Practice Free 100-160 Exam Online Questions
Question #51
Which security feature provides network segmentation by creating virtual networks?
- A . VLANs
- B . VLANs
- C . Intrusion Prevention System (IPS)
- D . Virtual Private Network (VPN)
Correct Answer: A
A
Explanation:
Option 1: Correct, VLANs (Virtual Local Area Networks) provide network segmentation by creating virtual networks, allowing different groups of devices to be logically separated on the same physical network.
Option 2: Incorrect, Firewalls are designed to monitor and filter network traffic based on predetermined security rules, but they do not provide network segmentation by creating virtual networks.
Option 3: Incorrect, An Intrusion Prevention System (IPS) is a security appliance or software that monitors network traffic for suspicious activity and takes action to prevent potential threats, but it does not provide network segmentation by creating virtual networks.
Option 4: Incorrect, A Virtual Private Network (VPN) is a secure tunnel between two or more devices, typically used to connect remote sites or allow remote users to access the private network. It does not provide network segmentation by creating virtual networks.
A
Explanation:
Option 1: Correct, VLANs (Virtual Local Area Networks) provide network segmentation by creating virtual networks, allowing different groups of devices to be logically separated on the same physical network.
Option 2: Incorrect, Firewalls are designed to monitor and filter network traffic based on predetermined security rules, but they do not provide network segmentation by creating virtual networks.
Option 3: Incorrect, An Intrusion Prevention System (IPS) is a security appliance or software that monitors network traffic for suspicious activity and takes action to prevent potential threats, but it does not provide network segmentation by creating virtual networks.
Option 4: Incorrect, A Virtual Private Network (VPN) is a secure tunnel between two or more devices, typically used to connect remote sites or allow remote users to access the private network. It does not provide network segmentation by creating virtual networks.
Question #52
Which of the following updates is responsible for ensuring proper communication between hardware devices and the operating system?
- A . Device drivers
- B . Windows Update
- C . Application updates
- D . Firmware updates
Correct Answer: A
A
Explanation:
Device drivers are software programs that facilitate communication between hardware devices (such as printers, graphics cards, or network adapters) and the operating system. Updating device drivers is important as it can enhance compatibility, performance, and resolve known issues or security vulnerabilities.
A
Explanation:
Device drivers are software programs that facilitate communication between hardware devices (such as printers, graphics cards, or network adapters) and the operating system. Updating device drivers is important as it can enhance compatibility, performance, and resolve known issues or security vulnerabilities.
Question #53
Which of the following is a best practice for managing security policies and procedures?
- A . Implementing a regular review process for security policies
- B . Relying solely on default security settings
- C . Allowing users to create and manage their own security policies
- D . Not documenting the security policies and procedures
Correct Answer: A
A
Explanation:
Option 1: Correct: Implementing a regular review process for security policies ensures that they are up-to-date and aligned with the organization’s current security needs.
Option 2: Incorrect: Relying solely on default security settings is not a best practice as default settings may not provide adequate protection and may not be appropriate for the organization’s specific needs.
Option 3: Incorrect: Allowing users to create and manage their own security policies can lead to inconsistencies, lack of control, and potential security vulnerabilities.
Option 4: Incorrect: Not documenting the security policies and procedures makes it difficult to enforce and communicate these policies to employees.
A
Explanation:
Option 1: Correct: Implementing a regular review process for security policies ensures that they are up-to-date and aligned with the organization’s current security needs.
Option 2: Incorrect: Relying solely on default security settings is not a best practice as default settings may not provide adequate protection and may not be appropriate for the organization’s specific needs.
Option 3: Incorrect: Allowing users to create and manage their own security policies can lead to inconsistencies, lack of control, and potential security vulnerabilities.
Option 4: Incorrect: Not documenting the security policies and procedures makes it difficult to enforce and communicate these policies to employees.
Question #54
What is the purpose of a firewall in a network security infrastructure?
- A . To authenticate users and control access to a network.
- B . To encrypt data transmitted over the network.
- C . To monitor and filter incoming and outgoing network traffic.
- D . To protect against hardware failures and provide redundancy.
Correct Answer: C
C
Explanation:
A firewall is a network security device that monitors and filters network traffic based on a set of predefined rules. It acts as a barrier between an internal network and external networks, allowing or blocking traffic based on specific criteria, such as source IP address, destination port, protocol, etc.
C
Explanation:
A firewall is a network security device that monitors and filters network traffic based on a set of predefined rules. It acts as a barrier between an internal network and external networks, allowing or blocking traffic based on specific criteria, such as source IP address, destination port, protocol, etc.
Question #55
What is an Advanced Persistent Threat (APT)?
- A . A vulnerability in network communication protocols.
- B . A cyberattack that compromises multiple devices simultaneously.
- C . A sophisticated and targeted attack that aims to gain unauthorized access and maintain persistence over a long period.
- D . A type of malware that spreads rapidly through a network.
Correct Answer: C
C
Explanation:
Advanced Persistent Threats (APTs) are stealthy and prolonged attacks targeted at specific organizations or entities. APTs typically employ sophisticated techniques, including social engineering and zero-day exploits. The primary objectives of APTs are to gain unauthorized access, maintain persistence within the target network or system, and conduct reconnaissance or exfiltrate sensitive data without being detected for an extended period of time.
C
Explanation:
Advanced Persistent Threats (APTs) are stealthy and prolonged attacks targeted at specific organizations or entities. APTs typically employ sophisticated techniques, including social engineering and zero-day exploits. The primary objectives of APTs are to gain unauthorized access, maintain persistence within the target network or system, and conduct reconnaissance or exfiltrate sensitive data without being detected for an extended period of time.
Question #56
Which of the following scanning techniques is considered non-intrusive?
- A . Port scanning
- B . Network mapping
- C . Vulnerability scanning
- D . Penetration testing
Correct Answer: B
B
Explanation:
Network mapping is a non-intrusive scanning technique used to discover and gather information about network devices, their IP addresses, and their interconnections. It focuses on identifying the network topology and does not involve actively examining the vulnerabilities or attempting to exploit them. Network mapping is primarily used for network documentation, planning, and troubleshooting purposes.
B
Explanation:
Network mapping is a non-intrusive scanning technique used to discover and gather information about network devices, their IP addresses, and their interconnections. It focuses on identifying the network topology and does not involve actively examining the vulnerabilities or attempting to exploit them. Network mapping is primarily used for network documentation, planning, and troubleshooting purposes.
Question #57
During a change management assessment, what should be evaluated?
- A . The level of user acceptance and satisfaction with the changes
- B . The impact of proposed changes on system functionality
- C . The effectiveness of the change management process
- D . All of the above
Correct Answer: D
D
Explanation:
During a change management assessment, multiple aspects should be evaluated. Firstly, the impact of proposed changes on system functionality needs to be assessed to ensure that the changes do not negatively affect the overall performance or stability of the system. Secondly, the level of user acceptance and satisfaction with the changes should be evaluated to determine the effectiveness of the change management process and whether it meets the needs and expectations of the users. Assessing these aspects helps in identifying any areas that require improvement. Therefore, all the options mentioned in the
D
Explanation:
During a change management assessment, multiple aspects should be evaluated. Firstly, the impact of proposed changes on system functionality needs to be assessed to ensure that the changes do not negatively affect the overall performance or stability of the system. Secondly, the level of user acceptance and satisfaction with the changes should be evaluated to determine the effectiveness of the change management process and whether it meets the needs and expectations of the users. Assessing these aspects helps in identifying any areas that require improvement. Therefore, all the options mentioned in the
Question #58
What is one of the main objectives of documenting cybersecurity incidents?
- A . To create a historical record of incidents for legal purposes
- B . To assign blame to individuals responsible for the incident
- C . To minimize the impact of cyber attacks
- D . To divert attention from the incident
Correct Answer: C
C
Explanation:
Documenting cybersecurity incidents helps organizations understand the nature, extent, and impact of the incident. By documenting incidents, organizations can analyze trends, develop strategies to prevent future incidents, and minimize the impact of cyber attacks.
C
Explanation:
Documenting cybersecurity incidents helps organizations understand the nature, extent, and impact of the incident. By documenting incidents, organizations can analyze trends, develop strategies to prevent future incidents, and minimize the impact of cyber attacks.
Question #59
Which of the following refers to a list of all hardware components installed on an endpoint system?
- A . Configuration inventory
- B . Hardware inventory
- C . Software inventory
- D . Firmware inventory
Correct Answer: B
B
Explanation:
Hardware inventory refers to a comprehensive list of all hardware components installed on an endpoint system. This includes information about the CPU, memory, storage devices, network adapters, and any other hardware components.
B
Explanation:
Hardware inventory refers to a comprehensive list of all hardware components installed on an endpoint system. This includes information about the CPU, memory, storage devices, network adapters, and any other hardware components.
Question #60
Which of the following is an integral part of the CIA triad in cybersecurity?
- A . Data loss prevention (DLP)
- B . Two-factor authentication (2FA)
- C . Intrusion Detection System (IDS)
- D . Firewall
Correct Answer: B
B
Explanation:
The CIA triad in cybersecurity stands for confidentiality, integrity, and availability. Two-factor authentication (2FA) ensures confidentiality by adding an extra layer of security, requiring users to provide two forms of authentication before gaining access. It helps protect against unauthorized access and adds an additional level of assurance for ensuring data confidentiality.
B
Explanation:
The CIA triad in cybersecurity stands for confidentiality, integrity, and availability. Two-factor authentication (2FA) ensures confidentiality by adding an extra layer of security, requiring users to provide two forms of authentication before gaining access. It helps protect against unauthorized access and adds an additional level of assurance for ensuring data confidentiality.