Practice Free 100-160 Exam Online Questions
Question #31
Which of the following is a common threat to cybersecurity?
- A . Software updates
- B . Data encryption
- C . User authentication
- D . Phishing attacks
Correct Answer: D
D
Explanation:
Phishing attacks are a common threat to cybersecurity. They involve fraudulent attempts to obtain sensitive information, such as passwords and credit card details, by disguising as a trustworthy entity in electronic communication. It is important to be cautious and verify the authenticity of any requests for personal information to protect against phishing attacks.
D
Explanation:
Phishing attacks are a common threat to cybersecurity. They involve fraudulent attempts to obtain sensitive information, such as passwords and credit card details, by disguising as a trustworthy entity in electronic communication. It is important to be cautious and verify the authenticity of any requests for personal information to protect against phishing attacks.
Question #32
Which technology focuses on creating rules and correlation logic to identify security incidents based on collected network data?
- A . SOAR (Security Orchestration, Automation, and Response)
- B . Firewall
- C . IDS (Intrusion Detection System)
- D . SIEM (Security Information and Event Management)
Correct Answer: D
D
Explanation:
SIEM (Security Information and Event Management) technology plays a critical role in monitoring network data to identify security incidents. SIEM solutions typically have rule-based engines and correlation logic that analyze the collected data and generate alerts or reports when specific security events or patterns are detected. By using predefined rules and correlation logic, SIEM can help identify potential security incidents and provide insights into the overall security posture of an organization’s network.
D
Explanation:
SIEM (Security Information and Event Management) technology plays a critical role in monitoring network data to identify security incidents. SIEM solutions typically have rule-based engines and correlation logic that analyze the collected data and generate alerts or reports when specific security events or patterns are detected. By using predefined rules and correlation logic, SIEM can help identify potential security incidents and provide insights into the overall security posture of an organization’s network.
Question #33
Which of the following is a key advantage of multifactor authentication?
- A . It allows for anonymous access to systems and resources.
- B . It simplifies the authentication process.
- C . It eliminates the need for strong passwords.
- D . It provides enhanced security by requiring multiple proofs of identity.
Correct Answer: D
D
Explanation:
Multifactor authentication enhances security by requiring users to present multiple proofs of identity. By combining different factors, such as something you know, something you have, or something you are, it becomes more difficult for unauthorized individuals to gain access. This approach adds an extra layer of protection compared to relying solely on a username and password combination.
D
Explanation:
Multifactor authentication enhances security by requiring users to present multiple proofs of identity. By combining different factors, such as something you know, something you have, or something you are, it becomes more difficult for unauthorized individuals to gain access. This approach adds an extra layer of protection compared to relying solely on a username and password combination.
Question #34
What is the purpose of backup and recovery procedures in computer operations?
- A . To facilitate disaster recovery
- B . To ensure data integrity
- C . To detect and respond to security incidents
- D . To prevent unauthorized access
Correct Answer: A
A
Explanation:
The purpose of backup and recovery procedures in computer operations is to facilitate disaster recovery. By regularly backing up data and implementing recovery procedures, organizations can restore critical systems and data in the event of a disaster or data loss. This helps minimize downtime and ensure business continuity.
A
Explanation:
The purpose of backup and recovery procedures in computer operations is to facilitate disaster recovery. By regularly backing up data and implementing recovery procedures, organizations can restore critical systems and data in the event of a disaster or data loss. This helps minimize downtime and ensure business continuity.
Question #35
When should a firewall rule triggering block external access to a network resource be escalated?
- A . Only if the access was authorized.
- B . Always, regardless of authorization.
- C . Only if the access attempt is from a known malicious IP address.
- D . Never, as it is a normal security function of a firewall.
Correct Answer: D
D
Explanation:
Blocking external access to a network resource is a normal security function of a firewall and does not necessarily require escalation. Firewalls are designed to monitor and control incoming and outgoing network traffic based on predetermined rules and configurations. However, if the rule is triggered unexpectedly or causes disruption to critical services, it may be appropriate to escalate the issue for further investigation or adjustment of the firewall rule.
D
Explanation:
Blocking external access to a network resource is a normal security function of a firewall and does not necessarily require escalation. Firewalls are designed to monitor and control incoming and outgoing network traffic based on predetermined rules and configurations. However, if the rule is triggered unexpectedly or causes disruption to critical services, it may be appropriate to escalate the issue for further investigation or adjustment of the firewall rule.
Question #36
What is the primary purpose of malware remediation?
- A . To remove or neutralize malware infections
- B . To prevent malware infections
- C . To create a backup of infected systems
- D . To detect malware threats
Correct Answer: A
A
Explanation:
Malware remediation aims to remove or neutralize malware infections from compromised systems. It involves various techniques, such as scanning and cleaning the infected files, removing malicious software, and repairing damages caused by the malware. The goal is to restore the system’s integrity, security, and functionality by eliminating the presence and impact of malware.
A
Explanation:
Malware remediation aims to remove or neutralize malware infections from compromised systems. It involves various techniques, such as scanning and cleaning the infected files, removing malicious software, and repairing damages caused by the malware. The goal is to restore the system’s integrity, security, and functionality by eliminating the presence and impact of malware.
Question #37
Which of the following is a common technique used by malware to evade detection?
- A . Continuous monitoring of network traffic
- B . Encryption of communication channels
- C . Implementation of strong firewalls
- D . Frequent system scans and updates
Correct Answer: B
B
Explanation:
Malware often utilizes encryption techniques to make its communication with command and control servers difficult to detect. Encryption helps in disguising the communication and prevents network
security measures from intercepting or analyzing the malicious traffic.
B
Explanation:
Malware often utilizes encryption techniques to make its communication with command and control servers difficult to detect. Encryption helps in disguising the communication and prevents network
security measures from intercepting or analyzing the malicious traffic.
Question #38
Which of the following practices help in preserving the physical integrity of digital evidence?
- A . Storing the evidence in a cold, damp environment.
- B . Cleaning the evidence using chemical solvents.
- C . Using non-conductive gloves when handling the evidence.
- D . Leaving the evidence exposed to natural light.
Correct Answer: C
C
Explanation:
Preserving the physical integrity of digital evidence is essential to prevent contamination or damage. Using non-conductive gloves is one such practice as it prevents the transfer of oils, dirt, or other substances that could potentially damage or alter the evidence. This helps to maintain the integrity of the evidence and ensures that any potential traces or fingerprints left on the evidence are not compromised.
C
Explanation:
Preserving the physical integrity of digital evidence is essential to prevent contamination or damage. Using non-conductive gloves is one such practice as it prevents the transfer of oils, dirt, or other substances that could potentially damage or alter the evidence. This helps to maintain the integrity of the evidence and ensures that any potential traces or fingerprints left on the evidence are not compromised.
Question #39
How can the preservation of evidence be ensured during a cybersecurity investigation?
- A . Documenting the investigation process.
- B . Implementing strong network security controls.
- C . Utilizing forensic imaging tools for data collection.
- D . Conducting a thorough analysis of network logs.
Correct Answer: C
C
Explanation:
Preservation of evidence is a critical aspect of a cybersecurity investigation to maintain the integrity and admissibility of collected evidence. Utilizing forensic imaging tools allows investigators to create exact copies or replicas of storage devices, preserving the original content without modification. These copies can then be used for analysis, ensuring that the original evidence is not altered or tampered with during the investigation process.
C
Explanation:
Preservation of evidence is a critical aspect of a cybersecurity investigation to maintain the integrity and admissibility of collected evidence. Utilizing forensic imaging tools allows investigators to create exact copies or replicas of storage devices, preserving the original content without modification. These copies can then be used for analysis, ensuring that the original evidence is not altered or tampered with during the investigation process.
Question #40
Which of the following best defines "Techniques, Tactics, and Procedures (TTP)" in the context of cybersecurity investigations?
- A . A framework for analyzing network traffic.
- B . A pattern of behavior adopted by threat actors.
- C . A set of guidelines for securing network devices.
- D . An organized digital evidence collection process.
Correct Answer: B
B
Explanation:
Techniques, Tactics, and Procedures (TTP) refer to the methods and strategies used by threat actors in cyber-attacks. TTPs encompass various aspects such as the tools and techniques employed, the patterns of behavior exhibited, and the procedures followed by attackers during their malicious activities. By understanding TTPs, cybersecurity professionals can better identify and defend against threats.
B
Explanation:
Techniques, Tactics, and Procedures (TTP) refer to the methods and strategies used by threat actors in cyber-attacks. TTPs encompass various aspects such as the tools and techniques employed, the patterns of behavior exhibited, and the procedures followed by attackers during their malicious activities. By understanding TTPs, cybersecurity professionals can better identify and defend against threats.