Practice Free 100-160 Exam Online Questions
Question #71
Which approach to risk management involves accepting the potential risk and not taking any specific action to mitigate it?
- A . Risk acceptance.
- B . Risk mitigation.
- C . Risk transfer.
- D . Risk avoidance.
Correct Answer: A
A
Explanation:
Risk acceptance is an approach to risk management wherein the potential risk is acknowledged, and a conscious decision is made not to take any specific action to mitigate it. This approach is usually taken when the potential risk is deemed acceptable or when the cost of mitigating the risk outweighs the potential impact.
A
Explanation:
Risk acceptance is an approach to risk management wherein the potential risk is acknowledged, and a conscious decision is made not to take any specific action to mitigate it. This approach is usually taken when the potential risk is deemed acceptable or when the cost of mitigating the risk outweighs the potential impact.
Question #72
Which of the following is an essential component of information security assessments?
- A . Penetration testing
- B . All of the above
- C . Incident response planning
- D . User training
Correct Answer: B
B
Explanation:
Information security assessments involve assessing the security posture of an IT system. Penetration testing, which involves simulating attacks to identify vulnerabilities, is an important component of such assessments. Additionally, user training is vital because human error or lack of awareness can often be a weak point in security. Understanding how to recognize and respond to potential threats is crucial. Lastly, incident response planning is essential to ensure that the organization is prepared to handle and mitigate any security incidents effectively. Therefore, all the options mentioned in the
B
Explanation:
Information security assessments involve assessing the security posture of an IT system. Penetration testing, which involves simulating attacks to identify vulnerabilities, is an important component of such assessments. Additionally, user training is vital because human error or lack of awareness can often be a weak point in security. Understanding how to recognize and respond to potential threats is crucial. Lastly, incident response planning is essential to ensure that the organization is prepared to handle and mitigate any security incidents effectively. Therefore, all the options mentioned in the
Question #73
Which of the following encryption algorithms is considered strong?
- A . RSA
- B . MD5
- C . ROT13
- D . DES
Correct Answer: A
A
Explanation:
RSA is considered a strong encryption algorithm because it uses asymmetric encryption, which means it uses different keys for encryption and decryption. RSA is widely used in secure communication protocols and provides a high level of security.
A
Explanation:
RSA is considered a strong encryption algorithm because it uses asymmetric encryption, which means it uses different keys for encryption and decryption. RSA is widely used in secure communication protocols and provides a high level of security.
Question #74
Which protocol uses encryption for secure remote access to network resources?
- A . Point-to-Point Protocol (PPP)
- B . Wireless Equivalent Privacy (WEP)
- C . Internet Protocol Security (IPSec)
- D . Secure Shell (SSH)
Correct Answer: D
D
Explanation:
Secure Shell (SSH) is a cryptographic network protocol that provides secure remote access and control of network resources. It employs encryption to protect data exchanged between the client and the server, ensuring the confidentiality and integrity of the communication. SSH is commonly used for remote administration and secure file transfers.
D
Explanation:
Secure Shell (SSH) is a cryptographic network protocol that provides secure remote access and control of network resources. It employs encryption to protect data exchanged between the client and the server, ensuring the confidentiality and integrity of the communication. SSH is commonly used for remote administration and secure file transfers.
Question #75
Which of the following is a preventive control that can help in reducing the risk of future incidents?
- A . Creating secure backups of critical data
- B . Implementing strong access controls and authentication mechanisms
- C . Regularly updating antivirus signatures
- D . Conducting periodic employee training on incident response
Correct Answer: B
B
Explanation:
Implementing strong access controls and authentication mechanisms is a preventive control that can help reduce the risk of future incidents. By ensuring that only authorized individuals have access to systems and data, the likelihood of unauthorized access or malicious activity is minimized. While
regularly updating antivirus signatures, conducting employee training, and creating secure backups are also important preventive measures, the focus here is on access controls and authentication mechanisms.
B
Explanation:
Implementing strong access controls and authentication mechanisms is a preventive control that can help reduce the risk of future incidents. By ensuring that only authorized individuals have access to systems and data, the likelihood of unauthorized access or malicious activity is minimized. While
regularly updating antivirus signatures, conducting employee training, and creating secure backups are also important preventive measures, the focus here is on access controls and authentication mechanisms.
Question #76
Which threat intelligence technique involves utilizing known patterns or characteristics of threats to identify and block them?
- A . Reputation-based Detection
- B . Anomaly-based Detection
- C . Indicators of Compromise (IoCs)
- D . Signature-based Detection
Correct Answer: D
D
Explanation:
Signature-based detection relies on identifying known patterns, signatures, or characteristics of threats.
It uses these signatures to detect and block potential threats in network traffic.
D
Explanation:
Signature-based detection relies on identifying known patterns, signatures, or characteristics of threats.
It uses these signatures to detect and block potential threats in network traffic.
Question #77
Which of the following security events should be escalated?
- A . A user forgets their password and requests a reset.
- B . A user reports a suspicious email with a potential phishing link.
- C . A system administrator detects a critical vulnerability on a server.
- D . A firewall rule is triggered and blocks external access to a network resource.
Correct Answer: C
C
Explanation:
Security events that should be escalated typically include critical vulnerabilities that could lead to potential breaches or unauthorized access. In this case, the system administrator detecting a critical vulnerability on a server requires immediate attention and escalation to ensure prompt action can be taken to mitigate the risk.
C
Explanation:
Security events that should be escalated typically include critical vulnerabilities that could lead to potential breaches or unauthorized access. In this case, the system administrator detecting a critical vulnerability on a server requires immediate attention and escalation to ensure prompt action can be taken to mitigate the risk.
Question #78
What is configuration management in the context of cybersecurity?
- A . Managing and securing access to network devices
- B . Protecting the physical infrastructure of an organization
- C . Establishing role-based access controls
- D . Ensuring consistency and control over the configuration of IT systems
Correct Answer: D
D
Explanation:
Configuration management in cybersecurity refers to the practice of ensuring consistency and control over the configuration of IT systems, including hardware, software, and network devices. This involves establishing and enforcing standardized configurations, monitoring and managing changes, and maintaining an accurate inventory of system configurations. Proper configuration management helps reduce the risk of configuration-related issues, vulnerabilities, and unauthorized changes that could compromise the security of IT systems.
D
Explanation:
Configuration management in cybersecurity refers to the practice of ensuring consistency and control over the configuration of IT systems, including hardware, software, and network devices. This involves establishing and enforcing standardized configurations, monitoring and managing changes, and maintaining an accurate inventory of system configurations. Proper configuration management helps reduce the risk of configuration-related issues, vulnerabilities, and unauthorized changes that could compromise the security of IT systems.
Question #79
Which of the following is an example of a source of evidence (artifact) in a cybersecurity investigation?
- A . Firewall logs recording network traffic.
- B . Configuration files of network devices.
- C . Security policy documents.
- D . Training materials for security awareness.
Correct Answer: A
A
Explanation:
In a cybersecurity investigation, evidence or artifacts play a crucial role in determining the nature of an incident. Firewall logs recording network traffic can provide valuable information regarding communication between systems, including IP addresses, ports, protocols, and timestamps. Analyzing these logs can help identify potential threats or suspicious activities within a network.
A
Explanation:
In a cybersecurity investigation, evidence or artifacts play a crucial role in determining the nature of an incident. Firewall logs recording network traffic can provide valuable information regarding communication between systems, including IP addresses, ports, protocols, and timestamps. Analyzing these logs can help identify potential threats or suspicious activities within a network.
Question #80
Which of the following represents a technique used in Classless Inter-Domain Routing (CIDR)?
- A . Variable-length subnet masks
- B . Compressed MAC addresses
- C . Binary notation for IP addresses
- D . 32-bit IP addresses
Correct Answer: A
A
Explanation:
Classless Inter-Domain Routing (CIDR) is a technique used to allocate and manage IP addresses more efficiently. It involves using variable-length subnet masks (VLSMs), which allow the network to have subnets of different sizes. VLSMs provide flexibility in allocating IP addresses by allowing the network administrator to choose the appropriate number of network and host bits based on the network requirements.
A
Explanation:
Classless Inter-Domain Routing (CIDR) is a technique used to allocate and manage IP addresses more efficiently. It involves using variable-length subnet masks (VLSMs), which allow the network to have subnets of different sizes. VLSMs provide flexibility in allocating IP addresses by allowing the network administrator to choose the appropriate number of network and host bits based on the network requirements.