Cisco Cyber Security Exam
It looks like an attacker has targeted a vulnerability in @Apollo's online messaging service, which is
used to facilitate communications between employees working across different sites. When an
employee makes a voice call, it floods the memory of the application, effectively giving the attacker
control over the employee's device. What type of attack is this?
Buffer overflow
An employee received an email that looked like it came from an @Apollo supplier asking them to click
a link to claim a discount
Phishing
An employee received an automated phone call from the bank advising that @Apollo's account had
been compromised and that they must call a specific number to reset the password
Vishing
An employee received a text message advising that one of @Apollo's software subscriptions is
expiring and that they must update the details immediately
Smishing
An employee clicked on a suspicious email link. Internal/External?
Internal
An employee granted someone unauthorized access to Apollo's HQ. Internal/External?
External
An employee connected an infected USB to their work laptop. Internal/External
Internal
An employee was tricked into giving out confidential information by someone pretending to be their
manager? Internal/External
External
An employee entered the wrong info into the Apollo database? Internal/External
Internal
A former employee was able to download customer files by remotely accessing Apollo's network?
Internal/External
Internal
Employees in an organization report that the network access is slow. Further investigation reveals
that one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced?
Worm
,A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the
server to crash.
What do you call this type of attack?
DoS
All employees in an organization receive an email stating that their account password will expire
immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email?
It is a hoax
Employees in an organization report that they cannot access the customer database on the main
server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the
organization receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced?
Ransomware
What non-technical method could a cybercriminal use to gather sensitive information from an
organization?
Social Engineering
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist.
Which of the following resources can they use to identify specific details about vulnerabilities?
ISO/IEC 27000 model
A secretary receives a phone call from someone claiming that their manager is about to give an
important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email
address. The caller also states that the secretary is being held personally responsible for the success
of this presentation.
What type of social engineering tactic is the caller using?
Intimidation
Which best practices can help defend against social engineering attacks?
Educate employees regarding security policies,
Resist the urge to click on enticing web links,
Do not provide password resets in a chat window
A penetration test carried out by an organization identified a backdoor on the network. What action
should the organization take to find out if their systems have been compromised?
Look for unauthorized accounts
What do you call an impersonation attack that takes advantage of a trusted relationship between two
systems?
Spoofing
Which of the following statements describes a distributed denial of service (DDoS) attack?
A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
, What type of attack occurs when data goes beyond the memory areas allocated to an application?
Buffer overflow
Employees (What kind of domain is this?)
User domain
Employees use a desktop, laptop, tablet or smartphone. (What kind of domain is this?)
Device domain
Employees gain access to the @Apollo offices with an electronic staff ID card. (What kind of domain is
this?)
Physical facilities domain
@Apollo's (company) network
LAN domain
You are investigating a suspicious email that has been sent to @Apollo's remote workers today. It
looks like the email has been sent by Guru, asking employees to click on a link to download a virtual
private network that will secure their Wi-Fi connection while working at home. Although the email
looks legitimate, clicking on the link installs malware on the employee's device.
What type of social engineering attack is being used here?
Pretexting
A friend sends you a text message to congratulate you on your new position at @Apollo after they
saw your status update on your social profile. You have not updated this information.
Impersonation
A colleague tells you that a man asked them to hold the front door on the way into the office this
morning, because he had forgotten his ID card. Your colleague had never seen this man before.
Tailgating
A customer has reported that malware infected her computer after she visited @Apollo's website.
Further investigation revealed that the customer accidentally mistyped the website address.
Typosquatting
Several employees at @Apollo have reported performance issues on their computers, with
applications running slow and notable popup ads appearing. Guru has asked you to investigate. You
consult a network monitoring tool, which also reveals abnormal traffic on the network.
Based on your findings, what type of attack do you think @Apollo might be involved with?
DDoS attack
You have just received an email from @Apollo's HR department asking you to add your bank account
details to your file by clicking on a link in the email. It stresses that this must be completed by the end
of the day for you to be included in this month's payroll.
Although the email looks like it has been sent internally, closer inspection reveals a slight variation in
the email domain of the sender's address. You could be a victim of what type of attack?
It looks like an attacker has targeted a vulnerability in @Apollo's online messaging service, which is
used to facilitate communications between employees working across different sites. When an
employee makes a voice call, it floods the memory of the application, effectively giving the attacker
control over the employee's device. What type of attack is this?
Buffer overflow
An employee received an email that looked like it came from an @Apollo supplier asking them to click
a link to claim a discount
Phishing
An employee received an automated phone call from the bank advising that @Apollo's account had
been compromised and that they must call a specific number to reset the password
Vishing
An employee received a text message advising that one of @Apollo's software subscriptions is
expiring and that they must update the details immediately
Smishing
An employee clicked on a suspicious email link. Internal/External?
Internal
An employee granted someone unauthorized access to Apollo's HQ. Internal/External?
External
An employee connected an infected USB to their work laptop. Internal/External
Internal
An employee was tricked into giving out confidential information by someone pretending to be their
manager? Internal/External
External
An employee entered the wrong info into the Apollo database? Internal/External
Internal
A former employee was able to download customer files by remotely accessing Apollo's network?
Internal/External
Internal
Employees in an organization report that the network access is slow. Further investigation reveals
that one employee downloaded a third-party scanning program for the printer.
What type of malware may have been introduced?
Worm
,A cybercriminal sends a series of maliciously formatted packets to a database server, which causes the
server to crash.
What do you call this type of attack?
DoS
All employees in an organization receive an email stating that their account password will expire
immediately and that they should reset their password within five minutes.
Which of the following statements best describes this email?
It is a hoax
Employees in an organization report that they cannot access the customer database on the main
server. Further investigation reveals that the database file is now encrypted. Shortly afterward, the
organization receives a threatening email demanding payment for the decryption of the database file.
What type of attack has the organization experienced?
Ransomware
What non-technical method could a cybercriminal use to gather sensitive information from an
organization?
Social Engineering
The awareness and identification of vulnerabilities is a critical function of a cybersecurity specialist.
Which of the following resources can they use to identify specific details about vulnerabilities?
ISO/IEC 27000 model
A secretary receives a phone call from someone claiming that their manager is about to give an
important presentation but the presentation files are corrupted.
The caller sternly asks that the secretary email the presentation right away to a personal email
address. The caller also states that the secretary is being held personally responsible for the success
of this presentation.
What type of social engineering tactic is the caller using?
Intimidation
Which best practices can help defend against social engineering attacks?
Educate employees regarding security policies,
Resist the urge to click on enticing web links,
Do not provide password resets in a chat window
A penetration test carried out by an organization identified a backdoor on the network. What action
should the organization take to find out if their systems have been compromised?
Look for unauthorized accounts
What do you call an impersonation attack that takes advantage of a trusted relationship between two
systems?
Spoofing
Which of the following statements describes a distributed denial of service (DDoS) attack?
A botnet of zombies, coordinated by an attacker, overwhelms a server with DoS attacks
, What type of attack occurs when data goes beyond the memory areas allocated to an application?
Buffer overflow
Employees (What kind of domain is this?)
User domain
Employees use a desktop, laptop, tablet or smartphone. (What kind of domain is this?)
Device domain
Employees gain access to the @Apollo offices with an electronic staff ID card. (What kind of domain is
this?)
Physical facilities domain
@Apollo's (company) network
LAN domain
You are investigating a suspicious email that has been sent to @Apollo's remote workers today. It
looks like the email has been sent by Guru, asking employees to click on a link to download a virtual
private network that will secure their Wi-Fi connection while working at home. Although the email
looks legitimate, clicking on the link installs malware on the employee's device.
What type of social engineering attack is being used here?
Pretexting
A friend sends you a text message to congratulate you on your new position at @Apollo after they
saw your status update on your social profile. You have not updated this information.
Impersonation
A colleague tells you that a man asked them to hold the front door on the way into the office this
morning, because he had forgotten his ID card. Your colleague had never seen this man before.
Tailgating
A customer has reported that malware infected her computer after she visited @Apollo's website.
Further investigation revealed that the customer accidentally mistyped the website address.
Typosquatting
Several employees at @Apollo have reported performance issues on their computers, with
applications running slow and notable popup ads appearing. Guru has asked you to investigate. You
consult a network monitoring tool, which also reveals abnormal traffic on the network.
Based on your findings, what type of attack do you think @Apollo might be involved with?
DDoS attack
You have just received an email from @Apollo's HR department asking you to add your bank account
details to your file by clicking on a link in the email. It stresses that this must be completed by the end
of the day for you to be included in this month's payroll.
Although the email looks like it has been sent internally, closer inspection reveals a slight variation in
the email domain of the sender's address. You could be a victim of what type of attack?
