Cisco Introduction to Cybersecurity Course Final Exam Answers 2025 Full 100%

Cisco Introduction to Cybersecurity Course Final Exam Answers 2025 Full 100%

The Cisco Introduction to Cybersecurity Course Final Exam Answers 2025 is a crucial assessment for learners exploring the fundamentals of cybersecurity in the Cisco Networking Academy program. This exam evaluates knowledge in cybersecurity principles, threat landscapes, risk management, encryption, network security, and cyber laws. With the increasing number of cyber threats, understanding these core concepts is essential for IT professionals and students pursuing a career in cybersecurity. To help you prepare effectively, we provide the latest and verified 100% correct answers for the 2025 exam, ensuring a strong grasp of security fundamentals and best practices.

  1. What is the main purpose of cyberwarfare?

    • To protect cloud-based data centers
    • To simulate possible war scenarios among nations
    • To gain advantage over adversaries
    • To develop advanced network devices
      Explanation & Hint:

      The main purpose of cyberwarfare is to gain an advantage over adversaries through the use of cyberattacks and cyberdefense techniques in the digital realm. Cyberwarfare involves using technology and computer networks to achieve various objectives, which can include:

      1. Espionage: Gathering intelligence or sensitive information from other nations, organizations, or individuals. This could involve hacking into computer systems to steal classified data.
      2. Sabotage: Disrupting or damaging the operations of an adversary. This might include launching cyberattacks to disrupt critical infrastructure, such as power grids or communication networks.
      3. Denial of Service (DoS) Attacks: Overloading target systems with traffic to make them unavailable to users. This can be used to disrupt an adversary’s operations.
      4. Propaganda and Disinformation: Spreading false information or propaganda to manipulate public opinion or create confusion in the target nation or organization.
      5. Defensive Measures: Protecting one’s own networks and data from cyber threats and attacks. This involves developing and implementing security measures to safeguard information and infrastructure.

      Cyberwarfare is not typically about protecting cloud-based data centers, simulating war scenarios, or developing advanced network devices, although those activities can be related to cybersecurity and national defense efforts. Instead, its primary goal is to achieve strategic or tactical objectives in the digital domain, which can range from intelligence gathering to causing disruption or damage to an adversary’s capabilities.

  2. Which of the following are categories of security measures or controls?

    Choose three correct answers

    • Policy and procedure
    • Camera
    • Technology
    • Firewalls
    • Guards
    • Awareness, training and education
      Explanation & Hint:

      The following are categories of security measures or controls:

      1. Policy and procedure: Security policies and procedures are essential for defining the rules and guidelines that govern an organization’s security practices. They establish a framework for how security is managed and enforced within an organization.
      2. Technology: Technology-based security measures encompass a wide range of tools and solutions designed to protect information and systems. This includes firewalls, intrusion detection systems, encryption, antivirus software, and more.
      3. Awareness, training, and education: Security awareness, training, and education programs are crucial for ensuring that employees and users are aware of security best practices and can follow them. Educating users helps prevent security breaches caused by human error.

      While cameras and guards can also be components of physical security measures, they are not typically categorized as security measures or controls in the same way that policy and procedure, technology, and awareness, training, and education are.

  3. Which of the following statements best describes cybersecurity?

    • It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm
    • It is a standard-based model for developing firewall technologies to fight against cybercrime
    • It is the name of a comprehensive security application for end users to protect workstations from being attacked
    • It is a framework for security policy development
      Explanation & Hint:

      The statement that best describes cybersecurity is:

      “It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.”

      Cybersecurity encompasses a wide range of practices and measures to safeguard digital systems, networks, and data from threats, including unauthorized access, data breaches, cyberattacks, and other forms of harm. It’s an ongoing and dynamic field that focuses on protecting Internet-connected systems and the information stored or transmitted through those systems. The other statements do not provide as accurate a description of cybersecurity.

  4. What vulnerability occurs when the output of an event depends on ordered or timed outputs?

    • Access control problems
    • Buffer overflow
    • Weaknesses in security practices
    • Non-validated input
    • Race conditions
      Explanation & Hint:

      The vulnerability that occurs when the output of an event depends on ordered or timed outputs is known as “Race conditions.” Race conditions are a type of concurrency-related vulnerability where the behavior of a system depends on the relative timing of events, and this timing can be manipulated by an attacker to gain unauthorized access or achieve unintended outcomes. It’s a common issue in multi-threaded or multi-process environments where different threads or processes can interfere with each other’s execution. Access control problems, buffer overflows, weaknesses in security practices, and non-validated input are different types of vulnerabilities or security issues, but they are not specifically related to the timing and ordering of events as race conditions are.

  5. What is the purpose of a backdoor?

    • To allow developers to debug software
    • For government access
    • To gain unauthorized access to a system without normal authentication procedures
    • To enable software vendors to update software
      Explanation & Hint:

      The purpose of a backdoor is:

      “To gain unauthorized access to a system without normal authentication procedures.”

      A backdoor is a hidden or covert means of accessing a computer system, network, or software application without going through the usual authentication or security mechanisms. While backdoors may occasionally be used for legitimate purposes, such as by developers for debugging or by software vendors for updates, they can also be exploited by malicious individuals or organizations to gain unauthorized access for malicious purposes. In some cases, governments or law enforcement agencies may also use backdoors for surveillance or investigative purposes, but the use of such backdoors is a subject of significant debate and controversy due to privacy and security concerns.

  6. What name is given to a group of bots, connected through the Internet, with the ability to be controlled by a malicious individual or group?

    • Hacker network
    • Crime syndicate
    • Zombie
    • Botnet
      Explanation & Hint:

      A group of bots connected through the Internet with the ability to be controlled by a malicious individual or group is called a “Botnet.” Botnets are often used for various malicious purposes, such as launching distributed denial of service (DDoS) attacks, spreading malware, sending spam emails, stealing sensitive information, and morThe compromised devices in a botnet are typically referred to as “zombies,” and they are under the remote control of the person or group that created the botnet.

  7. Which technology creates a security token that allows a user to log in to a desired web application using credentials from a social media website?

    • In-private browsing mode
    • Password manager
    • VPN service
    • Open authorization
      Explanation & Hint:

      The technology that creates a security token that allows a user to log in to a desired web application using credentials from a social media website is “Open Authorization,” commonly known as OAuth.

      OAuth is an authentication and authorization protocol that allows a user to grant limited access to their resources on one website (like a social media platform) to another website or application without sharing their credentials (like a username and password). This can be used for single sign-on and access delegation, making it easier for users to access various online services without needing separate credentials for each service.

  8. A medical office employee sends emails to patients about their recent visits to the facility.

    What information would put the privacy of the patients at risk if it was included in the email?

    • Next appointment
    • First and last name
    • Contact information
    • Patient records
      Explanation & Hint:

      Including patient records in the email would put the privacy of the patients at significant risk. Patient records typically contain sensitive and personal medical information, and the unauthorized disclosure of such information can violate patient privacy laws and regulations, such as the Health Insurance Portability and Accountability Act (HIPAA) in the United States.

      The other pieces of information mentioned, such as next appointment, first and last name, and contact information, are generally considered to be less sensitive than full patient records. However, it’s still important to exercise caution when communicating any patient-related information to ensure patient privacy is maintaineIn some jurisdictions and under specific privacy regulations, even sharing a patient’s name and contact information without consent can be a violation of privacy.

  9. Which of the following security implementations use biometrics?

    Choose two correct answers

    • Phone
    • Credit card
    • Voice recognition
    • Fob
    • Fingerprint
      Explanation & Hint:

      The security implementations that use biometrics are:

      1. Voice recognition: Voice recognition technology uses a person’s unique vocal characteristics to verify their identity. It is a biometric method of authentication.
      2. Fingerprint: Fingerprint recognition is a common biometric method that relies on a person’s unique fingerprint patterns for authentication.

      The other options, such as “Phone,” “Credit card,” and “Fob,” typically do not directly use biometric data for authentication, although they may support biometric authentication methods as a security featurFor example, many modern smartphones support fingerprint or facial recognition for unlocking the device or authorizing payments, but the phone itself is not a biometric security implementation.

  10. Which of the following firewalls filters ports and system service calls on a single computer operating system?

    • Network address translation firewall
    • Transport layer firewall
    • Network layer firewall
    • Host-based firewall
    • Application layer firewall
      Explanation & Hint:

      The type of firewall that filters ports and system service calls on a single computer operating system is called a “Host-based firewall.” Host-based firewalls are installed on individual computers or devices and can control traffic and access at the host (computer) level, including filtering specific ports, managing system service calls, and enforcing access policies on that particular devicThey provide security measures at the application and transport layers for the host they are installed on.

  11. A port scan returns an ‘open’ responsWhat does this mean?

    • There was no reply from the host
    • A service is listening on the port
    • Connections to the port will be denied
      Explanation & Hint:

      When a port scan returns an “open” response, it means that a service is actively listening on the scanned port. In other words, the target host has a service running and waiting for incoming connections on that port. This is different from a closed or denied port, which would mean that the port is not actively accepting connections, or there’s a firewall or security measure in place that prevents access to the port.

  12. Which of the following firewalls hides or masquerades the private addresses of network hosts?

    • Proxy server
    • Host-based firewall
    • Reverse proxy firewall
    • Network address translation firewall
    • Network layer firewall
      Explanation & Hint:

      The firewall that hides or masquerades the private addresses of network hosts is the “Network Address Translation (NAT) firewall.” NAT firewalls are commonly used to allow multiple devices on a private network to share a single public IP address. It translates private (local) IP addresses to a single public IP address when outbound traffic leaves the network, and it reverses the translation when inbound traffic returns to the network, ensuring that internal IP addresses are hidden from the public internet.

  13. Which of the following certifications tests your understanding and knowledge in how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner?

    • Palo Alto Networks Certified Cybersecurity Associate
    • Microsoft Technology Associate Security Fundamentals
    • ISACA CSX Cybersecurity Fundamentals
    • EC Council Certified Ethical Hacker
    • CompTIA Security+
    • ISC2 Certified Information Systems Security Professional
      Explanation & Hint:

      The certification that tests your understanding and knowledge in how to look for weaknesses and vulnerabilities in target systems using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner is the “EC-Council Certified Ethical Hacker” (CEH) certification. The CEH certification is focused on providing individuals with the skills and knowledge to identify and address security vulnerabilities and weaknesses in a legal and ethical manner.

  14. Which of the following certifications is aimed at high school and early college students, as well as anyone interested in a career change?

    • Microsoft Technology Associate Security Fundamentals
    • Palo Alto Networks Certified Cybersecurity Associate
    • EC Council Certified Ethical Hacker
    • ISACA CSX Cybersecurity Fundamentals
    • CompTIA Security+
    • ISC2 Certified Information Systems Security Professional
      Explanation & Hint:

      The certification that is aimed at high school and early college students, as well as anyone interested in a career change, is the “Microsoft Technology Associate (MTA) Security Fundamentals” certification. MTA certifications are entry-level certifications from Microsoft and are designed to provide foundational knowledge and skills for individuals who are just starting their IT careers or those looking to make a career changThe MTA Security Fundamentals certification is a good starting point for those interested in the basics of cybersecurity.

  15. Which of the following certifications meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government?

    • ISACA CSX Cybersecurity Fundamentals
    • EC Council Certified Ethical Hacker
    • CompTIA Security+
    • Palo Alto Networks Certified Cybersecurity Associate
    • ISC2 Certified Information Systems Security Professional
    • Microsoft Technology Associate Security Fundamentals
      Explanation & Hint:

      The certification that meets the U.S. Department of Defense Directive 8570.01-M requirements, which is important for anyone looking to work in IT security for the federal government, is the “CompTIA Security+” certification. CompTIA Security+ is a well-recognized certification for cybersecurity and information security professionals, and it is often required or recommended for positions in the U.S. federal government, as it aligns with the requirements of Directive 8570.01-M.

  16. Which statement describes cybersecurity?

    • It is a framework for security policy development.
    • It is a standard-based model for developing firewall technologies to fight against cybercriminals.
    • It is the name of a comprehensive security application for end users to protect workstations from being attacked.
    • It is an ongoing effort to protect Internet-connected systems and the data associated with those systems from unauthorized use or harm.
      Explanation & Hint:

      Cybersecurity is the ongoing effort to protect Internet-connected network systems and all of the data associated with the systems from unauthorized use or harm.

  17. What are two objectives of ensuring data integrity? (Choose two.)

    • Data is available all the time.
    • Data is unaltered during transit.
    • Access to the data is authenticated.
    • Data is not changed by unauthorized entities.
    • Data is encrypted while in transit and when stored on disks.
      Explanation & Hint:

      The objectives for data integrity include data not being altered during transit and not being changed by unauthorized entities. Authentication and encryption are methods to ensure confidentiality. Data being available all the time is the goal of availability.

  18. A web server administrator is configuring access settings to require users to authenticate first before accessing certain web pages. Which requirement of information security is addressed through the configuration?

    • integrity
    • scalability
    • availability
    • confidentiality
      Explanation & Hint:

      Confidentiality ensures that data is accessed only by authorized individuals. Authentication will help verify the identity of the individuals.

  19. A company is experiencing overwhelming visits to a main web server. The IT department is developing a plan to add a couple more web servers for load balancing and redundancy. Which requirement of information security is addressed by implementing the plan?

    • integrity
    • scalability
    • availability
    • confidentiality
      Explanation & Hint:

      Availability ensures that network services are accessible and performing well under all conditions. By load balancing the traffic destined to the main web servers, in times of a huge volume of visits the systems will be well managed and serviced.

  20. True or False?

    An employee does something as a company representative with the knowledge of that company and this action is deemed illegal. The company would be legally responsible for this action.

    • true
    • false
      Explanation & Hint:

      This is a bit of a grey area and would also depend on local laws. In many cases, if the employee did something with the knowledge or approval of the company, then the legal responsibility would probably be with the company not the employeIn some areas or situations, both the company and employee could be held legally responsible.

  21. When describing malware, what is a difference between a virus and a worm?

    Final Exam Answers – Introduction to Cybersecurity 02
    Final Exam Answers – Introduction to Cybersecurity 02
    • A virus focuses on gaining privileged access to a device, whereas a worm does not.
    • A virus can be used to deliver advertisements without user consent, whereas a worm cannot.
    • A virus replicates itself by attaching to another file, whereas a worm can replicate itself independently.
    • A virus can be used to launch a DoS attack (but not a DDoS), but a worm can be used to launch both DoS and DDoS attacks.
      Explanation & Hint:

      Malware can be classified as follows:

      – Virus (self replicates by attaching to another program or file)
      – Worm (replicates independently of another program)
      – Trojan Horse (masquerades as a legitimate file or program)
      – Rootkit (gains privileged access to a machine while concealing itself)
      – Spyware (collects information from a target system)
      – Adware (delivers advertisements with or without consent)
      – Bot (waits for commands from the hacker)
      – Ransomware (holds a computer system or data captive until payment is received)

  22. What type of attack uses zombies?

    Final Exam Answers – Introduction to Cybersecurity 01
    Final Exam Answers – Introduction to Cybersecurity 01
    • Trojan horse
    • DDoS
    • SEO poisoning
    • spear phishing
      Explanation & Hint:

      The hacker infects multiple machines (zombies), creating a botnet. Zombies launch the distributed denial of service (DDoS) attack.

  23. The IT department is reporting that a company web server is receiving an abnormally high number of web page requests from different locations simultaneously. Which type of security attack is occurring?

    • adware
    • DDoS
    • phishing
    • social engineering
    • spyware
      Explanation & Hint:

      Phishing, spyware, and social engineering are security attacks that collect network and user information. Adware consists, typically, of annoying popup windows. Unlike a DDoS attack, none of these attacks generate large amounts of data traffic that can restrict access to network services.

  24. What is the best approach to prevent a compromised IoT device from maliciously accessing data and devices on a local network?

    Final Exam Answers – Introduction to Cybersecurity 03
    Final Exam Answers – Introduction to Cybersecurity 03
    • Install a software firewall on every network device.
    • Place all IoT devices that have access to the Internet on an isolated network.
    • Disconnect all IoT devices from the Internet.
    • Set the security settings of workstation web browsers to a higher level.
      Explanation & Hint:

      The best approach to protect a data network from a possibly compromised IoT device is to place all IoT devices on an isolated network that only has access to the Internet.

  25. What is the best method to avoid getting spyware on a machine?

    • Install the latest operating system updates.
    • Install the latest web browser updates.
    • Install the latest antivirus updates.
    • Install software only from trusted websites.
      Explanation & Hint:

      The best method to avoid getting spyware on a user machine is to download software only from trusted websites.

  26. What are two security implementations that use biometrics? (Choose two.)

    Final Exam Answers – Introduction to Cybersecurity 04
    Final Exam Answers – Introduction to Cybersecurity 04
    • Credit card
    • FOB
    • Voice recognition
    • Phone
    • Fingerprint
    • Explanation & Hint:

      Biometric authentication can be used through the use of a fingerprint, palm print, and facial or voice recognition.

  27. A medical office employee sends emails to patients about recent patient visits to the facility. What information would put the privacy of the patients at risk if it was included in the email?

    • patient records
    • first and last name
    • contact information
    • next appointment
      Explanation & Hint:

      An email message is transmitted in plain text and can be read by anyone who has access to the data while it is en route to a destination. Patient records include confidential or sensitive information that should be transmitted in a secure manner.

  28. Which two tools used for incident detection can be used to detect anomalous behavior, to detect command and control traffic, and to detect infected hosts? (Choose two.)

    • intrusion detection system
    • Honeypot
    • NetFlow
    • Nmap
    • a reverse proxy server
      Explanation & Hint:

      Although each of these tools is useful for securing networks and detecting vulnerabilities, only an IDS and NetFlow logging can be used to detect anomalous behavior, command and control traffic, and infected hosts.

  29. For what purpose would a network administrator use the Nmap tool?

    • detection and identification of open ports
    • protection of the private IP addresses of internal hosts
    • identification of specific network anomalies
    • collection and analysis of security alerts and logs
      Explanation & Hint:

      Nmap allows an administrator to perform port scanning to probe computers and the network for open ports. This helps the administrator verify that network security policies are in place.

  30. Which stage of the kill chain used by attackers focuses on the identification and selection of targets?

    • delivery
    • exploitation
    • weaponization
    • reconnaissance
      Explanation & Hint:

      It is the first stage, reconnaissance, of the the kill chain that focuses on the identification and selection of targets.

  31. What is an example of the a Cyber Kill Chain?

    • a group of botnets
    • a planned process of cyberattack
    • a series of worms based on the same core code
    • a combination of virus, worm, and Trojan Horse
      Explanation & Hint:

      The Cyber Kill Chain describes the phases of a progressive cyberattack operation. The phases include the following:

      • Reconnaissance
      • Weaponization
      • Delivery
      • Exploitation
      • Installation
      • Command and control
      • Actions on objectives

      In general, these phases are carried out in sequencHowever, during an attack, several phases can be carried out simultaneously, especially if multiple attackers or groups are involved.

  32. What tool is used to lure an attacker so that an administrator can capture, log, and analyze the behavior of the attack?

    • Netflow
    • IDS
    • Nmap
    • honeypot
      Explanation & Hint:

      A honeypot is a tool set up by an administrator to lure an attacker so that the behavior of the attacker can be analyzeThis information can help the administrator identify weaknesses and build a stronger defense.

  33. What is one main function of the Cisco Security Incident Response Team?

    Security Incident Response Team
    Security Incident Response Team
    • to design polymorphic malware
    • to design next generation routers and switches that are less prone to cyberattacks
    • to provide standards for new encryption techniques
    • to ensure company, system, and data preservation
      Explanation & Hint:

      The time between a cyberattack and the time it takes to discover the attack is the time when hackers can get into a network and steal datAn important goal of the CSIRT is to ensure company, system, and data preservation through timely investigations into security incidents.

  34. What action will an IDS take upon detection of malicious traffic?

    • block or deny all traffic
    • drop only packets identified as malicious
    • create a network alert and log the detection
    • reroute malicious traffic to a honeypot
      Explanation & Hint:

      An IDS, or intrusion detection system, is a device that can scan packets and compare them to a set of rules or attack signatures. If the packets match attack signatures, then the IDS can create an alert and log the detection.

  35. An operating system-style window pops up on a Windows user screen. The pop-up message warns the user that the system is at risk and that a specific program needs to run to return the system to routine operation. Name the kind of malware used.

    • Ransomware
    • Scareware
    • Rootkit
    • Backdoor
    • Explanation & Hint:

      Scareware is designed to trick users into thinking their system is at risk, prompting them to download or buy fake security software.

  36. An attacker requests personal information from a person in exchange for a gift. Identify the infiltration method.

    • Shoulder Surfing
    • Quid Pro Quo
    • Pretexting
    • Tailgating
    • Explanation & Hint:

      In a quid pro quo attack, the attacker offers something of value in return for information or access.

  37. What type of infiltration method allows attackers to quietly capture two-step verification SMS messages sent to users in a Man-in-the-Mobile (MITMO) attack?

    • DoS
    • Botnet
    • Pretexting
    • On-Path Attack
    • Explanation & Hint:

      In an On-Path (formerly known as Man-in-the-Middle) attack, the attacker intercepts and relays communication between two parties, capturing sensitive information like SMS codes.

  38. Which term describes the private browser mode for Google Chrome?

    • Private Tab
    • Private Browsing
    • InPrivate
    • Incognito
    • Explanation & Hint:

      Google Chrome uses the term “Incognito” for its private browsing mode, which doesn’t save history or cookies.

  39. Which type of firewall hides or masquerades the private address of network hosts?

    • NAT Firewall
    • Application Layer Firewall
    • Network Layer Firewall
    • Proxy Server
    • Explanation & Hint:

      Network Address Translation (NAT) hides private IP addresses by mapping them to a public IP, enhancing security.

  40. Which activity typically happens at the first stage of a penetration test?

    • Keeping access to the target to find out what data and systems are vulnerable to exploitation
    • Attempting to gain access to a target system and sniff network traffic
    • Conducting passive or active reconnaissance and vulnerability research
    • Carrying out active reconnaissance to probe a target system or network and identify potential weaknesses
    • Explanation & Hint:

      The first step in penetration testing is reconnaissance to gather information about the target without directly engaging it.

  41. Which type of software vulnerability describes a situation where the required ordered events do not occur in the correct order?

    • Non-validated Input
    • Race Conditions
    • Weaknesses in Security Practices
    • Access Control Problems
    • Explanation & Hint:

      Race conditions occur when the timing or order of events leads to inconsistent or insecure outcomes.

  42. A security technician configures access settings to require employees to authenticate before accessing certain web pages. Which requirement of information security is addressed through this configuration?

    • Confidentiality
    • Availability
    • Scalability
    • Integrity
    • Explanation & Hint:

      Authentication ensures that only authorized users can access sensitive information, maintaining confidentiality.

  43. What are three states of data? (Choose three.)

    • Processing
    • Storage
    • ASCII
    • Binary
    • Transmission
    • Test
    • Explanation & Hint:

      The three states of data are:

      • Processing: Data actively being used or manipulated by a program.
      • Storage: Data saved on a disk or other storage medium.
      • Transmission: Data being transmitted over a network.

  44. True or False:
    Internet-based cameras and gaming gear are not subject to security breaches.

    • True
    • False
    • Explanation & Hint:

      Internet of Things (IoT) devices, including cameras and gaming gear, are vulnerable to security breaches, making them potential attack vectors.

  45. True or False:
    An advanced persistent threat (APT) is usually well-funded.

    • False
    • True
    • Explanation & Hint:

      Advanced Persistent Threats (APTs) are typically sponsored by nation-states or organized crime groups, giving them access to significant resources and funding.

  46. All IoT devices are potentially vulnerable to security breaches. What is the best approach for preventing an IoT device from becoming compromised and maliciously accessing data and devices on a local network?

    • Place all IoT devices that have access to the Internet on an isolated network.
    • Install a software firewall on every network device.
    • Disconnect all IoT devices from the Internet.
    • Set the security settings of workstation web browsers to a higher level.
    • Explanation & Hint:

      Place all IoT devices that have access to the Internet on an isolated network.
      Explanation: Isolating IoT devices limits their access to other devices on the network, reducing the risk of lateral movement in case of a compromise.

  47. Which type of firewall filters web content requests such as URLs and domain names?

    • Proxy Server
    • Reverse Proxy Server
    • Application Layer Firewall
    • Network Layer Firewall
    • Network address translation
    • Explanation & Hint:

      Application Layer Firewalls filter traffic at the application level, including web content and domain requests, providing more granular control.

  48. Which firewall filters ports and system service calls on a single computer operating system?

    • Network Layer Firewall
    • Application Layer Firewall
    • Host-based Firewall
    • Transport Layer Firewall
    • Network Address translation firewall
    • Explanation & Hint:

      Host-based firewalls run on individual systems to control incoming and outgoing network traffic based on predetermined security rules.

  49. Which firewall filters traffic based on source and destination data ports, including connection states?

    • Application Layer Firewall
    • Host-based Firewall
    • Network Address Translation Firewall
    • Network Layer Firewall
    • Transport layer firewall
    • Explanation & Hint:

      Network Layer Firewalls (or Stateful Firewalls) filter traffic based on IP addresses, data ports, and connection states, offering packet filtering and stateful inspection.

  50. True or False:
    Cybersecurity certifications are a way for you to verify your skills and knowledge and boost your career.

    • False
    • True
    • Explanation & Hint:

      Cybersecurity certifications validate knowledge and skills, increasing employability and career advancement opportunities.

  51. What is the main purpose of cyberwarfare?

    • To gain advantage over adversaries
    • To develop advanced network devices
    • C. To protect cloud-based data centers
    • To simulate possible war scenarios among nations
    • Explanation & Hint:

      The primary objective of cyberwarfare is to disrupt, damage, or gain strategic, operational, or tactical advantages over adversaries, typically for political or military purposes.

  52. What are two examples of on-path attacks? (Choose two.)

    • Ransomware
    • Man-in-the-Mobile
    • C. SEO Poisoning
    • DDoS
    • Man-in-the-Middle
    • Worms
    • Explanation & Hint:

      On-Path attacks, previously known as Man-in-the-Middle (MitM) attacks, involve intercepting and manipulating communication between two parties. Man-in-the-Mobile is a mobile variant of MitM attacks.

  53. An employee is laid off after fifteen years with the same organization. Another organization then hires the employee within a week. In the new organization, the employee shares documents and ideas for products that the employee proposed at the original organization. Is the employee’s behavior ethical or unethical?

    • Unethical
    • Ethical
    • Explanation & Hint:

      Sharing proprietary documents and ideas from a previous employer is a violation of intellectual property rights and confidentiality agreements, constituting unethical behavior.