‘Data coming into a program should be sanitized, as it could have malicious content, designed to force the program to behave in an unintended way.’ This statement describes what security vulnerability?
Non-validated input
Race conditions
Access control problems
Weaknesses in security practices
Buffer overflow
Non-validated input
Which of the following are examples of on-path attacks? (Choose two correct answers)
Man-in-the-Middle
Worms
DDoS
SEO poisoning
Man-in-the-Mobile
Ransomware
Man-in-the-Middle
Man-in-the-Mobile
Which of the following firewalls filters traffic based on application, program or service?
Application layer firewall
Network layer firewall
Host-based firewall
Proxy server
Context aware application firewall
Application layer firewall
A port scan returns a ‘closed’ response. What does this mean?
A service is listening on the port
There was no reply from the host
Connections to the port will be denied
Connections to the port will be denied
'Cryptocurrency transactions are digital.’ Is this statement true or false?
True
False
True
What do you call a digital asset designed to work as a medium of exchange that uses strong encryption to secure a financial transaction?
Google Pay
Cryptocurrency
Apple Pay
Near Field Communications
Cryptocurrency
Which of the following tools used for incident detection can be used to detect anomalous behavior, command and control traffic, and detect infected hosts? (Choose two correct answers)
Intrusion detection system
Reverse proxy server
Honeypot
Nmap
NetFlow
Intrusion detection system
NetFlow
What name is given to a group of bots, connected through the Internet, with the ability to be controlled by a malicious individual or group?
Crime syndicate
Botnet
Zombie
Hacker network
Botnet
What is the best approach for preventing a compromised IoT device from maliciously accessing data and devices on a local network?
Disconnect all IoT devices from the Internet
Install a software firewall on every network device
Set the security settings of workstation web browsers to a higher level
Place all IoT devices that have access to the Internet on an isolated network
Place all IoT devices that have access to the Internet on an isolated network
What name is given to the emerging threat that hides on a computer or mobile device and uses that machine’s resources to mine cryptocurrencies?
Phishing
Cryptojacking
Cryptoransomware
Bluejacking
Cryptojacking
A port scan returns an ‘open’ response. What does this mean?
There was no reply from the host
Connections to the port will be denied
A service is listening on the port
A service is listening on the port
An employee is at a restaurant with friends and tells them about an exciting new video game that is under development at the organization they work for. Is this employee’s behavior ethical or unethical?
Unethical
Ethical
Unethical
‘An advanced persistent threat (APT) is usually well funded.’ Is this statement true or false?
False
True
True
In networking, what name is given to the identifier at both ends of a transmission to ensure that the right data is passed to the correct application?
Port number
IP address
Sequence number
MAC address
Port number
‘An employee does something as an organization representative with the knowledge of that organization and this action is deemed illegal. The organization is legally responsible for this action.’ Is this statement true or false?
True
False
True
What tool is used to lure an attacker so that an administrator can capture, log and analyze the behavior of the attack?
IDS
Nmap
Honeypot
NetFlow
Honeypot
‘A data breach does not impact the reputation of an organization.’ Is this statement true or false?
False
True
False
Which of the following certifications is aimed at high school and early college students, as well as anyone interested in a career change?
ISC2 Certified Information Systems Security Professional
