LinkedIn skill assessment answers and questions – Cybersecurity Assessment

Cybersecurity is one of the most in-demand skills in the IT industry. If you want to prove your expertise and boost your career prospects, قد ترغب في اتخاذ LinkedIn skill assessment for Cybersecurity. This is a short online test that measures your knowledge and skills in various aspects of cybersecurity, such as network security, التشفير, malware analysis, و اكثر. في هذه المدونة وظيفة, I will share with you some of the questions and answers that you might encounter in the Cybersecurity assessment.

These are based on my own experience and research, and they will help you prepare for the test and increase your chances of passing it. ومع ذلك, please note that these are not the exact questions that you will see in the assessment, and they are not meant to be used as cheat sheets. You should still study and practice your الأمن الإلكتروني skills before taking the test. The questions and answers are for educational purposes only.

Q1. According to the shared responsibility model, which cloud computing model places the most responsibility on the cloud service provider (CSP)?

• Hybrid Cloud
• Software as a Service (· فهم مبادئ اقتصاديات الحجم)
• Platform as a Service (· فهم مبادئ اقتصاديات الحجم)
• Infrastructure as a Service (IaaS)

Q2. Which option removes the risk of multitenancy in cloud computing?

• · فهم مبادئ اقتصاديات الحجم
• public cloud
• private cloud
• IaaS

Q3. Your organization recently implemented a unified messaging solution and VoIP phones on every desktop. You are responsible for researching the vulnerabilities of the VoIP system. Which type of attack are VoIP phones most vulnerable to experiencing?

• denial-of-service
• brute force attacks
• البرمجيات الخبيثة
• buffer overflow

Q4. Which security control cannot produce an active response to a security event?

• وسيط أمان الوصول إلى السحابة (CASB)
• نظام منع الاختراق (IPS)
• نظام كشف التسلل (IDS)
• جدار الحماية من الجيل القادم

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: نظام كشف التسلل (IDS) هو جهاز أو تطبيق برمجي يراقب الشبكة أو الأنظمة بحثًا عن نشاط ضار أو انتهاكات للسياسة.

كويزليت

Q5. يُطلق على أداة شم الحزم أيضًا اسم _.

• سيم
• يو تي إم
• محلل البروتوكول
• بالوعة البيانات

Q6. الخيار الذي يختبر الكود أثناء تشغيله?

• مراجعة التعليمات البرمجية
• تحليل الكود
• تحليل ثابت رسومي x64dbg
• التحليل الديناميكي

Q7. ما هو الخيار الذي يصف الاختبار الذي يمكن لمطوري البرامج الفرديين إجراؤه على التعليمات البرمجية الخاصة بهم?

• اختبار الصندوق الرمادي
• اختبار التكامل
• اختبار المربع الأبيض
• وحدة التجارب

Q8. في اختبار اختراق الصندوق الأسود, ما هي المعلومات المقدمة للمختبر حول البيئة المستهدفة?

• لا أحد
• تفاصيل محدودة عن البنية التحتية للخادم والشبكة
• كل المعلومات
• تفاصيل محدودة عن البنية التحتية للخادم

Q9. Which security control can best protect against shadow IT by identifying and preventing use of unsanctioned cloud apps and services?

• نظام منع الاختراق (IPS)
• جدار الحماية من الجيل القادم
• وسيط أمان الوصول إلى السحابة (CASB)
• نظام كشف التسلل (IDS)

Q10. Which option describes the best defense against collusion?

• monitoring of normal employee system and data access patterns
• applying system and application updates regularly
• fault tolerant infrastructure and data redundancy
• separation of duties and job rotation

Stack Exchange

سوف تحتاج إلى تحقيق ما لا يقل عن. During a penetration test, you find a file containing hashed passwords for the system you are attempting to breach. Which type of attack is most likely to succeed in accessing the hashed passwords in a reasonable amount of time?

• rainbow table attack
• pass-the-hash attack
• password spray attack
• brute force attack

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: A rainbow table attack is a more efficient and effective way of cracking many hashed passwords, whereas brute-forcing would take much longer and may not complete in a reasonable amount of time.

Professor Messer.

س 12. Which area is DMZ?

• 4
• 1
• 2
• 3

Q13. You configure an encrypted USB drive for a user who needs to deliver a sensitive file at an in-person meeting. What type of encryption is typically used to encrypt the file?

• file hash
• asymmetric encryption
• digital signature
• symmetric encryption

س 14. What is the difference between DRP and BCP?

• DRP works to keep a business up and running despite a disaster. BCP works to restore the original business capabilities.
• BCP works to keep a business up and running despite a disaster. DRP works to restore the original business capabilities.
• BCP is part of DRP.
• DRP is part of BCP.

س 15. Which aspect of cybersecurity do Distributed Denial of Service (DDoS) attacks affect the most?

• non-repudiation
• النزاهة
• يجب أن يكون مهندسو الحلول قادرين على تسهيل قرارات التصميم عبر التطوير
• confidentiality

س 16. You need to recommend a solution to automatically assess your cloud-hosted VMs against CIS benchmarks to identify deviations from security best practices. What type of solution should you recommend?

• إدارة الوضع الأمني ​​السحابي (CSPM)
• Intrusion Detection and Prevention System (IDPS)
• Cloud Workload Protection Platforms (CWPP)
• Cloud Access Security Brokers (CASBs)

Q17. _ validates the integrity of data files.

• Compression
• تجزئة
• التشفير المتماثل
• Stenography

س 18. Which is an example of privacy regulation at the state government level in the U.S.?

• CCPA
• خصوصية البيانات
• NIST Privacy Framework
• OSPF

Q19. what is the term for the policies and technologies implemented to protect, حد, مراقب, مراجعة, and govern identities with access to sensitive data and resources?

• إدارة الهوية والوصول (انا)
• privileged account management (بام)
• authentication and authorization
• least privilege

س 20. You have configured audit settings in your organization’s cloud services in the event of a security incident. What type of security control is an audit trail?

• preventive control
• detective control
• directive control
• corrective control

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: An audit trail is typically considered a detective security control in the context of the CISSP.

س 21. What is the name for a short-term interruption in electrical power supply?

• grayout
• blackout
• brownout
• whiteout

Q22. Your security team recommends adding a layer of defense against emerging persistent threats and zero-day exploits for all endpoints on your network. The solution should offer protection from external threats for network-connected devices, regardless of operating system. Which solution is best suited to meet this requirement?

• Security Information Event Management (سيم)
• Extended Detection and Response (XDR)
• جدار الحماية من الجيل القادم (NGFW)
• Cloud App Security Broker (CASB)

Q23. Which is ليس a threat modeling methodology?

• TRIKE
• TOGAF
• STRIDE
• MITRE ATT&CK

س 24. You organization is conducting a pilot deployment of a new e-commerce application being considered for purchase. You need to recommend a strategy to evaluate the security of the new software. Your organization does not have access to the application’s source code.

Which strategy should you choose?

• dynamic application security testing
• وحدة التجارب
• اختبار المربع الأبيض
• static application security testing

Q25. You need to disable the camera on corporate devices to prevent screen capture and recording of sensitive documents, الاجتماعات, and conversations. Which solution would be be suited to the task?

• Mobile Device Management (MDM)
• منع فقدان البيانات (DLP)
• Intrusion Detection and Prevention System (IDPS)
• Cloud Access Security Broker (CASB)

س 26. How many keys would be necessary to accomodate 100 users in an asymmetric cryptography system?

• 200
• 400
• 100
• 300

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: The formula for asymmetric encryption is 2n; أين n is the number of communicating parties.

Q27. Two competing online retailers process credit card transactions for customers in countries on every continent. One organization is based in the United States. The other is based in the Netherlands. With which regulation must both countries comply while ensuring the security of these transactions?

• Federal Information Security Managment Act (FISMA)
• Payment Card Industry Data Security Standard (PCI-DSS)
• خصوصية البيانات (خصوصية البيانات)
• International Organization for Standardization and International Electrotechnical Commission (ISO / IEC 27018)

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: The Payment Card Industry Data Security Standard (PCI DSS) is the global card industry security standard that is required of all entities that store, عملية, or transmit cardholder data, including financial institutions, online retailers and service providers.

PCI Security Overview

س 28. What provides a common language for describing security incidents in a structures and repeatable manner?

• Common event format
• common weakness enumeration
• common vulnerabilties and exposures
• common vulnerability scoring system

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures.

س 29. Which type of application can intercept sensative information such as passwords on a network segment?

• log server
• network scanner
• جدار الحماية
• محلل البروتوكول

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: ا protocol analyzer is a tool used to capture and analyze signals and data traffic over a communication channel.

WireShark is a protocol analyzer.

Q30. An attacker has discovered that they can deduce a sensitive piece of confidential information by analyzing multiple pieces of less sensitive public data. What type of security issue exists?

• aggregation
• inference
• حقن SQL
• cross-origin resouce sharing

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: ل Inference Attack is a data mining technique performed by analyzing data in order to illegitimately gain knowledge about a subject or database. A subject’s sensitive information can be considered as leaked if an adversary can infer its real value with a high confidence. مصدر: (ويكيبيديا).

س 31. What act grants an authenticated party permission to perform an action or access a resource?

• Zero Trust Security
• Role-Based Access Control (RBAC)
• تفويض
• Single Sign-On

Okata.com

Q32. According to GDPR, a data _ is the person about whom data is being collected.

• معالج
• موضوع
• subject
• controller

Intersoft Consulting

على ___. Which is not a principle of zero trust security?

• use least privilege access
• verify explicitly
• trust but verify
• assume breach

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: zero trust assumes that the system will be breached and designs security as if there is no perimeter. بالتالي, don’t trust anything by default.

نيست

س 34. Which attack exploits input validation vulnerabilities?

• ARP spoofing
• pharming attacks
• cross-site scripting (XSS)
• DNS poisoning

White Hat Sec

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت. You are a security analyst, and you receive a text message alerting you of a possible attack. Which security control is the least likely to produce this type of alert?

• IDS
• سيم
• packet sniffer
• IPS

Q36. SQL injection inserts a code fragment that makes a database statement universally true, مثل _.

• SELECT * FROM users WHERE username = " AND 1=1--'
• SELECT * FROM users WHERE username = " AND 1!=1--'
• SELECT * FROM users WHERE username = " OR 1=1--'
• SELECT * FROM users WHERE username = " OR 1!=1--'

Q37. Which type of security assessment requires access to source code?

• تحليل ثابت رسومي x64dbg
• black box testing
• التحليل الديناميكي
• اختبار الاختراق

Q38. Which option is an open-source solution to scanning a network for active hosts and open ports?

• Autopsy
• Snort
• Nmap
• Wireshark

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: nmap is a port scanner https://en.wikipedia.org/wiki/Nmap wireshark is a traffic analyzer snort is an IDS autopsy is for forensic analysis

Q39. When implementing a data loss prevention (DLP) تطوير استراتيجية الأجهزة, what is the first step in the process?

• Evaluate the features of available DLP products to determine which best meet your organizations’s needs.
• Examine the flow of sensitive data in your organization to better understand usage patterns.
• Conduct an inventory of all the data in your organization to establish classifications based on sensitivity.
• Conduct a risk assessment to determine the best data labeling strategy for your organization.

س 40. Which malware changes an operating system and conceals its tracks?

• فيروس
• worm
• rootkit
• Trojan horse

س 41. Virtual Private Networks (VPNs) استعمال _ to create a secure connection between two networks.

• encryption
• a metropolitan area network
• a virtual local area network
• a wide area network

س 42. What is the process of challenging a user to prove their identity?

• المصادقة
• Single Sign-On
• تفويض
• Role-Based Access Control (RBAC)

س 43. Which cyberattack aims to exhaust an application’s resources, making the application unavailable to legitimate users?

• حقن SQL
• dictionary attack
• Distributed Denial of Service (DDoS)
• rainbow table attack

س 44. You are a recent cybersecurity hire, and your first assignment is to present on the possible threats to your organization. Which of the following best describes the task?

• تخفيف المخاطر
• threat assessment
• خدمات شرح البيانات
• enumeration

س 45. You are at a coffee shop and connect to a public wireless access point (WAP). What a type of cybersecurity attack are you most likely to experience?

• man-in-the-middle attack
• back door
• logic bomb
• فيروس

س 46. You have been tasked with recommending a solution to centrally manage mobile devices used throughout your organization. Which technology would best meet this need?

• Extended Detection and Responde (XDR)
• Security Information Event Management (سيم)
• Intrusion Detection and Prevention System (IDPS)
• Mobile Device Management (MDM)

Q47. Which type of vulnerability cannot be discovered in the course of a typical vulnerability assessment?

• file permissions
• buffer overflow
• zero-day vulnerability
• cross-site scripting

س 48. The DLP project team is about to classify your organization’s data. Whats is the primary purpose of classifying data?

• It identifies regulatory compliance requirements.
• It prioritizes IT budget expenditures.
• It quantifies the potential cost of a data breach.
• It establishes the value of data to the organization.

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: The primary purpose of classifying data in the context of Data Loss Prevention (DLP) is to help organizations identify, label, and protect sensitive information from unauthorized disclosure or leakage. DLP is a set of technologies and processes designed to prevent the unauthorized access, استعمال, and transmission of sensitive data.

Q49. You are responsible for managing security of your organization’s public cloud infrastructure. You need to implement security to protect the data and applications running in a variety of IaaS and PaaS services, including a new Kubernetes cluster. What type of solution is best suited to this requirement?

• Cloud Workload Protection Platforms (CWPP)
• إدارة الوضع الأمني ​​السحابي (CSPM)
• Cloud Access Security Brokers (CASBs)
• Intrusion Detection and Prevention System (IDPS)

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

س 50. Sharing account credentials violates the _ aspect of access control.

• هوية
• تفويض
• محاسبة
• المصادقة

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Sharing account credentials violates the authentication aspect of access control. Authentication is the process of verifying the identity of a user, النظام, or application, and sharing credentials undermines this process by allowing multiple individuals to use the same set of login credentials, potentially compromising the security of the system.

س 51. You have recovered a server that was compromised in a malware attack to its previous state. What is the final step in the incident response process?

• Eradication / Remediation
• شهادة
• الإبلاغ
• Lessons Learned

Q52. Which encryption type uses a public and private key pair for encrypting and decrypting data?

• asymmetric
• symmetric
• hashing
• كل هذه الإجابات

Q53. You have just identified and mitigated an active malware attack on a user’s computer, in which command and control was established. What is the next step in the process?

• الإبلاغ
• استعادة
• Eradiction / Remediation
• Lessons Learned

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: الصفحات 29 إلى 31 ->

س 54. Which programming language is most susceptible to buffer overflow attacks?

• C
• جافا
• روبي
• الثعبان

Q55. Which list correctly describes risk management techniques?

• risk acceptance, تخفيف المخاطر, risk containment, and risk qualification
• risk avoidance, risk transference, risk containment, and risk quantification
• risk avoidance, تخفيف المخاطر, risk containment, and risk acceptance
• risk avoidance, risk transference, تخفيف المخاطر, and risk acceptance

س 56. To implement encryption in transit, such as with the HTTPS protocol for secure web browsing, which type(الصورة) of encryption is/are used?

• asymmetric
• both symmetric and asymmetric
• neither symmetric or asymmetric
• symmetric

Q57. Which type of program uses Windows Hooks to capture keystrokes typed by the user, hides in the process list, and can compromise their system as well as their online access codes and password?

• trojan
• keystroke collector
• typethief
• keylogger

س 58. How does ransomware affect a victim’s files?

• by destroying them
• by encrypting them
• by stealing them
• by selling them

س 59. Your computer has been infected, and is sending out traffic to a targeted system upon receiving a command from a botmaster. What condition is your computer currently in?

• It has become a money mule.
• It has become a zombie.
• It has become a bastion host.
• It has become a botnet.

س 60. You choose a cybersecurity framework for your financial organization that implements an effective and auditable set of governance and management processes for IT. ما الإطار الذي تختاره؟?

• C2M2
• نيست SP 800-37
• ISO / IEC 27001
• COBIT

س 61. أصدر NIST مراجعة لـ SP 800-37 في ديسمبر 2018. ويوفر منضبطة, منظم, وعملية مرنة لإدارة مخاطر الأمان والخصوصية. أي نوع من الوثيقة هو SP 800-37?

• إطار إدارة المخاطر
• دليل لتقييم المخاطر
• دليل إرشادي لاختبار الضعف
• دليل خطوة بخطوة لإجراء تحليلات تأثير الأعمال

س 62. تم نشر التهديد العسكري المتقدم الأكثر شهرة في 2010, واستهداف أجهزة الطرد المركزي في إيران. ما هي مكالمة APT هذه؟?

• العمدة
• الوكيل بي تي زد
• ستوكسنت
• لهب

س 63. أين سيتم تسجيل المخاطر التي تم تحديدها وتفاصيلها؟, مثل هويتهم واسمهم, تصنيف المعلومات, وصاحب الخطر?

• في وثائق تقييم المخاطر
• في سجل المخاطر
• في دفتر تأثير الأعمال
• في الكتاب البرتقالي

س 64. لمنع وقوع حادث من الموارد الساحقة, _ is necessary.

• disconnection from the network
• early containment
• continuation of monitoring for other incidents
• eradication of the issues

س 65. FUD is expensive and often causes high drama over low risk. Which computer chip exploits were reported by CNN as needing to be completely replaced, but were later fixed with firmware updates?

• fire and ice exploits
• meltdown and spectre exploits
• Intel and STMicro CPU exploits
• super microboard and Apple iPhone exploits

س 66. The ASD Top Four are application whitelisting, patching of applications, patching of operating systems, and limiting administrative privileges. What percent of breaches do these account for?

• 40 نسبه مئويه
• 60 نسبه مئويه
• 85 نسبه مئويه
• 100 نسبه مئويه

Q67. You are working in the security operations center analyzing traffic on your network. You detect what you believe to be a port scan. What does this mean?

• This could be a specific program being run by your accounting department.
• This is an in-progress attack and should be reported immediately
• This is normal operation for your business.
• This could be a precursor to an attack.

Q68. How often is the ISF Standard of Good Practice updated?

• سنوي
• biannually
• bimonthly
• شهريا

Q69. Your incident response team is unable to contain an incident because they lack authority to take action without management approval. Which critical step in the preparation phase did your team skip?

• From an incident response committee to oversee any incidents that may occur.
• Get preauthorized to take unilateral action and make or direct emergency changes.
• Bring management in as leadership on the incident response team.
• Assign a head of the emergency response team who has the correct authority

س 70. نيست SP 800-53 is one of two important control frameworks used in cybersecurity. What is the other one?

• ISO 27001
• نيست SP 800-54
• ISO 27002
• نيست SP 751-51

س 71. Which organization, established by NIST in 1990, runs workshops to foster coordination in incident prevention, stimulate rapid reaction to incidents, and allow experts to share information?

• Forum of Incident Response and Security Teams
• Crest UK Response Teams
• Community of Computer Incident Response Teams
• NIST Special Publication 800-61 Response Teams

التحكم في مخاطر سلامة العمليات. You have implemented controls to mitigate the threats, vulnerabilities, and impact to your business. Which type of risk is left over?

• inherent risk
• residual risk
• applied risk
• leftover risk

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

Q73. There are four possible treatments once an assessment has identified a risk. Which risk treatment implements controls to reduce risk?

• تخفيف المخاطر
• risk acceptance
• risk avoidance
• risk transfer

التحكم في مخاطر سلامة العمليات. Which security control scheme do vendors often submit their products to for evaluation, to provide an independent view of product assurance?

• Common Criteria
• risk management certification board
• OWASP security evaluation
• ISO 27000

Q75. Which organization has published the most comprehensive set of controls in its security guideline for the Internet of Things?

• IoT ISACA
• IoT Security Foundation
• OWASP
• GSMA

س 76. Which main reference coupled with the Cloud Security Alliance Guidance comprise the Security Guidance for Critical Areas of Focus in Cloud Computing?

• ISO 27001
• ISO 27017
• Cloud Security Guidelines
• Cloud Controls Matrix

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

Q77. What are the essential characteristics of the reference monitor?

• It is versatile, دقيق, and operates at a very high speed.
• It is tamper-proof, can always be invoked, and must be small enough to test.
• It is restricted, confidential, and top secret

Q78. According to NIST, what is the first action required to take advantage of the cybersecurity framework?

• Identify the key business outcomes.
• Understand the threats and vulnerabilities.
• Conduct a risk assessment.
• Analyze and prioritize gaps to create the action plan.

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

Q79. You are implementing a cybersecurity program in your organization and want to use the “de facto standard” cybersecurity framework. Which option would you choose?

• the ISACA Cybersecurity Framework
• the COBIT Cybersecurity Framework
• the ISC2 Cybersecurity Framework
• the NIST Cybersecurity Framework

س 80. في 2014, 4,278 IP addresses of zombie computers were used to flood a business with over one million packets per minute for about one hour. What is this type of attack called?

• a salami attack
• a DoS (الحرمان من الخدمة) attack
• a DDoS (Distributed Denial of Service) attack
• a botnet attack

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

س 81. The regulatory requirements for notifications of data breaches, particularly the European General Data Protection Regulations, have had what sort of effect on business?

• an increased business liability in the event of a data breach
• an increased consumer liability in the event of a data breach
• a decreased consumer liability in the event of a data breach
• a decreased business liability in the event of a data breach

س 82. Which compliance framework governs requirements for the U.S. healthcare industry?

• FedRAMP
• خصوصية البيانات
• PCI-DSS
• HIPAA

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

س 83. What is the difference between DevOps and DevSecOps?

• DevSecOps requires the inclusion of cybersecurity engineers in the CI/CD process of DevOps.
• DevSecOps slows down the CI/CD process of DevOps.
• DevSecOps places security controls in the CI/CD process of DevOps.
• DevSecOps lets cybersecurity engineers dictate the CI/CD process of DevOps.

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت

س 84. When does static application security testing require access to source code?

• دائما
• only when assessing regulatory compliance
• only if following the Agile model
• أبدا

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

Q85. Your organization service customer orders with a custom ordering system developed in-hose. You are responsible for recommending a cloud model to meet the following requirements:

Control of security required for regulatory compliance
Legacy application and database support
Scalability to meet seasonal increases in demand

Which cloud model is the best option for these requirements?

• government cloud
• public cloud
• hybrid cloud
• private cloud

س 86. You have just conducted a port scan of a network. There is no well-known port active. How do you find a webserver running on a host, which uses a random port number?

• Give up on the current target network and move on to the next one.
• Switch to another network scanning tool. Resort to more resource-intensive probing, like launching random attacks to all open ports.
• Turn on the stealth mode in your network scanning tool. Check whether you missed any other active ports associated with web servers.
• Turn on additional options in your network scanning tool to further investigate the details (type and version) of applications running on the rest of the active ports.

Q87. Executives in your organization exchange emails with external business partners when negotiating valuable business contracts. To ensure that these communications are legally defensible, the security team has recommended that a digital signature be added to these message.

What are the primary goals of the digital signature in this scenario? (Choose the best answer.)

• integrity and non-repudiation
• privacy and non-repudiation
• privacy and confidentiality
• integrity and privacy

Q88. Which option is a mechanism to ensure non-repudiation?

• MD5
• Caesar cipher
• symmetric-key encryption
• asymmetric-key encryption

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

Q89. Which software development lifecycle approach is most compatible with DevSecOps?

• رشيق
• Model-Driven Development
• شلال
• Model-Driven Architecture

س 90. Which information security principle states that organizations should defend systems against any particular attack using several independent methods?

• separation of duties
• privileged account management (بام)
• defense-in-depth
• least privilege

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

س 91. Which option describes a core principle of DevSecOps?

• Testing and release should be 100% الآلي
• Role separation is the key to software security
• Final responsibility for security rests with the architect of the application
• Everyone in the process is responsible for security

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: DevSecOps emphasizes the integration of security practices throughout the entire software development lifecycle, and it promotes a cultural shift where everyone involved in the development and operations processes takes responsibility for security. This includes developers, operations teams, and other stakeholders working collaboratively to integrate security into every stage of the development process.

Q92. You need to implement a solution to protect internet-facing applications from common attacks like XSSm CSRF, and SQL injection. Which option is best suited to the task?

• Security Information Event Management (سيم)
• an Instruction Detection and Prevention System (IDPS) appliance
• a web application firewall (WAF)
• a stateful packet inspection firewall

Q93. Which phase of the incident response process happens immediately following identification?

• Eradication / Remediation
• الإبلاغ
• Containment / Mitigation
• استعادة

Q94. How can a data retention policy reduce your organization’s legal liability?

• by reducing DLP licensing costs
• by ensuring that data is not retained beyond its necessary retention date
• by destroying data that may implicate company executives in dishonest behavior
• by reducing cost associated with data storage and protection

س 95. You believe a recent service outage due to a denial-of-service attack from a disgruntled inside source. What is the name for the malicious act this employee has committed?

• espionage
• sabotage
• fraud
• confidentiality breach

Q96. Which option is a framework widely utilized by organizations in the development of security governance standards?

• Software Capability Maturity Model (SW-CMM)
• Control Objectives for Information and Related Technologies (COBIT)
• The Open Group Architecture Framework (TOGAF)
• دورة حياة تطوير البرمجيات (SDLC)

Q97. There are connection-oriented and connectionless protocols in networking. What do web browsers use to ensure the integrity of the data it sends and receives?

• UDP that is connection-oriented
• TCP that is connection-oriented
• UDP that is connectionless
• TCP that is connectionless

Q98. أي نوع من الهجوم يستهدف نقاط الضعف المرتبطة بترجمة عناوين MAC إلى عناوين IP في شبكات الكمبيوتر?

• DNS poisoning
• محاصرة CRL
• ARP spoofing
• DDoS

Q99. أنت جزء من فريق الاستجابة للحوادث في شركتك. أثناء غربلة ملفات السجل التي تم جمعها بواسطة SIEM, تكتشف بعض إدخالات السجل المشبوهة التي تريد إجراء مزيد من التحقيق فيها. أي نوع مما يلي يشير بشكل أفضل إلى الأنشطة المسجلة التي تتطلب تدقيقًا إضافيًا؟?

• attack
• معلومات
• التهديد
• هدف

س100. أنت مسؤول عن تحقيقات الطب الشرعي في مؤسستك. لقد تم تكليفك بالتحقيق في اختراق خادم تطبيق افتراضي. لأنه يتم تشغيل تطبيق مدر للدخل على الخادم, يجب إعادة الخادم إلى الخدمة في أسرع وقت ممكن.

What is the next step you should take to best fulfill your responsibilities and meet the needs of the business?

• Restore the server from backup immediately.
• Take the server offline until your investigation is complete.
• Take a snapshot of the compromised virtual server for your investigation.
• Restart the server. Remediate the issue after business hours.

س101. Site-to-site VPN provides access from one network address space (192.168.0.0/24) to another network address space _.

• 192.168.0.1/24
• 192.168.0.3/24
• 10.10.0.0/24
• 192.168.0.2/24

س102. You are researching probable threats to your company’s internet-facing web applications. Which organization should you reference as an authoritative source for information on web-based attack vectors?

• EC- المجلس
• إيساكا
• نيست
• OWASP

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

Q103. Which action is most likely to simplify security staff training, improve integration between security components, and reduce risk to the business? (Choose the best answer.)

• adopting a “best-in-suite” approach to security
• adopting a “trust but verify” approach to security
• adopting a “best-of-breed” approach to security
• adopting a “defense-in-depth” approach to security

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: ا “best-in-suite” approach involves selecting a comprehensive security solution from a single vendor that integrates various security components. This approach can simplify training because security staff only need to become familiar with one integrated suite rather than multiple standalone products. It can also improve integration between components since they are designed to work seamlessly together. بالإضافة إلى, a unified suite can offer a more cohesive and consistent security strategy, potentially reducing the complexity of managing diverse security tools. An example could be using Okta to provide SSO for all of your organization’s logins.

س104. _ attacks can execute the code injected by attackers as part of user inputs.

• Ping of death
• Buffer overflow
• Distributed Denial of Service
• الحرمان من الخدمة

س105. Which activity is ليس part of risk assessment?

• identifying and valuing assets
• analyzing risks by criticality and cost
• discontinuing activities that introduce risk
• identifying threats and analyzing vulnerabilities

س106. In response to an alert regarding a possible security incident, you are analyzing the logs for a web application. في العمليه, you see the following string: ./../../../var/secrets What type of attack was most likely attempted against the application?

• brute force
• session hijacking
• cross-site scripting
• directory traversal

Q107. Which quadrant should be the focus of risk management?

• 

• 2

• 1

• 3

• 4

س 108. Which option will not actively identify a security incident?

• Extended Detection and Response (XDR)
• إدارة الوضع الأمني ​​السحابي (CSPM)
• Security Information Event Management (SEIM)
• Endpoint Detection and Response (EDR)

س 109. A website is asking for a password and also sending an authentication code to your phone. What factors are used in this multi-factor authentication scenario?

• what you have and what you do
• what you know and what you are
• what you have and what you know
• what you do and what you know

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

س 110. Which option is a list of publicly disclosed information security defects?

• DBIR
• CVE
• CWE
• CERT

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Common Weakness Enumeration (CWE) is a universal online dictionary of security defects that have been found in computer software.

س111. What is cryptovirology?

• Plain cryptography
• مضاد للفيروسات
• Design powerful malicious software
• Asymmetric backdoor

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Cryptovirology involves the application of cryptographic techniques to create powerful and destructive malware, with ransomware being a notable example. In ransomware attacks, cryptography is often employed to encrypt a victim’s files, rendering them inaccessible until a ransom is paid to the attacker for the decryption key.

س112. What does a metamorphic virus do?

• Static analyser
• مضاد للفيروسات
• Generates a whole variable code using a variable encryptor
• Mutation function

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت:

يتم تحديد حدود العملية من خلال تعيين المستويات العليا والسفلى لمجموعة من المعلمات. What is the most common cause of cyber incidents in organisations?

• Vulnerabilities in softwares
• خصوصية البيانات
• Ransomware
• Phishing

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Social Engineering and human error are the most common cause of cyber incidents as it is easier for attackers to convince employees to give up passwords or accept MFA prompts than it is to breach & exploit the system. See Recent Uber and Cisco hack

1. مرجع
2. مرجع

س114. Which of the following terms is used to describe a collection of unrelated patches?

• Hotfix
• تحديث
• Security Fix
• Service Pack

س115. How often should security teams conduct a review of the privileged access that a user has to sensitive systems?

• On a periodic basis
• When a User leaves the organisation
• When a User changes roles
• On a daily basis

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Privilaged access reviews are one of the most critical components of an organisations security program as they ensure only autherised users have access to the most sensitive systems. They should occur on a fixed periodic basis as well as when ever a privileged user leaves the organisation or changes roles within the organisation

س116. What Term is used to descrbe the defualt set of privileges assigned to a user when a new account is created?

• Aggregation
• Transitivity
• Baseline
• Entitlement

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: Entitlement refers to the privileges granted to a user when their account is first provisioned

س117. Who is the father of computer security??

• August Kerckhoffs
• Bob Thomas
• Charles Thomas
• Robert Kerckhoffs

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: August Kerckhoffs, a linguist and German professor at HEC, wrote an essay in the Journal of Military Science in February 1883. Kerckhoff had unwittingly established the foundations for contemporary encryption, earning him the title of “Father of Computer Security.”

س 118. Which type of attack uses formal emails to entice specific individuals into signing in and changing their passwords?

• vishing
• spear phishing
• brute force attack
• password spray attack

Q119. A data asset register should contain which of the following?

• the location of the data.
• The value of the asset.
• The owner of the asset.
• All of these options.

يتم تحديد حدود العملية من خلال تعيين المستويات العليا والسفلى لمجموعة من المعلمات. Once you have confirmed that Burpsuite is intercepting website requests, where can you check to see if you have credentials in cleartext to access the target webpage?

• Select Go on the Repeater tab
• See the loopback address and port are on in the Options tab
• Check the Raw section in the Intercept tab
• Check for a login.php line in the Proxy tab

س 121. سيحاول ممثلو التهديد العثور على ناقل الهجوم على هدفهم من خلال رسم خريطة للهجوم _.

• سطح - المظهر الخارجي
• بنية تحتية
• التهديد
• باب

Q122. كيف يمكن للمؤسسة ضمان دعم منتج البرنامج في حالة توقف المورد عن العمل أو بيعه لمنافس?

• يمكنهم توظيف مطوري البرامج بمجرد توقف المنظمة الموردة عن العمل.
• يمكنهم ضمان الدعم من خلال الحصول على منظمة الموردين.
• ويمكنهم ضمان الدعم من خلال اتفاقية الضمان.
• يمكنهم إجراء هندسة عكسية للمنتج بحيث يمكن دعمه داخليًا.

Q123. أي مما يلي يمثل معيار الأمان الذي ينطبق على شهادة ضوابط الأمان داخل المنتجات?

• ISO / IEC 27001.
• ISO / IEC 9000.
• ISO / IEC 15408.
• ISO / IEC 13335.

س 124. ما هو الدور الرئيسي لعضو مجلس الإدارة المعروف بمدير أمن المعلومات؟?

• To ensure appropriate security controls are implemented across the organisation.
• To provide day-to-day management of the information assurance function.
• To have a detailed understanding of the organisation’s vulnerabilities.
• To have a detailed understanding of threats faced by the organisation.

Q125. What are the two main approaches used to determine the likelihood of a threat occurring?

• Qualitative and statistical
• Statistical and quantitative
• Statistical and assumptive
• Qualitative and quantitative

س126. Which type of hackers are often organized and funded by a nation’s military intelligence or security services, and attempt to gain access to a foreign adversary’s state secrets or military intelligence?

• hacktivists
• competitors
• black hat hackers
• state-sponsored hackers

Q127. Which of the following methods combines two binary streams to create one new stream that contains hidden information that cannot be retrieved without the other stream that was used to create it?

• substitution cipher
• weaponization
• transposition cipher
• XOR encryption

Q128. What is Drupalgeddon?

• A web app proxy tool
• A DDoS bot
• A network packet capturing device
• a SQL injection flaw

Q129. The algorithm used by an encryption technique to hide information is known as the _.

• cipher
• XOR
• encoding
• cyber kill chain

س130. Which of these is not an issue that could arise as a result of outsourcing software development?

• The accidental or deliberate introduction of malicious code.
• The loss of intellectual property or trade secrets.
• Legal disputes could develop between the customer and the supplier.
• The laws on the protection of data do not apply to information sent to a third party.

Q131. ا _ hat is a hacker who may not operate according to ethical testing standards, but does not have malicious intent.

• اللون الرمادي
• أزرق
• أحمر
• purple

Q132. Understanding that multifactor authentication (MFA) is a best practice, which option should be avoided as a secondary authentication factor in MFA whenever possible?.

• المصادقة البيومترية
• OAUTH Token
• authenticator apps
• SMS message

تتم محاذاة كل طبقة وهذه كلها في نفس الوقت: SMS messages for MFA are generally considered less secure compared to other methods. This is because SMS messages can be vulnerable to interception (مثلا, SIM swapping attacks), and the underlying telecommunication infrastructure may not provide sufficient protection against various attack vectors. Other MFA methods such as biometric authentication, OAUTH tokens, and authenticator apps are often considered more secure alternatives.

مرجع "(...)All in all, MFA is still very effective at preventing most mass and automated attacks; however, users should be aware that there are ways to bypass some MFA solutions, such as those relying on SMS-based verification."

Q133. Which of the following is NOT a common authentication factor used in cybersecurity?

• Something you know
• Something you have
• Something you are
• Something you want

س 134. Which of the following best describes a “Honeytoken” in cybersecurity?

• A deceptive network host that appears legitimate to attackers.
• A user-friendly interface for managing network traffic.
• An encryption key used in secure communication.
• A hardware device for two-factor authentication.

Q135. What is the primary purpose of a “Bastion Host” in a network security architecture?

• To host publicly accessible services while protecting the internal network.
• To intercept and analyze all network traffic for security purposes.
• To act as a backup server in case the main server fails.
• To facilitate secure communication between two remote networks.

س 136. In network analysis, what does the term “Port Mirroring” refer to?

• A process of copying network packets to a specific destination for analysis.
• A method of encrypting data during transmission to secure it.
• A mechanism for load balancing network traffic.
• A firewall rule that allows traffic through specific network ports.

Q137. Which of the following is NOT a common method of concealing malicious software on a network?

• Polymorphic malware
• Rootkit
• Packet Sniffing
• Stealthy tunneling protocols

Q138. In the context of cybersecurity, what does the acronym “IDS” stand for?

• Internet Domain System
• Intrusion Detection System
• Internet Data Security
• Integrated Defense Strategy

Q139. ما يفعل “Man-in-the-Middle (MitM)” attack involve?

• Intercepting communication between two parties without their knowledge.
• Cracking encrypted passwords.
• Disrupting network services with a Distributed Denial of Service (DDoS) attack.
• Installing malicious software on a network server.

س 140. أي مما يلي يعد عنصرًا أساسيًا في البنية التحتية للمفتاح العام (البنية التحتية للمفاتيح العمومية)?

• جدار حماية لأمن الشبكات.
• مرجع مصدق موثوق به (CA).
• شبكة خاصة افتراضية (VPN).
• جهاز توجيه الشبكة.

س 141. ما هو نوع التشفير المستخدم عادةً لتأمين حركة مرور الشبكة اللاسلكية في شبكة WPA3?

• WEP (الخصوصية السلكية المكافئة)
• الخدمات المعمارية والهندسية (معيار التشفير المتقدم)
• SSL (طبقة المقابس الآمنة)
• من (معيار تشفير البيانات)

س 142. ما هو بروتوكول أمان الشبكة المستخدم لتوفير الأمان؟, الاتصالات المشفرة عبر الإنترنت, غالبا ما تستخدم لتأمين المواقع?

• SSH (صدفه آمنه)
• سنمب (بروتوكول إدارة الشبكات البسيطة)
• HTTPS (بروتوكول نقل النص التشعبي الآمن)
• ICMP (بروتوكول التحكم برسائل شبكة الانترنت)

Q143. ماذا يعني هذا المصطلح “ثغرة يوم الصفر” الرجوع إليها في الأمن السيبراني?

• ثغرة أمنية معروفة وتم تصحيحها منذ صفر يوم.
• ثغرة أمنية غير معروفة حتى الآن لمورد البرنامج أو الجمهور.
• ثغرة أمنية تؤثر على أجهزة الشبكة الصفرية.
• ثغرة لا يمكن استغلالها.

س144. تم نشر التهديد العسكري المتقدم الأكثر شهرة في 2010, واستهداف أجهزة الطرد المركزي في إيران. ما هي مكالمة APT هذه؟?

• العمدة
• الوكيل بي تي زد
• ستوكسنت
• لهب

س145. أين سيتم تسجيل المخاطر التي تم تحديدها وتفاصيلها؟, مثل هويتهم واسمهم, تصنيف المعلومات, وصاحب الخطر?

• في وثائق تقييم المخاطر
• في سجل المخاطر
• في دفتر تأثير الأعمال
• في الكتاب البرتقالي

س146. Which of the following terms is used to describe a collection of unrelated patches?

• Hotfix
• تحديث
• Security Fix
• Service Pack

Q147. How often should security teams conduct a review of the privileged access that a user has to sensitive systems?

• On a periodic basis
• When a User leaves the organisation
• When a User changes roles
• On a daily basis

س148. You have recovered a server that was compromised in a malware attack to its previous state. What is the final step in the incident response process?

• Eradication / Remediation
• شهادة
• الإبلاغ
• Lessons Learned

Q149. Which encryption type uses a public and private key pair for encrypting and decrypting data?

• asymmetric
• symmetric
• hashing
• كل هذه الإجابات

س150. You have just identified and mitigated an active malware attack on a user’s computer, in which command and control was established. What is the next step in the process?

• الإبلاغ
• استعادة
• Eradiction / Remediation
• Lessons Learned

س151. ما هو الغرض من جدار الحماية في أمن الشبكات?

• لتشفير نقل البيانات
• للتعرف على البرامج الضارة وإزالتها
• للتحكم في حركة مرور الشبكة الواردة والصادرة
• لتوفير الوصول الآمن إلى الشبكة

س152. أي نوع من الهجمات الإلكترونية يهدف إلى خداع الأفراد للكشف عن معلومات حساسة مثل كلمات المرور أو أرقام بطاقات الائتمان?

• Ransomware
• هجوم DDoS
• هجوم التصيد
• حقن SQL

Q153. ماذا يعني هذا المصطلح “خصوصية البيانات” الرجوع إليها في الأمن السيبراني?

• تقنيات التشفير المتقدمة
• اختراق حسابات مواقع التواصل الاجتماعي
• التلاعب بالأفراد لإفشاء معلومات سرية
• تأمين شبكات التواصل الاجتماعي

س154. ما هي خوارزمية التشفير المستخدمة بشكل شائع لتأمين نقل البيانات على الإنترنت?

• تعفن13
• الخدمات المعمارية والهندسية
• قيصر الشفرات
• آر إس إيه

Q155. في الأمن السيبراني, what does the acronym “VPN” stand for?

• الشبكة الخاصة الافتراضية
• شبكة خاصة جدًا
• الشبكة الشخصية الافتراضية
• الشبكة العامة الافتراضية

Q156. أي مما يلي يعد مثالاً على كلمة مرور قوية?

• كلمة المرور123
• 123456
• جون سميث
• ف@ssw0rd!

Q157. ماذا يعني هذا المصطلح “الثقة صفر” يعني في سياق الأمن السيبراني?

• الثقة في كل حركة مرور الشبكة
• التحقق من كافة حركة مرور الشبكة, بغض النظر عن الموقع
• الثقة فقط في حركة مرور الشبكة الداخلية
• التحقق من حركة مرور الشبكة من المصادر الموثوقة فقط

Q158. ما هو الغرض من المعلومات الأمنية وإدارة الأحداث (سيم) النظام?

• لمنع كافة حركة مرور الشبكة الواردة
• لتشفير البيانات الحساسة
• لإدارة كلمات مرور المستخدم
• لجمع, تحليل, والرد على الأحداث الأمنية

Q159. ما هي ممارسات الأمن السيبراني التي تتضمن فحص الشبكة أو النظام عمدًا للعثور على نقاط الضعف?

• تكوين جدار الحماية
• التشفير
• اختبار الاختراق
• إدارة التصحيح

س160. ما هو الهدف الأساسي للفريق الأحمر في مجال الأمن السيبراني?

• لتطوير التطبيقات البرمجية
• لمراقبة حركة مرور الشبكة
• لمحاكاة الهجمات السيبرانية للعثور على نقاط الضعف
• لتنفيذ السياسات الأمنية

س161. أي نوع من البرامج الضارة يقوم بتشفير ملفات الضحية ويطلب فدية لفك التشفير?

• برامج التجسس
• دُودَة
• حصان طروادة
• Ransomware

Q162. ماذا يعني هذا المصطلح “إدارة التصحيح” الرجوع إليها في الأمن السيبراني?

• تأمين الوصول المادي إلى الخوادم
• إدارة تحديثات البرامج وإصلاحاتها
• تشفير البيانات الحساسة
• تنفيذ جدران الحماية للشبكة

Q163. ما هو الغرض الأساسي من منع فقدان البيانات (DLP) المحلول?

• لمنع السرقة المادية للأجهزة
• لتشفير كل حركة مرور الشبكة
• لمراقبة أنشطة المستخدم
• لمنع الكشف غير المصرح به عن البيانات الحساسة

س164. ما هو إطار الأمن السيبراني الذي يوفر مجموعة من أفضل الممارسات لتأمين أنظمة المعلومات?

• ISO 9001
• COBIT
• ستة سيجما
• إطار الأمن السيبراني NIST

Q165. ما هو الغرض من طبقة المقابس الآمنة؟ (SSL) شهادة?

• لمنع حركة مرور الشبكة الواردة
• To encrypt data transmitted between a web server and a browser
• To authenticate users on a network
• لمراقبة أنشطة المستخدم

Q166. Which type of attack involves overwhelming a system or network with a flood of traffic to make it unavailable?

• Phishing
• Ransomware
• Man-in-the-Middle
• Distributed Denial of Service (DDoS)

Q167. ماذا يعني هذا المصطلح “Two-Factor Authentication” mean in cybersecurity?

• Using two different web browsers
• Using two different authentication methods for added security
• Logging in twice to a system
• Using two different antivirus programs

Q168. What is the purpose of a Security Token in authentication?

• To generate one-time passwords
• لمنع حركة مرور الشبكة الواردة
• To provide an additional layer of authentication
• لتشفير البيانات الحساسة

Q169. What is the role of a Security Operations Center (SOC) in cybersecurity?

• لتطوير التطبيقات البرمجية
• لإدارة كلمات مرور المستخدم
• To monitor and respond to security incidents
• لتشفير البيانات الحساسة

Q170. Which type of attack involves tricking a user into executing a malicious code by disguising it as a legitimate file or application?

• هجوم DDoS
• حقن SQL
• Ransomware
• البرمجيات الخبيثة

Q171. أي مما يلي لا يعد عامل مصادقة شائعًا يستخدم في المصادقة متعددة العوامل (MFA)?

• Something you are
• شيء تفعله
• Something you have
• شيء تقوله

Q172. ما هو نوع الهجوم الإلكتروني الذي يهدف إلى جعل الخدمة غير متاحة عن طريق إغراقها بحركة المرور؟?

• DDoS (Distributed Denial of Service)
• Phishing
• Ransomware
• البرمجيات الخبيثة