CERTIFIED-IN-CYBERSECURITY Practice Questions
788 real CERTIFIED-IN-CYBERSECURITY exam questions with expert-verified answers and explanations. Page 12 of 16.
- Question #551Threat Detection and Monitoring
Which solution is likely used by a cybersecurity analyst to monitor internet traffic and alert for unusual activity?
Intrusion DetectionNetwork MonitoringSecurity ToolsThreat Detection - Question #552Security Principles
A company application asks employees to acknowledge that usage is only permitted for authorized individuals. Employees must click the "Accept Terms'' button. What does this PRIMARI...
Acceptable Use PolicySecurity PoliciesUser Awareness - Question #553Security Principles
What does a 'highly restricted' label on data mean?
Data ClassificationData LabelingImpact AssessmentConfidentiality - Question #554Network Security
Which organization is responsible for establishing global computer connectivity by setting communication protocol standards?
Networking FundamentalsInternet StandardsStandards OrganizationsCommunication Protocols - Question #555Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
A junior cybersecurity analyst has detected a ransomware attack on the company's servers and has activated the incident response team. Which is the next BEST course of action? ()
Incident ResponseRansomwareContainmentCybersecurity Operations - Question #556Security Operations
In a change management process, what is the purpose of Verification and Audit?
Change ManagementVerificationAuditSecurity Operations - Question #557Access Controls Concepts
What is the difference between 'implicit deny' and 'explicit deny' in access control?
Access ControlImplicit DenyExplicit DenySecurity Principles - Question #558Security Principles
What is social engineering?
Social EngineeringAttack TechniquesCybersecurity ThreatsHuman Element - Question #559Access Controls Concepts
What are some examples of physical access controls?
Physical SecurityAccess ControlSecurity Controls - Question #560Security Principles
Which of the following best describes a robust security awareness training program?
Security AwarenessTraining ProgramsCybersecurity EducationHuman Factors - Question #561Network Security
At which layer of the OSI does a firewall NOT control the traffic?
OSI ModelFirewallNetwork SecurityNetwork Protocols - Question #562Network Security Concepts
Which of the following cloud models require the LEAST administration and support from the organization?
Cloud Service ModelsSaaSShared ResponsibilityCloud Administration - Question #563Security Principles
What is a definition of confidentiality?
ConfidentialityCIA TriadInformation Security PrinciplesSecurity Concepts - Question #564Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which of the following is typically NOT a member of an incident response team?
Incident ResponseIncident Response TeamTeam Roles - Question #565Business Continuity (BC) and Disaster Recovery (DR) Concepts
Which of the following is usually NOT provided redundantly in data centers?
Data Center InfrastructureRedundancyHigh AvailabilityBusiness Continuity - Question #566Security Operations
What is the primary goal of Change Management in cybersecurity?
Change ManagementSecurity OperationsVulnerability ManagementRisk Mitigation - Question #567Network Security
What attack involves intercepting and possibly altering communication between two persons without their knowledge?
Man-in-the-middle attackNetwork attacksCybersecurity threatsAttack types - Question #568Security Principles
Which type of malware self-replicate without the need of user's interaction?
MalwareWormsSelf-replicationThreats - Question #569Network Security
What kind of attack is likely to occur when a hacker intercepts and redirects traffic by spoofing the IP address of a corporate server?
Network AttacksOn-path AttackIP SpoofingMan-in-the-Middle (MITM) - Question #570Access Controls Concepts
What is the purpose of strong authentication in information security?
AuthenticationStrong AuthenticationIdentity VerificationAccess Control - Question #571Security Principles
What is the purpose of a penetration test?
Penetration TestingVulnerability AssessmentSecurity ControlsCybersecurity Testing - Question #572Access Controls Concepts
What is the difference between role-based access control (RBAC) and attribute-based access control (ABAC)?
Access ControlRBACABACSecurity Models - Question #573Security Principles
Which of the following is an example of a data classification scheme?
data classificationinformation securitysecurity principlesdata protection - Question #574Network Security Components
Which of the following is a common type of network security appliance?
Network Security AppliancesFirewallsVPN ConcentratorsIntrusion Prevention Systems - Question #575Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts
Why is it important to regularly update the contact information in a disaster recovery plan?
Disaster Recovery PlanningBusiness Continuity ManagementPlan MaintenanceCommunication - Question #576Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which of the following terms refers to the process of periodically testing the disaster recovery plan without impacting the production environment?
Disaster Recovery TestingParallel TestingBusiness ContinuityDR Plan Evaluation - Question #577Security Principles
What is the purpose of a security assessment?
Security AssessmentRisk ManagementVulnerability ManagementCybersecurity Basics - Question #578Security Principles
Which principle advocates for collecting and using only the minimum amount of personal data necessary to fulfill a specific purpose?
Data MinimizationPrivacy PrinciplesData ProtectionSecurity Principles - Question #579Network Security Concepts
What is the primary purpose of a network address translation (NAT) device?
NATIP AddressingNetworking FundamentalsNetwork Security - Question #580Security Principles
Which of the following is a fundamental right that ensures individuals have control over the collection and use of their personal information?
PrivacyData ProtectionInformation Security PrinciplesPersonal Information - Question #581Security Principles
What is the purpose of security awareness training?
Security awareness trainingCybersecurity educationRisk management - Question #582Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
Which of the following terms refers to the time it takes to recover IT systems and resume critical business functions after a disruption?
Business ContinuityDisaster RecoveryRTORecovery Planning - Question #583Access Control
Which of the following is a best practice for securing remote access?
remote access securitymulti-factor authenticationauthenticationsecurity best practices - Question #584Business Continuity (BC), Disaster Recovery (DR) & Incident Response (IR) Concepts
What is the primary goal of incident response in the cybersecurity context?
Incident ResponseCybersecurity PrinciplesSecurity OperationsBusiness Impact - Question #585Security Principles
Which of the following is not one of the three core principles of information security?
Information Security PrinciplesCIA TriadCore Security Concepts - Question #586Security Principles
What is the primary goal of information security?
Information security principlesSecurity objectivesRisk management fundamentals - Question #587Security Principles: Risk Management Concepts
What is the difference between a vulnerability scan and a penetration test?
Vulnerability ScanningPenetration TestingSecurity AssessmentRisk Identification - Question #588Security Operations
What is the primary purpose of a network honeypot?
HoneypotNetwork SecurityThreat DetectionSecurity Tools - Question #589Security Operations
What is a honeypot?
HoneypotsIntrusion DetectionSecurity Tools - Question #590Access Controls Concepts
Which of the following is a common type of network authentication protocol?
Network AuthenticationRADIUSTACACS+LDAPAAA protocols - Question #591Security Principles
Which of the following is an example of a BYOD policy?
BYODSecurity PoliciesDevice ManagementCybersecurity Basics - Question #592Security Principles
What is the purpose of separation of duties?
separation of dutiessecurity principlesinternal controlsrisk mitigation - Question #593Security Principles
Which of the following is an example of a security policy?
Security PoliciesBYODPassword ManagementAcceptable Use Policy - Question #594Security Principles
What is the purpose of data loss prevention (DLP) technology?
Data Loss PreventionDLPData SecuritySecurity Controls - Question #595Security Principles
Which of the following is a best practice for security awareness training?
Security Awareness TrainingBest PracticesHuman FactorsCybersecurity Education - Question #596Network Security Concepts
What is the primary purpose of a network intrusion prevention system (IPS)?
IPSNetwork SecurityThreat Prevention - Question #597Security Principles
Which of the following terms refers to a strategy that involves contracting with a third-party service provider to provide IT infrastructure and services during a disruption?
Risk managementRisk transferenceBusiness continuityThird-party risk - Question #598Security Principles
What is the purpose of a risk assessment in information security?
Risk AssessmentRisk ManagementInformation SecurityRisk Acceptance - Question #599Business Continuity and Disaster Recovery Planning
Which of the following is an essential component of a disaster recovery plan related to personnel?
Disaster RecoveryPersonnel SecurityTraining and AwarenessBusiness Continuity - Question #600Security Principles
Which principle of the CIA Triad ensures that information is accessible and usable when needed?
CIA TriadAvailabilityInformation Security PrinciplesCore Security Concepts