Essentials of Cyber Security- CISCO Exam Questions with Answers
It looks like an attacker has targeted a vulnerability in @Apollo's online messaging service, which is used
to facilitate communications between employees working across different sites. When an employee
makes a voice call, it floods the memory of the application, effectively giving the attacker control over
the employee's device. What type of attack is this? - Answers Buffer overflow
An employee received an email that looked like it came from an @Apollo supplier asking them to click a
link to claim a discount - Answers Phishing
An employee received an automated phone call from the bank advising that @Apollo's account had
been compromised and that they must call a specific number to reset the password - Answers Vishing
An employee received a text message advising that one of @Apollo's software subscriptions is expiring
and that they must update the details immediately - Answers Smishing
An employee clicked on a suspicious email link. Internal/External? - Answers Internal
An employee granted someone unauthorized access to Apollo's HQ. Internal/External? - Answers
External
An employee connected an infected USB to their work laptop. Internal/External - Answers Internal
An employee was tricked into giving out confidential information by someone pretending to be their
manager? Internal/External - Answers External
An employee entered the wrong info into the Apollo database? Internal/External - Answers Internal
A former employee was able to download customer files by remotely accessing Apollo's network?
Internal/External - Answers Internal
Employees in an organization report that the network access is slow. Further investigation reveals that
one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced? - Answers Worm
A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the
server to crash.
What do you call this type of attack? - Answers DoS
All employees in an organization receive an email stating that their account password will expire
immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email? - Answers It is a hoax
,Employees in an organization report that they cannot access the customer database on the main server.
Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization
receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced? - Answers Ransomware
What non-technical method could a cybercriminal use to gather sensitive information from an
organization? - Answers Social Engineering
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist.
Which of the following resources can they use to identify specific details about vulnerabilities? - Answers
ISO/IEC 27000 model
A secretary receives a phone call from someone claiming that their manager is about to give an
important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email address.
The caller also states that the secretary is being held personally responsible for the success of this
presentation.
What type of social engineering tactic is the caller using? - Answers Intimidation
Which best practices can help defend against social engineering attacks? - Answers Educate employees
regarding security policies,
Resist the urge to click on enticing web links,
Do not provide password resets in a chat window
A penetration test carried out by an organization identified a backdoor on the network. What action
should the organization take to find out if their systems have been compromised? - Answers Look for
unauthorized accounts
What do you call an impersonation attack that takes advantage of a trusted relationship between two
systems? - Answers Spoofing
Which of the following statements describes a distributed denial of service (DDoS) attack? - Answers A
botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
What type of attack occurs when data goes beyond the memory areas allocated to an application? -
Answers Buffer overflow
Employees (What kind of domain is this?) - Answers User domain
Employees use a desktop, laptop, tablet or smartphone. (What kind of domain is this?) - Answers Device
domain
, Employees gain access to the @Apollo offices with an electronic staff ID card. (What kind of domain is
this?) - Answers Physical facilities domain
@Apollo's (company) network - Answers LAN domain
You are investigating a suspicious email that has been sent to @Apollo's remote workers today. It looks
like the email has been sent by Guru, asking employees to click on a link to download a virtual private
network that will secure their Wi-Fi connection while working at home. Although the email looks
legitimate, clicking on the link installs malware on the employee's device.
What type of social engineering attack is being used here? - Answers Pretexting
A friend sends you a text message to congratulate you on your new position at @Apollo after they saw
your status update on your social profile. You have not updated this information. - Answers
Impersonation
A colleague tells you that a man asked them to hold the front door on the way into the office this
morning, because he had forgotten his ID card. Your colleague had never seen this man before. -
Answers Tailgating
A customer has reported that malware infected her computer after she visited @Apollo's website.
Further investigation revealed that the customer accidentally mistyped the website address. - Answers
Typosquatting
Several employees at @Apollo have reported performance issues on their computers, with applications
running slow and notable popup ads appearing. Guru has asked you to investigate. You consult a
network monitoring tool, which also reveals abnormal traffic on the network.
Based on your findings, what type of attack do you think @Apollo might be involved with? - Answers
DDoS attack
You have just received an email from @Apollo's HR department asking you to add your bank account
details to your file by clicking on a link in the email. It stresses that this must be completed by the end of
the day for you to be included in this month's payroll.
Although the email looks like it has been sent internally, closer inspection reveals a slight variation in the
email domain of the sender's address. You could be a victim of what type of attack? - Answers
Impersonation
You are enjoying a coffee in the local cafe and decide to catch up on your emails while you wait for your
friend to arrive. You try to log on to the café's Wi-Fi but the connection looks very weak. Fortunately,
there is a second Wi-Fi with a similar name, so you log on to that.
However, unbeknownst to you, an attacker sits nearby, having created a Wi-Fi hotspot on their mobile,
which they have paired with their laptop. They are monitoring the online activity of everyone who
connects to this Wi-Fi, including you — that wasn't the café's Wi-Fi after all!
It looks like an attacker has targeted a vulnerability in @Apollo's online messaging service, which is used
to facilitate communications between employees working across different sites. When an employee
makes a voice call, it floods the memory of the application, effectively giving the attacker control over
the employee's device. What type of attack is this? - Answers Buffer overflow
An employee received an email that looked like it came from an @Apollo supplier asking them to click a
link to claim a discount - Answers Phishing
An employee received an automated phone call from the bank advising that @Apollo's account had
been compromised and that they must call a specific number to reset the password - Answers Vishing
An employee received a text message advising that one of @Apollo's software subscriptions is expiring
and that they must update the details immediately - Answers Smishing
An employee clicked on a suspicious email link. Internal/External? - Answers Internal
An employee granted someone unauthorized access to Apollo's HQ. Internal/External? - Answers
External
An employee connected an infected USB to their work laptop. Internal/External - Answers Internal
An employee was tricked into giving out confidential information by someone pretending to be their
manager? Internal/External - Answers External
An employee entered the wrong info into the Apollo database? Internal/External - Answers Internal
A former employee was able to download customer files by remotely accessing Apollo's network?
Internal/External - Answers Internal
Employees in an organization report that the network access is slow. Further investigation reveals that
one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced? - Answers Worm
A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the
server to crash.
What do you call this type of attack? - Answers DoS
All employees in an organization receive an email stating that their account password will expire
immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email? - Answers It is a hoax
,Employees in an organization report that they cannot access the customer database on the main server.
Further investigation reveals that the database file is now encrypted. Shortly afterward, the organization
receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced? - Answers Ransomware
What non-technical method could a cybercriminal use to gather sensitive information from an
organization? - Answers Social Engineering
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist.
Which of the following resources can they use to identify specific details about vulnerabilities? - Answers
ISO/IEC 27000 model
A secretary receives a phone call from someone claiming that their manager is about to give an
important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email address.
The caller also states that the secretary is being held personally responsible for the success of this
presentation.
What type of social engineering tactic is the caller using? - Answers Intimidation
Which best practices can help defend against social engineering attacks? - Answers Educate employees
regarding security policies,
Resist the urge to click on enticing web links,
Do not provide password resets in a chat window
A penetration test carried out by an organization identified a backdoor on the network. What action
should the organization take to find out if their systems have been compromised? - Answers Look for
unauthorized accounts
What do you call an impersonation attack that takes advantage of a trusted relationship between two
systems? - Answers Spoofing
Which of the following statements describes a distributed denial of service (DDoS) attack? - Answers A
botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
What type of attack occurs when data goes beyond the memory areas allocated to an application? -
Answers Buffer overflow
Employees (What kind of domain is this?) - Answers User domain
Employees use a desktop, laptop, tablet or smartphone. (What kind of domain is this?) - Answers Device
domain
, Employees gain access to the @Apollo offices with an electronic staff ID card. (What kind of domain is
this?) - Answers Physical facilities domain
@Apollo's (company) network - Answers LAN domain
You are investigating a suspicious email that has been sent to @Apollo's remote workers today. It looks
like the email has been sent by Guru, asking employees to click on a link to download a virtual private
network that will secure their Wi-Fi connection while working at home. Although the email looks
legitimate, clicking on the link installs malware on the employee's device.
What type of social engineering attack is being used here? - Answers Pretexting
A friend sends you a text message to congratulate you on your new position at @Apollo after they saw
your status update on your social profile. You have not updated this information. - Answers
Impersonation
A colleague tells you that a man asked them to hold the front door on the way into the office this
morning, because he had forgotten his ID card. Your colleague had never seen this man before. -
Answers Tailgating
A customer has reported that malware infected her computer after she visited @Apollo's website.
Further investigation revealed that the customer accidentally mistyped the website address. - Answers
Typosquatting
Several employees at @Apollo have reported performance issues on their computers, with applications
running slow and notable popup ads appearing. Guru has asked you to investigate. You consult a
network monitoring tool, which also reveals abnormal traffic on the network.
Based on your findings, what type of attack do you think @Apollo might be involved with? - Answers
DDoS attack
You have just received an email from @Apollo's HR department asking you to add your bank account
details to your file by clicking on a link in the email. It stresses that this must be completed by the end of
the day for you to be included in this month's payroll.
Although the email looks like it has been sent internally, closer inspection reveals a slight variation in the
email domain of the sender's address. You could be a victim of what type of attack? - Answers
Impersonation
You are enjoying a coffee in the local cafe and decide to catch up on your emails while you wait for your
friend to arrive. You try to log on to the café's Wi-Fi but the connection looks very weak. Fortunately,
there is a second Wi-Fi with a similar name, so you log on to that.
However, unbeknownst to you, an attacker sits nearby, having created a Wi-Fi hotspot on their mobile,
which they have paired with their laptop. They are monitoring the online activity of everyone who
connects to this Wi-Fi, including you — that wasn't the café's Wi-Fi after all!
