Certified Cybersecurity Technician v1.0

Page:    1 / 4   
Exam contains 55 questions

Ryleigh, a system administrator, was instructed to perform a full back up of organizational data on a regular basis. For this purpose, she used a backup technique on a fixed date when the employees are not accessing the system i.e., when a service-level down time is allowed a full backup is taken.
Identify the backup technique utilized by Ryleigh in the above scenario.

  • A. Nearline backup
  • B. Cold backup
  • C. Hot backup
  • D. Warm backup


Answer : B

Jaden, a network administrator at an organization, used the ping command to check the status of a system connected to the organization's network. He received an ICMP error message stating that the IP header field contains invalid information. Jaden examined the ICMP packet and identified that it is an IP parameter problem.
Identify the type of ICMP error message received by Jaden in the above scenario.

  • A. Type =12
  • B. Type = 8
  • C. Type = 5
  • D. Type = 3


Answer : C

Steve, a network engineer, was tasked with troubleshooting a network issue that is causing unexpected packet drops. For this purpose, he employed a network troubleshooting utility to capture the ICMP echo request packets sent to the server. He identified that certain packets are dropped at the gateway due to poor network connection.
Identify the network troubleshooting utility employed by Steve in the above scenario.

  • A. dnsenurn
  • B. arp
  • C. traceroute
  • D. ipconfig


Answer : C

Anderson, a security engineer, was Instructed to monitor all incoming and outgoing traffic on the organization's network to identify any suspicious traffic. For this purpose, he employed an analysis technique using which he analyzed packet header fields such as IP options, IP protocols, IP fragmentation flags, offset, and identification to check whether any fields are altered in transit.
Identify the type of attack signature analysis performed by Anderson in the above scenario.

  • A. Context-based signature analysis
  • B. Atomic-signature-based analysis
  • C. Composite-signature-based analysis
  • D. Content-based signature analysis


Answer : D

Leilani, a network specialist at an organization, employed Wireshark for observing network traffic. Leilani navigated to the Wireshark menu icon that contains items to manipulate, display and apply filters, enable, or disable the dissection of protocols, and configure user-specified decodes.
Identify the Wireshark menu Leilani has navigated in the above scenario.

  • A. Statistics
  • B. Capture
  • C. Main toolbar
  • D. Analyze


Answer : B

Tenda, a network specialist at an organization, was examining logged data using Windows Event Viewer to identify attempted or successful unauthorized activities. The logs analyzed by Tenda include events related to Windows security; specifically, log-on/log-off activities, resource access, and also information based on Windows system's audit policies.
Identify the type of event logs analyzed by Tenda in the above scenario.

  • A. Application event log
  • B. Setup event log
  • C. Security event log
  • D. System event log


Answer : C

Nancy, a security specialist, was instructed to identify issues related to unexpected shutdown and restarts on a Linux machine. To identify the incident cause, Nancy navigated to a directory on the Linux system and accessed a log file to troubleshoot problems related to improper shutdowns and unplanned restarts.
Identify the Linux log file accessed by Nancy in the above scenario.

  • A. /var/log/secure
  • B. /var/log/kern.log
  • C. /var/log/boot.log
  • D. /var/log/lighttpd/


Answer : C

Warren, a member of IH&R team at an organization, was tasked with handling a malware attack launched on one of servers connected to the organization's network. He immediately implemented appropriate measures to stop the infection from spreading to other organizational assets and to prevent further damage to the organization.
Identify the IH&R step performed by Warren in the above scenario.

  • A. Containment
  • B. Recovery
  • C. Eradication
  • D. Incident triage


Answer : A

The IH&R team in an organization was handling a recent malware attack on one of the hosts connected to the organization's network. Edwin, a member of the IH&R team, was involved in reinstating lost data from the backup media. Before performing this step, Edwin ensured that the backup does not have any traces of malware.
Identify the IH&R step performed by Edwin in the above scenario.

  • A. Eradication
  • B. Incident containment
  • C. Notification
  • D. Recovery


Answer : D

Kason, a forensic officer, was appointed to investigate a case where a threat actor has bullied certain children online. Before proceeding legally with the case, Kason has documented all the supporting documents, including source of the evidence and its relevance to the case, before presenting it in front of the jury.
Which of the following rules of evidence was discussed in the above scenario?

  • A. Authentic
  • B. Understandable
  • C. Reliable
  • D. Admissible


Answer : D

Arabella, a forensic officer, documented all the evidence related to the case in a standard forensic investigation report template. She filled different sections of the report covering all the details of the crime along with the daily progress of the investigation process.
In which of the following sections of the forensic investigation report did Arabella record the "nature of the claim and information provided to the officers"?

  • A. Investigation process
  • B. Investigation objectives
  • C. Evidence information
  • D. Evaluation and analysis process


Answer : C

Shawn, a forensic officer, was appointed to investigate a crime scene that had occurred at a coffee shop. As a part of investigation, Shawn collected the mobile device from the victim, which may contain potential evidence to identify the culprits.
Which of the following points must Shawn follow while preserving the digital evidence? (Choose three.)

  • A. Never record the screen display of the device
  • B. Turn the device ON if it is OFF
  • C. Do not leave the device as it is if it is ON
  • D. Make sure that the device is charged


Answer : BCD

Ruben, a crime investigator, wants to retrieve all the deleted files and folders in the suspected media without affecting the original files. For this purpose, he uses a method that involves the creation of a cloned copy of the entire media and prevents the contamination of the original media.
Identify the method utilized by Ruben in the above scenario.

  • A. Sparse acquisition
  • B. Bit-stream imaging
  • C. Drive decryption
  • D. Logical acquisition


Answer : B

Kasen, a cybersecurity specialist at an organization, was working with the business continuity and disaster recovery team. The team initiated various business continuity and discovery activities in the organization. In this process, Kasen established a program to restore both the disaster site and the damaged materials to the pre-disaster levels during an incident.
Which of the following business continuity and disaster recovery activities did Kasen perform in the above scenario?

  • A. Prevention
  • B. Resumption
  • C. Response
  • D. Recovery


Answer : D

Cassius, a security professional, works for the risk management team in an organization. The team is responsible for performing various activities involved in the risk management process. In this process, Cassius was instructed to select and implement appropriate controls on the identified risks in order to address the risks based on their severity level.
Which of the following risk management phases was Cassius instructed to perform in the above scenario?

  • A. Risk analysis
  • B. Risk treatment
  • C. Risk prioritization
  • D. Risk identification


Answer : B

Page:    1 / 4   
Exam contains 55 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy