SANS 410 PRACTICE EXAMINATION 2026 QUESTIONS
WITH ANSWERS GRADED A+
● Which of the following types of privacy laws affect computer security? A. Any federal
privacy law B. Any privacy law C. Any privacy law applicable to your organization D.
Any state privacy law. Answer: B. Any privacy law
● Which of the following security resources offers a repository for detailed information
on virus outbreaks? A. SANS Institute B. F-Secure Corporation C. CERT D. Microsoft
Security TechCenter. Answer: B. F-Secure Corporation
● The most common term used to describe an inexperienced hacker is _____. A.
ethical hacker B. penetration tester C. black hat D. script kiddy. Answer: D. script kiddy
● Which of the following is used to ensure information integrity? A. Backups B. Digital
signatures C. Auditing D. Passwords. Answer: B. Digital signatures
● What is the name for a DoS defense that is dependent on sending back a hash code
to the client? A. Stack tweaking B. Server reflection C. SYN cookie D. RST cookie.
Answer: C. SYN cookie
● What type of attack is in progress as shown in the following figure? A. Ransomware
B. DoS C. MDoS D. DRDoS. Answer: D. DRDoS
● Which of the following is another term for ethical hacker? A. Creeker B. Cracker C.
Black hat D. Sneaker. Answer: D. Sneaker
● Which of the following types of hackers will report a vulnerability when they find it?
A. White hat B. Gray hat C. Green hat D. Black hat. Answer: A. White hat
● Are there any reasons not to take an extreme view of security, if that view errs on the
side of caution? A. Yes, it requires you to increase your security skills in order to
implement more rigorous defenses. B. No, there is no reason not to take such an
extreme view. C. Yes, it can lead to wasting resources on threats that are not likely. D.
Yes, if you are going to err, assume there are few if any real threats.. Answer: C. Yes, it
can lead to wasting resources on threats that are not likely.
WITH ANSWERS GRADED A+
● Which of the following types of privacy laws affect computer security? A. Any federal
privacy law B. Any privacy law C. Any privacy law applicable to your organization D.
Any state privacy law. Answer: B. Any privacy law
● Which of the following security resources offers a repository for detailed information
on virus outbreaks? A. SANS Institute B. F-Secure Corporation C. CERT D. Microsoft
Security TechCenter. Answer: B. F-Secure Corporation
● The most common term used to describe an inexperienced hacker is _____. A.
ethical hacker B. penetration tester C. black hat D. script kiddy. Answer: D. script kiddy
● Which of the following is used to ensure information integrity? A. Backups B. Digital
signatures C. Auditing D. Passwords. Answer: B. Digital signatures
● What is the name for a DoS defense that is dependent on sending back a hash code
to the client? A. Stack tweaking B. Server reflection C. SYN cookie D. RST cookie.
Answer: C. SYN cookie
● What type of attack is in progress as shown in the following figure? A. Ransomware
B. DoS C. MDoS D. DRDoS. Answer: D. DRDoS
● Which of the following is another term for ethical hacker? A. Creeker B. Cracker C.
Black hat D. Sneaker. Answer: D. Sneaker
● Which of the following types of hackers will report a vulnerability when they find it?
A. White hat B. Gray hat C. Green hat D. Black hat. Answer: A. White hat
● Are there any reasons not to take an extreme view of security, if that view errs on the
side of caution? A. Yes, it requires you to increase your security skills in order to
implement more rigorous defenses. B. No, there is no reason not to take such an
extreme view. C. Yes, it can lead to wasting resources on threats that are not likely. D.
Yes, if you are going to err, assume there are few if any real threats.. Answer: C. Yes, it
can lead to wasting resources on threats that are not likely.
