Practice Free 100-160 Exam Online Questions
Question #91
Which security assessment of IT systems verifies that PII data is available, accurate, confidential, and accessible only by authorized users?
- A . Risk framing
- B . Cyber Kill Chain
- C . Workflow management
- D . Information assurance
Correct Answer: D
D
Explanation:
The CCST Cybersecurity study material defines Information Assurance (IA) as the practice of managing information-related risks to ensure data availability, integrity, confidentiality, authentication, and non-repudiation. It specifically applies to sensitive information like PII (Personally Identifiable Information).
"Information assurance involves the protection and validation of data so that it remains accurate, confidential, and available only to authorized users. IA ensures the trustworthiness of information, particularly when handling sensitive or regulated data such as PII."
(CCST Cybersecurity, Vulnerability Assessment and Risk Management, Information Assurance section, Cisco Networking Academy)
A (Risk framing) is part of risk management planning but does not verify data integrity and confidentiality directly.
B (Cyber Kill Chain) is an attack lifecycle model.
C (Workflow management) is about process efficiency, not data protection.
D is correct: Information Assurance addresses the availability, accuracy, and confidentiality of sensitive data.
D
Explanation:
The CCST Cybersecurity study material defines Information Assurance (IA) as the practice of managing information-related risks to ensure data availability, integrity, confidentiality, authentication, and non-repudiation. It specifically applies to sensitive information like PII (Personally Identifiable Information).
"Information assurance involves the protection and validation of data so that it remains accurate, confidential, and available only to authorized users. IA ensures the trustworthiness of information, particularly when handling sensitive or regulated data such as PII."
(CCST Cybersecurity, Vulnerability Assessment and Risk Management, Information Assurance section, Cisco Networking Academy)
A (Risk framing) is part of risk management planning but does not verify data integrity and confidentiality directly.
B (Cyber Kill Chain) is an attack lifecycle model.
C (Workflow management) is about process efficiency, not data protection.
D is correct: Information Assurance addresses the availability, accuracy, and confidentiality of sensitive data.
Question #92
Which approach to risk management involves accepting the potential risk and not taking any specific action to mitigate it?
- A . Risk acceptance.
- B . Risk mitigation.
- C . Risk transfer.
- D . Risk avoidance.
Correct Answer: A
A
Explanation:
Risk acceptance is an approach to risk management wherein the potential risk is acknowledged, and a conscious decision is made not to take any specific action to mitigate it. This approach is usually taken when the potential risk is deemed acceptable or when the cost of mitigating the risk outweighs the potential impact.
A
Explanation:
Risk acceptance is an approach to risk management wherein the potential risk is acknowledged, and a conscious decision is made not to take any specific action to mitigate it. This approach is usually taken when the potential risk is deemed acceptable or when the cost of mitigating the risk outweighs the potential impact.
Question #93
What is configuration management in the context of cybersecurity?
- A . Managing and securing access to network devices
- B . Protecting the physical infrastructure of an organization
- C . Establishing role-based access controls
- D . Ensuring consistency and control over the configuration of IT systems
Correct Answer: D
D
Explanation:
Configuration management in cybersecurity refers to the practice of ensuring consistency and control over the configuration of IT systems, including hardware, software, and network devices. This involves establishing and enforcing standardized configurations, monitoring and managing changes, and maintaining an accurate inventory of system configurations. Proper configuration management helps reduce the risk of configuration-related issues, vulnerabilities, and unauthorized changes that could compromise the security of IT systems.
D
Explanation:
Configuration management in cybersecurity refers to the practice of ensuring consistency and control over the configuration of IT systems, including hardware, software, and network devices. This involves establishing and enforcing standardized configurations, monitoring and managing changes, and maintaining an accurate inventory of system configurations. Proper configuration management helps reduce the risk of configuration-related issues, vulnerabilities, and unauthorized changes that could compromise the security of IT systems.
Question #94
What type of information can be found in cybersecurity reports?
- A . Country-specific hacking techniques.
- B . Sensitive encryption algorithms used by government agencies.
- C . Detailed analysis of exploit techniques and tools.
- D . Attackers’ personally identifiable information (PII).
Correct Answer: C
C
Explanation:
Cybersecurity reports usually contain detailed analysis of exploit techniques and tools used by attackers. These reports help security professionals understand the latest threats, attack vectors, and vulnerabilities. By studying these reports, organizations can strengthen their defenses and develop countermeasures against known attack methods.
C
Explanation:
Cybersecurity reports usually contain detailed analysis of exploit techniques and tools used by attackers. These reports help security professionals understand the latest threats, attack vectors, and vulnerabilities. By studying these reports, organizations can strengthen their defenses and develop countermeasures against known attack methods.
Question #95
A SOC analyst notices repeated failed login attempts from a foreign IP address followed by a successful login to a privileged account.
What is the most appropriate next step?
- A . Reset the affected user’s password and investigate the scope of compromise.
- B . Block all foreign IP addresses from accessing the network.
- C . Run a full vulnerability scan of the corporate network.
- D . Ignore the event unless it happens again.
Correct Answer: A
A
Explanation:
The CCST Cybersecurity course highlights that signs of brute-force attacks followed by successful access require immediate account security actions and an investigation to determine if other systems were accessed.
"When suspicious login activity is detected, immediate containment steps such as password resets and log analysis are necessary to limit damage and identify the extent of the compromise."
(CCST Cybersecurity, Incident Handling, Account Compromise Response section, Cisco Networking Academy)
A
Explanation:
The CCST Cybersecurity course highlights that signs of brute-force attacks followed by successful access require immediate account security actions and an investigation to determine if other systems were accessed.
"When suspicious login activity is detected, immediate containment steps such as password resets and log analysis are necessary to limit damage and identify the extent of the compromise."
(CCST Cybersecurity, Incident Handling, Account Compromise Response section, Cisco Networking Academy)
Question #96
Which technology is responsible for monitoring network traffic and identifying potential threats?
- A . IDS
- B . Firewall
- C . Server
- D . IPS
Correct Answer: A
A
Explanation:
An Intrusion Detection System (IDS) is a technology that monitors network traffic and analyzes it for potential security breaches or vulnerabilities. It detects and alerts administrators to any suspicious activity, allowing them to take appropriate actions to mitigate potential threats.
A
Explanation:
An Intrusion Detection System (IDS) is a technology that monitors network traffic and analyzes it for potential security breaches or vulnerabilities. It detects and alerts administrators to any suspicious activity, allowing them to take appropriate actions to mitigate potential threats.
Question #97
What is the main benefit of implementing SOAR technology in monitoring network data for security incidents?
- A . Enhanced network performance
- B . Reduced network bandwidth consumption
- C . Improved incident response time
- D . Increased network availability
Correct Answer: C
C
Explanation:
SOAR (Security Orchestration, Automation, and Response) technology aims to streamline and automate incident response processes. By integrating various security tools, SOAR enables a faster and more organized response to security incidents. It automates manual tasks, provides real-time incident metrics and visibility, and facilitates collaboration among different teams involved in incident response. Ultimately, implementing SOAR can significantly improve incident response time.
C
Explanation:
SOAR (Security Orchestration, Automation, and Response) technology aims to streamline and automate incident response processes. By integrating various security tools, SOAR enables a faster and more organized response to security incidents. It automates manual tasks, provides real-time incident metrics and visibility, and facilitates collaboration among different teams involved in incident response. Ultimately, implementing SOAR can significantly improve incident response time.
Question #98
Which of the following services or protocols can be used to ensure the security and compliance of an organization’s network?
- A . NTP (Network Time Protocol)
- B . SNMP (Simple Network Management Protocol)
- C . DHCP (Dynamic Host Configuration Protocol)
- D . DNS (Domain Name System)
Correct Answer: B
B
Explanation:
Option 1: NTP is a protocol used to synchronize the clocks of computers in a network. While it is important for maintaining accurate time, it does not directly contribute to network security and compliance. This makes it an incorrect answer.
Option 2: SNMP is a protocol used for managing and monitoring network devices. It allows for centralized monitoring, troubleshooting, and configuration of devices. SNMP can play a crucial role in security and compliance by providing real-time information about network devices and their behaviors. This makes it a correct answer.
Option 3: DHCP is a protocol used to assign IP addresses and network configuration parameters to devices on a network. While DHCP is essential for network connectivity, it does not directly contribute to security and compliance. This makes it an incorrect answer.
Option 4: DNS is a protocol used to translate domain names into IP addresses. While DNS is critical for internet connectivity, it does not directly contribute to security and compliance. This makes it an incorrect answer.
B
Explanation:
Option 1: NTP is a protocol used to synchronize the clocks of computers in a network. While it is important for maintaining accurate time, it does not directly contribute to network security and compliance. This makes it an incorrect answer.
Option 2: SNMP is a protocol used for managing and monitoring network devices. It allows for centralized monitoring, troubleshooting, and configuration of devices. SNMP can play a crucial role in security and compliance by providing real-time information about network devices and their behaviors. This makes it a correct answer.
Option 3: DHCP is a protocol used to assign IP addresses and network configuration parameters to devices on a network. While DHCP is essential for network connectivity, it does not directly contribute to security and compliance. This makes it an incorrect answer.
Option 4: DNS is a protocol used to translate domain names into IP addresses. While DNS is critical for internet connectivity, it does not directly contribute to security and compliance. This makes it an incorrect answer.
Question #99
Which of the following is a common authentication protocol used in wireless networks?
- A . FTP
- B . WPA
- C . SSH
- D . SMTP
Correct Answer: B
B
Explanation:
WPA (Wi-Fi Protected Access) is a widely used authentication protocol for securing wireless networks. It provides stronger security than the older WEP (Wired Equivalent Privacy) protocol by utilizing encryption algorithms and dynamic key generation. WPA offers better protection against unauthorized access and helps ensure the confidentiality and integrity of wireless communications.
B
Explanation:
WPA (Wi-Fi Protected Access) is a widely used authentication protocol for securing wireless networks. It provides stronger security than the older WEP (Wired Equivalent Privacy) protocol by utilizing encryption algorithms and dynamic key generation. WPA offers better protection against unauthorized access and helps ensure the confidentiality and integrity of wireless communications.
Question #100
Which of the following password policies is considered a best practice?
- A . Requiring passwords to be changed every 5 years
- B . Allowing users to set easily guessable passwords
- C . Enforcing a minimum password length and complexity requirements
- D . Storing passwords in plain text format
Correct Answer: C
C
Explanation:
Enforcing a minimum password length and complexity requirements is considered a best practice for password policies. This helps to ensure that passwords are not easily guessable and increases the security of user accounts.
C
Explanation:
Enforcing a minimum password length and complexity requirements is considered a best practice for password policies. This helps to ensure that passwords are not easily guessable and increases the security of user accounts.