SecurityX Test Prep Practice Test Video
Watch the SecurityX Test Prep practice test video walkthrough, review the questions, download the free PDF and start an online mock exam.
SecurityX Test Prep exam — full Q&A walkthrough
Every question read aloud with the answer explained. Play it on your commute, then test yourself.
Try SecurityX Test Prep questions now
Q1Which of the following is an advantage of using elliptic curve cryptography (ECC) over RSA?
Show answer
✓ Correct answer: ECC requires shorter key lengths to achieve comparable security.
Answer: ECC requires shorter key lengths to achieve comparable security. Elliptic curve cryptography (ECC) is known for its efficiency in key length. It provides the same level of security as RSA but with significantly shorter key sizes. This results in faster computations and less storage requirement. Contrary to the distractors, ECC is not necessarily faster to implement in hardware, and its complexity can make it challenging to understand and implement. It also does not generate longer keys but rather achieves stronger security with shorter keys.
Q2A system administrator notices an employee with a company-issued laptop has installed software not available in the official repositories. What is the likely security issue with the laptop?
Show answer
✓ Correct answer: The laptop has been rooted.
Answer: The laptop has been rooted. Rooting removes system-imposed restrictions, allowing the installation of software from any source. Encrypting data through Full-Device Encryption (FDE) ensures data security. An eFuse is used to prevent tampering with system components. BIOS and firmware issues often relate to versioning and compatibility management.
Q3Which of the following techniques involves examining and monitoring server traffic in real-time to identify and mitigate potential security threats?
Show answer
✓ Correct answer: Network traffic analysis
Answer: Network traffic analysis Network traffic analysis is the process of intercepting and examining messages to deduce information from patterns in communication, which helps in identifying malicious activities and security threats in real-time. Sandboxing is a way to safely run a program in a specific isolated environment. Static code analysis involves examining code without executing it, to find vulnerabilities early in the development process. Peering is a technique for directly connecting two networks.
Q4BrightFuture Corp. uses an extensive IoT network for industrial monitoring. To ensure no unauthorized access to their sensor data, BrightFuture Corp. produces and securely stores its own cryptographic keys, without granting any access to their IoT service provider. What approach to key management is BrightFuture Corp. using?
Show answer
✓ Correct answer: HYOK
Answer: HYOK With an HYOK (hold your own key) model, customers create and manage their own keys. The IoT service provider does not have access to the keys and cannot decrypt the data. With a BYOK (bring your own key) model, customers create and manage their own keys, but the IoT service provider is allowed access to the keys and can decrypt the data. BYOD (bring your own device) is related to employees using their own devices to access corporate resources. A RRSIG (resource record digital signature) record is a type of DNSSEC record.
Q5A security specialist is evaluating a company's procedures for maintaining secure backups of sensitive data. They find that: encryption is enforced for all backups; access to backup media requires multi-factor authentication (MFA); all backup activities are logged and audited; and backup data can be deleted by an administrator. Based on this information, what should the specialist recommend?
Show answer
✓ Correct answer: Disallow an administrator from deleting backup data
Disallow an administrator from deleting backup data. Implementing strong security controls, such as disallowing any user (including administrators) from deleting backup data, is critical. Enforcing MFA, encryption, and logging and auditing activities are essential practices to ensure secure backups.
Q6A cybersecurity team needs to identify potential vulnerabilities in their network devices. Which of the following tools is NOT primarily used for vulnerability scanning?
Show answer
✓ Correct answer: Wireshark
Correct answer: Wireshark Wireshark is a network protocol analyzer used to capture and analyze network traffic, not a vulnerability scanner. Nessus is a widely used vulnerability scanner that helps identify vulnerabilities, configuration issues, and policy compliance. OpenVAS (Open Vulnerability Assessment System) is also a comprehensive vulnerability scanning tool to detect security issues. Qualys is a cloud-based service that provides vulnerability scanning, compliance management, and other security services.
Full SecurityX Test Prep bank + unlimited mocks
Try 30 questions free. Unlock the complete SecurityX Test Prep question bank, every explanation, and unlimited timed mock exams. Practice on any device.
Unlock SecurityX Test Prep →