Cyber Security Cert Test (QUESTIONS WITH
100% CORRECT ANSWERS
Which of the following terms indicates that information is to be read only by those people for whom
it is intended
Confidentiality
Integrity
Availability
Accounting
Confidentiality
What technology is used to implement confidentiality
auditing
Which of the following makes sure that data is not changed when it not supposed
Confidentiality
Integrity
Availability
Accounting
integrity
Which of the following is not a response when dealing with a risk
Avoidance
Mitigation
Transfer
Patching
patching
What do you call the security discipline that requires that a user is given no more privilege necessary
to perform his or her job
principle of least privilege
What do you call the scope that hacker can use to break into a system
attack surface
What method used by hackers relies on the trusting nature of the person being attacked
social engineering
What is the best way to protect against social engineering
employee awareness
What is needed to highly secure a system
more money
What is the first line of defense when setting up a network
, physically secure the network
Which concept determines what resources users can access after they log on
access control
What is used to provide protection when one line of defense is breached
defense in depth
What is used to identify a person before giving access
authentication
What is used to verify that an administrator is not accessing data that he should not be accessing
auditing
What type of device can be easily lost or stolen can be used for espionage
removable devices
What is a physical or logical device used to capture keystroke
key logger
In dealing with risks, which response is done by buying insurance to protect your bottom line if such a
disaster or threat is realized
risk transfer
A _____ is generally defined as the probability that an event will occur that can cause harm to a
computer system, service, or network
risk
Over the last couple of years, small _______ devices have been become one of the largest challenges
facing security professionals
mobile
What is the process of identifying an individual
Authentication
What do you call the process in which a user is identified via a username and password
Authentication
What is the process of giving individual access to a system or resource
authorization
What is the process of keeping track of user's activity
accounting
100% CORRECT ANSWERS
Which of the following terms indicates that information is to be read only by those people for whom
it is intended
Confidentiality
Integrity
Availability
Accounting
Confidentiality
What technology is used to implement confidentiality
auditing
Which of the following makes sure that data is not changed when it not supposed
Confidentiality
Integrity
Availability
Accounting
integrity
Which of the following is not a response when dealing with a risk
Avoidance
Mitigation
Transfer
Patching
patching
What do you call the security discipline that requires that a user is given no more privilege necessary
to perform his or her job
principle of least privilege
What do you call the scope that hacker can use to break into a system
attack surface
What method used by hackers relies on the trusting nature of the person being attacked
social engineering
What is the best way to protect against social engineering
employee awareness
What is needed to highly secure a system
more money
What is the first line of defense when setting up a network
, physically secure the network
Which concept determines what resources users can access after they log on
access control
What is used to provide protection when one line of defense is breached
defense in depth
What is used to identify a person before giving access
authentication
What is used to verify that an administrator is not accessing data that he should not be accessing
auditing
What type of device can be easily lost or stolen can be used for espionage
removable devices
What is a physical or logical device used to capture keystroke
key logger
In dealing with risks, which response is done by buying insurance to protect your bottom line if such a
disaster or threat is realized
risk transfer
A _____ is generally defined as the probability that an event will occur that can cause harm to a
computer system, service, or network
risk
Over the last couple of years, small _______ devices have been become one of the largest challenges
facing security professionals
mobile
What is the process of identifying an individual
Authentication
What do you call the process in which a user is identified via a username and password
Authentication
What is the process of giving individual access to a system or resource
authorization
What is the process of keeping track of user's activity
accounting
