Cybersecurity Analyst (FedVTE) Practice Quiz 2022 with
complete solution
Which of the following is a common environmental reconnaissance task that is
performed to help gain insight on how an organization's networked systems are
connected, or mapping the network?
Topology Discovery
If an unexpected issue occurred during an application installation on a Windows
system, which of the following event log categories would be best to reference
for troubleshooting?
Not System or Security. Maybe Setup
The federal version of certification and accreditation guidance that applies to
departments and agencies within the Department of Defense is:
DIACAP
Which security mechanism can social engineering help bypass?
A. Intrusion Detection Systems
B. Firewalls
C. Domain Security Policies (No)
D. All of the Above
E. None of the Above
Which type of intrusion detection may terminate processes or redirect traffic
upon detection of a possible intrusion?
Active
Which of the following is a potential consequence of not limiting or protecting
communications during an incident?
All of the Above (Customer confidence may be negatively impacted, Competitors may
recognize weakness or advantage, Media may include information not intended for
release)
Which one of the following can be managed through group policies (GPO)?
All the Above (Authentication settings, Software installation and update, IPsec
connections)
What is used to record the order in which evidence was handled, by whom, and
the nature of the evidence handling?
Chain of custody
The procedure of developing controls as vulnerabilities are discovered to keep
them from being exploited is known as:
A. Change Control Management
B. Compensating Control Development
C. Vulnerability Control Patch
D. Remediation Control Development (No)
Which of the following are Windows event severity levels:
error, warning, information
Which of the following intrusion detection systems uses statistical analysis to
detect intrusions?
Anomaly
, Which one of the following is a use for Network Flow Data?
All of the Above (Attack identification and attribution such as DoS detection, Traffic
engineering such as a host analysis, Accounting to cross verify other sources)
Which of the following is an attacker most likely to use to attempt to view packets
containing data in clear text?
Wireshark
Packets from a computer outside the network are being dropped on the way to a
computer inside the network. Which of the following would be MOST useful to
determine the cause of this?
Firewall log
Using the Common Vulnerability Scoring System, CVSS, which of the following
indicators would be the most critical or severe finding?
10
Which of the following is used for moving traffic within individual VLANs?
VLAN Access Maps
The IP address and MAC address of a rogue device within the local network might
best be revealed by which of the following logs?
DHCP logs
Which type of analysis method combines machine learning algorithms and
statistical analyses to identify deviations from normal baseline user, system, or
network activities?
User and Entity Behavior Analytics
A high tolerance for risk requires higher, more frequent, vulnerability scanning.
False
At what layer of the TCP/IP model do devices such as ATM, switches, and bridges
operate, as well as protocols PPP and ARP?
Data-link
Which of the following describes when the claimed identity of a user is validated?
Authentication
Which of the following is an example of the security mitigation technique of
changing roles every couple of months?
Job rotation
Which layer of the TCP/IP model is equivalent to the Session, Presentation, and
Application layers of the OSI model?
Application
Which of the following are the six steps of an incident response plan?
A. Detect, Respond, Report, Recover, Remediate, Review
B. Discover, Review, Respond, Recover, Rectify, Report
C. Detect, Respond, Remediate, Recover, Review, Report
D. Detect, Respond, Report, Recover, Remediate, Review
Not A or C
The Open Web Application Security Project publishes the OWASP Top 10, which
summarizes feedback from the community in order to compile the Top 10
application vulnerabilities, including the associated risks, impacts, and
mitigations for each. What is the main reason a developer wouldn't solely rely on
this guidance?
complete solution
Which of the following is a common environmental reconnaissance task that is
performed to help gain insight on how an organization's networked systems are
connected, or mapping the network?
Topology Discovery
If an unexpected issue occurred during an application installation on a Windows
system, which of the following event log categories would be best to reference
for troubleshooting?
Not System or Security. Maybe Setup
The federal version of certification and accreditation guidance that applies to
departments and agencies within the Department of Defense is:
DIACAP
Which security mechanism can social engineering help bypass?
A. Intrusion Detection Systems
B. Firewalls
C. Domain Security Policies (No)
D. All of the Above
E. None of the Above
Which type of intrusion detection may terminate processes or redirect traffic
upon detection of a possible intrusion?
Active
Which of the following is a potential consequence of not limiting or protecting
communications during an incident?
All of the Above (Customer confidence may be negatively impacted, Competitors may
recognize weakness or advantage, Media may include information not intended for
release)
Which one of the following can be managed through group policies (GPO)?
All the Above (Authentication settings, Software installation and update, IPsec
connections)
What is used to record the order in which evidence was handled, by whom, and
the nature of the evidence handling?
Chain of custody
The procedure of developing controls as vulnerabilities are discovered to keep
them from being exploited is known as:
A. Change Control Management
B. Compensating Control Development
C. Vulnerability Control Patch
D. Remediation Control Development (No)
Which of the following are Windows event severity levels:
error, warning, information
Which of the following intrusion detection systems uses statistical analysis to
detect intrusions?
Anomaly
, Which one of the following is a use for Network Flow Data?
All of the Above (Attack identification and attribution such as DoS detection, Traffic
engineering such as a host analysis, Accounting to cross verify other sources)
Which of the following is an attacker most likely to use to attempt to view packets
containing data in clear text?
Wireshark
Packets from a computer outside the network are being dropped on the way to a
computer inside the network. Which of the following would be MOST useful to
determine the cause of this?
Firewall log
Using the Common Vulnerability Scoring System, CVSS, which of the following
indicators would be the most critical or severe finding?
10
Which of the following is used for moving traffic within individual VLANs?
VLAN Access Maps
The IP address and MAC address of a rogue device within the local network might
best be revealed by which of the following logs?
DHCP logs
Which type of analysis method combines machine learning algorithms and
statistical analyses to identify deviations from normal baseline user, system, or
network activities?
User and Entity Behavior Analytics
A high tolerance for risk requires higher, more frequent, vulnerability scanning.
False
At what layer of the TCP/IP model do devices such as ATM, switches, and bridges
operate, as well as protocols PPP and ARP?
Data-link
Which of the following describes when the claimed identity of a user is validated?
Authentication
Which of the following is an example of the security mitigation technique of
changing roles every couple of months?
Job rotation
Which layer of the TCP/IP model is equivalent to the Session, Presentation, and
Application layers of the OSI model?
Application
Which of the following are the six steps of an incident response plan?
A. Detect, Respond, Report, Recover, Remediate, Review
B. Discover, Review, Respond, Recover, Rectify, Report
C. Detect, Respond, Remediate, Recover, Review, Report
D. Detect, Respond, Report, Recover, Remediate, Review
Not A or C
The Open Web Application Security Project publishes the OWASP Top 10, which
summarizes feedback from the community in order to compile the Top 10
application vulnerabilities, including the associated risks, impacts, and
mitigations for each. What is the main reason a developer wouldn't solely rely on
this guidance?
