical and logical access control systems.
Question #13
What is the primary goal of a threat actor in a cyber attack?
- A . To exploit vulnerabilities in a system
- B . To gain unauthorized access to a network
- C . To cause damage or disruption to a target
- D . To identify and mitigate security risks
Correct Answer: C
C
Explanation:
The primary goal of a threat actor in a cyber attack is typically to cause damage, disruption, or gain some form of unauthorized advantage. They may aim to steal sensitive data, encrypt files for ransom, disrupt services, or compromise the integrity of a system. Understanding the motivations of threat actors helps in building effective defense strategies.
C
Explanation:
The primary goal of a threat actor in a cyber attack is typically to cause damage, disruption, or gain some form of unauthorized advantage. They may aim to steal sensitive data, encrypt files for ransom, disrupt services, or compromise the integrity of a system. Understanding the motivations of threat actors helps in building effective defense strategies.
Question #14
Why is it important to stay current with automated threat intelligence technologies?
- A . All of the above
- B . To leverage the latest advancements in machine learning and AI
- C . To enhance the effectiveness of security measures
- D . To adapt to evolving cybersecurity threats
Correct Answer: A
A
Explanation:
Staying current with automated threat intelligence technologies is vital in the field of cybersecurity. Firstly, as cyber threats continuously evolve, staying up to date allows organizations to adapt their defenses and countermeasures accordingly. Secondly, leveraging the latest advancements in machine learning and artificial intelligence helps improve the accuracy and efficiency of threat detection and response. Lastly, by staying current, organizations can enhance the overall effectiveness of their security measures and stay ahead of potential threats.
A
Explanation:
Staying current with automated threat intelligence technologies is vital in the field of cybersecurity. Firstly, as cyber threats continuously evolve, staying up to date allows organizations to adapt their defenses and countermeasures accordingly. Secondly, leveraging the latest advancements in machine learning and artificial intelligence helps improve the accuracy and efficiency of threat detection and response. Lastly, by staying current, organizations can enhance the overall effectiveness of their security measures and stay ahead of potential threats.
Question #15
What is the primary goal of program deployment in a cybersecurity context?
- A . Facilitating collaboration between different teams
- B . Ensuring software compatibility across diverse platforms
- C . Implementing security controls to protect applications
- D . Tracking and managing software licenses effectively
Correct Answer: C
C
Explanation:
Program deployment in a cybersecurity context involves implementing security controls to protect applications during the installation or update process. It includes ensuring that proper security measures are in place, such as encryption, access controls, and secure configurations, to safeguard applications from potential threats and attacks.
C
Explanation:
Program deployment in a cybersecurity context involves implementing security controls to protect applications during the installation or update process. It includes ensuring that proper security measures are in place, such as encryption, access controls, and secure configurations, to safeguard applications from potential threats and attacks.
Question #16
Which technology focuses on automating security response actions based on predefined playbooks or workflows?
- A . SOAR (Security Orchestration, Automation, and Response)
- B . IDS (Intrusion Detection System)
- C . Firewall
- D . SIEM (Security Information and Event Management)
Correct Answer: A
A
Explanation:
SOAR (Security Orchestration, Automation, and Response) technology is designed to automate security response actions based on predefined playbooks or workflows. These playbooks specify the steps to be taken when specific security incidents or events occur, allowing for a consistent and automated response. SOAR integrates with various security tools and systems, enabling automatic and orchestrated actions to handle security incidents effectively.
A
Explanation:
SOAR (Security Orchestration, Automation, and Response) technology is designed to automate security response actions based on predefined playbooks or workflows. These playbooks specify the steps to be taken when specific security incidents or events occur, allowing for a consistent and automated response. SOAR integrates with various security tools and systems, enabling automatic and orchestrated actions to handle security incidents effectively.
Question #17
How can cybersecurity reports contribute to incident response procedures?
- A . By identifying potential attack vectors.
- B . By establishing communication channels with law enforcement agencies.
- C . By providing real-time threat intelligence.
- D . By suggesting countermeasures.
Correct Answer: C
C
Explanation:
Cybersecurity reports can contribute to incident response procedures by providing real-time threat intelligence. These reports analyze and share information about emerging threats, attack trends, and new vulnerabilities. By incorporating the findings from these reports into their incident response plans, organizations can stay ahead of attackers and improve their ability to detect, mitigate, and respond to potential incidents effectively.
C
Explanation:
Cybersecurity reports can contribute to incident response procedures by providing real-time threat intelligence. These reports analyze and share information about emerging threats, attack trends, and new vulnerabilities. By incorporating the findings from these reports into their incident response plans, organizations can stay ahead of attackers and improve their ability to detect, mitigate, and respond to potential incidents effectively.
Question #18
What is the purpose of managing communication proactively before an event?
- A . To prevent and mitigate security incidents
- B . To monitor and analyze network traffic
- C . To update antivirus software and security patches
- D . To respond and recover from security incidents
Correct Answer: A
A
Explanation:
Managing communication proactively before an event aims to prevent and mitigate security incidents. By taking preemptive measures such as implementing security controls, setting up secure communication channels, and educating users about cybersecurity best practices, organizations can reduce the likelihood of a security breach or incident before it occurs. Proactive management helps to identify and address vulnerabilities, ensuring a more secure environment for communication.
A
Explanation:
Managing communication proactively before an event aims to prevent and mitigate security incidents. By taking preemptive measures such as implementing security controls, setting up secure communication channels, and educating users about cybersecurity best practices, organizations can reduce the likelihood of a security breach or incident before it occurs. Proactive management helps to identify and address vulnerabilities, ensuring a more secure environment for communication.
Question #19
Which of the following best describes asset management in the context of cybersecurity?
- A . Identifying and protecting valuable resources
- B . Monitoring user activity
- C . Tracking software licenses
- D . Managing network infrastructure
Correct Answer: A
A
Explanation:
Asset management in a cybersecurity context involves identifying and protecting valuable resources within an organization. This includes identifying critical systems, data, and information that need to be protected from unauthorized access, modification, or destruction.
A
Explanation:
Asset management in a cybersecurity context involves identifying and protecting valuable resources within an organization. This includes identifying critical systems, data, and information that need to be protected from unauthorized access, modification, or destruction.
Question #20
Which of the following log file entries is typically associated with a Distributed Denial of Service (DDoS) attack?
- A . "High CPU utilization on server at 15:20:05."
- B . "Web server responding slowly to client requests at 14:10:15."
- C . "Spike in network traffic volume at 12:45:10."
- D . "Unusual number of concurrent sessions established at 09:30:00."
Correct Answer: C
C
Explanation:
In a Distributed Denial of Service (DDoS) attack, the attacker overwhelms the target system or network with a massive volume of traffic from multiple sources. This excessive traffic causes the targeted system to become inaccessible to legitimate users. Therefore, a sudden and significant spike in network traffic volume is a typical indicator of a DDoS attack. Additionally, other log entries may also be present, such as increased resource utilization or slow response times, as mentioned in the other options, but the spike in network traffic volume is the most indicative of a DDoS attack.
C
Explanation:
In a Distributed Denial of Service (DDoS) attack, the attacker overwhelms the target system or network with a massive volume of traffic from multiple sources. This excessive traffic causes the targeted system to become inaccessible to legitimate users. Therefore, a sudden and significant spike in network traffic volume is a typical indicator of a DDoS attack. Additionally, other log entries may also be present, such as increased resource utilization or slow response times, as mentioned in the other options, but the spike in network traffic volume is the most indicative of a DDoS attack.