1.

Which of the following is a collection of industry

standards and best practices to help organizations

manage cybersecurity risks?

a. MITRE

b. NIST Cybersecurity Framework

c. ISO Cybersecurity Framework

d. CERT/cc

2. _________ is any potential danger to an asset.

a. Vulnerability

b. Threat

c. Exploit

d. None of these answers is correct.

3. A ___________ is a weakness in the system

design, implementation, software, or code, or the

lack of a mechanism.

a. vulnerability

b. threat

c. exploit

d. none of these answers are correct

4. Which of the following is a piece of software, a tool,

a technique, or a process that takes advantage of a

vulnerability that leads to access, privilege

escalation, loss of integrity, or denial of service on a

computer system?

a. Exploit

b. Reverse shell

c. Searchsploit

d. None of these answers is correct.

5. Which of the following is referred to as the

knowledge about an existing or emerging threat to

assets, including networks and systems?

a. Exploits

b. Vulnerabilities

c. Threat assessment

d. Threat intelligence

6. Which of the following are examples of malware

attack and propagation mechanisms?

a. Master boot record infection

b. File infector

c. Macro infector.

d. All of these answers are correct.

7. Vulnerabilities are typically identified by a

___________.?

a. CVE

b. CVSS

c. PSIRT

d. None of these answers is correct.

8. SQL injection attacks can be divided into which of

the following categories?

a. Blind SQL injection

b. Out-of-band SQL injection

c. In-band SQL injection

d. None of these answers is correct.

e. All of these answers are correct.

9. Which of the following is a type of vulnerability

where the flaw is in a web application but the

attack is against an end user (client)?

a. XXE

b. HTML injection

c. SQL injection

d. XSS

10. Which of the following is a way for an attacker to

perform a session hijack attack?

a. Predicting session tokens

b. Session sniffing

c. Man-in-the-middle attack

d. Man-in-the-browser attack

e. All of these answers are correct.

11. A denial-of-service attack impacts which of the

following?

a. Integrity

b. Availability

c. Confidentiality

d. None of these answers is correct.

12. Which of the following are examples of security

mechanisms designed to preserve confidentiality?

a. Logical and physical access controls

b. Encryption

c. Controlled traffic routing

d. All of these answers are correct.

13. An attacker is able to manipulate the

configuration of a router by stealing the

administrator credential. This attack impacts

which of the following?

a. Integrity

b. Session keys

c. Encryption

d. None of these answers is correct.

14. Which of the following is a cloud deployment

model?

a. Public cloud

b. Community cloud

c. Private cloud

d. All of these answers are correct.

15. Which of the following cloud models include all

phases of the system development life cycle (SDLC)

and can use application programming interfaces

(APIs), website portals, or gateway software?

a. SaaS

b. PaaS

c. SDLC containers

d. None of these answers is correct.

16. Which of the following is not a communications

protocol used in IoT environments?

a. Zigbee

b. INSTEON

c. LoRaWAN

d. 802.1x

17. Which of the following is an example of tools and

methods to hack IoT devices?

a. UART debuggers

b. JTAG analyzers

c. IDA

d. Ghidra

e. All of these answers are correct.

18. Which of the following is an adverse event that

threatens business security and/or disrupts

service?

a. An incident

b. An IPS alert

c. A DLP alert

d. A SIEM alert

1. Which of the following are standards being

developed for disseminating threat intelligence

information?

a. STIX

b. TAXII

c. CybOX

d. All of these answers are correct.

2. Which type of hacker is considered a good guy?

a. White hat

b. Black hat

c. Gray hat

d. All of these answers are correct.

3. Which of the following is not an example of

ransomware?

a. WannaCry

b. Pyeta
c. Nyeta

d. Bad Rabbit

e. Ret2Libc

4. Which of the following is the way you document

and preserve evidence from the time that you

started the cyber-forensics investigation to the time

the evidence is presented in court?

a. Chain of custody

b. Best evidence

c. Faraday

d. None of these answers is correct.

5. Software and hardware vendors may have separate

teams that handle the investigation, resolution, and

disclosure of security vulnerabilities in their

products and services. Typically, these teams are

called ________.

a. CSIRT

b. Coordination Center

c. PSIRT

d. MSSP

6. Which of the following are the three components in

CVSS?

a. Base, temporal, and environmental groups

b. Base, temporary, and environmental groups

c. Basic, temporal, and environmental groups

d. Basic, temporary, and environmental groups

7. Which of the following are IoT technologies?

a. Z-Wave

b. INSTEON

c. LoRaWAN

d. A and B

e. A, B, and C

f. None of these answers is correct.

8. Which of the following is a type of cloud

deployment model where the cloud environment is

shared among different organizations?

a. Community cloud

b. IaaS

c. PaaS

d. None of these answers is correct.

9. ____________ attacks occur when the sources of

the attack are sent spoofed packets that appear to

be from the victim, and then the sources become

unwitting participants in the DDoS attacks by

sending the response traffic back to the intended

victim.

a. Reflected DDoS

b. Direct DoS

c. Backtrack DoS

d. SYN flood

10. Which of the following is a nonprofit organization

that leads several industry-wide initiatives to

promote the security of applications and software?

a. CERT/cc

b. OWASP

c. AppSec
d. FIRST

1. Which of the following is a good example of a key

that is only used once?
a. OTP
b. ISAKMP
c. Multifactor key
d. None of these answers are correct

2. Which of the following is a type of cipher that uses

the same key to encrypt and decrypt?
a. Symmetric
b. Asymmetric
c. Ciphertext
d. RSA

3. Which of the following is a symmetric key cipher

where the plaintext data to be encrypted is done a

bit at a time against the bits of the key stream, also

called a cipher digit stream?
a. Asymmetric cipher
b. Block cipher
c. Stream cipher
d. None of these answers is correct.

4. Which of the following is not an example of a

symmetric encryption algorithm?
a. AES
b. 3DES
c. RC4
d. RSA
5. Which of the following is an algorithm that allows
two devices to negotiate and establish shared secret
keying material (keys) over an untrusted network?
a. Diffie-Hellman
b. RSA
c. RC4

d. IKE

6. Assume that Mike is trying to send an encrypted

email to Chris using PGP or S/MIME. What key
will Mike use to encrypt the email to Chris?
a. Chris’ private key
b. Chris’ public key
c. Mike’s private key
d. Mike’s public key
7. Which of the following implementations use a key
pair?
a. PGP
b. Digital certificates on a web server running TLS
c. S/MIME
d. All of these answers are correct.

8. Which of the following is an entity that creates and

issues digital certificates?
a. Certificate Registry (CR)
b. Certificate Authentication Server (CAS)

c. Certificate Authority (CA)

d. None of these answers is correct.

9. Which of the following statements is true?

a. Subordinate CA servers can be invalidated.
b. Subordinate certificates cannot be invalidated.
c. Root certificates cannot be invalidated.
d. Root CAs cannot be invalidated.

10. Which of the following is a series of standards

focused on directory services and how those
directories are organized?
a. 802.1x
b. X.500
c. X.11
d. X.409

1. Which of the following are examples of common

methods used by ciphers?

a. Transposition

b. Substitution

c. Polyalphabetic

d. Polynomial

2. Which of the following are examples of symmetric

block cipher algorithms?

a. Advanced Encryption Standard (AES)

b. Triple Digital Encryption Standard (3DES)

c. DSA

d. Blowfish

e. ElGamal

3. Which of the following are examples of hashes?

a. ASH-160

b. SHA-1

c. SHA-2

d. MD5

4. Which of the following are benefits of digital

signatures?

a. Authentication

b. Nonrepudiation

c. Encryption

d. Hashing

5. Which of the following statements are true about

public and private key pairs?

a. A key pair is a set of two keys that work in

combination with each other as a team.

b. A key pair is a set of two keys that work in

isolation.

c. If you use the public key to encrypt data using

an asymmetric encryption algorithm, the

corresponding private key is used to decrypt the

data.

d. If you use the public key to encrypt data using

an asymmetric encryption algorithm, the peer

decrypts the data with that public key.

6. Which of the following entities can be found inside

of a digital certificate?

a. FQDN

b. DNS server IP address

c. Default gateway

d. Public key

7. Which of the following is true about root

certificates?

a. A root certificate contains information about

the user.

b. A root certificate contains information about

the network security device.

c. A root certificate contains the public key of the

CA.

d. Root certificates never expire.

8. Which of the following are public key standards?

a. IPsec

b. PKCS #10

c. PKCS #12

d. ISO33012

e. AES

9. Most digital certificates contain which of the

following information?

a. Serial number

b. Signature

c. Thumbprint (fingerprint)

d. All of these answers are correct.

10. Which of the following is a format for storing both

public and private keys using a symmetric

password-based key to “unlock” the data whenever

the key needs to be used or accessed?

a. PKCS #12

b. PKCS #10

c. PKCS #7

d. None of these answers is correct.

1. You were hired to configure AAA services in an

organization and are asked to make sure that users

in the engineering department do not have access

to resources that are only meant for the finance

department. What authorization principle

addresses this scenario?

a. The principle of least privilege and separation

of duties

b. Accounting and MAC Auth-bypass

c. Deter, delay, and detect

d. Policy-based segmentation

2. Which of the following describes the type of

authentication where the user provides a secret

that is only known by him or her?

a. Authentication by password

b. Authentication by knowledge

c. Personal identification number (PIN) code

d. Authentication by characteristics

3. Which of the following is a set of characteristics

that can be used to prove a subject’s identity one

time and one time only?

a. One-time passcode (OTP)

b. Out-of-band (OOB)

c. Biometrics

d. None of these answers is correct.

4. Which of the following is an open standard for

exchanging authentication and authorization data

between identity providers, and is used in many

single sign-on (SSO) implementations?

a. SAML

b. OAuth 2.0

c. OpenConnectID

d. DUO Security

5. Which of the following defines how access rights

and permission are granted. Examples of that

model include object capability, security labels, and

ACLs?

a. A mandatory access control model

b. An authorization model

c. An authentication model

d. An accounting model

6. An authorization policy should always implement

which of the following concepts? (Select all that

apply.)

a. Implicit deny

b. Need to know

c. Access control debugging logs

d. Access control filter logs

7. Which of the following is the process of auditing

and monitoring what a user does once a specific

resource is accessed?

a. CoA

b. Authorization

c. Accounting

d. TACACS+ auditing

8. Access control lists classify packets by inspecting

Layer 2 through Layer 7 headers for a number of

parameters, including which of the following?

a. Layer 2 protocol information such as

EtherTypes

b. Layer 3 header information such as source and

destination IP addresses

c. Layer 4 header information such as source and

destination TCP or UDP ports

d. All of these options are correct.

9. Which of the following statements are true?

a. RADIUS uses UDP, and TACACS+ uses TCP.

b. In RADIUS, authentication and authorization

are performed with the same exchange.

Accounting is done with a separate exchange.

c. In TACACS+, authentication, authorization, and

accounting are performed with separate

exchanges.

d. RADIUS provides limited support for command

authorization. TACACS+ provides granular

command authorization.

e. All of these answers are correct.

10. Network access devices (such as network

switches and wireless access points) can use

an IEEE protocol than when enabled, will

allow traffic on the port only after the

device has been authenticated and

authorized. Which of the following is an IEEE

standard that is used to implement port-based

access control?

a. 802.11ac

b. 802.1Q

c. 802.1X

d. pxGrid

11. Which of the following provides a cross-platform

integration capability between security monitoring

applications, threat detection systems, asset

management platforms, network policy systems,

and practically any other IT operations platform?

a. pxGrid

b. 802.1X

c. TrustSec

d. SGTs

12. Which of the following are examples of some of

the more popular policy attributes supported by

Cisco ISE?

a. Active Directory group membership and Active

Directory user-based attributes

b. Time and date

c. Location of the user

d. Access method (MAB, 802.1X, wired, wireless,

and so on)

e. None of these options is correct.

f. All of these options are correct.

13. Which of the following commands enables AAA

services on a Cisco router?

a. aaa new-model

b. aaa authentication enable

c. aaa authentication model

d. aaa enable console

14. Which of the following is the default behavior of

an 802.1X-enabled port?

a. To authorize only a single MAC address per port

b. To authorize only a single IP address per port

c. To perform MAC auth bypass only if the MAC is

registered to ISE

d. To authenticate only a single host that has an

identity certificate
15. Which of the following are Cisco ISE distributed

node types?

a. Primary Administration Node (PAN)

b. Secondary Administration Node (SAN)

c. Policy Service Node (PSN)

d. All of these options are correct.

1. Which of the following is a security model created

by Google that is similar to the zero-trust concept?

a. BeyondCorp

b. TrustSec

c. pxGrid

d. Duo

2. Which of the following are technologies used in

SSO implementations?

a. SAML

b. OpenID Connect

c. Microsoft Account

d. All of these options are correct.

3. Which of the following is true about delegation in

SSO implementations? (Select all that apply.)

a. SSO implementations use delegation to call

external APIs to authenticate and authorize

users.

b. Delegation is used to make sure that

applications and services do not store passwords

and user information on-premise.

c. Delegation uses multifactor authentication to

provide identity services to other servers in the

environment.

d. pxGrid can be used for delegation between a

PSN and PAN.

4. Which of the following statements are true about

discretionary access controls (DACs)?

a. Discretionary access controls (DACs) are

defined by the owner of the object.

b. DACs are used in commercial operating

systems.

c. The object owner builds an ACL that allows or

denies access to the object based on the user’s

unique identity.

d. All of these options are correct.

5. RADIUS accounting runs over what protocol and

port?

a. UDP port 1812

b. UDP port 1813

c. UDP 1645

d. None of these options is correct.

6. Which of the following is one primary difference

between a malicious hacker and an ethical hacker?

a. Malicious hackers use different tools and

techniques than ethical hackers use.

b. Malicious hackers are more advanced than

ethical hackers because they can use any

technique to attack a system or network.

c. Ethical hackers obtain permission before

bringing down servers or stealing credit card

databases.

d. Ethical hackers use the same methods but strive

to do no harm.

7. You were hired to configure RADIUS

authentication in a VPN implementation. You start

RADIUS debugs in the VPN device and notice

ACCESS-CHALLENGE messages. What do those

messages mean?

a. ACCESS-CHALLENGE messages are sent if

additional information is needed. The RADIUS

server needs to send an additional challenge to

the access server before authenticating the user.

The ACCESS-CHALLENGE will be followed by a

new ACCESS-REQUEST message.

b. ACCESS-CHALLENGE messages are sent if

additional information is needed. The RADIUS

server needs to send an additional challenge to

the access server before authenticating the user.

The ACCESS-CHALLENGE will be followed by a

new ACCESS-REJECT message.

c. ACCESS-CHALLENGE messages are sent if the

client is using multifactor authentication with a

mobile device. The ACCESS-CHALLENGE will

be followed by a new ACCESS-REQUEST

message.

d. None of these options is correct.

8. Which of the following are TACACS+ exchange

packets used during the authentication process?

a. START

b. REPLY

c. CONTINUE

d. All of these options are correct.

e. None of these options is correct.

9. Which of the following is an entity that seeks to be

authenticated by an authenticator (switch, wireless

access point, and so on)? This entity could use

software such as the Cisco AnyConnect Secure

Mobility Client.

a. PAN

b. PSN

c. Supplicant

d. None of these options is correct.

10. 802.1x uses which of the following protocols?

a. EAPoL

b. EAP

c. RADIUS

d. All of these options are correct.

11. Which of the following statements is true about

CoA?

a. RADIUS CoA is a feature that allows a RADIUS

server to adjust the authentication and

authorization state of an active client session.

b. RADIUS CoA is a feature that allows a RADIUS

server to detect a change of configuration from

other RADIUS servers and, subsequently, deny

access to a client trying to connect to the

network.

c. RADIUS CoA is a feature that allows a RADIUS

server to perform profiling and posture

assessment simultaneously.

d. None of these options is correct.

12. The _________________ is a structured

replacement for feature-specific configuration

commands. This concept allows you to create

traffic policies based on events, conditions, and

actions.

a. Cisco Common Classification Policy Language

(C3PL)

b. Cisco Policy Mapping

c. Cisco TrustSec

d. None of these options is correct.

1. The RESTCONF interface is built around a small

number of standardized requests. Which of the

following are requests supported by RESTCONF?

a. GET

b. PUT

c. PATCH

d. All of these answers are correct.

2. NETCONF messages are encoded in a(n)

________ structure defined by the NETCONF

standard.

a. JSON

b. XML

c. OWASP

d. RESTCONF

3. Which of the following is a Cisco resource where

you can learn about network programmability and

obtain sample code?

a. APIC

b. ACI

c. DevNet
d. NETCONF

4. A YANG-based server publishes a set of YANG

modules, which taken together form the system’s

_________.

a. YANG model

b. NETCONF model

c. RESTCONF model

d. gRPC model

5. Which of the following HTTP methods sends data

to the server typically used in HTML forms and

API requests?

a. POST

b. GET

c. TRACE

d. PUT

6. Which of the following is a solution that allows you

to detect security threats in encrypted traffic

without decrypting the packets?

a. ETA

b. ESA

c. WSA

d. None of these answers is correct.

7. Which of the following is an open source project

that allows you to deploy micro-segmentation

policy-based services in container environments?

a. OVS

b. Contiv

c. ODL
d. All of the above

8. NFV nodes such as virtual routers and firewalls

need which of the following components as an

underlying infrastructure?

a. A hypervisor

b. A virtual forwarder to connect individual

instances

c. A network controller

d. All of these answers are correct.

9. There have been multiple IP tunneling mechanisms

introduced throughout the years. Which of the

following are examples of IP tunneling

mechanisms?

a. VXLAN

b. SST

c. NVGRE

d. All of these answers are correct.

10. Which of the following is true about SDN?

a. SDN provides numerous benefits in the area of

management plane. These benefits are in both

physical switches and virtual switches.

b. SDN changed a few things in the management,

control, and data planes. However, the big

change was in the control and data planes in

software-based switches and routers (including

virtual switches inside of hypervisors).

c. SDN is now widely adopted in data centers.

d. All of these answers are correct.

1. Which of the following are the three different

“planes” in traditional networking?

a. The management, control, and data planes

b. The authorization, authentication, and

accountability planes

c. The authentication, control, and data planes

d. None of these answers is correct.

2. Which of the following is true about Cisco ACI?

a. Spine nodes interconnect leaf devices, and they

can also be used to establish connections from a

Cisco ACI pod to an IP network or interconnect

multiple Cisco ACI pods.

b. Leaf switches provide the Virtual Extensible

LAN (VXLAN) tunnel endpoint (VTEP)

function.

c. The APIC manages the distributed policy

repository responsible for the definition and

deployment of the policy-based configuration of

the Cisco ACI infrastructure.

d. All of these answers are correct.

3. Which of the following is used to create network

overlays?

a. SDN-Lane

b. VXLAN

c. VXWAN

d. None of these answers is correct.

4. Which of the following is an identifier or a tag that

represents a logical segment?

a. VXLAN Network Identifier (VNID)

b. VXLAN Segment Identifier (VSID)

c. ACI Network Identifier (ANID)

d. Application Policy Infrastructure Controller

(APIC)

5. Which of the following is network traffic between

servers (virtual servers or physical servers),

containers, and so on?

a. East-west traffic

b. North-south traffic

c. Micro-segmentation

d. Network overlays

6. Which of the following is an HTTP status code

message range related to successful HTTP

transactions?

a. Messages in the 100 range

b. Messages in the 200 range

c. Messages in the 400 range

d. Messages in the 500 range

7. Which of the following is a Python package that can

be used to interact with REST APIs?

a. argparse

b. requests

c. rest_api_pkg

d. None of these answers is correct.

8. Which of the following is a type of API that

exclusively uses XML?

a. APIC

b. REST

c. SOAP

d. GraphQL

9. Which of the following is a modern framework of

API documentation and is now the basis of the

OpenAPI Specification (OAS)?

a. SOAP

b. REST

c. Swagger

d. WSDL

10. Which of the following can be used to retrieve a

network device configuration?

a. RESTCONF

b. NETCONF

c. SNMP

d. All of these answers are correct.

https://quizlet.com/540432880/sec-150-midterm-flash-cards/