Python Essentials 2: INTERMEDIATE


Module-2


                   

1. What is the correct definition of risk management?
a) The process of transferring risks that cannot be eliminated or mitigated
b) The process of identifying and assessing risk to determine the severity of threats
c) The process of accepting risks that cannot be eliminated, mitigated or transferred
d) The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities
Solution: d) The process of identifying and assessing risk to reduce the impact of threats and vulnerabilities
Explanation: Risk management is the formal process of continuously identifying and assessing risk in an effort to reduce the impact of threats and vulnerabilities.

2. Which of the following tools can be used to provide a list of open ports on network devices?
a) Ping
b) Tracert
c) Nmap
d) Whois
Solution: c) Nmap

3. Which of the following tools can perform real-time traffic and port analysis, and can also detect port scans, fingerprinting and buffer overflow attacks?
a) NetFlow
b) SIEM
c) Nmap
d) Snort
Solution: d) Snort

4. ‘Today, there are single security appliances that will solve all the network security needs of an organization.’ Is this statement true or false?
a) True
b) False
Solution: b) False
Explanation: There is no single security appliance or piece of technology that will solve all the network security needs in an organization.

5. What name is given to a device that controls or filters traffic going in or out of the network?
a) Router
b) VPN
c) Firewall
d) IPS
Solution: c) Firewall
Explanation: A firewall is designed to control or filter which communications are allowed in and which are allowed out of a device or network.

6. What tool can identify malicious traffic by comparing packet contents to known attack signatures?
a) IDS
b) Zenmap
c) Nmap
d) NetFlow
Solution: a) IDS
Explanation: An email message is transmitted in plain text and can be read by anyone who has access to the data while it is en route to a destination. Patient records include confidential or sensitive information that should be transmitted in a secure manner.

7. What protocol is used to collect information about traffic traversing a network?
a) HTTPS
b) NetFlow
c) Telnet
d) NAT
Solution: b) NetFlow
Explanation: NetFlow technology is used to gather information about data flowing through a network, including who and what devices are in the network, and when and how users and devices access the network.

8. Behavior-based analysis involves using baseline information to detect what?
a) Risk
b) Anomalies
c) Backdoors
d) Vulnerabilities
Solution: b) Anomalies

9. What is the last stage of a pen test?
a) Scanning
b) Analysis and reporting
c) Gathering target information
d) Maintaining access
Solution: b) Analysis and reporting
Explanation: The pen tester will provide feedback via a report that recommends updates to products, policies and training to improve an organization’s security.

10. ‘With careful planning and consideration, some risks can be completely eliminated.’ Is this statement true or false?
a) True
b) False
Solution: b) False

11. What is a security playbook?
a) A collection of security alerts, logs and historical data from the network
b) A collection of repeatable queries or reports that outline a standardized process for incident detection and response
c) A step-by-step guide on how to carry out IT-related procedures
Solution: c) A step-by-step guide on how to carry out IT-related procedures

12. What is the main aim of a Cyber Security Incident Response Team (CSIRT)?
a) To help client organizations improve their incident management capabilities
b) To help ensure organization, system and data preservation by performing investigations into computer security incidents
c) To enforce access to network resources by creating role-based control policies
d) To provide guidance on the implementation of safeguards and personnel training
Solution: b) To help ensure organization, system and data preservation by performing investigations into computer security incidents

13. How do Cisco ISE and TrustSec work?
a) They stop sensitive data from being stolen or escaping a network
b) They enforce access to network resources by creating role-based access control policies
c) They block network traffic based on a positive rule or signature match
Solution: b) They enforce access to network resources by creating role-based access control policies

14. The risk management process consists of four steps. Can you put these in the right order?
a) Frame the risk
b) Assess the risk
c) Respond to the risk
d) Monitor the risk
Solution: b) Assess the risk, a) Frame the risk, c) Respond to the risk, d) Monitor the risk