Name:
Class:
Date:
1. Different types of organizations have similar levels of network security risks.
a.
True
b.
False
2. The term malware is derived from a combination of the words malicious and software.
a.
True
b.
False
3. A hacker, in the original sense of the word, is someone with technical skill and malicious intent.
a.
True
b.
False
4. The day after Patch Tuesday is informally dubbed Exploit Wednesday.
a.
True
b.
False
Name:
Class:
Date:
5. A drop ceiling could be used by an intruder to gain access to a secured room.
a.
True
b.
False
6. Over a long-distance connection, using SSH keys is more secure than using passwords.
a.
True
b.
False
7. The original version of the Secure Hash Algorithm was developed by MIT.
a.
True
b.
False
8. Sudden unexplained increases in file sizes and unusual error messages with no apparent cause are both
potential symptoms of a viral infection.
a.
True
b.
False
9. Current research indicates that a long, random string of words, such as correct horse battery staple is more
secure than a random series of letters, numbers, and symbols that is short enough to be remembered.
a.
True
b.
False
10. It is ideal to use the same password for multiple different applications, provided the password is complex
enough.
a.
True
b.
False
11. What penetration testing tool combines known scanning and exploit techniques to explore potentially new
attack routes?
a.
Nessus
b.
metasploit
c.
nmap
d.
Sub7
12. Which of the following statements correctly describes the malware characteristic of polymorphism?
a.
Polymorphic malware can change its characteristics every time it is transferred to a new system.
b.
Polymorphic malware is designed to activate on a particular date, remaining harmless until that time.
c.
Polymorphic malware is software that disguises itself as a legitimate program, or replaces a
legitimate program’s code with destructive code.
d.
Polymorphic malware utilizes encryption to prevent detection.
13. A virus that remains dormant until a specific condition is met, such as the changing of a file or a match of
Name:
Class:
Date:
the current date is known as what type of malware?
a.
encrypted virus
b.
logic bomb
c.
boot sector virus
d.
worm
14. Which of the following statements describes a worm?
a.
A program that disguises itself as something useful but actually harms your system.
b.
A process that runs automatically, without requiring a person to start or stop it.
c.
A program that runs independently of other software and travels between computers and across
networks.
d.
A program that locks a user’s data or computer system until a ransom is paid.
15. If multiple honeypots are connected to form a larger network, what term is used to describe the network?
a.
combolure
b.
lurenet
c.
honeycomb
d.
honeynet
16. An attack that relies on redirected and captured secure transmissions as they occur is known as what type of
attack?
a.
buffer overflow
b.
session hijacking attack
c.
man-in-the-middle attack
d.
banner-grabbing attack
17. Which of the following scenarios represents a phishing attempt?
a.
An employee at your company has received a malware-infected file in their e-mail.
b.
A person posing as an employee tried to access a secured area at your organization.
c.
A gift was offered to an employee with access to secured information in exchange for details.
d.
An e-mail was sent to a manager at your company that appeared to be from the company’s CTO,
asking for access.
18. In a red team-blue team exercise, what is the purpose of the blue team?
a.
The blue team is tasked with attacking the network.
b.
The blue team must observe the actions of the red team.
c.
The blue team is charged with the defense of the network.
d.
The blue team consists of regulators that ensure no illegal activity is undertaken.
Name:
Class:
Date:
19. Which of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted
data such as credit card numbers?
a.
Nmap
b.
Nessus
c.
Metasploit
d.
L0phtcrack
20. If someone is offered a free gift or service in exchange for private information or access to a computer
system, what type of social engineering is taking place?
a.
phishing
b.
baiting
c.
quid pro quo
d.
tailgating
Name:
Class:
Date:
21. A person posing as an employee strikes up a conversation with a legitimate employee as they walk into a
secured area, in an attempt to gain access. What kind of social engineering is this?
a.
phishing
b.
baiting
c.
quid pro quo
d.
tailgating
22. In the typical social engineering attack cycle, what occurs at Phase 3?
a.
The attacker researches the desired target for clues as to vulnerabilities.
b.
The attacker builds trust with the target and attempts to gain more information.
c.
The attacker exploits an action undertaken by the victim in order to gain access.
d.
The attacker executes an exit strategy in such a way that does not leave evidence or raise suspicion.
23. The concept of giving employees and contractors only enough access and privileges to do their jobs is
known by what term?
a.
least-risk privilege profile
b.
principle of least privilege
c.
minimal access/minimal exposure
d.
limited liability access
Name:
Class:
Date:
24. What statement regarding denial-of-service (DoS) attacks is accurate?
a.
A denial-of-service attack occurs when a MAC address is impersonated on the network.
b.
A denial-of-service attack prevents legitimate users from accessing normal network resources.
c.
A denial-of-service attack is generally a result of a disgruntled employee.
d.
A denial-of-service attack is no longer a major concern due to the increased throughput available on
most networks.
25. Utilized by China’s so-called “Great Firewall”, what type of attack can prevent user access to web pages, or
even redirect them to illegitimate web pages?
a.
MAC address spoofing
b.
denial-of-service attack
c.
DNS poisoning
d.
rogue DHCP server
26. What is the Nmap utility used for?
a.
It is used to identify unsecured sensitive data on the network, such as credit cards.
b.
It is an automated vulnerability and penetration testing framework.
c.
It is a software firewall that can be used to secure a vulnerable host.
Name:
Class:
Date:
d.
It is a port scanning utility that can identify open ports on a host.
27. How is a posture assessment performed on an organization?
a.
A thorough examination of each aspect of the organization’s network is performed to determine how
it might be compromised.
b.
A third party organization is tasked with attempting to break into the organization and compromise
security in order to determine threat vectors.
c.
A report of data that is subject to special regulation is created, such that the organization is aware of
what data needs protection.
d.
An assessment of how a network will perform under stress is performed to determine if the network
throughput is adequate.
28. What type of door access control is a physical or electronic lock that requires a code in order to open the
door?
a.
key fob lock
b.
cipher lock
c.
biometric lock
d.
encrypted lock
Name:
Class:
Date:
29. An RFID label on a box is an example of what type of physical security detection method?
a.
motion detection technology
b.
video surveillance via CCTV
c.
tamper detection
d.
asset tracking tagging
30. What statement regarding the different versions of the SHA hashing algorithm is accurate?
a.
SHA-0 is the most secure version of SHA.
b.
SHA-1 supports a 128-bit hash function.
c.
SHA-2 only supports a 256-bit hash.
d.
SHA-2 and SHA-3 both support the same hash lengths.
31. On a Linux based system, what command can you use to create a hash of a file using SHA-256?
a.
sha1sum
b.
md5sum
c.
sha256sum
d.
shasum -a 256
Name:
Class:
Date:
32. Which command can be used on a Windows system to create a hash of a file?
a.
md5
b.
shasum
c.
Get-FileHash
d.
Compute-FileHash
33. VMware’s AirWatch and Cisco’s Meraki Systems Manager are both examples of what type of software?
a.
mobile device management software
b.
software defined network software
c.
virtual device management software
d.
cloud network management software
34. A variant of BYOD, what does CYOD allow employees or students to do?
a.
They can supply their own software on a computer or mobile device.
b.
They can supply their choice of cloud application or storage.
Name:
Class:
Date:
c.
They can choose a device from a limited number of options.
d.
They can use whatever devices they wish to bring.
35. Where would restrictions regarding what users can and cannot do while accessing a network’s resources be
found?
a.
acceptable use policy document
b.
terms of service document
c.
license restrictions document
d.
non-disclosure agreement document
36. What document addresses the specific concerns related to special access given to administrators and certain
support staff?
a.
non-disclosure agreement
b.
acceptable use policy
c.
password policy
d.
privileged user agreement
Name:
Class:
Date:
37. Which of the following scenarios would necessitate the use of a non-disclosure agreement?
a.
Your company wishes to educate users on the proper use of the network.
b.
Your company needs to prevent a new contractor from sharing information with a potential
competitor.
c.
Your company needs to impose password restrictions on new users in the network.
d.
Your company would like to allow employees to bring their own devices.
38. How often should you require users to change their passwords?
a.
every 30 days
b.
every 60 days
c.
every 90 days
d.
every 120 days
39. What type of an attack forces clients off a wireless network, creating a form of WiFi DoS?
a.
deauthentication attack
b.
channel hopping attack
c.
man-in-the-middle attack
Name:
Class:
Date:
d.
ARP poisoning attack
40. Which type of DoS attack involves an attack that is bounced off uninfected computers before being directed
at the target?
a.
cached denial-of-service attack
b.
distributed denial-of-service attack
c.
distributed reflection denial-of-service attack
d.
permanent denial-of-service attack
41. List and describe the four different locations in which anti-malware can be installed.
Name:
Class:
Date:
42. What are some of the characteristics of malware that make it difficult to detect?
43. Hackers are categorized according to their intent and the prior approval of the organizations whose networks
they’re hacking. What are some of these categories?
44. How does a zero-day exploit differ from a typical exploit?
45. Why might an organization be required to undergo a security audit?
46. What is vulnerability scanning, and what are the two different types of vulnerability scans?
47. How is motion detection technology used to monitor and provide security for sensitive areas, and how can it
deal with false positives?
Name:
Class:
Date:
48. When configuring a new device, why should changing the administrative credentials be a top priority?
49. What is hashing, and how does it differ from encryption?
50. How is an acceptable use policy typically used?
Name:
Class:
Date: