ISACA CSX Fundamentals Certificate Practice Quiz and Answers 2022
46 views 0 purchase
Course
ISACA CSX Fundamentals
Institution
ISACA CSX Fundamentals
1. To which of the following layers of the Open Systems Interconnect (OSI) model would one map Ethernet? - ANSWER Data Link
Network
Application
Transport (X)
5. Which cybersecurity principle is most important when attempting to trace the source of malicious activity?
Availability...
isaca csx fundamentals certificate practice quiz and answers 2022
1 to which of the following layers of the open systems interconnect osi model would one map ethernet
2 whi
Written for
ISACA CSX Fundamentals
All documents for this subject (1)
Seller
Follow
millyphilip
Reviews received
Content preview
ISACA CSX Fundamentals Certificate
Practice Quiz
1. To which of the following layers of the Open Systems Interconnect (OSI) model would
one map Ethernet? - ANSWER Data Link
Network
Application
Transport (X)
5. Which cybersecurity principle is most important when attempting to trace the source
of malicious activity?
Availability
Integrity
Nonrepudiation
Confidentiality
6. Which of the following offers the strongest protection for wireless network traffic?
Wireless Protected Access 2 (WPA2)
Wireless Protected Access-Advanced Encryption Standard (WPA-AES)
Wired Equivalent Protection 128-bit (WEP-128)
Wireless Protected Access-Temporary Key Integrity Protocol (WPA-TKIP)
7. Outsourcing poses the greatest risk to an organization when it involves:
Business support services
Technology infrastructure
Cybersecurity capabilities
Core business functions
8. Risk assessments should be performed:
At the start of a program
On a regular basis
When an asset changes
When a vulnerability is discovered
9. Maintaining a high degree of confidence regarding the integrity of evidence requires
a(n):
Power of attorney
Sworn statement
Chain of custody
Affidavit
,ISACA CSX Fundamentals Certificate
Practice Quiz
10. A firewall that tracks open connection-oriented protocol sessions is said to be:
State-sponsored
Stateless
Stateful
Stated
11. During which phase of the system development lifecycle (SDLC) should security first
be considered?
Planning
Analysis
Design
Implementation
12. A cybersecurity architecture designed around the concept of a perimeter is said to
be:
Data-centric
User-centric
Integrated
System-centric
13. A passive network hub operates at which layer of the OSI model?
Data Link
Physical
Network
Transport
14. Updates in cloud-computing environments can be rolled out quickly because the
environment is:
Homogeneous
Distributed
Diversified
Secure
15. During which phase of the six-phase incident response model is the root cause
determined?
Recovery
Identification
Containment
Eradication
16. The attack mechanism directed against a system is commonly called a(n):
Exploit
Vulnerability
Payload
, ISACA CSX Fundamentals Certificate
Practice Quiz
Attack Vector
17. Where should an organization's network terminate virtual private network (VPN)
tunnels?
At an interior router, to reduce network traffic congestion
At a dedicated "honey pot" system in the demilitarized zone (DMZ)
At the destination system, to prevent loss of confidentiality
At the perimeter, to allow for effective internal monitoring
18. In practical applications:
Symmetric key encryption is used to securely distribute asymmetric keys
Asymmetric key encryption is used to securely obtain symmetric keys
Symmetric key encryption is used only for short messages, such as digital signatures
Asymmetric key encryption is used in cases where speed is important
19. Which two factors are used to calculate the likelihood of an event?
Threat and vulnerability
Vulnerability and asset value
Asset count and asset value
Threat and asset count
20. What is one advantage of a firewall implemented in software over a firewall
appliance?
Performance
Power consumption
Flexibility
Resiliency
21. A business continuity plan (BCP) is not complete unless it includes:
Dedicated resources
Detailed procedures
Network diagrams
Critical processes
22. Under the US-CERT model for incident categorization, a CAT-3 incident refers to
which of the following?
Improper usage
Investigation
Denial of service (DoS)
Malicious code
23. An interoperability error is what type of vulnerability?
Technical
Process
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller millyphilip. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.39. You're not tied to anything after your purchase.
