CIS4361 Full 12 chapters Exam with
Questions and Correct Answers 2025
Anomaly ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,defining ,an ,expected
,outcome ,or ,pattern ,to ,events, ,and ,then ,identifying ,any ,events ,that ,do ,not ,follow
,these ,patterns.
Availability ,- ,CORRECT ,ANSWER-The ,act ,of ,systems ,and ,services ,functioning
,correctly ,and ,consistently ,without ,outages ,or ,denial ,of ,service.
Availability ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,ability ,of ,a
,system ,to ,fulfill ,its ,function ,without ,interruption
Behavioral ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,way ,in
,which ,an ,entity ,acts, ,and ,then ,reviewing ,future ,behavior ,to ,see ,if ,it ,deviates ,from ,the
,norm.
CAM ,table ,(content-addressable ,memory) ,- ,CORRECT ,ANSWER-Used ,by ,switches
,to ,map ,MAC ,address ,to ,ports ,to ,forward ,packets ,to ,specific ,interfaces.
CDM ,(Continuous ,Diagnostics ,and ,Mitigation) ,- ,CORRECT ,ANSWER-A ,program
,created ,by ,the ,Department ,of ,Homeland ,Security ,to ,identify ,threats, ,prioritize ,those
,threats ,in ,terms ,of ,the ,risks ,they ,pose, ,and ,then ,give ,security ,personnel ,the ,ability ,to
,triage ,these ,threats, ,all ,on ,an ,ongoing ,basis.
CERT-UK ,(UK ,National ,Computer ,Emergency ,Response ,Team) ,- ,CORRECT
,ANSWER-A ,government ,organization ,that ,provides ,support ,to ,companies ,for
,managing ,and ,responding ,to ,cybersecurity ,incidents.
Change ,management ,- ,CORRECT ,ANSWER-The ,process ,through ,which ,changes ,to
,the ,configuration ,of ,information ,systems ,are ,monitored ,and ,controlled, ,as ,part ,of ,the
,organization's ,overall ,configuration ,management ,efforts.
,CSM ,(continuous ,security ,monitoring) ,- ,CORRECT ,ANSWER-Used ,to ,maintain
,ongoing ,awareness ,of ,information ,security, ,vulnerabilities, ,and ,threats ,to ,support
,organizational ,risk ,management ,decisions, ,with ,the ,objective ,of ,conducting ,ongoing
,monitoring ,of ,the ,security ,of ,the ,organization's ,networks, ,information, ,and ,systems,
,and ,responding ,appropriately ,as ,situations ,change.
Flash ,crowd ,- ,CORRECT ,ANSWER-When ,used ,in ,regard ,to ,network ,traffic, ,this
,refers ,to ,a ,situation ,in ,which ,the ,network ,or ,host ,suddenly ,receives ,an ,unusually
,large ,amount ,of ,traffic.
Heuristic ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,way ,in ,which
,an ,entity ,acts ,in ,a ,specific ,environment, ,and ,making ,decisions ,about ,the ,nature ,of
,the ,entity ,based ,on ,this.
IDS ,(intrusion ,detection ,system) ,
Passive ,IDS ,- ,CORRECT ,ANSWER-A ,system ,that ,scans, ,audits, ,and ,monitors ,the
,security ,infrastructure ,for ,signs ,of ,attacks ,in ,progress.
IPS ,(intrusion ,prevention ,system) ,
Active ,IDS ,- ,CORRECT ,ANSWER-A ,system ,that ,scans, ,audits, ,and ,monitors ,the
,security ,infrastructure ,for ,signs ,of ,attacks ,in ,progress, ,and ,actively ,blocks ,attacks.
Interference ,- ,CORRECT ,ANSWER-See ,jamming.
MAEC ,(Malware ,Attribute ,Enumeration ,and ,Characterization) ,- ,CORRECT ,ANSWER-
A ,standardized ,language ,for ,communicating ,information ,about ,malware. ,Maintained
,by ,the ,MITRE ,Corporation.
NBAD ,(network ,behavior ,anomaly ,detection) ,- ,CORRECT ,ANSWER-A ,security
,monitoring ,tool ,that ,monitors ,network ,packets ,for ,anomalous ,behavior ,based ,on
,known ,signatures.
NetFlow ,- ,CORRECT ,ANSWER-A ,protocol ,included ,in ,many ,enterprise ,network
,devices ,that ,allows ,network ,administrators ,to ,monitor ,the ,flow ,of ,network ,traffic
,across ,these ,devices.
NGFW ,(next ,generation ,firewall) ,- ,CORRECT ,ANSWER-A ,firewall ,that ,goes ,beyond
,traditional ,firewall ,functionality ,by ,operating ,at ,the ,application ,layer ,and ,protocol
,stack.
Normalization ,- ,CORRECT ,ANSWER-In ,the ,context ,of ,network ,security ,intelligence
,collection, ,the ,process ,of ,converting ,security-related ,data ,from ,network ,logs, ,system
,logs, ,application ,APIs, ,and ,other ,sources ,into ,common ,formats ,that ,can ,easily ,be
,analyzed.
,OVAL ,(Open ,Vulnerability ,and ,Assessment ,Language) ,- ,CORRECT ,ANSWER-An
,open ,standard ,that ,promotes ,communication ,about ,cybersecurity ,information.
,Maintained ,by ,the ,MITRE ,Corporation.
S/MIME ,(Secure/Multipurpose ,Internet ,Mail ,Extensions) ,- ,CORRECT ,ANSWER-An
,extension ,to ,the ,MIME ,standard ,that ,adds ,digital ,signatures ,and ,public ,key
,cryptography ,to ,email ,communications.
SDEE ,(Security ,Device ,Event ,Exchange) ,- ,CORRECT ,ANSWER-An ,alert ,format ,and
,transport ,protocol ,specification ,for ,intrusion ,detection ,systems.
SDN ,(software-defined ,networking) ,- ,CORRECT ,ANSWER-An ,approach ,to
,networking ,architecture ,that ,simplifies ,management ,by ,centralizing ,control ,over ,a
,network.
Security ,intelligence ,- ,CORRECT ,ANSWER-The ,process ,through ,which ,data
,generated ,in ,the ,ongoing ,use ,of ,information ,systems ,is ,collected, ,processed,
,integrated, ,evaluated, ,analyzed, ,and ,interpreted.
SSH ,(Secure ,Shell) ,- ,CORRECT ,ANSWER-A ,protocol ,for ,secure ,remote ,logon ,and
,secure ,transfer ,of ,data.
TOS ,(trusted ,operating ,system) ,- ,CORRECT ,ANSWER-An ,operating ,system ,security
,technique ,that ,isolates ,resources ,and ,services ,from ,applications.
Trend ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,detecting ,patterns ,within ,a
,dataset ,over ,time, ,and ,using ,those ,patterns ,to ,make ,predictions ,about ,future ,events
,or ,better ,understand ,past ,events.
US-CERT ,(United ,States ,Computer ,Emergency ,Readiness ,Team) ,- ,CORRECT
,ANSWER-A ,government ,organization ,that ,analyzes ,and ,distributes ,information ,about
,threats ,to ,cybersecurity.
WAF ,(web ,application ,firewall) ,- ,CORRECT ,ANSWER-A ,type ,of ,firewall ,that ,controls
,web-based ,application-layer ,traffic ,in ,the ,network.
Cacti ,- ,CORRECT ,ANSWER-An ,open ,source, ,web-based ,graphing ,and ,monitoring
,tool ,developed ,for ,front-end ,applications. ,It ,allows ,users ,to ,poll ,services ,at ,fixed
,intervals ,and ,graph ,the ,resulting ,data. ,It ,is ,mainly ,used ,to ,graph ,time-series ,data ,of
,metrics ,such ,as ,network ,bandwidth ,utilization ,and ,CPU ,load.
SolarWinds ,- ,CORRECT ,ANSWER-An ,IT ,monitoring ,and ,management ,tool ,that
,detects, ,diagnose, ,and ,resolve ,network ,performance ,problems ,and ,outages. ,It
,monitors ,and ,displays ,response ,time, ,performance, ,and ,availability ,of ,network
,devices. ,It ,can ,view ,performance, ,configuration, ,and ,traffic ,details ,of ,devices ,and
,applications ,that ,are ,onpremises, ,in ,the ,cloud, ,or ,across ,hybrid ,environments.
, MRTG ,(Multi ,Router ,Traffic ,Grapher) ,- ,CORRECT ,ANSWER-A ,monitoring ,tool ,that
,monitors ,the ,traffic ,load ,on ,network ,links. ,It ,provides ,a ,LIVE ,representation ,of ,this
,traffic ,by ,generating ,HTML ,pages ,containing ,PNG ,images. ,It ,is ,portable ,and ,has
,reliable ,interface ,identification.
NetFlow ,Analyzer ,- ,CORRECT ,ANSWER-A ,traffic ,analytic ,tool ,that ,provides ,a ,real-
time ,visibility ,into ,the ,network ,bandwidth ,performance ,by ,leveraging ,flow
,technologies. ,It ,also ,works ,as ,a ,bandwidth ,monitoring ,tool ,for ,optimizing ,network
,bandwidth ,and ,traffic ,patterns.
Palo ,Alto ,Networks ,next-generation ,firewalls ,- ,CORRECT ,ANSWER-A ,next
,generation ,firewall ,designed ,to ,safely ,enable ,applications ,and ,prevent ,modern
,threats. ,It ,identifies ,network ,traffic ,based ,on ,applications, ,content, ,users, ,and
,devices. ,It ,reduces ,manual ,tasks ,and ,enhances ,security ,through ,automated ,means.
CheckPoint ,Next ,Generation ,Firewall ,- ,CORRECT ,ANSWER-A ,next ,generation
,firewall ,that ,identifies ,and ,controls ,applications ,by ,user ,and ,scans ,content ,to ,stop
,threats. ,It ,provides ,safe ,browsing ,while ,protecting ,against ,threats ,and ,malware. ,It
,provides ,identity ,awareness, ,intrusion ,prevention, ,integrated ,security ,management,
,and ,many ,more ,features. ,It ,has ,introduced ,a ,SmartLog ,that ,delivers ,search ,results ,in
,seconds.
SCAP ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,security ,monitoring ,tools ,is ,a
,conglomeration ,of ,open ,standards ,that ,identify ,flaws ,in ,security ,configurations?
Anomaly ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,defines ,an ,expected ,outcome
,or ,pattern ,to ,events, ,and ,then ,identifies ,events ,that ,do ,not ,follow ,these ,patterns?
CAM ,tables ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,tables ,maps ,MAC
,addresses ,to ,ports ,and ,forwards ,packets ,to ,specific ,interfaces?
WAF ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,protocols ,is ,an ,application-layer
,firewall ,that ,applies ,a ,set ,of ,rules ,to ,HTTP ,traffic ,and ,protects ,web ,servers ,and
,clients ,from ,malicious ,traffic?
ModSecurity ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,is ,not ,an ,example ,of
,IDS/IPS ,solutions?
Trend ,analysis ,- ,CORRECT ,ANSWER-Analysis ,methods ,for ,data ,collection ,that
,consist ,in ,the ,process ,of ,detecting ,patterns ,within ,a ,dataset ,over ,time, ,and ,using
,those ,patterns ,to ,make ,predictions ,about ,future ,events.
Behavioral ,analysis ,- ,CORRECT ,ANSWER-Analysis ,methods ,for ,data ,collection ,that
,consist ,in ,the ,process ,of ,identifying ,the ,way ,in ,which ,an ,entity ,acts, ,and ,then
,reviewing ,future ,act ,to ,see ,if ,it ,deviates ,from ,the ,norm.
Questions and Correct Answers 2025
Anomaly ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,defining ,an ,expected
,outcome ,or ,pattern ,to ,events, ,and ,then ,identifying ,any ,events ,that ,do ,not ,follow
,these ,patterns.
Availability ,- ,CORRECT ,ANSWER-The ,act ,of ,systems ,and ,services ,functioning
,correctly ,and ,consistently ,without ,outages ,or ,denial ,of ,service.
Availability ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,ability ,of ,a
,system ,to ,fulfill ,its ,function ,without ,interruption
Behavioral ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,way ,in
,which ,an ,entity ,acts, ,and ,then ,reviewing ,future ,behavior ,to ,see ,if ,it ,deviates ,from ,the
,norm.
CAM ,table ,(content-addressable ,memory) ,- ,CORRECT ,ANSWER-Used ,by ,switches
,to ,map ,MAC ,address ,to ,ports ,to ,forward ,packets ,to ,specific ,interfaces.
CDM ,(Continuous ,Diagnostics ,and ,Mitigation) ,- ,CORRECT ,ANSWER-A ,program
,created ,by ,the ,Department ,of ,Homeland ,Security ,to ,identify ,threats, ,prioritize ,those
,threats ,in ,terms ,of ,the ,risks ,they ,pose, ,and ,then ,give ,security ,personnel ,the ,ability ,to
,triage ,these ,threats, ,all ,on ,an ,ongoing ,basis.
CERT-UK ,(UK ,National ,Computer ,Emergency ,Response ,Team) ,- ,CORRECT
,ANSWER-A ,government ,organization ,that ,provides ,support ,to ,companies ,for
,managing ,and ,responding ,to ,cybersecurity ,incidents.
Change ,management ,- ,CORRECT ,ANSWER-The ,process ,through ,which ,changes ,to
,the ,configuration ,of ,information ,systems ,are ,monitored ,and ,controlled, ,as ,part ,of ,the
,organization's ,overall ,configuration ,management ,efforts.
,CSM ,(continuous ,security ,monitoring) ,- ,CORRECT ,ANSWER-Used ,to ,maintain
,ongoing ,awareness ,of ,information ,security, ,vulnerabilities, ,and ,threats ,to ,support
,organizational ,risk ,management ,decisions, ,with ,the ,objective ,of ,conducting ,ongoing
,monitoring ,of ,the ,security ,of ,the ,organization's ,networks, ,information, ,and ,systems,
,and ,responding ,appropriately ,as ,situations ,change.
Flash ,crowd ,- ,CORRECT ,ANSWER-When ,used ,in ,regard ,to ,network ,traffic, ,this
,refers ,to ,a ,situation ,in ,which ,the ,network ,or ,host ,suddenly ,receives ,an ,unusually
,large ,amount ,of ,traffic.
Heuristic ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,identifying ,the ,way ,in ,which
,an ,entity ,acts ,in ,a ,specific ,environment, ,and ,making ,decisions ,about ,the ,nature ,of
,the ,entity ,based ,on ,this.
IDS ,(intrusion ,detection ,system) ,
Passive ,IDS ,- ,CORRECT ,ANSWER-A ,system ,that ,scans, ,audits, ,and ,monitors ,the
,security ,infrastructure ,for ,signs ,of ,attacks ,in ,progress.
IPS ,(intrusion ,prevention ,system) ,
Active ,IDS ,- ,CORRECT ,ANSWER-A ,system ,that ,scans, ,audits, ,and ,monitors ,the
,security ,infrastructure ,for ,signs ,of ,attacks ,in ,progress, ,and ,actively ,blocks ,attacks.
Interference ,- ,CORRECT ,ANSWER-See ,jamming.
MAEC ,(Malware ,Attribute ,Enumeration ,and ,Characterization) ,- ,CORRECT ,ANSWER-
A ,standardized ,language ,for ,communicating ,information ,about ,malware. ,Maintained
,by ,the ,MITRE ,Corporation.
NBAD ,(network ,behavior ,anomaly ,detection) ,- ,CORRECT ,ANSWER-A ,security
,monitoring ,tool ,that ,monitors ,network ,packets ,for ,anomalous ,behavior ,based ,on
,known ,signatures.
NetFlow ,- ,CORRECT ,ANSWER-A ,protocol ,included ,in ,many ,enterprise ,network
,devices ,that ,allows ,network ,administrators ,to ,monitor ,the ,flow ,of ,network ,traffic
,across ,these ,devices.
NGFW ,(next ,generation ,firewall) ,- ,CORRECT ,ANSWER-A ,firewall ,that ,goes ,beyond
,traditional ,firewall ,functionality ,by ,operating ,at ,the ,application ,layer ,and ,protocol
,stack.
Normalization ,- ,CORRECT ,ANSWER-In ,the ,context ,of ,network ,security ,intelligence
,collection, ,the ,process ,of ,converting ,security-related ,data ,from ,network ,logs, ,system
,logs, ,application ,APIs, ,and ,other ,sources ,into ,common ,formats ,that ,can ,easily ,be
,analyzed.
,OVAL ,(Open ,Vulnerability ,and ,Assessment ,Language) ,- ,CORRECT ,ANSWER-An
,open ,standard ,that ,promotes ,communication ,about ,cybersecurity ,information.
,Maintained ,by ,the ,MITRE ,Corporation.
S/MIME ,(Secure/Multipurpose ,Internet ,Mail ,Extensions) ,- ,CORRECT ,ANSWER-An
,extension ,to ,the ,MIME ,standard ,that ,adds ,digital ,signatures ,and ,public ,key
,cryptography ,to ,email ,communications.
SDEE ,(Security ,Device ,Event ,Exchange) ,- ,CORRECT ,ANSWER-An ,alert ,format ,and
,transport ,protocol ,specification ,for ,intrusion ,detection ,systems.
SDN ,(software-defined ,networking) ,- ,CORRECT ,ANSWER-An ,approach ,to
,networking ,architecture ,that ,simplifies ,management ,by ,centralizing ,control ,over ,a
,network.
Security ,intelligence ,- ,CORRECT ,ANSWER-The ,process ,through ,which ,data
,generated ,in ,the ,ongoing ,use ,of ,information ,systems ,is ,collected, ,processed,
,integrated, ,evaluated, ,analyzed, ,and ,interpreted.
SSH ,(Secure ,Shell) ,- ,CORRECT ,ANSWER-A ,protocol ,for ,secure ,remote ,logon ,and
,secure ,transfer ,of ,data.
TOS ,(trusted ,operating ,system) ,- ,CORRECT ,ANSWER-An ,operating ,system ,security
,technique ,that ,isolates ,resources ,and ,services ,from ,applications.
Trend ,analysis ,- ,CORRECT ,ANSWER-The ,process ,of ,detecting ,patterns ,within ,a
,dataset ,over ,time, ,and ,using ,those ,patterns ,to ,make ,predictions ,about ,future ,events
,or ,better ,understand ,past ,events.
US-CERT ,(United ,States ,Computer ,Emergency ,Readiness ,Team) ,- ,CORRECT
,ANSWER-A ,government ,organization ,that ,analyzes ,and ,distributes ,information ,about
,threats ,to ,cybersecurity.
WAF ,(web ,application ,firewall) ,- ,CORRECT ,ANSWER-A ,type ,of ,firewall ,that ,controls
,web-based ,application-layer ,traffic ,in ,the ,network.
Cacti ,- ,CORRECT ,ANSWER-An ,open ,source, ,web-based ,graphing ,and ,monitoring
,tool ,developed ,for ,front-end ,applications. ,It ,allows ,users ,to ,poll ,services ,at ,fixed
,intervals ,and ,graph ,the ,resulting ,data. ,It ,is ,mainly ,used ,to ,graph ,time-series ,data ,of
,metrics ,such ,as ,network ,bandwidth ,utilization ,and ,CPU ,load.
SolarWinds ,- ,CORRECT ,ANSWER-An ,IT ,monitoring ,and ,management ,tool ,that
,detects, ,diagnose, ,and ,resolve ,network ,performance ,problems ,and ,outages. ,It
,monitors ,and ,displays ,response ,time, ,performance, ,and ,availability ,of ,network
,devices. ,It ,can ,view ,performance, ,configuration, ,and ,traffic ,details ,of ,devices ,and
,applications ,that ,are ,onpremises, ,in ,the ,cloud, ,or ,across ,hybrid ,environments.
, MRTG ,(Multi ,Router ,Traffic ,Grapher) ,- ,CORRECT ,ANSWER-A ,monitoring ,tool ,that
,monitors ,the ,traffic ,load ,on ,network ,links. ,It ,provides ,a ,LIVE ,representation ,of ,this
,traffic ,by ,generating ,HTML ,pages ,containing ,PNG ,images. ,It ,is ,portable ,and ,has
,reliable ,interface ,identification.
NetFlow ,Analyzer ,- ,CORRECT ,ANSWER-A ,traffic ,analytic ,tool ,that ,provides ,a ,real-
time ,visibility ,into ,the ,network ,bandwidth ,performance ,by ,leveraging ,flow
,technologies. ,It ,also ,works ,as ,a ,bandwidth ,monitoring ,tool ,for ,optimizing ,network
,bandwidth ,and ,traffic ,patterns.
Palo ,Alto ,Networks ,next-generation ,firewalls ,- ,CORRECT ,ANSWER-A ,next
,generation ,firewall ,designed ,to ,safely ,enable ,applications ,and ,prevent ,modern
,threats. ,It ,identifies ,network ,traffic ,based ,on ,applications, ,content, ,users, ,and
,devices. ,It ,reduces ,manual ,tasks ,and ,enhances ,security ,through ,automated ,means.
CheckPoint ,Next ,Generation ,Firewall ,- ,CORRECT ,ANSWER-A ,next ,generation
,firewall ,that ,identifies ,and ,controls ,applications ,by ,user ,and ,scans ,content ,to ,stop
,threats. ,It ,provides ,safe ,browsing ,while ,protecting ,against ,threats ,and ,malware. ,It
,provides ,identity ,awareness, ,intrusion ,prevention, ,integrated ,security ,management,
,and ,many ,more ,features. ,It ,has ,introduced ,a ,SmartLog ,that ,delivers ,search ,results ,in
,seconds.
SCAP ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,security ,monitoring ,tools ,is ,a
,conglomeration ,of ,open ,standards ,that ,identify ,flaws ,in ,security ,configurations?
Anomaly ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,defines ,an ,expected ,outcome
,or ,pattern ,to ,events, ,and ,then ,identifies ,events ,that ,do ,not ,follow ,these ,patterns?
CAM ,tables ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,tables ,maps ,MAC
,addresses ,to ,ports ,and ,forwards ,packets ,to ,specific ,interfaces?
WAF ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,protocols ,is ,an ,application-layer
,firewall ,that ,applies ,a ,set ,of ,rules ,to ,HTTP ,traffic ,and ,protects ,web ,servers ,and
,clients ,from ,malicious ,traffic?
ModSecurity ,- ,CORRECT ,ANSWER-Which ,of ,the ,following ,is ,not ,an ,example ,of
,IDS/IPS ,solutions?
Trend ,analysis ,- ,CORRECT ,ANSWER-Analysis ,methods ,for ,data ,collection ,that
,consist ,in ,the ,process ,of ,detecting ,patterns ,within ,a ,dataset ,over ,time, ,and ,using
,those ,patterns ,to ,make ,predictions ,about ,future ,events.
Behavioral ,analysis ,- ,CORRECT ,ANSWER-Analysis ,methods ,for ,data ,collection ,that
,consist ,in ,the ,process ,of ,identifying ,the ,way ,in ,which ,an ,entity ,acts, ,and ,then
,reviewing ,future ,act ,to ,see ,if ,it ,deviates ,from ,the ,norm.
