Đề Thi FE FRS401c - SP26 - FE - RE

[adminadmin is verified member.]

Học kỳ

SP2026

Thời Gian

3/5/26

Loại tài liệu

FE

Mã Đề

FRS401c_SP26_RE_576678

FRS401c SP26 FE RE

1. (Choose 1 answer)

The key to Forensic Investigation is 1. Preserver 2. Analyse 3. Report 4. Collect. Arrange them in the correct sequence:
A. 1,3,4,2
B. 4,1,3,2
C. 4,1,2,3
D. 2,3,4,1
Đáp án: B
2. (Choose 1 answer)

What are the roles of hypervisors in virtual machine security?
A. Managing resources and ensuring isolation between virtual machines
B. Encrypting data within each virtual machine
C. Providing direct network access to each virtual machine
D. Limiting the number of virtual machines on a host
Đáp án: A
3. (Choose 1 answer)

Which of the following protocols does not operate at the data link layer (layer 2)?
A. PPP
B. RARP
C. L2F
D. ICMP
Đáp án: D
4. (Choose 1 answer)

Which Network Address Translation (NAT) is the most convenient and secure solution?
A. Hiding Network Address Translation
B. Port Address Translation
C. Dedicated Address Translation
D. Static Address Translation
Đáp án: A
5. (Choose 1 answer)

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session?
A. Both client and server
B. The client’s browser
C. The web server
D. The merchant’s Certificate Server
Đáp án: B
6. (Choose 1 answer)

How does the concept of endpoint management enhance security in enterprise environments?
A. Endpoint management focuses solely on device encryption to secure data
B. Endpoint management involves regular hardware upgrades and replacements
C. Endpoint management centralizes control and applies security policies across all devices
D. Endpoint management restricts internet access to prevent data breaches
Đáp án: C
7. (Choose 1 answer)

What is the shared responsibility model in cloud environments?
A. Allocation of security responsibilities between provider and customer
B. A single entity manages all security aspects
C. Providers handle all data privacy concerns alone
D. Customers are solely responsible for infrastructure security
Đáp án: A
8. (Choose 1 answer)

A virtual machine is a tightly isolated software container created to run on virtualized platforms.
A. True
B. False
Đáp án: A
9. (Choose 1 answer)

In digital forensics, recovering pieces of a file is called ____
A. Carving
B. Fragmenting
C. Slacking
D. Extracting
Đáp án: A
10. (Choose 1 answer)

What is Obfuscation in cyber security?
A. The process of concealing something important, valuable, or critical
B. The process of converting (information or data) into a cipher or code, especially to prevent unauthorized access.
C. A way of scrambling data so that only authorized parties can understand the information.
Đáp án: A
11. (Choose 1 answer)

How does data dispersion in cloud environments protect data?
A. By centralizing all data in a single location
B. By encrypting data using a single key
C. By distributing data across multiple geographic locations
D. By storing data in local servers only
Đáp án: C
12. (Choose 1 answer)

What is the significance of user and entity behavior analytics (UEBA) in cybersecurity?
A. Enhancing intrusion detection through behavioral analysis
B. Improving data encryption methods
C. Simplifying network configurations
D. Providing real-time updates for security logs
Đáp án: A
13. (Choose 1 answer)

How does the concept of Corporate-Owned, Personally Enabled (COPE) benefit organizations and employees?
A. Balances corporate control with personal device flexibility
B. Ensures complete corporate access to personal data on employee devices
C. Restricts employee device usage strictly to work applications
D. Guarantees lower company expenses on device procurement
Đáp án: A
14. (Choose 1 answer)

What are the implications of the "right to be forgotten" in international data privacy regulations?
A. It requires organizations to store data indefinitely
B. It allows individuals to request deletion of their personal data
C. It mandates encryption for all stored data
D. It focuses on sharing data between different entities
Đáp án: B
15. (Choose 1 answer)

Which of the following statements pertaining to link encryption is false?
A. It encrypts all the data along a specific communication path.
B. It provides protection against packet sniffers and eavesdroppers.
C. Information stays encrypted from one end of its journey to the other.
D. User information, header, trailers, addresses and routing data that are part of the packets are encrypted.
Đáp án: C
16. (Choose 1 answer)

What is an IP routing table?
A. A list of IP addresses and corresponding MAC addresses.
B. A list of station and network addresses with corresponding gateway IP address.
C. A list of host names and corresponding IP addresses.
D. A list of current network interfaces on which IP routing is enabled.
Đáp án: B
17. (Choose 1 answer)

Cloud computing is a general term for anything that involves delivering hosted services over the internet.
A. True
B. False
Đáp án: A
18. (Choose 1 answer)

This type of rootkits is associated with malware that activates each time the system boots.
A. Memory-Based Rootkits
B. User-mode rootkits
C. Persistent rootkits
Đáp án: C
19. (Choose 1 answer)

What role does encryption play in container security?
A. Protects data within containers
B. Improves container deployment speed
C. Reduces the need for mobile application management
D. Increases endpoint autonomy
Đáp án: A
20. (Choose 1 answer)

Which of the following statements pertaining to packet filtering is incorrect?
A. It is based on ACLs.
B. It is not application dependant.
C. It operates at the network layer.
D. It keeps track of the state of a connection.
Đáp án: D
21. (Choose 1 answer)

The browser's ________ keeps a list of web pages you have visited during the current session.
A. Cache Memory
B. History
C. Trail
D. Favourites
Đáp án: B
22. (Choose 1 answer)

A clustered host is a host that is logically and physically connected to other hosts within a management framework that allows for resources to be centrally managed for the collection of hosts.
A. True
B. False
Đáp án: A
23. (Choose 2 answers)

_____ used in addition to or in place of a password.
A. Smart card
B. Tokens
C. Username
D. Salt
Đáp án: AB
24. (Choose 1 answer)

What are the disadvantages of MAC?
A. Low level of data protection
B. Doesn't scale automatically.
C. Obscure access management
D. Users have to request access to each new piece of data;
Đáp án: D
25. (Choose 1 answer)

Controls to keep password sniffing attacks from compromising computer systems include which of the following?
A. static and recurring passwords
B. encryption and recurring passwords
C. one-time passwords and encryption
D. static and one-time passwords
Đáp án: C
26. (Choose 1 answer)

What would be the name of a Logical or Virtual Table dynamically generated to restrict the information a user can access in a database?
A. Database Management system
B. Database views
C. Database security
D. Database shadowing
Đáp án: B
27. (Choose 1 answer)

What is an authorization table?
A. A matrix of access control objects, access control subjects and their respective rights
B. A service or program where access control information is stored and where access control decisions are made
C. A listing of access control objects and their respective rights
D. A listing of access control subjects and their respective rights
Đáp án: A
28. (Choose 1 answer)

This methodology aids in reducing the risk that a user would walk away from a device or system he/she has authenticated access to before properly logging out.
A. Time outs
B. Periodic authentication
C. Alert
D. Notification
Đáp án: A
29. (Choose 1 answer)

Explain the concept of Single Sign-On (SSO). What is one major benefit of implementing SSO in an organization?
A. Enhanced security through simplified user access management
B. Improved network performance by reducing login instances
C. Reduced costs by eliminating the need for multiple authentication devices
D. Increased productivity by streamlining user onboarding processes
Đáp án: A
30. (Choose 1 answer)

A unique user or process identity that is provided for accountability is called Identification.
A. True
B. False
Đáp án: A
31. (Choose 1 answer)

The controls that usually require a human to evaluate the input from sensors or cameras to determine if a real threat exists are associated with:
A. Preventive/physical
B. Detective/technical
C. Detective/physical
D. Detective/administrative
Đáp án: C
32. (Choose 1 answer)

Evaluate the considerations associated with outsourcing identity management. Which consideration is most crucial for ensuring security and compliance?
A. Vendor's adherence to regulatory standards
B. Cost reduction benefits
C. Improved IT infrastructure
D. User satisfaction metrics
Đáp án: A
33. (Choose 1 answer)

An access control implementation where access permissions are allocated based on several subjects performing identical or similar functions is referred to as:
A. Role-based access control
B. Temporal access control
C. Discretionary access control
D. Rule-based access control
Đáp án: A
34. (Choose 1 answer)

Rule based, role based, temporal, and attribute based access controls are all forms of access control
A. True
B. False
Đáp án: A
35. (Choose 1 answer)

Using user's first initial and last name as his userID is a valid method of identification.
A. True
B. False
Đáp án: A
36. (Choose 1 answer)

Which of the following control pairing places emphasis on "soft" mechanisms that support the access control objectives?
A. Preventive/Technical Pairing
B. Preventive/Administrative Pairing
C. Preventive/Physical Pairing
D. Detective/Administrative Pairing
Đáp án: B
37. (Choose 1 answer)

Which of the following would assist the most in Host Based intrusion detection?
A. audit trails
B. access control lists
C. security clearances
D. host-based authentication
Đáp án: A
38. (Choose 1 answer)

Which of the following definitions is NOT true of policies?
A. Policies are what are called 'directive' controls
B. Policies are often a collection of ideas
C. Policies prescribe how an organization manages, protects, and distributes information
D. Policies direct or mandate the behavior of the employees of the organization
Đáp án: B
39. (Choose 1 answer)

Buffer overflow and boundary condition errors are subsets of which of the following?
A. Race condition errors.
B. Access validation errors.
C. Exceptional condition handling errors.
D. Input validation errors.
Đáp án: D
40. (Choose 1 answer)

What is a confusion matrix used for in machine learning?
A. To summarize the performance of a classification model
B. To visualize the data distribution
C. To perform data normalization
D. To explore feature importance
Đáp án: A
41. (Choose 1 answer)

What is the importance of implementing Security Education Training and Awareness (SETA) programs in organizations?
A. To reduce human errors and enhance security culture
B. To increase technical skills for using encryption tools
C. To implement stricter access controls
D. To improve network performance
Đáp án: A
42. (Choose 1 answer)

Which of the following is a key role for individuals in ensuring security within an organization?
A. Regularly updating and reviewing security protocols
B. Delegating security responsibilities to external vendors
C. Ignoring minor security incidents
D. Avoiding discussions about security issues
Đáp án: A
43. (Choose 1 answer)

What is the significance of a data loss prevention (DLP) solution in IT security?
A. Regulates data leaving the organization, preventing unauthorized transfer
B. Enhances data encryption strength
C. Improves key management practices
D. Facilitates easier data classification
Đáp án: A
44. (Choose 1 answer)

What role does change control play in the configuration management process?
A. It ensures that changes are systematically managed and documented
B. It prevents all changes from being implemented
C. It identifies components in need of updates
D. It audits system configurations after changes
Đáp án: A
45. (Choose 1 answer)

What is the primary benefit of using asymmetric encryption in securing communication between parties?
A. Provides secure key exchange enabling confidentiality
B. Reduces computational overhead compared to symmetric encryption
C. Enables faster encryption and decryption processes
D. Enhances data integrity through hashing capabilities
Đáp án: A
46. (Choose 1 answer)

Which concept describes the process of ensuring secure data disposal and logging practices?
A. Compliance with legal and regulatory frameworks
B. Maintaining indefinite logs for all data activities
C. Ignoring data classification systems
D. Relying on automated disposal methods alone
Đáp án: A
47. (Choose 1 answer)

Which of the following is less likely to be included in the change control sub-phase of the maintenance phase of a software product?
A. Estimating the cost of the changes requested
B. Recreating and analyzing the problem
C. Determining the interface that is presented to the user
D. Establishing the priorities of requests
Đáp án: C
48. (Choose 1 answer)

What are practical steps to protect data at rest through encryption?
A. Use strong encryption algorithms like AES-256
B. Store encryption keys in the same location as encrypted data
C. Regularly change file names of encrypted data
D. Reduce encryption key lengths for easier management
Đáp án: A
49. (Choose 1 answer)

Which of the following is a key benefit of hashing in cybersecurity?
A. Hashing provides a way to verify data integrity without revealing the original data
B. Hashing involves encrypting data using both symmetric and asymmetric keys
C. Hashing transforms data into ciphertext for secure communications
D. Hashing uses key exchange mechanisms to protect data during transmission
Đáp án: A
50. (Choose 1 answer)

Which of the following is best defined as an administrative declaration by a designated authority that an information system is approved to operate in a particular security configuration with a prescribed set of safeguards?
A. Certification
B. Declaration
C. Audit
D. Accreditation
Đáp án: D
51. (Choose 1 answer)

Which practice is most effective for ensuring legal compliance in data destruction?
A. Implementing legally defensible destruction of data
B. Using symmetric encryption for data storage
C. Creating multiple backups before data destruction
D. Encrypting data with a short key length before disposal
Đáp án: A
52. (Choose 1 answer)

How does Security Education Training and Awareness (SETA) contribute to a secure operational environment?
A. By fostering a culture of security awareness and best practices
B. By automating security protocols without human intervention
C. By eliminating all security risks through technology alone
D. By focusing solely on technical security solutions
Đáp án: A
53. (Choose 1 answer)

What is baseline security?
A. Step by step instructions
B. Collection of hardware and software
C. Minimum levels of security
D. Suggestions
Đáp án: C
54. (Choose 1 answer)

Which of the following best defines add-on security?
A. Physical security complementing logical security measures.
B. Protection mechanisms implemented as an integral part of an information system.
C. Layer security.
D. Protection mechanisms implemented after an information system has become operational.