Exam Questions and Answers
(Grade A+)
The requirements identified for a vulnerability management process many times drive the
vulnerability scanning frequency.—ANSWER--True
Which security mechanism can social engineering help bypass?—ANSWER--All of the above
Which of the following is a common environmental reconnaissance task that is performed to
help gain insight on how an organization's networked systems are connected, or mapping
the network?—ANSWER--Topology discovery
Any changes in behavior or deviation from baselines that result in an alert is an activity
that's part of:—ANSWER--Continuous monitoring
Which of the following intrusion detection systems uses statistical analysis to detect
intrusions?—ANSWER--not b
Which of the following vulnerability scan methods uses push technology and is dependent
on network connectivity?—ANSWER--Server-based
Tools like Encase and FTK can be used for imaging, mounting, and analyzing hard drives.
What category of cyber tools would they be considered?—ANSWER--Forensic
, Which of the following is an example of restricting access to files based on the identity of the
user or group?—ANSWER--Discretionary Access Control
Which of the following describes when the claimed identity of a user is validated?—
ANSWER--Authentication
The amount of risk that an organization can accept and still achieve business objectives is
its:—ANSWER--not c
Network flows are difficult to track large amounts of traffic with and cannot view a
consolidated picture of what is happening on your network.—ANSWER--False
VM Escape occurs when:—ANSWER--an attacker writes coded enabling the VM to break out
of encapsulation and interact with hypervisor
Which of the following is NOT a best practice for securing wireless environments?—
ANSWER--Broadcasting the access point SSID using proper network name only
Which type of analysis method combines machine learning algorithms and statistical
analyses to identify deviations from normal baseline user, system, or network activities?—
ANSWER--not trend, statis
Which category of cyber tools is used to gather information to identify potential security
concerns, vulnerabilities, benchmark traffic patterns, and traffic anomalies?—ANSWER--not
collective
An organization is conducting an asset classification process. Which of the following would
be least likely to be considered a critical asset—ANSWER--not log
The four phases of the NIACAP accreditation process are:—ANSWER--not rvca
© 2026 Copyright. All Rights Reserved. This document is
protected by copyright law, Copyrighted By Brittie Donald