100-160 Dumps (V8 02) - Reliable Resources for Passing Cisco 100-160 Exam

Text Material Preview

DUMPS
BASE
EXAM DUMPS
CISCO
100-160
28% OFF Automatically For You
Cisco Certified Support Technician (CCST)
Cybersecurity
 1 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
1.What is a common security threat in which an attacker attempts to overwhelm a
targeted system by flooding it with Internet traffic?
A. Ransomware
B. Distributed Denial of Service (DDoS) attack
C. Phishing
D. SQL injection
Answer: B
Explanation:
Option 1: Ransomware is a type of malicious software that encrypts a victim's files
and demands a ransom in exchange for the decryption key. While it can cause
damage to systems, it is not specifically designed to overwhelm a system with
Internet traffic.
Option 2: Correct. A Distributed Denial of Service (DDoS) attack is a common security
threat in which an attacker attempts to overwhelm a targeted system by flooding it
with Internet traffic. This can result in a loss of service availability for legitimate users.
Option 3: Phishing is a type of social engineering attack in which an attacker
masquerades as a trustworthy entity to trick individuals into providing sensitive
information. It does not involve overwhelming a system with Internet traffic.
Option 4: SQL injection is a type of web application attack in which an attacker
manipulates a SQL query to gain unauthorized access to a database. It does not
involve overwhelming a system with Internet traffic.
2.Which of the following statements about multi-factor authentication (MFA) is
correct?
A. MFA is a security measure that requires users to provide two or more forms of
identification to gain access to a system or application.
B. MFA is a security measure that requires users to provide only one form of
identification to gain access to a system or application
C. MFA is a security measure that is no longer recommended due to its complexity
and potential for user errors.
D. MFA is a security measure that only applies to physical access control systems.
Answer: A
Explanation:
Option 1: This is the correct statement. MFThis is a security measure that requires
users to provide two or more forms of identification to gain access to a system or
application. It adds an extra layer of security by combining multiple credentials, such
as passwords, one-time passcodes, biometrics, or smart cards, to verify a user's
identity.
Option 2: This statement is incorrect. MFA requires users to provide two or more
forms of identification, not just one.
Option 3: This statement is incorrect. MFThis is still recommended as an effective
security measure and is widely used in many industries.
 2 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 4: This statement is incorrect. MFA can be used for both physical and logical
access control systems.
3.Which of the following services or protocols can be used to ensure the security and
compliance of an organization's network?
A. NTP (Network Time Protocol)
B. SNMP (Simple Network Management Protocol)
C. DHCP (Dynamic Host Configuration Protocol)
D. DNS (Domain Name System)
Answer: B
Explanation:
Option 1: NTP is a protocol used to synchronize the clocks of computers in a network.
While it is important for maintaining accurate time, it does not directly contribute to
network security and compliance. This makes it an incorrect answer.
Option 2: SNMP is a protocol used for managing and monitoring network devices. It
allows for centralized monitoring, troubleshooting, and configuration of devices.
SNMP can play a crucial role in security and compliance by providing real-time
information about network devices and their behaviors. This makes it a correct
answer.
Option 3: DHCP is a protocol used to assign IP addresses and network configuration
parameters to devices on a network. While DHCP is essential for network
connectivity, it does not directly contribute to security and compliance. This makes it
an incorrect answer.
Option 4: DNS is a protocol used to translate domain names into IP addresses. While
DNS is critical for internet connectivity, it does not directly contribute to security and
compliance. This makes it an incorrect answer.
4.Which network security feature helps protect against unauthorized data access and
ensures confidentiality of sensitive information?
A. Firewall
B. VPN
C. Intrusion Detection System
D. Antivirus
Answer: B
Explanation:
Option 1: Incorrect. A firewall is responsible for controlling incoming and outgoing
network traffic based on predetermined security rules. While it can help protect
against unauthorized access, it does not specifically ensure confidentiality of sensitive
information.
Option 2: Correct. A VPN (Virtual Private Network) creates a secure, encrypted
connection between a user's device and a private network, such as a corporate
 3 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
network, over the internet. This helps protect against unauthorized data access and
ensures the confidentiality of sensitive information.
Option 3: Incorrect. An Intrusion Detection System (IDS) monitors network traffic for
suspicious activity or known attack patterns.
While it can help detect and alert to potential unauthorized access attempts, it does
not specifically ensure confidentiality of sensitive information.
Option 4: Incorrect. An antivirus software is used to detect, prevent, and remove
malware infections. While it can help protect against unauthorized access, it does not
specifically ensure confidentiality of sensitive information.
5.What is a key principle of securing data in the cloud?
A. Implementing strong physical security measures
B. Encrypting data at rest and in transit
C. Using complex passwords for all cloud users
D. Limiting access to the cloud from specific IP addresses
Answer: B
Explanation:
Option 1: Incorrect. Implementing strong physical security measures is important, but
it is not the key principle of securing data in the cloud.
Option 2: Correct. Encrypting data at rest and in transit is a key principle of securing
data in the cloud. This ensures that even if the data is compromised, it cannot be
accessed without the decryption key.
Option 3: Incorrect. Using complex passwords is a good security practice, but it is not
the key principle of securing data in the cloud.
Option 4: Incorrect. Limiting access to the cloud from specific IP addresses is a
security measure, but it is not the key principle of securing data in the cloud.
6.What is the purpose of a firewall in a network security system?
A. To prevent unauthorized access to or from private networks
B. To scan and filter network traffic for potential threats
C. To encrypt data transmitted over the network
D. To provide secure remote access to the network
Answer: A
Explanation:
Option 1: Correct. A firewall is designed to prevent unauthorized access to or from
private networks by monitoring and controlling network traffic based on predetermined
security rules.
Option 2: Incorrect. While a firewall can scan and filter network traffic for potential
threats, this is not its primary purpose.
Option 3: Incorrect. While encryption may be a feature of some firewalls, it is not the
primary purpose of a firewall in a network security system.
 4 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 4: Incorrect. While a secure remote access solution may include a firewall, this
is not the primary purpose of a firewall in a network security system.
7.Which of the following is true regarding the incident response process?
A. It is a reactive process that is only initiated after an incident has occurred.
B. It is a proactive process that focuses on preventing incidents from occurring.It employs encryption to protect data
exchanged between the client and the server, ensuring the confidentiality and integrity
of the communication. SSH is commonly used for remote administration and secure
file transfers.
85.What is the purpose of using an application firewall in a cybersecurity setup?
A. To encrypt network traffic between applications
B. To perform vulnerability scanning of applications
C. To increase the speed and performance of applications
D. To block malicious incoming requests and attacks aimed at the application
Answer: D
Explanation:
An application firewall, also known as a web application firewall (WAF) or application-
level firewall, is designed to protect web applications from various attacks, such as
cross-site scripting (XSS), SQL injection, and distributed denial-of-service (DDoS)
attacks. It analyzes the incoming traffic and blocks malicious requests, protecting the
application and its underlying infrastructure. Encryption, speed enhancement, and
vulnerability scanning are not primary functions of an application firewall.
86.Which of the following network technologies is commonly used to connect devices
within a local area network (LAN)?
A. Wi-Fi
B. Ethernet
C. DSL
D. VPN
Answer: B
Explanation:
Ethernet is a widely used network technology for connecting devices within a local
area network (LAN). It provides a physical and data link layer protocol for wired
connections, allowing devices to communicate over a LAN using Ethernet cables.
Ethernet has various speeds and standards, including Ethernet over twisted pair
(such as Cat 5e or Cat 6 cables), fiber optic cables, and other mediums.
 35 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
87.Which of the following is a key advantage of multifactor authentication?
A. It allows for anonymous access to systems and resources.
B. It simplifies the authentication process.
C. It eliminates the need for strong passwords.
D. It provides enhanced security by requiring multiple proofs of identity.
Answer: D
Explanation:
Multifactor authentication enhances security by requiring users to present multiple
proofs of identity. By combining different factors, such as something you know,
something you have, or something you are, it becomes more difficult for unauthorized
individuals to gain access. This approach adds an extra layer of protection compared
to relying solely on a username and password combination.
88.What is the primary characteristic of an Advanced Persistent Threat (APT)
compared to traditional attacks?
A. APTs are easily detectable by conventional security measures
B. APTs involve persistent and prolonged attacks on specific targets
C. APTs are random and indiscriminate in their targets
D. APTs are primarily aimed at causing immediate damage to systems
Answer: B
Explanation:
The primary characteristic of an APT is its persistent and prolonged nature. Unlike
traditional attacks, which may be brief and target multiple entities, APTs specifically
focus on a particular target for an extended period of time. This allows the attackers to
gather more information and potentially cause significant damage.
89.What is smishing?
A. A form of social engineering attack that uses SMS or text messages to trick victims
into revealing sensitive information.
B. A physical attack where an unauthorized person gains entry to a restricted area by
following closely behind an authorized person.
C. A type of phishing attack that targets specific individuals or organizations.
D. A cyber attack where an attacker manipulates and deceives an individual to reveal
sensitive
information.
Answer: A
Explanation:
Smishing, short for SMS phishing, is a social engineering attack that utilizes SMS or
text messages to deceive individuals into disclosing sensitive information or
performing certain actions. These messages often mimic legitimate sources, such as
 36 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
banks or service providers, and typically contain links or phone numbers that, when
accessed or called, lead to malicious activities. Smishing takes advantage of the
ubiquity of mobile devices and users' tendency to trust text messages.
90.Which of the following represents a strong passphrase for securing a wireless
SoHo network?
A. 12345678
B. P@ssword!
C. CorrectHorseBatteryStaple
D. jumpr0pe
Answer: C
Explanation:
A strong passphrase should be long, include a combination of uppercase and
lowercase letters, numbers, and special characters. "CorrectHorseBatteryStaple"
represents a strong passphrase as it is long and includes multiple words combined
with special characters. Options A, B, and D are weak passphrases as they are either
too short or do not contain a combination of the mentioned elements.
91.Which of the following best describes social engineering?
A. A method of manipulating individuals to disclose sensitive information
B. A type of malware attack
C. A physical security control
D. A network security protocol
Answer: A
Explanation:
Social engineering refers to the practice of manipulating and deceiving individuals into
revealing sensitive information or performing certain actions that may compromise
security. It involves exploiting human psychology and trust to gain unauthorized
access to systems or obtain confidential information. Social engineering tactics can
include phishing emails, impersonation, pretexting, or other forms of manipulation to
trick individuals into divulging passwords, account numbers, or other confidential data.
92.Which of the following is an integral part of the CIA triad in cybersecurity?
A. Data loss prevention (DLP)
B. Two-factor authentication (2FA)
C. Intrusion Detection System (IDS)
D. Firewall
Answer: B
Explanation:
The CIA triad in cybersecurity stands for confidentiality, integrity, and availability. Two-
 37 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
factor authentication (2FA) ensures confidentiality by adding an extra layer of security,
requiring users to provide two forms of authentication before gaining access. It helps
protect against unauthorized access and adds an additional level of assurance for
ensuring data confidentiality.
 38 / 39
GET FULL VERSION OF 100-160 DUMPS
Powered by TCPDF (www.tcpdf.org)
 39 / 39
https://www.dumpsbase.com/100-160.html
http://www.tcpdf.orgC. It is an iterative process that involves continuous improvement based on lessons
learned.
D. It is a one-time process that is only performed when an organization first
establishes its security program.
Answer: C
Explanation:
Option 1: Incorrect. The incident response process can be both proactive and
reactive. While it does involve reacting to incidents that have already occurred, it also
includes proactive measures to prevent incidents from happening again in the future.
Option 2: Incorrect. While incident response can involve proactive measures to
prevent incidents, it is not solely focused on prevention. It also includes reacting to
incidents that have already occurred.
Option 3: Correct. The incident response process is an iterative process that involves
continuous improvement based on lessons learned. Organizations should regularly
review and update their incident response plans to ensure they are effective and up to
date.
Option 4: Incorrect. The incident response process is not a one-time process. It
should be an ongoing and continuous process to address security incidents as they
occur and to improve the incident response
capabilities of the organization.
8.Which of the following is true about security policies and procedures?
A. They should be regularly reviewed and updated to reflect changing threats and
technologies
B. They should only be accessible to the IT department.
C. They should be documented once and never changed.
D. They should be kept confidential and not shared with employees.
Answer: A
Explanation:
Option 1: Correct: Security policies and procedures should be regularly reviewed and
updated to ensure they align with changing threats and technologies. This helps to
maintain the effectiveness of the policies and processes.
Option 2: Incorrect: Security policies and procedures should be accessible to relevant
employees and stakeholders, not restricted only to the IT department. It is important
for everyone to understand and adhere to the policies and procedures.
 5 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 3: Incorrect: Security policies and procedures should be regularly updated as
needed, not documented once and never changed. The changing threat landscape
and evolving technologies necessitate the periodic review and update of security
policies and procedures.
Option 4: Incorrect: Security policies and procedures should be communicated and
shared with employees to ensure everyone understands and follows them. Keeping
them confidential and not sharing them would hinder their effectiveness.
9.Which of the following is a key requirement for conducting a security compliance
audit?
A. A comprehensive understanding of security compliance standards and regulations
B. A certified auditor with expertise in security compliance
C. Compliance monitoring tools and systems
D. A detailed audit plan and checklist
Answer: A
Explanation:
Option 1: Correct. A certified auditor with expertise in security compliance is a key
requirement for conducting a security compliance audit. The auditor should have a
deep understanding of security compliance standards and regulations to ensure that
the audit is performed effectively.
Option 2: Incorrect.
While having a comprehensive understanding of security compliance standards and
regulations is important, it is not a key requirement for conducting a security
compliance audit. The main requirement is a certified auditor with expertise in security
compliance.
Option 3: Incorrect.
Compliance monitoring tools and systems can be helpful during a security compliance
audit, but they are not a key requirement. The main requirement is a certified auditor
with expertise in security compliance.
Option 4: Incorrect. While having a detailed audit plan and checklist is important, it is
not a key requirement for conducting a security compliance audit. The main
requirement is a certified auditor with expertise in security compliance.
10.Which of the following is a characteristic of a network-based firewall?
A. Inspects and filters traffic at the application layer
B. Operates at the data link layer
C. Provides protection against external threats only
D. Requires software installed on client devices
Answer: C
Explanation:
Option 1: Incorrect. A network-based firewall inspects and filters traffic at the network
 6 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
layer, not the application layer.
Option 2: Incorrect. A network-based firewall operates at the network layer, not the
data link layer.
Option 3: Correct. A network-based firewall provides protection against both external
and internal threats.
Option 4: Incorrect. A network-based firewall does not require software installed on
client devices.
11.Which of the following is the most secure and recommended method for storing
sensitive user data in a database?
A. Storing the data in plain text
B. Using symmetric encryption
C. Using hashing algorithms
D. Using asymmetric encryption
Answer: C
Explanation:
Option 1: Incorrect. Storing sensitive user data in plain text is highly insecure and not
recommended. If a database breach occurs, all the data will be exposed without any
protection.
Option 2: Incorrect. Using symmetric encryption would require storing the encryption
key securely, which can be difficult. Additionally, any access to the data would require
the encryption key, adding complexity and potential vulnerabilities.
Option 3: Correct. Using hashing algorithms is the most secure and recommended
method for storing sensitive user data in a database. Hashing algorithms convert the
data into a fixed-size string, making it difficult to reverse-engineer and obtain the
original data. This ensures that even if a breach occurs, the sensitive data remains
protected.
Option 4: Incorrect. Using asymmetric encryption would also require storing the
encryption keys securely and adds unnecessary complexity for data retrieval, making
it less practical for storing sensitive user data in a database.
12.What is the purpose of Security Information and Event Management (SIEM)
systems?
A. To analyze network traffic and detect potential security threats.
B. To centrally collect, store, and analyze logs from various systems to detect and
respond to security incidents.
C. To encrypt sensitive data to protect it from unauthorized access.
D. To authenticate and authorize users to access network resources.
Answer: B
Explanation:
Option 1: This option is incorrect. While SIEM systems may perform analysis of
 7 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
network traffic, their primary purpose is not network traffic analysis, but rather log
collection and analysis for security incident detection and response.
Option 2: This option is correct. SIEM systems are designed to centrally collect, store,
and analyze logs from various systems to detect and respond to security incidents.
They provide real-time monitoring, correlation, and analysis of security events,
allowing organizations to identify potential threats and take appropriate actions.
Option 3: This option is incorrect. Encryption of sensitive data is not the purpose of
SIEM systems. While encryption is an important security measure, SIEM systems
focus on log management and analysis rather than encryption.
Option 4: This option is incorrect. User authentication and authorization are not within
the scope of SIEM systems. SIEM systems focus on log collection and analysis for
security incident detection and response, rather than user access control.
13.Which of the following is a security best practice for securing data in the cloud?
A. Storing sensitive data in clear text
B. Implementing multi-factor authentication
C. Allowing unrestricted accessto data
D. Using weak passwords
Answer: B
Explanation:
Option 1: Incorrect. Storing sensitive data in clear text is not a security best practice. It
leaves the data vulnerable to unauthorized access and breaches.
Option 2: Correct. Implementing multi-factor authentication is a security best practice
for securing data in the cloud. This adds an extra layer of protection by requiring
users to provide additional verification beyond just a password.
Option 3: Incorrect. Allowing unrestricted access to data is not a security best
practice. Access to data should be properly controlled and limited to authorized
individuals or groups.
Option 4: Incorrect. Using weak passwords is not a security best practice. Strong and
complex passwords should be used to prevent unauthorized access to data.
14.Which of the following is a principle of data security?
A. Encryption
B. Firewall
C. Intrusion Detection System
D. Data Masking
Answer: A
Explanation:
Option 1: Correct. Encryption is a principle of data security that involves converting
data into a form that is unreadable by unauthorized users. This helps protect the
confidentiality of data.
 8 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 2: Incorrect. A firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on predetermined security rules. While it
plays a role in data security, it is not a principle of data security.
Option 3: Incorrect. An Intrusion Detection System (IDS) is a device or software
application that monitors network or system activities for malicious activities or policy
violations and produces reports. While it plays a role in data security, it is not a
principle of data security.
Option 4: Incorrect. Data masking is a technique that replaces sensitive data with
fictitious data to protect the privacy of data. While it plays a role in data security, it is
not a principle of data security.
15.Which of the following features of the Cisco Identity Services Engine (ISE) allows
network administrators to define policies for controlling access to network resources
based on user identities and user or group attributes?
A. Network Access Profiles
B. Identity Firewall
C. Profiling
D. TrustSec
Answer: C
Explanation:
Option 1: Network Access Profiles: Network Access Profiles in Cisco ISE define the
behavior of network devices when they are accessed by authenticated users. They
are a set of policies that determine how network resources are allocated to users or
user groups, and what level of access they have.
Option 2: Identity Firewall: Cisco ISE's Identity Firewall feature enables network
administrators to apply firewall policies based on user identities. It allows for granular
control over network access and can enforce allow, deny, or redirect actions based on
user attributes.
Option 3: Profiling: This is the correct answer. Cisco ISE's Profiling feature is used to
dynamically classify endpoints connecting to the network based on their
characteristics, such as their MAC addresses, IP addresses, and DHCP options. This
information is then used to enforce access policies.
Option 4: TrustSe TrustSec is a Cisco security solution that provides secure access
control across the network infrastructure. While TrustSec is related to identity and
access management, it is not a feature of Cisco ISE specifically.
16.What is the purpose of multi-factor authentication?
A. To provide multiple layers of security by requiring users to provide more than one
form of identification
B. To simplify the login process by only requiring one form of identification
C. To restrict access to certain users by requiring additional authorization
 9 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
D. To prevent unauthorized access by encrypting user credentials
Answer: A
Explanation:
Option 1: Correct. Multi-factor authentication adds an extra layer of security by
requiring users to provide more than one form of identification, such as a password
and a fingerprint or a security token.
Option 2: Incorrect. Multi-factor authentication does not simplify the login process, but
rather adds an additional step to verify the user's identity.
Option 3: Incorrect. While multi-factor authentication can help restrict access to
certain users, its main purpose is to provide an extra layer of security rather than
additional authorization.
Option 4: Incorrect. While encryption is an important security measure, multi-factor
authentication is specifically designed to provide multiple layers of security by
requiring multiple forms of identification.
17.What is a common vulnerability in cloud-based systems?
A. Inadequate access controls
B. Outdated antivirus software
C. Weak passwords
D. Lack of network segmentation
Answer: A
Explanation:
Option 1: Correct: Inadequate access controls can leave cloud-based systems
vulnerable to
unauthorized access and data breaches.
Option 2: Incorrect: Outdated antivirus software is a concern for individual devices but
not specific to cloud-based systems.
Option 3: Incorrect: Weak passwords can be a vulnerability but not a common one in
cloud-based systems, which usually have password policies in place.
Option 4: Incorrect: Lack of network segmentation can be a vulnerability, but it is not
as common as inadequate access controls.
18.Which of the following is a best practice for managing security policies and
procedures?
A. Implementing a regular review process for security policies
B. Relying solely on default security settings
C. Allowing users to create and manage their own security policies
D. Not documenting the security policies and procedures
Answer: A
Explanation:
Option 1: Correct: Implementing a regular review process for security policies ensures
 10 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
that they are up-to-date and aligned with the organization's current security needs.
Option 2: Incorrect: Relying solely on default security settings is not a best practice as
default settings may not provide adequate protection and may not be appropriate for
the organization's specific needs.
Option 3: Incorrect: Allowing users to create and manage their own security policies
can lead to inconsistencies, lack of control, and potential security vulnerabilities.
Option 4: Incorrect: Not documenting the security policies and procedures makes it
difficult to enforce and communicate these policies to employees.
19.Which of the following is a best practice for implementing strong password policies
within an organization?
A. Allowing users to choose their own passwords, regardless of complexity
B. Requiring users to change their password every 90 days
C. Storing passwords in clear text in a central database
D. Allowing users to reuse their previous passwords
Answer: B
Explanation:
Option 1: Incorrect. Allowing users to choose their own passwords, regardless of
complexity, can lead to weak passwords that are easily guessed or cracked.
Option 2: Correct. Requiring users to change their password every 90 days helps to
ensure that passwords are regularly updated and less likely to be compromised.
Option 3: Incorrect. Storing passwords in clear text in a central database is a security
risk as it exposes the passwords to potential unauthorized access.
Option 4: Incorrect.
Allowing users to reuse their previous passwords increases the risk of unauthorized
access as attackers
may already be aware of the user's previous passwords.
20.What is the primary reason for implementing multi-factor authentication in a cloud
environment?
A. To provide an additional layer of security
B. To simplify the authentication process
C. To reduce costs
D. To improve performance
Answer: A
Explanation:
Option 1: Correct.Implementing multi-factor authentication provides an additional
layer of security by requiring users to provide multiple forms of authentication to
access cloud resources.
Option 2: Incorrect. The primary reason for implementing multi-factor authentication is
to provide an additional layer of security, not to simplify the authentication process.
 11 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 3: Incorrect. The primary reason for implementing multi-factor authentication is
to provide an additional layer of security, not to reduce costs.
Option 4: Incorrect. The primary reason for implementing multi-factor authentication is
to provide an additional layer of security, not to improve performance.
21.Which security feature provides network segmentation by creating virtual
networks?
A. VLANs
B. VLANs
C. Intrusion Prevention System (IPS)
D. Virtual Private Network (VPN)
Answer: A
Explanation:
Option 1: Correct, VLANs (Virtual Local Area Networks) provide network
segmentation by creating virtual networks, allowing different groups of devices to be
logically separated on the same physical network.
Option 2: Incorrect, Firewalls are designed to monitor and filter network traffic based
on predetermined security rules, but they do not provide network segmentation by
creating virtual networks.
Option 3: Incorrect, An Intrusion Prevention System (IPS) is a security appliance or
software that monitors network traffic for suspicious activity and takes action to
prevent potential threats, but it does not provide network segmentation by creating
virtual networks.
Option 4: Incorrect, A Virtual Private Network (VPN) is a secure tunnel between two
or more devices, typically used to connect remote sites or allow remote users to
access the private network. It does not provide network segmentation by creating
virtual networks.
22.Which of the following is a network security device that operates at the session
layer of the OSI model?
A. Firewall
B. Intrusion Detection System (IDS)
C. Intrusion Prevention System (IPS)
D. SSL/TLS
Answer: B
Explanation:
Option 1: Incorrect. A firewall operates at the network layer (layer of the OSI model,
not the session layer (layer 5).
Option 2: Correct. An Intrusion Prevention System (IPS) operates at the session layer
(layer 5) of the OSI model. It monitors network traffic in real-time and can block or
prevent malicious activities.
 12 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 3: Incorrect. An Intrusion Detection System (IDS) operates at the network layer
(layer of the OSI model, not the session layer (layer 5).
Option 4: Incorrect. SSL/TLS is a cryptographic protocol that operates at the transport
layer (layer of the OSI model, not the session layer (layer 5).
23.Which of the following is a feature of cloud computing?
A. On-premises hosting
B. Hardware provisioning
C. Data encryption
D. Physical server maintenance
Answer: C
Explanation:
Option 1: Incorrect. On-premises hosting refers to hosting applications and data on
local servers within an organization's physical infrastructure. It is not a feature of cloud
computing.
Option 2: Incorrect. Hardware provisioning is the process of setting up and configuring
the physical infrastructure required to run applications and store data. While this is an
important aspect of cloud computing, it is not a specific feature of cloud computing.
Option 3: Correct. Data encryption is a feature of cloud computing that ensures the
security and confidentiality of data stored and transmitted within the cloud. It protects
sensitive information from unauthorized access.
Option 4: Incorrect. Physical server maintenance involves activities such as hardware
repairs, upgrades, and maintenance tasks associated with physical servers. While
these tasks are necessary for managing an on-premises infrastructure, they are not
specific features of cloud computing.
24.Which security technology uses an agent-based approach to protect endpoints
and is designed to detect and prevent malicious activities?
A. Firewall
B. Intrusion Prevention System (IPS)
C. Data Loss Prevention (DLP)
D. Advanced Malware Protection (AMP)
Answer: D
Explanation:
Option 1: Incorrect. A firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on predetermined security rules.
Option 2: Incorrect. An Intrusion Prevention System (IPS) is a network security device
that monitors network traffic and is designed to detect and prevent unauthorized
access and malicious activities.
Option 3: Incorrect. Data Loss Prevention (DLP) is a security technology that prevents
sensitive data from being lost, stolen, or inadvertently leaked.
 13 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 4: Correct. Advanced Malware Protection (AMP) uses an agent-based
approach to protect endpoints and detect and prevent known and unknown malicious
activities. It includes features such as file reputation analysis, sandboxing, and
behavior-based malware detection.
25.Which of the following is true regarding secure web gateways (SWG)?
A. SWGs provide protection against malware and advanced threats
B. SWGs are primarily used to secure internal web applications.
C. SWGs are no longer necessary with the advent of cloud-based applications.
D. SWGs can only be deployed on-premises
Answer: A
Explanation:
Option 1: Correct. Secure web gateways (SWG) provide protection against malware
and advanced threats. They act as an intermediary between users and the internet,
inspecting web traffic to detect and block malicious content and prevent data loss.
Option 2: Incorrect. While secure web gateways (SWG) can be used to secure
internal web applications, their primary function is to provide protection against
malware and advanced threats.
Option 3: Incorrect. Secure web gateways (SWG) are still necessary, even with the
advent of cloud-based applications. They provide additional security controls and
visibility for web traffic, regardless of whether the applications are on-premises or in
the cloud.
Option 4: Incorrect. Secure web gateways (SWG) can be deployed both on-premises
and in the cloud, depending on the organization's needs and preferences.
26.Which feature allows endpoints to communicate directly with each other,
bypassing the network?
A. Firewall
B. IPS
C. VPN
D. Peer-to-Peer
Answer: D
Explanation:
Option 1: Incorrect. A firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on predetermined security rules.
Option 2: Incorrect. An IPS (Intrusion Prevention System) is a network security device
that monitors network traffic for malicious activity and takes immediate action to
prevent attacks.
Option 3: Incorrect. A VPN (Virtual Private Network) is a secure connection between
two or more endpoints over a public network, providing encryption and privacy for
data communication.
 14 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Option 4: Correct. Peer-to-peer (P2P) is a decentralized communication model where
endpoints can directly communicate with each other without the need for a central
server or network infrastructure.
27.Which of the following is a data protection technique that involves the
transformation of data into a format that is unreadable to unauthorized users?
A. Authentication
B. Encryption
C. Firewall
D. Intrusion Detection System
Answer: B
Explanation:
Option 1: Incorrect. Authentication refers to the process of verifying the identity of a
user or system.
Option 2: Correct. Encryption is a data protection technique that transforms data into
a format thatis unreadable to unauthorized users. It provides confidentiality and
ensures that even if the data is intercepted, it cannot be easily understood.
Option 3: Incorrect. A firewall is a network security device that monitors and filters
incoming and outgoing network traffic based on predetermined security rules.
Option 4: Incorrect. An Intrusion Detection System (IDS) is a security tool that
monitors network traffic for suspicious activity or violations of security policies.
28.Which of the following protocols can be used to securely transfer files over a
network?
A. HTTP
B. FTP
C. SMTP
D. DNS
Answer: B
Explanation:
Option 1: Incorrect. HTTP is a protocol for transferring hypertext documents, not files.
Option 2: Correct.
FTP (File Transfer Protocol) is a protocol used for secure file transfer over a network.
Option 3: Incorrect.
SMTP is a protocol used for sending email, not transferring files.
Option 4: Incorrect. DNS is a protocol used for translating domain names to IP
addresses, not transferring files.
29.Which of the following is an example of a data security principle?
A. Least Privilege
 15 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
B. Session Management
C. ARP Spoofing
D. Ciphertext
Answer: A
Explanation:
Option 1: Correct. Least Privilege is a data security principle that limits the access
rights of individuals to only what is necessary for them to perform their job functions.
Option 2: Incorrect. Session Management is a security practice related to handling
user sessions, but it is not specifically a data security principle.
Option 3: Incorrect. ARP Spoofing is a network attack technique, not a data security
principle.
Option 4: Incorrect. Ciphertext refers to encrypted data, but it is not a data security
principle.
30.Which of the following is a common security threat that targets web applications?
A. SQL injection
B. DNS poisoning
C. Man-in-the-middle attack
D. Distributed Denial of Service (DDoS)
Answer: A
Explanation:
Option 1: Correct: SQL injection is a common security threat that targets web
applications. It involves inserting malicious SQL code into input fields to manipulate
the application's database and gain unauthorized access or retrieve sensitive
information.
Option 2: Incorrect: DNS poisoning is not a common security threat that targets web
applications. It involves corrupting the DNS cache and redirecting users to malicious
websites.
Option 3: Incorrect: Man-in-the-middle attack is not a common security threat that
specifically targets web applications. It involves intercepting communication between
two parties and can affect various types of network communication.
Option 4: Incorrect: Distributed Denial of Service (DDoS) is not a common security
threat that targets web applications specifically. It involves overwhelming a target
system with a flood of traffic from multiple sources, rendering it inaccessible.
31.Which network infrastructure component allows for the translation of domain
names to IP addresses?
A. Firewall
B. Router
C. DNS server
D. DHCP server
 16 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Answer: C
Explanation:
DNS (Domain Name System) is a network infrastructure component that translates
domain names (e.g., www.example.com) into their corresponding IP addresses (e.g.,
192.168.1.1). DNS servers maintain a distributed database that maps domain names
to IP addresses, allowing users to access websites and other resources using easy-to-
remember names instead of complex IP addresses.
32.What is malware?
A. A form of cyber attack that attempts to gain unauthorized access to a network.
B. A software program that is designed to damage, disrupt, or gain unauthorized
access to a computer system.
C. A technique used by attackers to obtain sensitive information through deception.
D. A network of compromised computers used to carry out coordinated attacks.
Answer: B
Explanation:
Malware is a term used to describe any type of malicious software that is specifically
designed to damage, disrupt, or gain unauthorized access to a computer system. This
can include viruses, worms, trojan horses, spyware, and adware.
33.Which of the following encryption algorithms is considered strong?
A. RSA
B. MD5
C. ROT13
D. DES
Answer: A
Explanation:
RSA is considered a strong encryption algorithm because it uses asymmetric
encryption, which means it uses different keys for encryption and decryption. RSA is
widely used in secure communication protocols and provides a high level of security.
34.Which of the following password policies is considered a best practice?
A. Requiring passwords to be changed every 5 years
B. Allowing users to set easily guessable passwords
C. Enforcing a minimum password length and complexity requirements
D. Storing passwords in plain text format
Answer: C
Explanation:
Enforcing a minimum password length and complexity requirements is considered a
best practice for password policies. This helps to ensure that passwords are not
 17 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
easily guessable and increases the security of user accounts.
35.What does hardening mean in the context of cybersecurity?
A. Removing all vulnerabilities from a system or network
B. Implementing cybersecurity policies and regulations
C. Creating a backup of critical data and configurations
D. Making a system more resistant to threats and attacks
Answer: D
Explanation:
Hardening refers to the process of securing a system by reducing its vulnerability to
potential threats and attacks. It involves implementing security best practices, such as
disabling unnecessary services, applying patches and updates, configuring access
controls, strengthening passwords, and employing additional security measures like
firewalls or intrusion detection systems. Hardening helps ensure systems are less
susceptible to exploitation.
36.Which encryption method is used to secure data while it is being actively used and
processed by an application?
A. Asymmetric encryption
B. Homomorphic encryption
C. Secure Sockets Layer (SSL)
D. Hash encryption
Answer: B
Explanation:
Homomorphic encryption is a form of encryption that allows computations to be
performed on encrypted data without decrypting it. This method enables the secure
processing and manipulation of data while it is in use by an application or system.
Homomorphic encryption is particularly useful in scenarios where privacy is a
concern, such as in cloud computing or data analytics.
37.What type of encryption is used to secure data that is stored on a hard drive or
other storage media?
A. File-based encryption
B. Hash encryption
C. Symmetric encryption
D. Public Key Infrastructure (PKI)
Answer: C
Explanation:
Symmetric encryption is a type of encryption where the same key is used for both the
encryption and decryption processes. It is commonly employed to secure data at rest,
 18 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
such as on a hard drive or other storage media. With symmetric encryption, the key
must be kept secret to ensure the confidentiality of the encrypted data.
38.Which of the following is a characteristic of cloud-based applications in the context
of cybersecurity?
A. They provide enhanced flexibility and scalability for organizations.
B. They are not widely used and are considered a less secure option.
C. They require physical installation and maintenance, limiting their accessibility.
D. They are typically more susceptible to cyber attacks compared to traditional on-
premises
applications.
Answer: A
Explanation:
Cloud-based applications offer numerous benefits, one of which is enhanced flexibilityand scalability. These applications allow organizations to easily adjust their usage and
storage needs without the need for physical hardware upgrades. This flexibility often
contributes to improved productivity and cost-effectiveness. However, it's important to
note that the cybersecurity of cloud-based applications depends on the
implementation and security measures taken by the provider and user.
39.Which of the following is a characteristic of an IPv6 address?
A. Uses colons as separators
B. Can be represented by both decimal and binary notation
C. Supports a maximum of 4.3 billion unique addresses
D. Consists of 32 bits
Answer: A
Explanation:
An IPv6 address consists of 128 bits, which is four times the size of an IPv4 address.
Unlike IPv4 addresses that use periods (dots) as separators, IPv6 addresses use
colons as separators. For example, an IPv6 address could be written as
2001:0db8:85a3:0000:0000:8a2e:0370:7334.
40.Which of the following represents a technique used in Classless Inter-Domain
Routing (CIDR)?
A. Variable-length subnet masks
B. Compressed MAC addresses
C. Binary notation for IP addresses
D. 32-bit IP addresses
Answer: A
Explanation:
 19 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Classless Inter-Domain Routing (CIDR) is a technique used to allocate and manage
IP addresses more efficiently. It involves using variable-length subnet masks
(VLSMs), which allow the network to have subnets of different sizes. VLSMs provide
flexibility in allocating IP addresses by allowing the network administrator to choose
the appropriate number of network and host bits based on the network requirements.
41.Which of the following describes the purpose of a VPN (Virtual Private Network)?
A. To improve network performance and reduce latency
B. To segment a network into multiple smaller networks
C. To provide secure remote access to a private network over the internet
D. To control and filter network traffic based on predefined policies
Answer: C
Explanation:
A VPN (Virtual Private Network) is a technology that enables secure and encrypted
communication over a public network, such as the internet. It allows users to establish
a secure connection to a private network from remote locations. By encrypting the
communication, a VPN ensures confidentiality and integrity of the data transmitted
between the remote user and the private network, making it a suitable solution for
secure remote access.
42.What is the main difference between a public and a private network?
A. Public networks are secured, while private networks are not
B. Private networks are more expensive to set up than public networks
C. Public networks use public IP addresses, while private networks use private IP
addresses
D. Private networks are accessible to the general public, while public networks are not
Answer: C
Explanation:
The main difference between a public network and a private network lies in the IP
addressing scheme. Public networks use public IP addresses, provided by ISPs, to
route traffic over the internet. Private networks, on the other hand, use private IP
addresses, typically reserved IP ranges (e.g., 192.168.x.x or 10.x.x.x), for local
communication within a network.
43.What is one of the ethical principles that guide the code of ethics for cybersecurity
professionals?
A. Impersonation
B. Confidentiality
C. Anonymity
D. Discrimination
 20 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Answer: B
Explanation:
Confidentiality is one of the key ethical principles for cybersecurity professionals. It
requires professionals to respect the privacy of individuals and organizations by
keeping sensitive information secure and not disclosing it without proper
authorization. This helps build trust and ensures the protection of confidential data.
44.Which of the following best describes network security?
A. Ensuring high availability and performance of the network
B. Securing physical access to network devices
C. Protecting data from unauthorized access or modifications
D. Preventing network configuration errors
Answer: C
Explanation:
Network security is the practice of protecting data in a network from unauthorized
access, modifications, or attacks. It involves implementing various security measures
such as access control, encryption, firewalls, and intrusion prevention systems.
45.Which of the following is a characteristic of weak encryption algorithms?
A. They support secure communication protocols.
B. They are susceptible to cryptanalysis attacks.
C. They are resistant to brute force attacks.
D. They provide encryption keys with longer bit lengths.
Answer: B
Explanation:
Weak encryption algorithms are those that can be easily broken or exploited using
various encryption analysis techniques. These algorithms have vulnerabilities that can
be used to decrypt the encrypted
data without the need for the encryption key.
46.What is the primary purpose of a VPN (Virtual Private Network)?
A. To encrypt email communications
B. To secure wireless network connections
C. To establish a secure remote connection over a public network
D. To protect against malware attacks
Answer: C
Explanation:
A VPN is designed to provide secure, encrypted communication over a public network
such as the internet. Its primary purpose is to establish a secure and private
connection between two endpoints, allowing remote users to access resources on a
 21 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
private network as if they were directly connected to it. This helps protect sensitive
data and communications from interception by unauthorized individuals.
47.Which of the following involves dividing a network into smaller, more manageable
segments?
A. DHCP configuration
B. IP addressing
C. VLAN configuration
D. Subnetting
Answer: D
Explanation:
Subnetting is the process of dividing a network into smaller subnetworks, called
subnets or subnetworks. It helps in improving network performance, optimizing
address allocation, and enhancing network security. Subnetting is typically done by
using a subnet mask to determine the network and host portions of an IP address.
48.Which of the following is a unique identifier assigned to a network interface card
(NIC)?
A. IP address
B. Default gateway
C. MAC address
D. Subnet mask
Answer: C
Explanation:
A Media Access Control (MAC) address is a unique identifier assigned to a network
interface card (NIC) by the manufacturer. It is a 48-bit address typically represented
as six groups of two hexadecimal digits separated by colons or hyphens. MAC
addresses are used for communication at the data link layer of the network stack.
49.Which protocol is used for communication between web browsers and web
servers?
A. ICMP
B. TCP
C. UDP
D. HTTP
Answer: D
Explanation:
HTTP (Hypertext Transfer Protocol) is the protocol used for communication between
web browsers (client) and web servers. It allows for the exchange of hypertext, which
includes text, images, and other resources, over the Internet. HTTP operates on top
 22 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
of TCP, ensuring reliable delivery of data.
50.What is spear phishing?
A. A physical attack where an unauthorized person gains entry to a restricted area by
following closely behind an authorized person.
B. A form of social engineering attack that uses SMS or text messages to trick victims
into revealing sensitive information.
C. A cyber attack where an attacker manipulates and deceives an individual to reveal
sensitive information.
D. A type of phishing attack that targets specific individuals or organizations.
Answer: D
Explanation:Spear phishing is a targeted form of phishing attack that focuses on specific
individuals or organizations. In spear phishing, the attacker gathers information about
the target and tailors the phishing emails or messages to make them seem more
legitimate and convincing. The goal is to trick the target into revealing sensitive
information, such as login credentials or financial details.
51.What is the purpose of encryption in network security?
A. To monitor and detect network attacks
B. To authenticate and authorize users
C. To protect the confidentiality and integrity of data during transmission
D. To prevent unauthorized physical access to network devices
Answer: C
Explanation:
Encryption is the process of transforming data into an unintelligible form (ciphertext)
to protect its confidentiality and integrity during transmission. It ensures that even if
the data is intercepted, it cannot be understood or modified without the encryption
key. Encryption helps in safeguarding sensitive information from unauthorized access
and tampering.
52.Which cryptographic technique is used to ensure the integrity of data without the
ability to reverse the process?
A. Hashing algorithm
B. Digital signature
C. Asymmetric encryption
D. Symmetric encryption
Answer: A
Explanation:
Hashing is a cryptographic technique where an input (data/message) is processed
 23 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
through an algorithm to produce a fixed-size output, known as a hash value. The key
characteristic of hashing is that it is a one-way function, meaning that it is
computationally infeasible to reverse the process and derive the original input from
the hash value. Hashing is commonly used to verify data integrity, as even a small
change in the input will result in a significantly different hash value.
53.What type of security technique involves setting up a decoy system or network to
lure and trap potential attackers?
A. Honeypot
B. Virtualization
C. DMZ
D. Proxy
Answer: A
Explanation:
A honeypot is a security technique that involves setting up a decoy system or network
to attract potential attackers. The purpose of a honeypot is to gather information about
attackers' tactics, techniques, and intentions, allowing organizations to learn more
about the threats they face and improve their defenses.
By monitoring the activities within a honeypot, organizations can gain valuable
insights into emerging attack methods and enhance their overall cybersecurity
strategy.
54.Which of the following is an example of a web application vulnerability that can be
exploited by an attacker?
A. Network latency
B. Disk fragmentation
C. Buffer overflow
D. Cross-site scripting (XSS)
Answer: D
Explanation:
Cross-site scripting (XSS) is a web application vulnerability where an attacker injects
malicious code into a trusted website, which then executes on the victim's browser.
This vulnerability can allow attackers to steal sensitive information, perform phishing
attacks, or deliver malware. Disk fragmentation, network
latency, and buffer overflow are not examples of web application vulnerabilities; they
refer to other aspects of computing performance and security.
55.What is encryption?
A. A process of converting plaintext into binary code to enhance data accessibility
B. A process of converting binary code into plaintext to improve data reliability
 24 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
C. A process of converting plaintext into ciphertext to protect data confidentiality
D. A process of converting ciphertext into plaintext to secure data integrity
Answer: C
Explanation:
Encryption is the process of converting plaintext (original data) into a coded or
unreadable format known as ciphertext. This ensures that if the data is intercepted or
accessed by unauthorized individuals, they would not be able to understand the
information without the appropriate decryption key. Encryption is used to protect the
confidentiality and privacy of sensitive data during transmission or storage.
56.Which of the following is NOT a component of AAA?
A. Authorization
B. Accountability
C. Authentication
D. Accurate accounting
Answer: D
Explanation:
The components of AAA are Authentication, Authorization, and Accounting.
Accounting refers to the process of tracking and logging user activities, but its focus is
not on accuracy. Instead, accounting provides information about resource usage, user
activities, and system utilization for auditing and analysis purposes.
57.What is the purpose of implementing a firewall in a network?
A. To scan and remove malware from network traffic
B. To prevent unauthorized physical access to network devices
C. To control and filter network traffic based on predetermined security policies
D. To monitor network performance and troubleshoot issues
Answer: C
Explanation:
A firewall is a network security device that acts as a barrier between internal and
external networks. Its main purpose is to control and filter network traffic based on
predetermined security policies. It examines packets entering or leaving the network
and either allows or blocks them based on the configured rules.
58.Which statement accurately describes the concept of a code of ethics in the
cybersecurity field?
A. A document that articulates ethical standards for cybersecurity professionals.
B. A set of laws and regulations governing cybersecurity practices.
C. A framework outlining the steps of a cybersecurity attack.
D. A compilation of open-source tools for network security.
 25 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
Answer: A
Explanation:
A code of ethics in the cybersecurity field is a document that outlines the ethical
standards and behavior expected from cybersecurity professionals. It provides
guidelines for professionals to follow in order to maintain integrity, protect privacy, and
ensure the responsible use of technology in their work.
59.Which notation is used by IPv6?
A. Decimal notation
B. Octal notation
C. Hexadecimal notation
D. Binary notation
Answer: C
Explanation:
IPv6 addresses are expressed using hexadecimal notation. It consists of eight groups
of four hexadecimal digits separated by colons, e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334. Hexadecimal digits range from 0 to 9
and A to F.
60.What are botnets?
A. An attack that manipulates individuals into revealing sensitive information or
performing certain actions.
B. A network of compromised computers controlled by a central entity to carry out
malicious activities.
C. A form of cyber attack that attempts to gain unauthorized access to a network.
D. A software program that is designed to damage, disrupt, or gain unauthorized
access to a computer
system.
Answer: B
Explanation:
Botnets are networks of compromised computers that are controlled by a central
entity, often referred to as a botmaster. These compromised computers, also known
as bots or zombies, are typically infected with malware and can be used to carry out
various malicious activities, such as launching DDoS attacks, sending spam emails,
or stealing sensitive information.
61.Which of the following is an example of a private IP address?
A. 169.254.0.1
B. 203.0.113.0
C. 172.16.0.0
 26 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
D. 198.51.100.0
Answer: C
Explanation:
Among the given options, 172.16.0.0 is an example of a private IP address. It falls
within the range of private IP addresses defined by RFC 1918, specifically the Class
B private address range 172.16.0.0 - 172.31.255.255, which is commonly used for
internal networks.
62.Which of the following is a common securitycontrol measure used to protect
applications from unauthorized access?
A. File compression
B. Biometric authentication
C. Hard disk formatting
D. Data anonymization
Answer: B
Explanation:
Biometric authentication is a security control measure that uses physical or behavioral
characteristics, such as fingerprint scanning or facial recognition, to verify a user's
identity. By implementing biometric authentication, organizations can add an extra
layer of protection to their applications and control access to sensitive data. File
compression, data anonymization, and hard disk formatting are not directly related to
application security measures.
63.Which of the following is a common authentication protocol used in wireless
networks?
A. FTP
B. WPA
C. SSH
D. SMTP
Answer: B
Explanation:
WPA (Wi-Fi Protected Access) is a widely used authentication protocol for securing
wireless networks. It provides stronger security than the older WEP (Wired Equivalent
Privacy) protocol by utilizing encryption algorithms and dynamic key generation. WPA
offers better protection against unauthorized access and helps ensure the
confidentiality and integrity of wireless communications.
64.Which encryption method provides the highest level of security for a wireless SoHo
network?
A. WPA2
 27 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
B. WEP
C. WPA
D. TKIP
Answer: A
Explanation:
WPA2 (Wi-Fi Protected Access 2) is currently the most secure encryption method for
wireless networks. It uses the Advanced Encryption Standard (AES) algorithm, which
provides a high level of protection against unauthorized access. WEP (Wired
Equivalent Privacy) is an older encryption method that is considered weak and easily
crackable. WPA (Wi-Fi Protected Access) is an improvement over WEP but still has
some vulnerabilities. TKIP (Temporal Key Integrity Protocol) is an older encryption
method used with WPA that has also been found to have security weaknesses.
Therefore, the correct answer is WPA2.
65.What is a digital certificate used for in the context of cybersecurity?
A. Encrypting data
B. Verifying the identity of an entity
C. Creating a secure tunnel
D. Decrypting data
Answer: B
Explanation:
A digital certificate is an electronic document used to prove the authenticity and
identity of an entity, such as a person, organization, or device, in an online
environment. It is issued and digitally signed by a trusted third party known as a
certification authority (CA). Digital certificates are commonly used in cybersecurity for
purposes such as authentication, ensuring secure communication, and establishing
trust between entities.
66.Which of the following access control methods is the most secure?
A. Biometric authentication
B. Multi-factor authentication
C. Single-factor authentication
D. Password-based authentication
Answer: A
Explanation:
Biometric authentication is considered the most secure access control method
because it relies on unique physical or behavioral characteristics of an individual,
such as fingerprints, iris scans, or voice recognition. These characteristics are difficult
to replicate or forge, making it more difficult for unauthorized individuals to gain
access.
 28 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
67.Which of the following is a common threat to cybersecurity?
A. Software updates
B. Data encryption
C. User authentication
D. Phishing attacks
Answer: D
Explanation:
Phishing attacks are a common threat to cybersecurity. They involve fraudulent
attempts to obtain sensitive information, such as passwords and credit card details,
by disguising as a trustworthy entity in electronic communication. It is important to be
cautious and verify the authenticity of any requests for personal information to protect
against phishing attacks.
68.Which protocol is used to assign IP addresses to devices on a network?
A. ICMP
B. DHCP
C. UDP
D. TCP
Answer: B
Explanation:
DHCP (Dynamic Host Configuration Protocol) is used to assign IP addresses
dynamically to devices on a network. Instead of manually configuring IP addresses on
each device, DHCP allows for automated IP address allocation, making network
administration more efficient.
69.Which technology is responsible for managing cryptographic keys, digital
certificates, and providing other security-related services?
A. Intrusion Detection System (IDS)
B. Virtual Private Network (VPN)
C. Public Key Infrastructure (PKI)
D. Firewall
Answer: C
Explanation:
Public Key Infrastructure (PKI) is a framework of hardware, software, policies, and
procedures used to manage the generation, storage, distribution, and revocation of
digital certificates and encryption keys. PKI provides important security services such
as authentication, encryption, and integrity checking. It enables secure
communication, verifies the trustworthiness of digital identities, and ensures the
confidentiality and integrity of data exchanged between parties.
 29 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
70.What is a denial of service (DoS) attack?
A. A technique used by attackers to obtain sensitive information through deception.
B. A software program that is designed to damage, disrupt, or gain unauthorized
access to a computer
system.
C. A form of cyber attack that attempts to gain unauthorized access to a network.
D. An attack that overwhelms a target system with a flood of traffic or requests,
rendering it inaccessible to legitimate users.
Answer: D
Explanation:
A denial of service (DoS) attack is a type of cyber attack that aims to make a target
system or network unavailable to its intended users by overwhelming it with a flood of
traffic or requests. This effectively denies legitimate users access to the system.
71.Which of the following features help to secure a wireless SoHo network from
unauthorized access?
A. Default admin credentials
B. Weak encryption
C. MAC filtering
D. SSID broadcast
Answer: C
Explanation:
MAC filtering is a feature that allows a network administrator to specify which devices
can connect to the wireless network based on their MAC (Media Access Control)
addresses. By enabling MAC filtering, only devices with authorized MAC addresses
will be allowed to connect, thereby enhancing network security. SSID (Service Set
Identifier) broadcast refers to the network name being broadcasted, and hiding it
doesn't provide significant security improvement. Default admin credentials should
always be changed to prevent unauthorized access, making option C a weak answer
choice. Weak encryption, such as WEP or TKIP, provides little security and should be
avoided.
72.What is the primary function of a server in a network infrastructure?
A. Monitor network traffic
B. Filter incoming and outgoing traffic
C. Detect and prevent intrusions
D. Store and manage files
Answer: D
Explanation:
A server is a computer or system that is dedicated to serving the needs of other
 30 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
computers (clients) on a network. A primary function of a server is to store and
manage files, applications, and other resources that can be accessed by clients over
the network.
73.Which encryption method uses a single key to both encrypt and decrypt data?
A. SSL/TLS
B. Symmetric encryption
C. Hashing
D. Asymmetric encryption
Answer: B
Explanation:
Symmetric encryption uses a single key to both encrypt and decrypt data. This means
that the same key is used by both the sender and the receiver to secure the
communication. It is faster and less computationally intensive than asymmetric
encryption.
74.What is an attack vector in cybersecurity?
A. The method used byan attacker to gain unauthorized access
B. A vulnerability in a system that can be exploited
C. The path or means through which an attacker can exploit vulnerabilities
D. The likelihood of a cyber attack taking place
Answer: C
Explanation:
An attack vector refers to the pathway or means by which an attacker can carry out a
successful exploit or gain unauthorized access to a system. It can be a network
protocol, software vulnerability, social engineering technique, malicious email
attachment, or any other method that allows an attacker to exploit vulnerabilities.
Understanding attack vectors is crucial for implementing effective defenses and
mitigating risks.
75.Which of the following is an example of a network vulnerability?
A. Encrypting sensitive data
B. Running outdated and unpatched software
C. Using a strong password
D. Implementing a firewall
Answer: B
Explanation:
Running outdated and unpatched software is an example of a network vulnerability.
Software updates often include patches to fix security vulnerabilities that have been
discovered. Failing to install these updates or using outdated software increases the
 31 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
risk of an attacker exploiting known vulnerabilities to gain unauthorized access or
compromise the network.
76.Which of the following is NOT an essential security principle?
A. Complexity
B. Confidentiality
C. Availability
D. Integrity
Answer: A
Explanation:
Complexity is not considered an essential security principle. The essential security
principles are confidentiality, availability, and integrity. Confidentiality ensures that
information is only accessible to authorized individuals or entities. It focuses on
protecting sensitive data from unauthorized disclosure or access. Availability ensures
that information and resources are accessible when needed. It emphasizes the need
for systems and networks to be operational and usable, with minimal downtime or
interruptions. Integrity ensures that information is accurate, complete, and unaltered.
It focuses on maintaining the trustworthiness and reliability of data and preventing
unauthorized modifications. Complexity, although important in certain areas of
cybersecurity, is not considered an essential security principle on its own. It often
relates to the design and implementation of security controls or measures, rather than
being a fundamental principle.
77.Which technology is responsible for monitoring network traffic and identifying
potential threats?
A. IDS
B. Firewall
C. Server
D. IPS
Answer: A
Explanation:
An Intrusion Detection System (IDS) is a technology that monitors network traffic and
analyzes it for potential security breaches or vulnerabilities. It detects and alerts
administrators to any suspicious activity, allowing them to take appropriate actions to
mitigate potential threats.
78.Which of the following best describes the concept of defense in depth in
cybersecurity?
A. Utilizing multiple layers of security controls to protect against different types of
threats
 32 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
B. Running regular vulnerability scans to maintain the integrity of the system
C. Implementing access controls to ensure availability of critical resources
D. Encrypting sensitive data to maintain confidentiality
Answer: A
Explanation:
Defense in depth is a cybersecurity strategy that involves implementing multiple
layers of security controls to protect against various types of threats. This approach
provides greater resilience and mitigates potential vulnerabilities. By implementing
multiple layers, even if one control fails, others can still safeguard the system.
79.What is the general motivation behind an Advanced Persistent Threat (APT)?
A. Publicity
B. Random disruption
C. Financial gain
D. Revenge
Answer: C
Explanation:
The general motivation behind an APT is often financial gain. Threat actors
conducting APTs aim to gain unauthorized access to valuable information, such as
financial data or intellectual property, with the intention of extracting monetary value
from their targets.
80.What is a vulnerability in the context of cybersecurity?
A. An advanced encryption algorithm
B. A software bug that causes system crashes
C. A weakness in a system that can be exploited by threats
D. A security measure that prevents unauthorized access
Answer: C
Explanation:
A vulnerability refers to a weakness in a system that can be exploited by threats or
attackers. It could be a flaw in software, a misconfiguration, or a gap in security
controls that can be taken advantage of to gain unauthorized access, disrupt services,
or compromise data. Identifying and addressing vulnerabilities is crucial to
maintaining a secure cybersecurity posture.
81.What is an Advanced Persistent Threat (APT)?
A. A vulnerability in network communication protocols.
B. A cyberattack that compromises multiple devices simultaneously.
C. A sophisticated and targeted attack that aims to gain unauthorized access and
maintain persistence over a long period.
 33 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
D. A type of malware that spreads rapidly through a network.
Answer: C
Explanation:
Advanced Persistent Threats (APTs) are stealthy and prolonged attacks targeted at
specific organizations or entities. APTs typically employ sophisticated techniques,
including social engineering and zero-day exploits. The primary objectives of APTs
are to gain unauthorized access, maintain persistence within the target network or
system, and conduct reconnaissance or exfiltrate sensitive data without being
detected for an extended period of time.
82.What is an insider threat?
A. A threat posed by an individual with authorized access to an organization's
systems and data.
B. A vulnerability in an organization's network infrastructure.
C. The accidental disclosure of sensitive information.
D. A security breach caused by an external attacker.
Answer: A
Explanation:
Insider threats refer to risks and vulnerabilities that arise from individuals who have
authorized access to an organization's systems, networks, or data. These individuals
may intentionally or unintentionally cause harm, such as stealing confidential
information, sabotaging systems, or disclosing sensitive data to unauthorized entities.
83.What is tailgating in the context of cybersecurity?
A. A type of phishing attack that targets specific individuals or organizations.
B. A physical attack where an unauthorized person gains entry to a restricted area by
following closely behind an authorized person.
C. A form of social engineering attack that uses SMS or text messages to trick victims
into revealing sensitive information.
D. A cyber attack where an attacker manipulates and deceives an individual to reveal
sensitive
information.
Answer: B
Explanation:
Tailgating refers to the act of an unauthorized person gaining physical access to a
secured area by closely following behind an authorized person who has just been
granted access. This form of physical attack exploits the weakness in human
behavior, as people tend to hold doors open for others out of politeness or assume
that the person following them is authorized.
 34 / 39
10
0-
16
0 
Dum
ps
 (V
8.
02
) -
 R
el
ia
bl
e 
Res
ou
rc
es
 fo
r P
as
sin
g 
Cisc
o 
10
0-
16
0 
Exa
m
84.Which protocol uses encryption for secure remote access to network resources?
A. Point-to-Point Protocol (PPP)
B. Wireless Equivalent Privacy (WEP)
C. Internet Protocol Security (IPSec)
D. Secure Shell (SSH)
Answer: D
Explanation:
Secure Shell (SSH) is a cryptographic network protocol that provides secure remote
access and control of network resources.