CYBERSECURITY ESSENTIALS FINAL QUIZ
Questions and Answers Lates Updates 2024
Which statement best describes a motivation of hacktivists?
▪ They are trying to show off their hacking skills.
▪ They are interested in discovering new exploits.
▪ They are curious and learning hacking skills.
▪ They are part of a protest group behind a political cause.
Explanation: Each type of cybercriminal has a distinct motivation for his or her actions.
1. Which type of cybercriminal is the most likely to create malware to compromise an organization by
stealing credit card information?
▪ white hat hackers
▪ black hat hackers
▪ gray hat hackers
▪ script kiddies
Explanation: Malware is a tool used by certain types of hackers to steal information.
2. A specialist in the HR department is invited to promote the cybersecurity program in community
schools. Which three topics would the specialist emphasize in the presentation to draw students to this
field? (Choose three.)
▪ a career-field in high-demand
▪ service to the public
▪ high earning potential
▪ a job with routine, day-to-day tasks
▪ a field requiring a PhD degree
▪ the CompTIA A+ certification provides an adequate knowledge base for the field
Explanation: The increased demand for cybersecurity specialists offers several unique career
opportunities.
3. An organization allows employees to work from home two days a week. Which technology should
be implemented to ensure data confidentiality as data is transmitted?
▪ SHS
▪ VLANS
▪ RAID
▪ VPN
Explanation: Protecting data confidentiality requires an understanding of the technologies used to
protect data in all three data states.
4. Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of
BYOD on campus?
▪ wireless networks
▪ wired networks
,▪ sneaker net
▪ virtual networks
Explanation: A cybersecurity specialist must be familiar with the types of technologies used to
store, transmit, and process data.
5. A cybersecurity specialist is working with the IT staff to establish an effective information security
plan. Which combination of security principles forms the foundation of a security plan?
▪ confidentiality, integrity, and availability
▪ technologies, policies, and awareness
▪ secrecy, identify, and nonrepudiation
▪ encryption, authentication, and identification
Explanation: The CIA Triad is the foundation upon which all information management systems are
developed.
6. Which framework should be recommended for establishing a comprehensive information security
management system in an organization?
▪ ISO/IEC 27000
▪ ISO OSI model
▪ NIST/NICE framework
▪ CIA Triad
Explanation: A cybersecurity specialist needs to be familiar with the different frameworks and
models for managing information security.
7. What are three states of data during which data is vulnerable? (Choose three.)
▪ data in-process
▪ stored data
▪ data in-transit
▪ data encrypted
▪ purged data
▪ data decrypted
Explanation: A cybersecurity specialist must be aware of each of the three states of data to
effectively protect data and information. Purged data was stored data. Encrypted and decrypted
data can be in any of the three states.
8. Users report that the database on the main server cannot be accessed. A database administrator
verifies the issue and notices that the database file is now encrypted. The organization receives a
threatening email demanding payment for the decryption of the database file. What type of attack has
the organization experienced?
▪ man-in-the-middle attack
▪ ransomeware
▪ Trojan horse
▪ DoS attack
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
9. What three best practices can help defend against social engineering attacks? (Choose three.)
▪ Enable a policy that states that the IT department should supply information over the phone only
to managers.
▪ Add more security guards.
, ▪ Resist the urge to click on enticing web links.
▪ Deploy well-designed firewall appliances.
▪ Educate employees regarding policies.
▪ Do not provide password resets in a chat window.
Explanation: A cybersecurity specialist must be aware of the technologies and measures that are
used as countermeasures to protect the organization from threats and vulnerabilities.
10. Which statement describes a distributed denial of service attack?
▪ An attacker sends an enormous quantity of data that a server cannot handle.
▪ An attacker builds a botnet comprised of zombies.
▪ An attacker views network traffic to learn authentication credentials.
▪ One computer accepts data packets based on the MAC address of another computer.
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
11. A cyber criminal sends a series of maliciously formatted packets to the database server. The server
cannot parse the packets and the event causes the server crash. What is the type of attack the cyber
criminal launches?
▪ DoS
▪ man-in-the-middle
▪ packet Injection
▪ SQL injection
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
12. An executive manager went to an important meeting. The secretary in the office receives a call
from a person claiming that the executive manager is about to give an important presentation but the
presentation files are corrupted. The caller sternly recommends that the secretary email the
presentation right away to a personal email address. The caller also states that the executive is holding
the secretary responsible for the success of this presentation. Which type of social engineering tactic
would describe this scenario?
▪ urgency
▪ intimidation
▪ familiarity
▪ trusted partners
Explanation: Social engineering uses several different tactics to gain information from victims.
13. What are the two most effective ways to defend against malware? (Choose two.)
▪ Implement network firewalls.
▪ Install and update antivirus software.
▪ Implement RAID.
▪ Update the operating system and other application software.
▪ Implement strong passwords.
▪ Implement a VPN.
Explanation: A cybersecurity specialist must be aware of the technologies and measures that are
used as countermeasures to protect the organization from threats and vulnerabilities.
Questions and Answers Lates Updates 2024
Which statement best describes a motivation of hacktivists?
▪ They are trying to show off their hacking skills.
▪ They are interested in discovering new exploits.
▪ They are curious and learning hacking skills.
▪ They are part of a protest group behind a political cause.
Explanation: Each type of cybercriminal has a distinct motivation for his or her actions.
1. Which type of cybercriminal is the most likely to create malware to compromise an organization by
stealing credit card information?
▪ white hat hackers
▪ black hat hackers
▪ gray hat hackers
▪ script kiddies
Explanation: Malware is a tool used by certain types of hackers to steal information.
2. A specialist in the HR department is invited to promote the cybersecurity program in community
schools. Which three topics would the specialist emphasize in the presentation to draw students to this
field? (Choose three.)
▪ a career-field in high-demand
▪ service to the public
▪ high earning potential
▪ a job with routine, day-to-day tasks
▪ a field requiring a PhD degree
▪ the CompTIA A+ certification provides an adequate knowledge base for the field
Explanation: The increased demand for cybersecurity specialists offers several unique career
opportunities.
3. An organization allows employees to work from home two days a week. Which technology should
be implemented to ensure data confidentiality as data is transmitted?
▪ SHS
▪ VLANS
▪ RAID
▪ VPN
Explanation: Protecting data confidentiality requires an understanding of the technologies used to
protect data in all three data states.
4. Which type of networks poses increasing challenges to cybersecurity specialists due to the growth of
BYOD on campus?
▪ wireless networks
▪ wired networks
,▪ sneaker net
▪ virtual networks
Explanation: A cybersecurity specialist must be familiar with the types of technologies used to
store, transmit, and process data.
5. A cybersecurity specialist is working with the IT staff to establish an effective information security
plan. Which combination of security principles forms the foundation of a security plan?
▪ confidentiality, integrity, and availability
▪ technologies, policies, and awareness
▪ secrecy, identify, and nonrepudiation
▪ encryption, authentication, and identification
Explanation: The CIA Triad is the foundation upon which all information management systems are
developed.
6. Which framework should be recommended for establishing a comprehensive information security
management system in an organization?
▪ ISO/IEC 27000
▪ ISO OSI model
▪ NIST/NICE framework
▪ CIA Triad
Explanation: A cybersecurity specialist needs to be familiar with the different frameworks and
models for managing information security.
7. What are three states of data during which data is vulnerable? (Choose three.)
▪ data in-process
▪ stored data
▪ data in-transit
▪ data encrypted
▪ purged data
▪ data decrypted
Explanation: A cybersecurity specialist must be aware of each of the three states of data to
effectively protect data and information. Purged data was stored data. Encrypted and decrypted
data can be in any of the three states.
8. Users report that the database on the main server cannot be accessed. A database administrator
verifies the issue and notices that the database file is now encrypted. The organization receives a
threatening email demanding payment for the decryption of the database file. What type of attack has
the organization experienced?
▪ man-in-the-middle attack
▪ ransomeware
▪ Trojan horse
▪ DoS attack
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
9. What three best practices can help defend against social engineering attacks? (Choose three.)
▪ Enable a policy that states that the IT department should supply information over the phone only
to managers.
▪ Add more security guards.
, ▪ Resist the urge to click on enticing web links.
▪ Deploy well-designed firewall appliances.
▪ Educate employees regarding policies.
▪ Do not provide password resets in a chat window.
Explanation: A cybersecurity specialist must be aware of the technologies and measures that are
used as countermeasures to protect the organization from threats and vulnerabilities.
10. Which statement describes a distributed denial of service attack?
▪ An attacker sends an enormous quantity of data that a server cannot handle.
▪ An attacker builds a botnet comprised of zombies.
▪ An attacker views network traffic to learn authentication credentials.
▪ One computer accepts data packets based on the MAC address of another computer.
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
11. A cyber criminal sends a series of maliciously formatted packets to the database server. The server
cannot parse the packets and the event causes the server crash. What is the type of attack the cyber
criminal launches?
▪ DoS
▪ man-in-the-middle
▪ packet Injection
▪ SQL injection
Explanation: A cybersecurity specialist needs to be familiar with the characteristics of the different
types of malware and attacks that threaten an organization.
12. An executive manager went to an important meeting. The secretary in the office receives a call
from a person claiming that the executive manager is about to give an important presentation but the
presentation files are corrupted. The caller sternly recommends that the secretary email the
presentation right away to a personal email address. The caller also states that the executive is holding
the secretary responsible for the success of this presentation. Which type of social engineering tactic
would describe this scenario?
▪ urgency
▪ intimidation
▪ familiarity
▪ trusted partners
Explanation: Social engineering uses several different tactics to gain information from victims.
13. What are the two most effective ways to defend against malware? (Choose two.)
▪ Implement network firewalls.
▪ Install and update antivirus software.
▪ Implement RAID.
▪ Update the operating system and other application software.
▪ Implement strong passwords.
▪ Implement a VPN.
Explanation: A cybersecurity specialist must be aware of the technologies and measures that are
used as countermeasures to protect the organization from threats and vulnerabilities.
