C795 Cybersecurity Management II –
Tactical Exam Questions and Answers
Graded A+
As an IT security professional, you have just been hired by a multisite automotive
dealership to protect and manage its computer network. What is your first task in
establishing a secure defense system for the company?This task contains the radio
buttons and checkboxes for options. The shortcut keys to perform this task are A to
H and alt+1 to alt+9.
A
Hire a system security vendor.
B
Perform a full vulnerability assessment.
C
©COPYRIGHT 2025, ALL RIGHTS RESERVED 1
,Perform an asset inventory and classification audit.
D
Document all users on the corporate domain. - Correct answer-Answer C is correct.
A security administrator has to have a complete inventory of systems and
equipment connected to the corporate network. Once this information is complete
and accurate, a security professional can begin mapping vulnerabilities to the
known systems.
Which characteristic most accurately describes a zero-day exploit
vulnerability?This task contains the radio buttons and checkboxes for options. The
shortcut keys to perform this task are A to H and alt+1 to alt+9.
A
It is only known to hackers and a few security professionals.
B
©COPYRIGHT 2025, ALL RIGHTS RESERVED 2
,It is only known to the hacker.
C
It was a major concern in the late 1990s, but current technology has eliminated
them.
D
It is widely known, but ineffective and only used occasionally. - Correct answer-
Explanation: Answer B is correct.
A zero-day exploit is a flaw in an operating system or program code that is
discovered by a threat actor with the intention of exploiting the vulnerability before
authors of the code can patch or rewrite the code to eliminate the vulnerability.
CVE - Correct answer-MITRE Corporation
National Vulnerability Database (NVD) - Correct answer-National Institute of
Standards and Technology's (NIST) Computer Security Division, these days the
©COPYRIGHT 2025, ALL RIGHTS RESERVED 3
, NVD is brought to you by your friends at the Department of Homeland Security's
National Cybersecurity Division. According to them
Which organizations provide vulnerability-mapping services, tools, or resources
that can be accessed for free?This task contains the radio buttons and checkboxes
for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A
AARP
B
OWASP
C
NIST
D
ACLU
©COPYRIGHT 2025, ALL RIGHTS RESERVED 4
Tactical Exam Questions and Answers
Graded A+
As an IT security professional, you have just been hired by a multisite automotive
dealership to protect and manage its computer network. What is your first task in
establishing a secure defense system for the company?This task contains the radio
buttons and checkboxes for options. The shortcut keys to perform this task are A to
H and alt+1 to alt+9.
A
Hire a system security vendor.
B
Perform a full vulnerability assessment.
C
©COPYRIGHT 2025, ALL RIGHTS RESERVED 1
,Perform an asset inventory and classification audit.
D
Document all users on the corporate domain. - Correct answer-Answer C is correct.
A security administrator has to have a complete inventory of systems and
equipment connected to the corporate network. Once this information is complete
and accurate, a security professional can begin mapping vulnerabilities to the
known systems.
Which characteristic most accurately describes a zero-day exploit
vulnerability?This task contains the radio buttons and checkboxes for options. The
shortcut keys to perform this task are A to H and alt+1 to alt+9.
A
It is only known to hackers and a few security professionals.
B
©COPYRIGHT 2025, ALL RIGHTS RESERVED 2
,It is only known to the hacker.
C
It was a major concern in the late 1990s, but current technology has eliminated
them.
D
It is widely known, but ineffective and only used occasionally. - Correct answer-
Explanation: Answer B is correct.
A zero-day exploit is a flaw in an operating system or program code that is
discovered by a threat actor with the intention of exploiting the vulnerability before
authors of the code can patch or rewrite the code to eliminate the vulnerability.
CVE - Correct answer-MITRE Corporation
National Vulnerability Database (NVD) - Correct answer-National Institute of
Standards and Technology's (NIST) Computer Security Division, these days the
©COPYRIGHT 2025, ALL RIGHTS RESERVED 3
, NVD is brought to you by your friends at the Department of Homeland Security's
National Cybersecurity Division. According to them
Which organizations provide vulnerability-mapping services, tools, or resources
that can be accessed for free?This task contains the radio buttons and checkboxes
for options. The shortcut keys to perform this task are A to H and alt+1 to alt+9.
A
AARP
B
OWASP
C
NIST
D
ACLU
©COPYRIGHT 2025, ALL RIGHTS RESERVED 4
