Practice Free 100-160 Exam Online Questions
Question #61
What is the primary purpose of a VPN (Virtual Private Network)?
- A . To encrypt email communications
- B . To secure wireless network connections
- C . To establish a secure remote connection over a public network
- D . To protect against malware attacks
Correct Answer: C
C
Explanation:
A VPN is designed to provide secure, encrypted communication over a public network such as the internet. Its primary purpose is to establish a secure and private connection between two endpoints, allowing remote users to access resources on a private network as if they were directly connected to it. This helps protect sensitive data and communications from interception by unauthorized individuals.
C
Explanation:
A VPN is designed to provide secure, encrypted communication over a public network such as the internet. Its primary purpose is to establish a secure and private connection between two endpoints, allowing remote users to access resources on a private network as if they were directly connected to it. This helps protect sensitive data and communications from interception by unauthorized individuals.
Question #62
Which of the following practices help in preserving the physical integrity of digital evidence?
- A . Storing the evidence in a cold, damp environment.
- B . Cleaning the evidence using chemical solvents.
- C . Using non-conductive gloves when handling the evidence.
- D . Leaving the evidence exposed to natural light.
Correct Answer: C
C
Explanation:
Preserving the physical integrity of digital evidence is essential to prevent contamination or damage. Using non-conductive gloves is one such practice as it prevents the transfer of oils, dirt, or other substances that could potentially damage or alter the evidence. This helps to maintain the integrity of the evidence and ensures that any potential traces or fingerprints left on the evidence are not compromised.
C
Explanation:
Preserving the physical integrity of digital evidence is essential to prevent contamination or damage. Using non-conductive gloves is one such practice as it prevents the transfer of oils, dirt, or other substances that could potentially damage or alter the evidence. This helps to maintain the integrity of the evidence and ensures that any potential traces or fingerprints left on the evidence are not compromised.
Question #63
Which feature allows endpoints to communicate directly with each other, bypassing the network?
- A . Firewall
- B . IPS
- C . VPN
- D . Peer-to-Peer
Correct Answer: D
D
Explanation:
Option 1: Incorrect. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules.
Option 2: Incorrect. An IPS (Intrusion Prevention System) is a network security device that monitors network traffic for malicious activity and takes immediate action to prevent attacks.
Option 3: Incorrect. A VPN (Virtual Private Network) is a secure connection between two or more endpoints over a public network, providing encryption and privacy for data communication.
Option 4: Correct. Peer-to-peer (P2P) is a decentralized communication model where endpoints can directly communicate with each other without the need for a central server or network infrastructure.
D
Explanation:
Option 1: Incorrect. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules.
Option 2: Incorrect. An IPS (Intrusion Prevention System) is a network security device that monitors network traffic for malicious activity and takes immediate action to prevent attacks.
Option 3: Incorrect. A VPN (Virtual Private Network) is a secure connection between two or more endpoints over a public network, providing encryption and privacy for data communication.
Option 4: Correct. Peer-to-peer (P2P) is a decentralized communication model where endpoints can directly communicate with each other without the need for a central server or network infrastructure.
Question #64
What is the main purpose of a disaster recovery plan as compared to a business continuity plan?
- A . Limiting operational downtime.
- B . Keeping the business open in some capacity during a disaster.
- C . Restoring data access and an IT infrastructure as quickly as possible.
- D . Allowing staff to continue to serve customers throughout a disaster.
Correct Answer: C
C
Explanation:
The CCST Cybersecurity Study Guide distinguishes between Disaster Recovery Plans (DRP) and
Business Continuity Plans (BCP):
A BCP focuses on keeping the business running during a disruption.
A DRP focuses on restoring IT services and data after a disaster has occurred.
"A disaster recovery plan outlines procedures for restoring data and critical IT infrastructure to operational status following a disruptive incident. The goal is to resume normal IT operations as quickly as possible."
(CCST Cybersecurity, Essential Security Principles, Business Continuity and Disaster Recovery section, Cisco Networking Academy)
A is a general effect of both BCP and DRP.
B and D describe business continuity, not disaster recovery.
C is correct: DRP’s main purpose is restoring IT systems and data quickly after disruption
C
Explanation:
The CCST Cybersecurity Study Guide distinguishes between Disaster Recovery Plans (DRP) and
Business Continuity Plans (BCP):
A BCP focuses on keeping the business running during a disruption.
A DRP focuses on restoring IT services and data after a disaster has occurred.
"A disaster recovery plan outlines procedures for restoring data and critical IT infrastructure to operational status following a disruptive incident. The goal is to resume normal IT operations as quickly as possible."
(CCST Cybersecurity, Essential Security Principles, Business Continuity and Disaster Recovery section, Cisco Networking Academy)
A is a general effect of both BCP and DRP.
B and D describe business continuity, not disaster recovery.
C is correct: DRP’s main purpose is restoring IT systems and data quickly after disruption
Question #65
Which of the following activities is typically associated with reconnaissance in cybersecurity?
- A . Preventing unauthorized access
- B . Exploiting vulnerabilities
- C . Gathering information about the target network
- D . Identifying vulnerable systems
Correct Answer: C
C
Explanation:
Reconnaissance in cybersecurity involves gathering information about the target network, such as IP addresses, open ports, and potential vulnerabilities. This information is used to prepare for a potential attack by understanding the target’s infrastructure and weaknesses.
C
Explanation:
Reconnaissance in cybersecurity involves gathering information about the target network, such as IP addresses, open ports, and potential vulnerabilities. This information is used to prepare for a potential attack by understanding the target’s infrastructure and weaknesses.
Question #66
What is the role of policies in vulnerability assessment?
- A . They determine the frequency of vulnerability assessments.
- B . They specify the criteria for prioritizing vulnerabilities.
- C . They define the rules and guidelines for vulnerability scanning.
- D . They outline the consequences of not fixing vulnerabilities.
Correct Answer: C
C
Explanation:
Policies play a crucial role in vulnerability assessment by defining the rules and guidelines for conducting vulnerability scanning activities. These policies ensure consistency and provide direction on how to
approach vulnerability assessments, including the scope, methodology, and frequency of the assessments.
C
Explanation:
Policies play a crucial role in vulnerability assessment by defining the rules and guidelines for conducting vulnerability scanning activities. These policies ensure consistency and provide direction on how to
approach vulnerability assessments, including the scope, methodology, and frequency of the assessments.
Question #67
Which of the following is a key element of management in cybersecurity?
- A . Network vulnerability scanning
- B . Firewall configuration
- C . Incident response planning
- D . Intrusion detection system deployment
Correct Answer: C
C
Explanation:
Incident response planning is a critical component of management in cybersecurity. It involves developing a detailed plan to identify, respond to, and recover from security incidents. This ensures that any security breaches or attacks are handled effectively, minimizing the impact on the organization’s systems and data.
C
Explanation:
Incident response planning is a critical component of management in cybersecurity. It involves developing a detailed plan to identify, respond to, and recover from security incidents. This ensures that any security breaches or attacks are handled effectively, minimizing the impact on the organization’s systems and data.
Question #68
Which of the following is an example of an active vulnerability mitigation technique?
- A . Log monitoring
- B . Security awareness training
- C . Network segmentation
- D . Intrusion prevention system (IPS)
Correct Answer: D
D
Explanation:
An intrusion prevention system (IPS) is an active vulnerability mitigation technique that sits in-line with network traffic and actively monitors for and blocks suspicious or malicious activities. It helps to prevent potential vulnerabilities from being exploited by detecting and blocking malicious network traffic.
D
Explanation:
An intrusion prevention system (IPS) is an active vulnerability mitigation technique that sits in-line with network traffic and actively monitors for and blocks suspicious or malicious activities. It helps to prevent potential vulnerabilities from being exploited by detecting and blocking malicious network traffic.
Question #69
Which technology is commonly used to monitor network data and identify security incidents?
- A . SIEM (Security Information and Event Management)
- B . IDS (Intrusion Detection System)
- C . SOAR (Security Orchestration, Automation, and Response)
- D . Firewall
Correct Answer: A
A
Explanation:
SIEM is a technology that focuses on monitoring network data to identify security incidents. It collects and analyzes security event logs from various sources, such as firewalls, intrusion detection systems (IDS), and antivirus software, to identify abnormal behavior or potential security incidents. SIEM solutions provide real-time monitoring, correlation, and alerting capabilities, enabling organizations to effectively detect and respond to security threats.
A
Explanation:
SIEM is a technology that focuses on monitoring network data to identify security incidents. It collects and analyzes security event logs from various sources, such as firewalls, intrusion detection systems (IDS), and antivirus software, to identify abnormal behavior or potential security incidents. SIEM solutions provide real-time monitoring, correlation, and alerting capabilities, enabling organizations to effectively detect and respond to security threats.
Question #70
Which endpoint security mechanism is used to secure data transmitted between the endpoint and the
network?
- A . Firewall
- B . Antivirus
- C . Encryption
- D . Intrusion Detection System (IDS)
Correct Answer: C
C
Explanation:
Encryption is the mechanism used to secure data transmitted between the endpoint and the network. By encrypting the data, it becomes unreadable to unauthorized parties, ensuring the confidentiality and integrity of the information being transmitted. Encryption transforms the data into a ciphertext, which can only be decrypted back into its original form using the proper encryption key. This helps protect sensitive and confidential data from interception and unauthorized access during transmission over the network.
C
Explanation:
Encryption is the mechanism used to secure data transmitted between the endpoint and the network. By encrypting the data, it becomes unreadable to unauthorized parties, ensuring the confidentiality and integrity of the information being transmitted. Encryption transforms the data into a ciphertext, which can only be decrypted back into its original form using the proper encryption key. This helps protect sensitive and confidential data from interception and unauthorized access during transmission over the network.