Practice Free 100-160 Exam Online Questions
Question #21
Which command-line tool is used to query DNS records and obtain information about domain names?
- A . traceroute
- B . nslookup
- C . tcpdump
- D . netstat
Correct Answer: B
B
Explanation:
The correct command-line tool for querying DNS records and obtaining information about domain names is nslookup. It can be used to check the security assessment information related to DNS configurations, verify the correct mapping of domain names to IP addresses, and troubleshoot any DNS-related issues.
B
Explanation:
The correct command-line tool for querying DNS records and obtaining information about domain names is nslookup. It can be used to check the security assessment information related to DNS configurations, verify the correct mapping of domain names to IP addresses, and troubleshoot any DNS-related issues.
Question #22
What does hardening mean in the context of cybersecurity?
- A . Removing all vulnerabilities from a system or network
- B . Implementing cybersecurity policies and regulations
- C . Creating a backup of critical data and configurations
- D . Making a system more resistant to threats and attacks
Correct Answer: D
D
Explanation:
Hardening refers to the process of securing a system by reducing its vulnerability to potential threats and attacks. It involves implementing security best practices, such as disabling unnecessary services, applying patches and updates, configuring access controls, strengthening passwords, and employing additional security measures like firewalls or intrusion detection systems. Hardening helps ensure systems are less susceptible to exploitation.
D
Explanation:
Hardening refers to the process of securing a system by reducing its vulnerability to potential threats and attacks. It involves implementing security best practices, such as disabling unnecessary services, applying patches and updates, configuring access controls, strengthening passwords, and employing additional security measures like firewalls or intrusion detection systems. Hardening helps ensure systems are less susceptible to exploitation.
Question #23
Which of the following is a commonly used endpoint security solution?
- A . Encryption
- B . Intrusion Detection System (IDS)
- C . Firewall
- D . Antivirus
Correct Answer: D
D
Explanation:
Antivirus software is a commonly used endpoint security solution that protects endpoints, such as computers and mobile devices, from malware and other malicious threats. It scans files and programs for known patterns and signature-based detections to identify and eliminate viruses, worms, Trojans, and other types of malware.
D
Explanation:
Antivirus software is a commonly used endpoint security solution that protects endpoints, such as computers and mobile devices, from malware and other malicious threats. It scans files and programs for known patterns and signature-based detections to identify and eliminate viruses, worms, Trojans, and other types of malware.
Question #24
Which of the following represents a strong passphrase for securing a wireless SoHo network?
- A . 12345678
- B . P@ssword!
- C . CorrectHorseBatteryStaple
- D . jumpr0pe
Correct Answer: C
C
Explanation:
A strong passphrase should be long, include a combination of uppercase and lowercase letters, numbers, and special characters. "CorrectHorseBatteryStaple" represents a strong passphrase as it is long and includes multiple words combined with special characters. Options A, B, and D are weak passphrases as they are either too short or do not contain a combination of the mentioned elements.
C
Explanation:
A strong passphrase should be long, include a combination of uppercase and lowercase letters, numbers, and special characters. "CorrectHorseBatteryStaple" represents a strong passphrase as it is long and includes multiple words combined with special characters. Options A, B, and D are weak passphrases as they are either too short or do not contain a combination of the mentioned elements.
Question #25
How does a honeypot enhance network security?
- A . It monitors network traffic and sends alerts when potential threats are detected.
- B . It acts as a decoy and diverts malicious traffic away from important systems.
- C . It isolates external-facing services from the Internet and protects them from attack.
- D . It detects and prevents identified threats through real-time packet inspection.
Correct Answer: B
B
Explanation:
According to the Cisco Certified Support Technician (CCST) Cybersecurity Study Guide, a honeypot is a security mechanism that appears to be a legitimate system or resource but is intentionally made vulnerable to attract attackers. Its purpose is not to serve legitimate users but to detect, study, and sometimes divert malicious activity.
"A honeypot is a decoy system or service designed to attract and engage attackers. By simulating a target of interest, it allows security teams to monitor attack methods, collect intelligence, and sometimes divert threats away from production systems. Honeypots do not prevent attacks but help in identifying them and understanding adversary tactics."
(CCST Cybersecurity, Basic Network Security Concepts, Honeypots and Honey Nets section, Cisco Networking Academy)
In this context:
Option A describes an IDS (Intrusion Detection System), not a honeypot.
Option C refers to a DMZ (Demilitarized Zone), not a honeypot.
Option D describes an IPS (Intrusion Prevention System).
Option B correctly identifies a honeypot’s role as a decoy to divert or engage attackers.
B
Explanation:
According to the Cisco Certified Support Technician (CCST) Cybersecurity Study Guide, a honeypot is a security mechanism that appears to be a legitimate system or resource but is intentionally made vulnerable to attract attackers. Its purpose is not to serve legitimate users but to detect, study, and sometimes divert malicious activity.
"A honeypot is a decoy system or service designed to attract and engage attackers. By simulating a target of interest, it allows security teams to monitor attack methods, collect intelligence, and sometimes divert threats away from production systems. Honeypots do not prevent attacks but help in identifying them and understanding adversary tactics."
(CCST Cybersecurity, Basic Network Security Concepts, Honeypots and Honey Nets section, Cisco Networking Academy)
In this context:
Option A describes an IDS (Intrusion Detection System), not a honeypot.
Option C refers to a DMZ (Demilitarized Zone), not a honeypot.
Option D describes an IPS (Intrusion Prevention System).
Option B correctly identifies a honeypot’s role as a decoy to divert or engage attackers.
Question #26
Which of the following best describes an incident handler’s primary responsibility during the incident handling process?
- A . Collecting evidence to support legal actions
- B . Assessing the root cause of the incident
- C . Restoring affected systems to their normal operations
- D . Implementing preventive measures to avoid future incidents
Correct Answer: C
C
Explanation:
The primary responsibility of an incident handler during the incident handling process is to restore affected systems to their normal operations. While collecting evidence, assessing the root cause, and implementing preventive measures are also important tasks, the immediate focus should be on reducing the impact of the incident and restoring normal functionality to minimize downtime and disruption.
C
Explanation:
The primary responsibility of an incident handler during the incident handling process is to restore affected systems to their normal operations. While collecting evidence, assessing the root cause, and implementing preventive measures are also important tasks, the immediate focus should be on reducing the impact of the incident and restoring normal functionality to minimize downtime and disruption.
Question #27
What is encryption?
- A . A process of converting plaintext into binary code to enhance data accessibility
- B . A process of converting binary code into plaintext to improve data reliability
- C . A process of converting plaintext into ciphertext to protect data confidentiality
- D . A process of converting ciphertext into plaintext to secure data integrity
Correct Answer: C
C
Explanation:
Encryption is the process of converting plaintext (original data) into a coded or unreadable format known as ciphertext. This ensures that if the data is intercepted or accessed by unauthorized individuals, they would not be able to understand the information without the appropriate decryption key. Encryption is used to protect the confidentiality and privacy of sensitive data during transmission or storage.
C
Explanation:
Encryption is the process of converting plaintext (original data) into a coded or unreadable format known as ciphertext. This ensures that if the data is intercepted or accessed by unauthorized individuals, they would not be able to understand the information without the appropriate decryption key. Encryption is used to protect the confidentiality and privacy of sensitive data during transmission or storage.
Question #28
Which of the following is a characteristic of a network-based firewall?
- A . Inspects and filters traffic at the application layer
- B . Operates at the data link layer
- C . Provides protection against external threats only
- D . Requires software installed on client devices
Correct Answer: C
C
Explanation:
Option 1: Incorrect. A network-based firewall inspects and filters traffic at the network layer, not the application layer.
Option 2: Incorrect. A network-based firewall operates at the network layer, not the data link layer.
Option 3: Correct. A network-based firewall provides protection against both external and internal threats.
Option 4: Incorrect. A network-based firewall does not require software installed on client devices.
C
Explanation:
Option 1: Incorrect. A network-based firewall inspects and filters traffic at the network layer, not the application layer.
Option 2: Incorrect. A network-based firewall operates at the network layer, not the data link layer.
Option 3: Correct. A network-based firewall provides protection against both external and internal threats.
Option 4: Incorrect. A network-based firewall does not require software installed on client devices.
Question #29
Which protocol is used to assign IP addresses to devices on a network?
- A . ICMP
- B . DHCP
- C . UDP
- D . TCP
Correct Answer: B
B
Explanation:
DHCP (Dynamic Host Configuration Protocol) is used to assign IP addresses dynamically to devices on a network. Instead of manually configuring IP addresses on each device, DHCP allows for automated IP address allocation, making network administration more efficient.
B
Explanation:
DHCP (Dynamic Host Configuration Protocol) is used to assign IP addresses dynamically to devices on a network. Instead of manually configuring IP addresses on each device, DHCP allows for automated IP address allocation, making network administration more efficient.
Question #30
Which of the following is NOT an essential security principle?
- A . Complexity
- B . Confidentiality
- C . Availability
- D . Integrity
Correct Answer: A
A
Explanation:
Complexity is not considered an essential security principle. The essential security principles are confidentiality, availability, and integrity. Confidentiality ensures that information is only accessible to authorized individuals or entities. It focuses on protecting sensitive data from unauthorized disclosure or access. Availability ensures that information and resources are accessible when needed. It emphasizes the need for systems and networks to be operational and usable, with minimal downtime or interruptions. Integrity ensures that information is accurate, complete, and unaltered. It focuses on maintaining the trustworthiness and reliability of data and preventing unauthorized modifications. Complexity, although important in certain areas of cybersecurity, is not considered an essential security principle on its own. It often relates to the design and implementation of security controls or measures, rather than being a fundamental principle.
A
Explanation:
Complexity is not considered an essential security principle. The essential security principles are confidentiality, availability, and integrity. Confidentiality ensures that information is only accessible to authorized individuals or entities. It focuses on protecting sensitive data from unauthorized disclosure or access. Availability ensures that information and resources are accessible when needed. It emphasizes the need for systems and networks to be operational and usable, with minimal downtime or interruptions. Integrity ensures that information is accurate, complete, and unaltered. It focuses on maintaining the trustworthiness and reliability of data and preventing unauthorized modifications. Complexity, although important in certain areas of cybersecurity, is not considered an essential security principle on its own. It often relates to the design and implementation of security controls or measures, rather than being a fundamental principle.