M21 Practice Quiz

#Cybersecurity #apps #email #protocols #wireless

Question 1

  1. Which of the following is used for identifying the optimal locations for wireless access points in a building?

    Options:

    • Firewall
    • Encryption
    • Site Surveys 
    • Heat Maps

    Overall explanation:

    • Site Surveys are used for planning and designing a wireless network to provide a solution that will deliver the required wireless coverage, data rates, network capacity, roaming capability, and Quality of Service (QoS). The survey usually involves a site visit to test for RF interference and to identify optimum installation locations for access points.
    • While Heat Maps are used to visualize the coverage of the network and identify 'dead zones' and 'hot spots', they are typically generated after the WAPs have been installed.
    • Firewalls are used to block unauthorized access to or from a private network.
    • Encryption is used to protect data in transit over the network. Neither of these options is used for identifying the optimal locations for WAPs.

    Tags: Wireless Infrastructure Security

Question 2

  1. Which of the following cryptographic protocols is used in WPA3 for encryption?

    Options:

    • TKIP
    • CCMP
    • WEP
    • AES

    *Overall explanation

    • WPA3, the latest version of the Wi-Fi Protected Access protocol, continues to use the Advanced Encryption Standard (AES) for encryption. This protocol ensures that data transmitted over the network is secure and cannot be easily intercepted or deciphered by unauthorized parties.
    • While the Temporal Key Integrity Protocol (TKIP) was used in the original WPA , and the Counter Mode Cipher Block Chaining Message Authentication Code Protocol (CCMP) was used in WPA2 , neither is used in WPA3.
    • Wired Equivalent Privacy (WEP) is an older, less secure protocol that was replaced by WPA.

    Tags: Wireless Security Settings, Wireless LAN Security

Question 3

  1. Which of the following refers to a server or system that serves as the entry and exit point for emails, handling the transfer of emails between the internet and a local network?

    Options:

    • DKIM
    • Email Gateway
    • SPF
    • DMARC

    Overall explanation:

    • An Email Gateway is a server or system that serves as the entry and exit point for emails. It is responsible for handling the transfer of emails between the internet and a local network. This includes routing outgoing emails to the correct destination and directing incoming emails to the appropriate inbox. It often includes security features to protect against threats like spam, phishing, and malware.
    • On the other hand, DMARC, DKIM, and SPF are email authentication methods designed to prevent email spoofing and ensure the email is from a trusted source.

    Tags: Email Security

Question 4

  1. Which of the following security strategies collects and automatically correlates data across multiple security layers such as email, endpoint, server, cloud workloads, and network so threats can be detected faster and security analysts can improve response times?

    Options:

    • NIDS
    • XDR 
    • FIM
    • EDR

    Overall explanation:

    • Extended Detection and Response (XDR) is a security strategy that integrates multiple protection technologies into a single platform. It collects and automatically correlates data across multiple security layers, including email, endpoint, server, cloud workloads, and network, so that threats can be detected faster, and security analysts can improve response times.
    • This is different from EDR and FIM, which focus on endpoint security and file integrity respectively, and NIDS, which focuses on detecting network intrusions.

    Tags: Endpoint Detection and Response

Question 5

  1. Which of the following best describes the process that uses data collected from various sources to identify patterns that represent typical user behavior, with the goal of detecting anomalous behavior that could indicate potential security threats?

    Options:

    • User Behavior Analytics 
    • Intrusion Detection System
    • Network Traffic Analysis
    • Data Loss Prevention.

    Overall explanation:

    • User Behavior Analytics (UBA) is a cybersecurity process that uses data collected from various sources to identify patterns that represent typical user behavior. The primary goal of UBA is to detect anomalous behavior or instances that deviate from these established patterns, which could indicate potential security threats such as insider threats, compromised credentials, or external attacks.
    • Network Traffic Analysis refers to the process of capturing network traffic data and analyzing it to understand what is happening on the network. While it can be a part of UBA, it doesn't fully capture the scope of UBA.
    • Data Loss Prevention is a strategy for ensuring that end users do not send sensitive or critical information outside the corporate network, which is different from UBA.
    • Intrusion Detection System is a device or software application that monitors a network or systems for malicious activity or policy violations, which is also different from UBA.

    Tags: User Behavior Analytics