Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
Cyberwarfare is the narrowest category in Information Warfare,
and deals with surveillance as well as corruption of system sensors.
-
correct answer ✅False
What kind of records are affected by HIPAA's privacy rules? -
correct answer ✅Healthcare records
What ISO 27000 standard describes audits, certifications, and
general risk assessment? -
correct answer ✅27001.2013
What is the term for increasing one's access level to compromise
intermediate systems and possibly obtain complete control? -
correct answer ✅Escalation of Privilege
Tactics is a term we use to describe how threat actors or threat
actor groups work throughout the phases of hacking. -
correct answer ✅True
,Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
Risk Matrices are factored using all of the following, except for
__________. -
correct answer ✅Reversal
Identify the category of information warfare that uses various
technologies such as propaganda and terror, to demoralize one's
adversary in an attempt to succeed in battle. -
correct answer ✅Psychological
What kind of attack (as defined by the IETF) involves interception,
monitoring, and no data tampering? -
correct answer ✅Passive
Affirmation that information security controls are in place and
maintained is known as _________. -
correct answer ✅Information Assurance
_______________ is the assurance that the information is
accessible only to those authorized to have access. -
correct answer ✅Confidentiality
,Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
Which of the following terms best describes a weakness or error
that can lead to security compromises? -
correct answer ✅Vulnerability
Cyber-Threat Intelligence (CTI) is useful as it allows proactive
defense strategies to be possible. -
correct answer ✅True
Purple Team hackers behave in the same capacity as Black Hats in a
penetration test. -
correct answer ✅False
What kind of recon deals with acquiring info without any form of
direct contact? -
correct answer ✅Passive
What infrastructure device below uses rule-based access control? -
correct answer ✅Firewall
Which of the following does NOT occur during risk assessment? -
correct answer ✅Attack Profiling
, Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
An attacker's motives usually originates from which of the following
concepts? (Choose the BEST answer) -
correct answer ✅The target contains or is something valuable
What kind of scan would be performed over the internet to identify
vulnerabilities on an internal web server? -
correct answer ✅Internal Scan
You are setting up DNS for your enterprise. Server A is both a web
server and an FTP server. You want to advertise both services for
this machine as name references your can use. -
correct answer ✅CNAME
Joe accesses the company website, www.anybus.com, from his
home computer and is presented with a defaced site containing
disturbing images. He calls the IT department to report the website
hack and is told they do not see any problem with the site-no files
have been changed, and when accessed from their terminals
(inside the company), the site appears normally. Joe connects over
VPN into the company website and notices the site appears
normally. Which of the following might explain the issue? -
correct answer ✅DNS Poisoning
Actual Questions and Answers 2026
Cyberwarfare is the narrowest category in Information Warfare,
and deals with surveillance as well as corruption of system sensors.
-
correct answer ✅False
What kind of records are affected by HIPAA's privacy rules? -
correct answer ✅Healthcare records
What ISO 27000 standard describes audits, certifications, and
general risk assessment? -
correct answer ✅27001.2013
What is the term for increasing one's access level to compromise
intermediate systems and possibly obtain complete control? -
correct answer ✅Escalation of Privilege
Tactics is a term we use to describe how threat actors or threat
actor groups work throughout the phases of hacking. -
correct answer ✅True
,Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
Risk Matrices are factored using all of the following, except for
__________. -
correct answer ✅Reversal
Identify the category of information warfare that uses various
technologies such as propaganda and terror, to demoralize one's
adversary in an attempt to succeed in battle. -
correct answer ✅Psychological
What kind of attack (as defined by the IETF) involves interception,
monitoring, and no data tampering? -
correct answer ✅Passive
Affirmation that information security controls are in place and
maintained is known as _________. -
correct answer ✅Information Assurance
_______________ is the assurance that the information is
accessible only to those authorized to have access. -
correct answer ✅Confidentiality
,Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
Which of the following terms best describes a weakness or error
that can lead to security compromises? -
correct answer ✅Vulnerability
Cyber-Threat Intelligence (CTI) is useful as it allows proactive
defense strategies to be possible. -
correct answer ✅True
Purple Team hackers behave in the same capacity as Black Hats in a
penetration test. -
correct answer ✅False
What kind of recon deals with acquiring info without any form of
direct contact? -
correct answer ✅Passive
What infrastructure device below uses rule-based access control? -
correct answer ✅Firewall
Which of the following does NOT occur during risk assessment? -
correct answer ✅Attack Profiling
, Network Vulnerabilities 1 - Final Exam
Actual Questions and Answers 2026
An attacker's motives usually originates from which of the following
concepts? (Choose the BEST answer) -
correct answer ✅The target contains or is something valuable
What kind of scan would be performed over the internet to identify
vulnerabilities on an internal web server? -
correct answer ✅Internal Scan
You are setting up DNS for your enterprise. Server A is both a web
server and an FTP server. You want to advertise both services for
this machine as name references your can use. -
correct answer ✅CNAME
Joe accesses the company website, www.anybus.com, from his
home computer and is presented with a defaced site containing
disturbing images. He calls the IT department to report the website
hack and is told they do not see any problem with the site-no files
have been changed, and when accessed from their terminals
(inside the company), the site appears normally. Joe connects over
VPN into the company website and notices the site appears
normally. Which of the following might explain the issue? -
correct answer ✅DNS Poisoning
