Practice Free 100-160 Exam Online Questions
Question #101
Which of the following is a principle of data security?
- A . Encryption
- B . Firewall
- C . Intrusion Detection System
- D . Data Masking
Correct Answer: A
A
Explanation:
Option 1: Correct. Encryption is a principle of data security that involves converting data into a form that is unreadable by unauthorized users. This helps protect the confidentiality of data.
Option 2: Incorrect. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. While it plays a role in data security, it is not a principle of data security.
Option 3: Incorrect. An Intrusion Detection System (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports. While it plays a role in data security, it is not a principle of data security.
Option 4: Incorrect. Data masking is a technique that replaces sensitive data with fictitious data to protect the privacy of data. While it plays a role in data security, it is not a principle of data security.
A
Explanation:
Option 1: Correct. Encryption is a principle of data security that involves converting data into a form that is unreadable by unauthorized users. This helps protect the confidentiality of data.
Option 2: Incorrect. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. While it plays a role in data security, it is not a principle of data security.
Option 3: Incorrect. An Intrusion Detection System (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports. While it plays a role in data security, it is not a principle of data security.
Option 4: Incorrect. Data masking is a technique that replaces sensitive data with fictitious data to protect the privacy of data. While it plays a role in data security, it is not a principle of data security.
Question #102
An administrator wants to ensure that any files downloaded from the internet are automatically scanned for malicious code before execution.
Which security control should be implemented?
- A . Host-based firewall
- B . Anti-malware with real-time protection
- C . VPN client
- D . Patch management system
Correct Answer: B
B
Explanation:
According to the CCST Cybersecurity course, anti-malware solutions with real-time protection scan files as they are downloaded or opened, blocking malicious code before it runs.
"Real-time protection automatically inspects files, applications, and scripts as they are accessed or downloaded, preventing execution of malicious code."
(CCST Cybersecurity, Endpoint Security Concepts, Malware Protection section, Cisco Networking Academy)
B
Explanation:
According to the CCST Cybersecurity course, anti-malware solutions with real-time protection scan files as they are downloaded or opened, blocking malicious code before it runs.
"Real-time protection automatically inspects files, applications, and scripts as they are accessed or downloaded, preventing execution of malicious code."
(CCST Cybersecurity, Endpoint Security Concepts, Malware Protection section, Cisco Networking Academy)
Question #103
Which level of risk category would be associated with a vulnerability that has the potential to cause minor financial loss or impact?
- A . High risk
- B . Low risk
- C . Extremely high risk
- D . Medium risk
Correct Answer: B
B
Explanation:
A vulnerability that has the potential to cause minor financial loss or impact would be categorized as a low-risk level. Low-risk vulnerabilities pose a relatively smaller threat to an organization’s assets, systems, or data. While they should not be ignored, low-risk vulnerabilities typically require less immediate attention and resources to mitigate.
B
Explanation:
A vulnerability that has the potential to cause minor financial loss or impact would be categorized as a low-risk level. Low-risk vulnerabilities pose a relatively smaller threat to an organization’s assets, systems, or data. While they should not be ignored, low-risk vulnerabilities typically require less immediate attention and resources to mitigate.
Question #104
Which of the following is a feature of cloud computing?
- A . On-premises hosting
- B . Hardware provisioning
- C . Data encryption
- D . Physical server maintenance
Correct Answer: C
C
Explanation:
Option 1: Incorrect. On-premises hosting refers to hosting applications and data on local servers within an organization’s physical infrastructure. It is not a feature of cloud computing.
Option 2: Incorrect. Hardware provisioning is the process of setting up and configuring the physical infrastructure required to run applications and store data. While this is an important aspect of cloud computing, it is not a specific feature of cloud computing.
Option 3: Correct. Data encryption is a feature of cloud computing that ensures the security and confidentiality of data stored and transmitted within the cloud. It protects sensitive information from unauthorized access.
Option 4: Incorrect. Physical server maintenance involves activities such as hardware repairs, upgrades, and maintenance tasks associated with physical servers. While these tasks are necessary for managing an on-premises infrastructure, they are not specific features of cloud computing.
C
Explanation:
Option 1: Incorrect. On-premises hosting refers to hosting applications and data on local servers within an organization’s physical infrastructure. It is not a feature of cloud computing.
Option 2: Incorrect. Hardware provisioning is the process of setting up and configuring the physical infrastructure required to run applications and store data. While this is an important aspect of cloud computing, it is not a specific feature of cloud computing.
Option 3: Correct. Data encryption is a feature of cloud computing that ensures the security and confidentiality of data stored and transmitted within the cloud. It protects sensitive information from unauthorized access.
Option 4: Incorrect. Physical server maintenance involves activities such as hardware repairs, upgrades, and maintenance tasks associated with physical servers. While these tasks are necessary for managing an on-premises infrastructure, they are not specific features of cloud computing.
Question #105
Which of the following operating systems includes a built-in antivirus software called Windows Defender?
- A . Windows
- B . macOS
- C . Linux
- D . Windows and macOS
Correct Answer: A
A
Explanation:
Windows operating system includes a built-in antivirus software called Windows Defender. It provides real-time protection against various types of malware, including viruses, spyware, and ransomware. Windows Defender is automatically enabled and updated on Windows computers to help keep the system secure. Note: macOS and Linux operating systems have their own security features, but they do not include Windows Defender. macOS has a built-in security tool called XProtect, which provides some protection against malware, and Linux offers various security features such as SELinux (Security-Enhanced Linux) and AppArmor.
A
Explanation:
Windows operating system includes a built-in antivirus software called Windows Defender. It provides real-time protection against various types of malware, including viruses, spyware, and ransomware. Windows Defender is automatically enabled and updated on Windows computers to help keep the system secure. Note: macOS and Linux operating systems have their own security features, but they do not include Windows Defender. macOS has a built-in security tool called XProtect, which provides some protection against malware, and Linux offers various security features such as SELinux (Security-Enhanced Linux) and AppArmor.
Question #106
Which of the following is a security best practice for securing data in the cloud?
- A . Storing sensitive data in clear text
- B . Implementing multi-factor authentication
- C . Allowing unrestricted access to data
- D . Using weak passwords
Correct Answer: B
B
Explanation:
Option 1: Incorrect. Storing sensitive data in clear text is not a security best practice. It leaves the data vulnerable to unauthorized access and breaches.
Option 2: Correct. Implementing multi-factor authentication is a security best practice for securing data in the cloud. This adds an extra layer of protection by requiring users to provide additional verification beyond just a password.
Option 3: Incorrect. Allowing unrestricted access to data is not a security best practice. Access to data should be properly controlled and limited to authorized individuals or groups.
Option 4: Incorrect. Using weak passwords is not a security best practice. Strong and complex passwords should be used to prevent unauthorized access to data.
B
Explanation:
Option 1: Incorrect. Storing sensitive data in clear text is not a security best practice. It leaves the data vulnerable to unauthorized access and breaches.
Option 2: Correct. Implementing multi-factor authentication is a security best practice for securing data in the cloud. This adds an extra layer of protection by requiring users to provide additional verification beyond just a password.
Option 3: Incorrect. Allowing unrestricted access to data is not a security best practice. Access to data should be properly controlled and limited to authorized individuals or groups.
Option 4: Incorrect. Using weak passwords is not a security best practice. Strong and complex passwords should be used to prevent unauthorized access to data.
Question #107
Which of the following is an example of a secure remote access technology?
- A . SNMP
- B . SSH
- C . Telnet
- D . FTP
Correct Answer: B
B
Explanation:
SSH (Secure Shell) is a secure remote access protocol that provides encrypted communication between remote devices. Unlike Telnet, which transmits data in plaintext, SSH encrypts the data, making it more secure for remote access to devices or systems. FTP (File Transfer Protocol) and SNMP (Simple Network Management Protocol) are not specifically designed for remote access and do not provide the same level of security as SSH.
B
Explanation:
SSH (Secure Shell) is a secure remote access protocol that provides encrypted communication between remote devices. Unlike Telnet, which transmits data in plaintext, SSH encrypts the data, making it more secure for remote access to devices or systems. FTP (File Transfer Protocol) and SNMP (Simple Network Management Protocol) are not specifically designed for remote access and do not provide the same level of security as SSH.
Question #108
What does Network Access Control (NAC) refer to in cybersecurity?
- A . To authenticate users before granting them access
- B . To encrypt traffic between two networks
- C . To monitor network traffic for potential security threats
- D . To filter network traffic based on predefined rules
Correct Answer: A
A
Explanation:
Network Access Control (NAC) is a cybersecurity approach that focuses on ensuring that only authorized users and devices are granted access to a network. NAC systems typically involve authentication mechanisms, such as username and password combinations, digital certificates, or biometric authentication, to verify the identity of users before permitting network access. By implementing NAC, organizations can enforce access control policies, prevent unauthorized access, and mitigate security risks.
A
Explanation:
Network Access Control (NAC) is a cybersecurity approach that focuses on ensuring that only authorized users and devices are granted access to a network. NAC systems typically involve authentication mechanisms, such as username and password combinations, digital certificates, or biometric authentication, to verify the identity of users before permitting network access. By implementing NAC, organizations can enforce access control policies, prevent unauthorized access, and mitigate security risks.