Cisco CCNA Cyber Ops Associate (Version 1.0) All
Modules & Final Exam with all Correct & 100% Verified
Answers| Already Graded A+
Which personnel in a SOC are assigned the task of hunting for potential threats and implementing
threat detection tools? ✔Correct Answer-Tier 3 SME
What is a benefit to an organization of using SOAR as part of the SIEM system? ✔Correct Answer-
SOAR automates incident investigation and responds to workflows based on playbooks.
The term cyber operations analyst refers to which group of personnel in a SOC? ✔Correct Answer-
Tier 1 personnel
What is a benefit to an organization of using SOAR as part of the SIEM system? ✔Correct Answer-
SOC Manager
Incident Reporter
Threat Hunter
Alert Analyst
Navigation Bar
An SOC is searching for a professional to fill a job opening. The employee must have expert-level
skills in networking, endpoint, threat intelligence, and malware reverse engineering in order to
search for cyber threats hidden within the network. Which job within an SOC requires a professional
with those skills? ✔Correct Answer-Threat Hunter
Which three are major categories of elements in a security operations center? (Choose three.)
✔Correct Answer-technologies
people
processes
Which three technologies should be included in a SOC security information and event management
system? (Choose three.) ✔Correct Answer-security monitoring
threat intelligence
log management
Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the
network? ✔Correct Answer-Time to Control
How does a security information and event management system (SIEM) in a SOC help the personnel
fight against security threats? ✔Correct Answer-by combining data from multiple technologies
Which organization is an international nonprofit organization that offers the CISSP certification?
✔Correct Answer-(ISC) 2
Which example illustrates how malware might be concealed? ✔Correct Answer-An email is sent to
the employees of an organization with an attachment that looks like an antivirus update, but the
attachment actually consists of spyware
,A group of users on the same network are all complaining about their computers running slowly.
After investigating, the technician determines that these computers are part of a zombie network.
Which type of malware is used to control these computers? ✔Correct Answer-spyware
Which regulatory law regulates the identification, storage, and transmission of patient personal
healthcare information? ✔Correct Answer-HIPAA
When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user
files have been locked. In order to get the files unencrypted, the user is supposed to send an email
and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins
as payment for the file decryption. After inspecting the message, the technician suspects a security
breach occurred. What type of malware could be responsible? ✔Correct Answer-ransomware
What are two examples of personally identifiable information (PII)? (Choose two.) ✔Correct
Answer-street address
credit card number
What is the dark web? ✔Correct Answer-It is part of the internet that can only be accessed with
special software.
Which statement describes cyberwarfare? ✔Correct Answer-It is Internet-based conflict that
involves the penetration of information systems of other nations.
What is the main purpose of cyberwarfare? ✔Correct Answer-to gain advantage over adversaries
What job would require verification that an alert represents a true security incident or a false
positive? ✔Correct Answer-Alert Analyst
Why do IoT devices pose a greater risk than other computing devices on a network? ✔Correct
Answer-Most IoT devices do not receive frequent firmware updates.
A worker in the records department of a hospital accidentally sends a medical record of a patient to a
printer in another department. When the worker arrives at the printer, the patient record printout is
missing. What breach of confidentiality does this situation describe? ✔Correct Answer-PHI
A user calls the help desk complaining that the password to access the wireless network has changed
without warning. The user is allowed to change the password, but an hour later, the same thing
occurs. What might be happening in this situation? ✔Correct Answer-rogue access point
What technology was created to replace the BIOS program on modern personal computer
motherboards? ✔Correct Answer-UEFI
An IT technician wants to create a rule on two Windows 10 computers to prevent an installed
application from accessing the public Internet. Which tool would the technician use to accomplish
this task? ✔Correct Answer-Windows Defender Firewall with Advanced Security
A user logs in to Windows with a regular user account and attempts to use an application that
requires administrative privileges. What can the user do to successfully use the application?
✔Correct Answer-Right-click the application and choose Run as Administrator
Match the Windows command to the description ✔Correct Answer-renames a file: ren
,creates a new directory: mkdir
changes the current directory: cd
lists files in a directory: dir
A user creates a file with .ps1 extension in Windows. What type of file is it? ✔Correct Answer-
PowerShell script
Which statement describes the function of the Server Message Block (SMB) protocol? ✔Correct
Answer-It is used to share network resources.
A technician has installed a third party utility that is used to manage a Windows 7 computer.
However, the utility does not automatically start whenever the computer is started. What can the
technician do to resolve this problem? ✔Correct Answer-Change the startup type for the utility to
Automatic in Services
Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads. ✔Correct
Answer-Step one: The Windows boot loader Winload.exe loads
Step two: Ntosknl.exe and hal.dll are loaded
Step three: Winload.exe reads the registry, chooses a hardware profile, and loads the device drivers.
Step four: Ntoskrnl.exe takes over the process.
Step five: Winlogon.exe is loaded and excutes the logon process.
What is the purpose of using the net accounts command in Windows? ✔Correct Answer-to review
the settings of password and logon requirements for users
Which two commands could be used to check if DNS name resolution is working properly on a
Windows PC? (Choose two.) ✔Correct Answer-nslookup cisco.com
ping cisco.com
A PC user issues the netstat command without any options. What is displayed as the result of this
command? ✔Correct Answer-a list of all established active TCP connections
What are two advantages of the NTFS file system compared with FAT32? (Choose two.) ✔Correct
Answer-NTFS provides more security features.
NTFS supports larger files.
Match the Linux command to the function. (Not all options are used.) ✔Correct Answer-
hmodudodisplays the name of the current working directory: pwd
runs a command as another user: sudo
modifies file permissions: chmod
shuts down the system:
lists the processes that are currently running: ps
Match the octal value to the file permission description in Linux. (Not all options are used.)
✔Correct Answer-write only: 010
read and execute: 101
read and write: 110
, execute only: 001
write and execute
no access: 000
Why is Kali Linux a popular choice in testing the network security of an organization? ✔Correct
Answer-It is an open source Linux security distribution containing many penetration tools.
Which type of tool allows administrators to observe and understand every detail of a network
transaction? ✔Correct Answer-packet capture software
Match typical Linux log files to the function. ✔Correct Answer-used by RedHat and CentOS
computers and tracks authentication-related events:
/VAR/LOG/SECURE
contains generic computer activity logs, and is used to store informational and noncritical system
messages:
/var/log/messages
stores information related to hardware devices and their drivers:
/var/log/dmesg
used by Debian and Ubuntu computers and stores all authentication-related events:
/var/log/auth.log
Match the commonly used ports on a Linux server with the corresponding service. (Not all options
are used.) ✔Correct Answer-SMTP 25
DNS 53
HTTPS 443
SSH 22
TELNET 23
Which user can override file permissions on a Linux computer? ✔Correct Answer-root user
What is the well-known port address number used by DNS to serve requests? ✔Correct Answer-53
A Linux system boots into the GUI by default, so which application can a network administrator use in
order to access the CLI environment? ✔Correct Answer-terminal emulator
Consider the result of the ls -l command in the Linux output below. What are the file permissions
assigned to the sales user for the analyst.txt file? ✔Correct Answer-read, write, execute
Which Linux command can be used to display the name of the current working directory?
✔Correct Answer-pwd
Which two methods can be used to harden a computing device? (Choose two.) ✔Correct Answer-
Enforce the password history mechanism.
Ensure physical security.
An employee connects wirelessly to the company network using a cell phone. The employee then
configures the cell phone to act as a wireless access point that will allow new employees to connect
Modules & Final Exam with all Correct & 100% Verified
Answers| Already Graded A+
Which personnel in a SOC are assigned the task of hunting for potential threats and implementing
threat detection tools? ✔Correct Answer-Tier 3 SME
What is a benefit to an organization of using SOAR as part of the SIEM system? ✔Correct Answer-
SOAR automates incident investigation and responds to workflows based on playbooks.
The term cyber operations analyst refers to which group of personnel in a SOC? ✔Correct Answer-
Tier 1 personnel
What is a benefit to an organization of using SOAR as part of the SIEM system? ✔Correct Answer-
SOC Manager
Incident Reporter
Threat Hunter
Alert Analyst
Navigation Bar
An SOC is searching for a professional to fill a job opening. The employee must have expert-level
skills in networking, endpoint, threat intelligence, and malware reverse engineering in order to
search for cyber threats hidden within the network. Which job within an SOC requires a professional
with those skills? ✔Correct Answer-Threat Hunter
Which three are major categories of elements in a security operations center? (Choose three.)
✔Correct Answer-technologies
people
processes
Which three technologies should be included in a SOC security information and event management
system? (Choose three.) ✔Correct Answer-security monitoring
threat intelligence
log management
Which KPI metric does SOAR use to measure the time required to stop the spread of malware in the
network? ✔Correct Answer-Time to Control
How does a security information and event management system (SIEM) in a SOC help the personnel
fight against security threats? ✔Correct Answer-by combining data from multiple technologies
Which organization is an international nonprofit organization that offers the CISSP certification?
✔Correct Answer-(ISC) 2
Which example illustrates how malware might be concealed? ✔Correct Answer-An email is sent to
the employees of an organization with an attachment that looks like an antivirus update, but the
attachment actually consists of spyware
,A group of users on the same network are all complaining about their computers running slowly.
After investigating, the technician determines that these computers are part of a zombie network.
Which type of malware is used to control these computers? ✔Correct Answer-spyware
Which regulatory law regulates the identification, storage, and transmission of patient personal
healthcare information? ✔Correct Answer-HIPAA
When a user turns on the PC on Wednesday, the PC displays a message indicating that all of the user
files have been locked. In order to get the files unencrypted, the user is supposed to send an email
and include a specific ID in the email title. The message also includes ways to buy and submit bitcoins
as payment for the file decryption. After inspecting the message, the technician suspects a security
breach occurred. What type of malware could be responsible? ✔Correct Answer-ransomware
What are two examples of personally identifiable information (PII)? (Choose two.) ✔Correct
Answer-street address
credit card number
What is the dark web? ✔Correct Answer-It is part of the internet that can only be accessed with
special software.
Which statement describes cyberwarfare? ✔Correct Answer-It is Internet-based conflict that
involves the penetration of information systems of other nations.
What is the main purpose of cyberwarfare? ✔Correct Answer-to gain advantage over adversaries
What job would require verification that an alert represents a true security incident or a false
positive? ✔Correct Answer-Alert Analyst
Why do IoT devices pose a greater risk than other computing devices on a network? ✔Correct
Answer-Most IoT devices do not receive frequent firmware updates.
A worker in the records department of a hospital accidentally sends a medical record of a patient to a
printer in another department. When the worker arrives at the printer, the patient record printout is
missing. What breach of confidentiality does this situation describe? ✔Correct Answer-PHI
A user calls the help desk complaining that the password to access the wireless network has changed
without warning. The user is allowed to change the password, but an hour later, the same thing
occurs. What might be happening in this situation? ✔Correct Answer-rogue access point
What technology was created to replace the BIOS program on modern personal computer
motherboards? ✔Correct Answer-UEFI
An IT technician wants to create a rule on two Windows 10 computers to prevent an installed
application from accessing the public Internet. Which tool would the technician use to accomplish
this task? ✔Correct Answer-Windows Defender Firewall with Advanced Security
A user logs in to Windows with a regular user account and attempts to use an application that
requires administrative privileges. What can the user do to successfully use the application?
✔Correct Answer-Right-click the application and choose Run as Administrator
Match the Windows command to the description ✔Correct Answer-renames a file: ren
,creates a new directory: mkdir
changes the current directory: cd
lists files in a directory: dir
A user creates a file with .ps1 extension in Windows. What type of file is it? ✔Correct Answer-
PowerShell script
Which statement describes the function of the Server Message Block (SMB) protocol? ✔Correct
Answer-It is used to share network resources.
A technician has installed a third party utility that is used to manage a Windows 7 computer.
However, the utility does not automatically start whenever the computer is started. What can the
technician do to resolve this problem? ✔Correct Answer-Change the startup type for the utility to
Automatic in Services
Match the Windows 10 boot sequence after the boot manager (bootmgr.exe) loads. ✔Correct
Answer-Step one: The Windows boot loader Winload.exe loads
Step two: Ntosknl.exe and hal.dll are loaded
Step three: Winload.exe reads the registry, chooses a hardware profile, and loads the device drivers.
Step four: Ntoskrnl.exe takes over the process.
Step five: Winlogon.exe is loaded and excutes the logon process.
What is the purpose of using the net accounts command in Windows? ✔Correct Answer-to review
the settings of password and logon requirements for users
Which two commands could be used to check if DNS name resolution is working properly on a
Windows PC? (Choose two.) ✔Correct Answer-nslookup cisco.com
ping cisco.com
A PC user issues the netstat command without any options. What is displayed as the result of this
command? ✔Correct Answer-a list of all established active TCP connections
What are two advantages of the NTFS file system compared with FAT32? (Choose two.) ✔Correct
Answer-NTFS provides more security features.
NTFS supports larger files.
Match the Linux command to the function. (Not all options are used.) ✔Correct Answer-
hmodudodisplays the name of the current working directory: pwd
runs a command as another user: sudo
modifies file permissions: chmod
shuts down the system:
lists the processes that are currently running: ps
Match the octal value to the file permission description in Linux. (Not all options are used.)
✔Correct Answer-write only: 010
read and execute: 101
read and write: 110
, execute only: 001
write and execute
no access: 000
Why is Kali Linux a popular choice in testing the network security of an organization? ✔Correct
Answer-It is an open source Linux security distribution containing many penetration tools.
Which type of tool allows administrators to observe and understand every detail of a network
transaction? ✔Correct Answer-packet capture software
Match typical Linux log files to the function. ✔Correct Answer-used by RedHat and CentOS
computers and tracks authentication-related events:
/VAR/LOG/SECURE
contains generic computer activity logs, and is used to store informational and noncritical system
messages:
/var/log/messages
stores information related to hardware devices and their drivers:
/var/log/dmesg
used by Debian and Ubuntu computers and stores all authentication-related events:
/var/log/auth.log
Match the commonly used ports on a Linux server with the corresponding service. (Not all options
are used.) ✔Correct Answer-SMTP 25
DNS 53
HTTPS 443
SSH 22
TELNET 23
Which user can override file permissions on a Linux computer? ✔Correct Answer-root user
What is the well-known port address number used by DNS to serve requests? ✔Correct Answer-53
A Linux system boots into the GUI by default, so which application can a network administrator use in
order to access the CLI environment? ✔Correct Answer-terminal emulator
Consider the result of the ls -l command in the Linux output below. What are the file permissions
assigned to the sales user for the analyst.txt file? ✔Correct Answer-read, write, execute
Which Linux command can be used to display the name of the current working directory?
✔Correct Answer-pwd
Which two methods can be used to harden a computing device? (Choose two.) ✔Correct Answer-
Enforce the password history mechanism.
Ensure physical security.
An employee connects wirelessly to the company network using a cell phone. The employee then
configures the cell phone to act as a wireless access point that will allow new employees to connect
