S433 FINAL EXAM 2025/2026 WITH 100%
ACCURATE ANSWERS
1. Why is it necessary to generate a new key pair and certificate when a
web server certificate is revoked?
Key escrow can provide a backup for the revoked certificate.
Self-signed certificates are sufficient for all web servers.
A revoked certificate is no longer trusted, so a new key pair
and certificate are needed to establish secure connections.
The old certificate can still be used if renewed.
2. If a company performs a full backup on Sunday and differential backups
on Monday and Tuesday, what files will be included in the Tuesday
differential backup?
All files that have changed since the last full backup on
Sunday.
Only files that have changed since the last incremental backup.
Only files that have changed since Monday's differential backup.
All files in the system regardless of changes.
3. Which of the following is equivalent to building walls in an office
building from a network perspective?
Partitioning
Perimeter security
Security zones
IDS systems
,4. Describe how a public key is utilized in the context of digital signatures.
, A public key is used to verify the authenticity of a digital
signature.
A public key is used to create a digital signature.
A public key is used to decrypt messages.
A public key is used to encrypt passwords.
5. What subnet mask corresponds to the maximum number of subnets and
hosts per subnet for the IP address 192.168.50.247?
255.255.255.128
255.255.255.224
255.255.255.0
255.255.255.192
6. Describe the role of RADIUS in providing remote access security for a
network.
RADIUS provides centralized authentication, authorization, and
accounting for users accessing the network remotely.
RADIUS is a protocol for backing up data securely.
RADIUS is a type of firewall that protects the network from
external threats.
RADIUS encrypts all data transmitted over the network.
7. A new mobile device security policy has authorized the use of
employee-owned devices, but mandates additional security controls to
protect them if they are lost or stolen. Which of the following meets this
goal?
Patch management and change management
screen locks and device encryption
, full device encryption and IaaS
screen locks and GPS tagging
8. NFC is vulnerable to:
Data interception
Replay attacks
Denial-of-Service (DoS) attacks
All of the above
9. Which virus infects the system boot sector and the executable files at
the same time?
Stealth
Multipartite
Macro
Polymorphic
10. What type of attack involves manipulating SQL queries to gain
unauthorized access to a database?
Cross-site scripting
Phishing
Denial of service
SQL injection
11. Describe how partitioning in physical security is similar to the concept
of VLAN in network security.
Partitioning refers to the division of data storage, which is
different from VLANs.
ACCURATE ANSWERS
1. Why is it necessary to generate a new key pair and certificate when a
web server certificate is revoked?
Key escrow can provide a backup for the revoked certificate.
Self-signed certificates are sufficient for all web servers.
A revoked certificate is no longer trusted, so a new key pair
and certificate are needed to establish secure connections.
The old certificate can still be used if renewed.
2. If a company performs a full backup on Sunday and differential backups
on Monday and Tuesday, what files will be included in the Tuesday
differential backup?
All files that have changed since the last full backup on
Sunday.
Only files that have changed since the last incremental backup.
Only files that have changed since Monday's differential backup.
All files in the system regardless of changes.
3. Which of the following is equivalent to building walls in an office
building from a network perspective?
Partitioning
Perimeter security
Security zones
IDS systems
,4. Describe how a public key is utilized in the context of digital signatures.
, A public key is used to verify the authenticity of a digital
signature.
A public key is used to create a digital signature.
A public key is used to decrypt messages.
A public key is used to encrypt passwords.
5. What subnet mask corresponds to the maximum number of subnets and
hosts per subnet for the IP address 192.168.50.247?
255.255.255.128
255.255.255.224
255.255.255.0
255.255.255.192
6. Describe the role of RADIUS in providing remote access security for a
network.
RADIUS provides centralized authentication, authorization, and
accounting for users accessing the network remotely.
RADIUS is a protocol for backing up data securely.
RADIUS is a type of firewall that protects the network from
external threats.
RADIUS encrypts all data transmitted over the network.
7. A new mobile device security policy has authorized the use of
employee-owned devices, but mandates additional security controls to
protect them if they are lost or stolen. Which of the following meets this
goal?
Patch management and change management
screen locks and device encryption
, full device encryption and IaaS
screen locks and GPS tagging
8. NFC is vulnerable to:
Data interception
Replay attacks
Denial-of-Service (DoS) attacks
All of the above
9. Which virus infects the system boot sector and the executable files at
the same time?
Stealth
Multipartite
Macro
Polymorphic
10. What type of attack involves manipulating SQL queries to gain
unauthorized access to a database?
Cross-site scripting
Phishing
Denial of service
SQL injection
11. Describe how partitioning in physical security is similar to the concept
of VLAN in network security.
Partitioning refers to the division of data storage, which is
different from VLANs.
