FIS Final Exam questions well answered
to pass
A successful _______________ assessment of a network is all about using the right tools to map
the network and identify any vulnerabilities that can be the opening for a future attack. - correct
answer ✔✔scanning and vulnerability
Active Directory : - correct answer ✔✔makes the process of accessing machines that are not on
the domain much easier.
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes
detection by signature-based antivirus software. What type of virus has he discovered? - correct
answer ✔✔Polymorphic virus
As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery
tests that introduce as much realism as possible but do not require the use of technology
resources. What type of test should Holly conduct? - correct answer ✔✔Simulation test
Alan is developing a business impact assessment for his organization. He is working with
business units to determine the maximum allowable time to recover a particular function. What
value is Alan determining? - correct answer ✔✔Recovery time objective (RTO)
During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and
identified by: - correct answer ✔✔Nessus
Alice would like to send a message to Bob using a digital signature. What cryptographic key does
Alice use to create the digital signature? - correct answer ✔✔Alice's private key
, Ann is creating a template for the configuration of Windows servers in her organization. It
includes the basic security settings that should apply to all systems. What type of document
should she create? - correct answer ✔✔Baseline
Alison discovers that a system under her control has been infected with malware, which is using
a key logger to report user keystrokes to a third party. What information security property is this
malware attacking? - correct answer ✔✔Confidentiality
During what phase of a remote access connection does the end user prove his or her claim of
identity? - correct answer ✔✔Authentication
Barbara is investigating an attack against her network. she notices that the Internet Control
Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo
requests leaving her network. What type of attack is likely taking place? - correct answer
✔✔Smurf
Barry discovers that an attacker is running an access point in a building adjacent to his company.
The access point is broadcasting the security set identifier (SSID) of an open network owned by
the coffee shop in his lobby. Which type of attack is likely taking place? - correct answer ✔✔Evil
twin
During which phase of a hacker's five-step approach does the hacker scan a network to identify
IP hosts, open ports, and services enabled on servers and workstations? - correct answer
✔✔Reconnaissance
Earl is preparing a risk register for his organization's risk management program. Which data
element is LEAST likely to be included in a risk register? - correct answer ✔✔Risk survey results
Brian would like to conduct a port scan against his systems to determine how they look from an
attacker's viewpoint. What tool can he use for this purpose? - correct answer ✔✔Nmap
to pass
A successful _______________ assessment of a network is all about using the right tools to map
the network and identify any vulnerabilities that can be the opening for a future attack. - correct
answer ✔✔scanning and vulnerability
Active Directory : - correct answer ✔✔makes the process of accessing machines that are not on
the domain much easier.
Adam discovers a virus on his system that is using encryption to modify itself. The virus escapes
detection by signature-based antivirus software. What type of virus has he discovered? - correct
answer ✔✔Polymorphic virus
As a follow-up to her annual testing, Holly would like to conduct quarterly disaster recovery
tests that introduce as much realism as possible but do not require the use of technology
resources. What type of test should Holly conduct? - correct answer ✔✔Simulation test
Alan is developing a business impact assessment for his organization. He is working with
business units to determine the maximum allowable time to recover a particular function. What
value is Alan determining? - correct answer ✔✔Recovery time objective (RTO)
During the vulnerability assessment, any known vulnerabilities or bugs will be flagged and
identified by: - correct answer ✔✔Nessus
Alice would like to send a message to Bob using a digital signature. What cryptographic key does
Alice use to create the digital signature? - correct answer ✔✔Alice's private key
, Ann is creating a template for the configuration of Windows servers in her organization. It
includes the basic security settings that should apply to all systems. What type of document
should she create? - correct answer ✔✔Baseline
Alison discovers that a system under her control has been infected with malware, which is using
a key logger to report user keystrokes to a third party. What information security property is this
malware attacking? - correct answer ✔✔Confidentiality
During what phase of a remote access connection does the end user prove his or her claim of
identity? - correct answer ✔✔Authentication
Barbara is investigating an attack against her network. she notices that the Internet Control
Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo
requests leaving her network. What type of attack is likely taking place? - correct answer
✔✔Smurf
Barry discovers that an attacker is running an access point in a building adjacent to his company.
The access point is broadcasting the security set identifier (SSID) of an open network owned by
the coffee shop in his lobby. Which type of attack is likely taking place? - correct answer ✔✔Evil
twin
During which phase of a hacker's five-step approach does the hacker scan a network to identify
IP hosts, open ports, and services enabled on servers and workstations? - correct answer
✔✔Reconnaissance
Earl is preparing a risk register for his organization's risk management program. Which data
element is LEAST likely to be included in a risk register? - correct answer ✔✔Risk survey results
Brian would like to conduct a port scan against his systems to determine how they look from an
attacker's viewpoint. What tool can he use for this purpose? - correct answer ✔✔Nmap
