Page 1 of 100
Network Defense Essentials (NDE)
Exam Latest Version: 6.0 Practice Exam
Newest 2026
Q1. Which of the following best describes the primary goal of
the confidentiality principle in network defense?
A) Ensuring systems are always available to authorized users
B) Preventing unauthorized disclosure of sensitive information
C) Verifying the integrity of transmitted data
D) Authenticating users before granting access
Answer: B
Rationale: Confidentiality ensures that sensitive information is not
disclosed to unauthorized individuals, entities, or processes. While
authentication (D) and availability (A) are important security
,Page 2 of 100
goals, they are distinct from confidentiality. Integrity (C) focuses
on protecting data from unauthorized modification .
Q2. A network defender is implementing a defense-in-depth
strategy. Which statement correctly describes this approach?
A) Relying on a single, strong perimeter firewall to block all
threats
B) Using multiple layers of security controls throughout the IT
infrastructure
C) Focusing exclusively on endpoint protection for all devices
D) Implementing only physical security measures to protect
network assets
Answer: B
Rationale: Defense-in-depth employs overlapping layers of
security (administrative, physical, technical) so that if one layer
fails, others continue to provide protection. Relying on a single
,Page 3 of 100
firewall (A) or only endpoint protection (C) violates the layered
principle, and physical security alone (D) is insufficient .
Q3. A company's web server is receiving thousands of
requests per second from multiple sources, making the
website inaccessible to legitimate users. What type of attack is
occurring?
A) SQL injection
B) Distributed Denial of Service (DDoS)
C) Man-in-the-Middle (MITM)
D) Phishing
Answer: B
Rationale: A DDoS attack floods a target with traffic from
multiple sources, overwhelming its resources and preventing
legitimate access. SQL injection (A) targets databases, MITM (C)
, Page 4 of 100
intercepts communications, and phishing (D) is a social
engineering attack .
Q4. Sarah, a security auditor, wants to ensure that data
remains unaltered during transit over the corporate network.
Which security principle is she primarily concerned with?
A) Confidentiality
B) Integrity
C) Availability
D) Authentication
Answer: B
Rationale: Integrity ensures that data is not modified by
unauthorized parties and that any unauthorized modifications
are detectable. Confidentiality (A) concerns secrecy, availability
(C) concerns uptime, and authentication (D) concerns identity
verification .
Network Defense Essentials (NDE)
Exam Latest Version: 6.0 Practice Exam
Newest 2026
Q1. Which of the following best describes the primary goal of
the confidentiality principle in network defense?
A) Ensuring systems are always available to authorized users
B) Preventing unauthorized disclosure of sensitive information
C) Verifying the integrity of transmitted data
D) Authenticating users before granting access
Answer: B
Rationale: Confidentiality ensures that sensitive information is not
disclosed to unauthorized individuals, entities, or processes. While
authentication (D) and availability (A) are important security
,Page 2 of 100
goals, they are distinct from confidentiality. Integrity (C) focuses
on protecting data from unauthorized modification .
Q2. A network defender is implementing a defense-in-depth
strategy. Which statement correctly describes this approach?
A) Relying on a single, strong perimeter firewall to block all
threats
B) Using multiple layers of security controls throughout the IT
infrastructure
C) Focusing exclusively on endpoint protection for all devices
D) Implementing only physical security measures to protect
network assets
Answer: B
Rationale: Defense-in-depth employs overlapping layers of
security (administrative, physical, technical) so that if one layer
fails, others continue to provide protection. Relying on a single
,Page 3 of 100
firewall (A) or only endpoint protection (C) violates the layered
principle, and physical security alone (D) is insufficient .
Q3. A company's web server is receiving thousands of
requests per second from multiple sources, making the
website inaccessible to legitimate users. What type of attack is
occurring?
A) SQL injection
B) Distributed Denial of Service (DDoS)
C) Man-in-the-Middle (MITM)
D) Phishing
Answer: B
Rationale: A DDoS attack floods a target with traffic from
multiple sources, overwhelming its resources and preventing
legitimate access. SQL injection (A) targets databases, MITM (C)
, Page 4 of 100
intercepts communications, and phishing (D) is a social
engineering attack .
Q4. Sarah, a security auditor, wants to ensure that data
remains unaltered during transit over the corporate network.
Which security principle is she primarily concerned with?
A) Confidentiality
B) Integrity
C) Availability
D) Authentication
Answer: B
Rationale: Integrity ensures that data is not modified by
unauthorized parties and that any unauthorized modifications
are detectable. Confidentiality (A) concerns secrecy, availability
(C) concerns uptime, and authentication (D) concerns identity
verification .
