CISEC EXAM COMPLETE QUESTIONS AND 100% VERIFIED
ANSWERS (PASS GUARANTEE)
1. What is a firewall? A firewall is a network security device that monitors and
controls incoming and outgoing network traffic based on predetermined security
rules, acting as a barrier between trusted and untrusted networks.
2. What are the three types of firewalls? Packet filtering firewalls, stateful
inspection firewalls, and application-level gateways (proxy firewalls).
3. What is the difference between symmetric and asymmetric encryption?
Symmetric encryption uses the same key for encryption and decryption, while
asymmetric encryption uses a public key for encryption and a private key for
decryption.
4. What is a DMZ in network security? A DMZ (Demilitarized Zone) is a
physical or logical subnet that separates an internal network from untrusted
networks, typically containing public-facing servers.
5. What is the purpose of an IDS? An Intrusion Detection System (IDS)
monitors network traffic for suspicious activity and alerts administrators to
potential security breaches.
6. What is the difference between IDS and IPS? IDS detects and alerts on
threats, while IPS (Intrusion Prevention System) actively blocks or prevents
detected threats.
7. What is a VPN? A Virtual Private Network creates a secure, encrypted
connection over a less secure network, such as the internet.
8. What are the common VPN protocols? IPSec, SSL/TLS, PPTP, L2TP,
OpenVPN, and WireGuard.
9. What is port scanning? Port scanning is a technique used to identify open
ports and services on a network host, often used in reconnaissance attacks.
,10. What is MAC address filtering? MAC address filtering is a security
method that allows or denies network access based on the physical address of
network adapters.
11. What is network segmentation? Network segmentation divides a network
into smaller segments to improve security and performance by isolating
sensitive data and systems.
12. What is a VLAN? A Virtual Local Area Network logically groups devices
on different physical LANs to function as if they're on the same network.
13. What is ARP spoofing? ARP spoofing is an attack where an attacker sends
falsified ARP messages to associate their MAC address with another host's IP
address.
14. What is DNS spoofing? DNS spoofing corrupts DNS cache data to redirect
users from legitimate websites to malicious ones.
15. What is a honeypot? A honeypot is a decoy system designed to attract
attackers and study their techniques while protecting real systems.
16. What is the OSI model? The OSI (Open Systems Interconnection) model
is a seven-layer framework describing how network protocols interact: Physical,
Data Link, Network, Transport, Session, Presentation, and Application.
17. What is the TCP three-way handshake? A process establishing a TCP
connection: SYN sent from client, SYN-ACK returned from server, ACK sent
from client.
18. What is a SYN flood attack? A DDoS attack exploiting the TCP
handshake by sending numerous SYN requests without completing the
connection, exhausting server resources.
19. What is SSL/TLS? Secure Sockets Layer and Transport Layer Security are
cryptographic protocols providing secure communication over networks.
20. What is a man-in-the-middle attack? An attack where an attacker
intercepts and potentially alters communication between two parties without
their knowledge.
21. What is network access control (NAC)? NAC is a security solution that
enforces policies on devices attempting to access network resources.
22. What is zero trust architecture? A security model assuming no user or
device should be trusted by default, requiring continuous verification.
, 23. What is bandwidth throttling? The intentional slowing of network traffic
to manage bandwidth consumption and prevent congestion.
24. What is a proxy server? An intermediary server that acts as a gateway
between users and the internet, providing security, anonymity, and caching.
25. What is SNMP? Simple Network Management Protocol is used for
collecting and organizing information about managed devices on IP networks.
26. What is NAT? Network Address Translation modifies IP address
information in packet headers while in transit to map multiple private addresses
to a public address.
27. What is a botnet? A network of compromised computers controlled
remotely by attackers to perform malicious activities.
28. What is DDoS? Distributed Denial of Service attacks overwhelm a target
with traffic from multiple sources, making services unavailable.
29. What is packet sniffing? Capturing and analyzing network packets to
examine data being transmitted across a network.
30. What is WPA3? Wi-Fi Protected Access 3 is the latest wireless security
protocol offering enhanced encryption and protection.
31. What is a rogue access point? An unauthorized wireless access point
installed on a network, potentially allowing attackers to intercept traffic.
32. What is WEP and why is it insecure? Wired Equivalent Privacy is an
outdated wireless security protocol with weak encryption vulnerable to
cracking.
33. What is SSL pinning? A security technique that associates a host with its
expected SSL certificate to prevent man-in-the-middle attacks.
34. What is BGP hijacking? An attack where incorrect BGP route
announcements redirect internet traffic through malicious networks.
35. What is a network TAP? A hardware device providing access to network
traffic for monitoring without disrupting the network.
36. What is RADIUS? Remote Authentication Dial-In User Service provides
centralized authentication, authorization, and accounting for network access.
37. What is 802.1X? An IEEE standard for port-based network access control
providing authentication for devices connecting to networks.
ANSWERS (PASS GUARANTEE)
1. What is a firewall? A firewall is a network security device that monitors and
controls incoming and outgoing network traffic based on predetermined security
rules, acting as a barrier between trusted and untrusted networks.
2. What are the three types of firewalls? Packet filtering firewalls, stateful
inspection firewalls, and application-level gateways (proxy firewalls).
3. What is the difference between symmetric and asymmetric encryption?
Symmetric encryption uses the same key for encryption and decryption, while
asymmetric encryption uses a public key for encryption and a private key for
decryption.
4. What is a DMZ in network security? A DMZ (Demilitarized Zone) is a
physical or logical subnet that separates an internal network from untrusted
networks, typically containing public-facing servers.
5. What is the purpose of an IDS? An Intrusion Detection System (IDS)
monitors network traffic for suspicious activity and alerts administrators to
potential security breaches.
6. What is the difference between IDS and IPS? IDS detects and alerts on
threats, while IPS (Intrusion Prevention System) actively blocks or prevents
detected threats.
7. What is a VPN? A Virtual Private Network creates a secure, encrypted
connection over a less secure network, such as the internet.
8. What are the common VPN protocols? IPSec, SSL/TLS, PPTP, L2TP,
OpenVPN, and WireGuard.
9. What is port scanning? Port scanning is a technique used to identify open
ports and services on a network host, often used in reconnaissance attacks.
,10. What is MAC address filtering? MAC address filtering is a security
method that allows or denies network access based on the physical address of
network adapters.
11. What is network segmentation? Network segmentation divides a network
into smaller segments to improve security and performance by isolating
sensitive data and systems.
12. What is a VLAN? A Virtual Local Area Network logically groups devices
on different physical LANs to function as if they're on the same network.
13. What is ARP spoofing? ARP spoofing is an attack where an attacker sends
falsified ARP messages to associate their MAC address with another host's IP
address.
14. What is DNS spoofing? DNS spoofing corrupts DNS cache data to redirect
users from legitimate websites to malicious ones.
15. What is a honeypot? A honeypot is a decoy system designed to attract
attackers and study their techniques while protecting real systems.
16. What is the OSI model? The OSI (Open Systems Interconnection) model
is a seven-layer framework describing how network protocols interact: Physical,
Data Link, Network, Transport, Session, Presentation, and Application.
17. What is the TCP three-way handshake? A process establishing a TCP
connection: SYN sent from client, SYN-ACK returned from server, ACK sent
from client.
18. What is a SYN flood attack? A DDoS attack exploiting the TCP
handshake by sending numerous SYN requests without completing the
connection, exhausting server resources.
19. What is SSL/TLS? Secure Sockets Layer and Transport Layer Security are
cryptographic protocols providing secure communication over networks.
20. What is a man-in-the-middle attack? An attack where an attacker
intercepts and potentially alters communication between two parties without
their knowledge.
21. What is network access control (NAC)? NAC is a security solution that
enforces policies on devices attempting to access network resources.
22. What is zero trust architecture? A security model assuming no user or
device should be trusted by default, requiring continuous verification.
, 23. What is bandwidth throttling? The intentional slowing of network traffic
to manage bandwidth consumption and prevent congestion.
24. What is a proxy server? An intermediary server that acts as a gateway
between users and the internet, providing security, anonymity, and caching.
25. What is SNMP? Simple Network Management Protocol is used for
collecting and organizing information about managed devices on IP networks.
26. What is NAT? Network Address Translation modifies IP address
information in packet headers while in transit to map multiple private addresses
to a public address.
27. What is a botnet? A network of compromised computers controlled
remotely by attackers to perform malicious activities.
28. What is DDoS? Distributed Denial of Service attacks overwhelm a target
with traffic from multiple sources, making services unavailable.
29. What is packet sniffing? Capturing and analyzing network packets to
examine data being transmitted across a network.
30. What is WPA3? Wi-Fi Protected Access 3 is the latest wireless security
protocol offering enhanced encryption and protection.
31. What is a rogue access point? An unauthorized wireless access point
installed on a network, potentially allowing attackers to intercept traffic.
32. What is WEP and why is it insecure? Wired Equivalent Privacy is an
outdated wireless security protocol with weak encryption vulnerable to
cracking.
33. What is SSL pinning? A security technique that associates a host with its
expected SSL certificate to prevent man-in-the-middle attacks.
34. What is BGP hijacking? An attack where incorrect BGP route
announcements redirect internet traffic through malicious networks.
35. What is a network TAP? A hardware device providing access to network
traffic for monitoring without disrupting the network.
36. What is RADIUS? Remote Authentication Dial-In User Service provides
centralized authentication, authorization, and accounting for network access.
37. What is 802.1X? An IEEE standard for port-based network access control
providing authentication for devices connecting to networks.
