CCSP Test 4 (Module 1 to 4)

Cybersecurity Engineer Test

CCSP Test 4 (Module 1 to 4)

1 / 100

Category: Phishing and Social Engineering Attacks

1. Which statement is correct?

2 / 100

Category: Phishing and Social Engineering Attacks

2. An email from your boss asks for the name, addresses, and credit card information of the company’s top clients. The email says it’s urgent and to please reply right away. You should reply right away. True or False?

3 / 100

Category: Phishing and Social Engineering Attacks

3. If you fall for a phishing scam, what should you do to limit the damage?

4 / 100

Category: Phishing and Social Engineering Attacks

4. Look at the following image of HSBC login page: It’s not a phishing page.

5 / 100

Category: Phishing and Social Engineering Attacks

5. The following image proof that the email isn’t a phishing and a genuine email.

6 / 100

Category: Phishing and Social Engineering Attacks

6. You get a text message from a vendor who asks you to click on a link to renew your password so that you can log in to its website. You should:

7 / 100

Category: Phishing and Social Engineering Attacks

7. The best way to avoid phishing is to

8 / 100

Category: Phishing and Social Engineering Attacks

8. What should you look for in the URL to make sure that a site is safe before adding personal information?

9 / 100

Category: Phishing and Social Engineering Attacks

9. How can you detect a phishing scam?

10 / 100

Category: Phishing and Social Engineering Attacks

10. What is a phishing scam?

11 / 100

Category: Phishing and Social Engineering Attacks

11.  Which of the following would probably not help to prevent phishing?

12 / 100

Category: Phishing and Social Engineering Attacks

12. Which of the following describe 'Social engineering'? (Choose all applicable answers)

13 / 100

Category: Phishing and Social Engineering Attacks

13. Making phone calls to trick people into giving up information is known as ____

14 / 100

Category: Phishing and Social Engineering Attacks

14. Social Engineering takes advantage of which security flaw in a computer system?

15 / 100

Category: Phishing and Social Engineering Attacks

15. What cyber scam is described by this statement - "a cyber attack intended to redirect a website's traffic to another, fake site."

16 / 100

Category: Phishing and Social Engineering Attacks

16. What cyber scam is described by this statement - " fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication." (Choose all applicable answers)

17 / 100

Category: Phishing and Social Engineering Attacks

17. You can always tell the difference between a real website and a fake pharming website?

18 / 100

Category: Phishing and Social Engineering Attacks

18. Thieves look over your shoulder or even watch from a distance using binoculars, in order to get those pieces of information is:

19 / 100

Category: Phishing and Social Engineering Attacks

19. An unauthorized person wearing a fake ID badge, enters a secured area by closely following an authorized person through a door requiring key access is called:

20 / 100

Category: Phishing and Social Engineering Attacks

20. What information are scammers looking to gain through social engineering? (Choose all applicable answers)

21 / 100

Category: Phishing and Social Engineering Attacks

21. Which is NOT a sign of Fraudulent email attachment?

22 / 100

Category: Phishing and Social Engineering Attacks

22. Subset of electronic spam involving nearly identical message sent to many recipients by email

23 / 100

Category: Phishing and Social Engineering Attacks

23. Social engineering is designed to:

24 / 100

Category: Phishing and Social Engineering Attacks

24. Phishing can be mitigated through the use of: (Choose all applicable answers)

25 / 100

Category: Phishing and Social Engineering Attacks

25. "Hi! This is Sulaiman, CFO Secretary. I'm working on an urgent project and lost my system password. Can you help me out? ” Which one is correct of this human-based Social Engineering?

26 / 100

Category: Mobile Application Penetration Testing

1. Which attack vector used for financial loss? (Choose all applicable answers)

27 / 100

Category: Mobile Application Penetration Testing

2. TCP attacks are under in:

28 / 100

Category: Mobile Application Penetration Testing

3. Define full form of ADB.

29 / 100

Category: Mobile Application Penetration Testing

4. Mobile application threats are: (Choose all applicable answers)

30 / 100

Category: Mobile Application Penetration Testing

5. Which one doesn’t comply mobile device management?

31 / 100

Category: Mobile Application Penetration Testing

6. What are the proper steps of mobile penetration testing?

32 / 100

Category: Mobile Application Penetration Testing

7. Which operating system specially developed for mobile penetration testing? (Choose all applicable answers)

33 / 100

Category: Mobile Application Penetration Testing

8. What is the benefit of encryption on mobile devices?

34 / 100

Category: Mobile Application Penetration Testing

9. Jail breaking a phone refers to what?

35 / 100

Category: Mobile Application Penetration Testing

10. iOS is based on which operating system?

36 / 100

Category: Mobile Application Penetration Testing

11. What could a company do to protect itself from a loss of data when a phone is stolen? (Choose all applicable answers)

37 / 100

Category: Mobile Application Penetration Testing

12. A utility for auditing WordPress from Android is __________.

38 / 100

Category: Mobile Application Penetration Testing

13. What utility could be used to avoid sniffing of traffic?

39 / 100

Category: Mobile Application Penetration Testing

14. Jennifer has captured the following URL: www.se.com/&w25/session=22525. She realizes that she can perform a session hijack. Which utility would she use?

40 / 100

Category: Mobile Application Penetration Testing

15. Jennifer is concerned about her scans being tracked back to her tablet. What could she use to hide the source of the scans?

41 / 100

Category: Mobile Application Penetration Testing

16. What option would you use to install software that’s not from the Google Play store?

42 / 100

Category: Mobile Application Penetration Testing

17. Which technology can provide protection against session hijacking?

43 / 100

Category: Mobile Application Penetration Testing

18. When a device is rooted, what is the effect on security?

44 / 100

Category: Mobile Application Penetration Testing

19. Session hijacking can be thwarted with which of the following?

45 / 100

Category: Mobile Application Penetration Testing

20. A denial of service application for Android is __________.

46 / 100

Category: Mobile Application Penetration Testing

21. A man-in-the-browser attack delivered by a piece of malware can be prevented by which of the following?

47 / 100

Category: Mobile Application Penetration Testing

22. An attack that can be performed using FaceNiff is __________.

48 / 100

Category: Mobile Application Penetration Testing

23. Remote wipes do what? (Choose all applicable answers)

49 / 100

Category: Mobile Application Penetration Testing

24. A session hijack can be used against a mobile device using all of the following except?

50 / 100

Category: Mobile Application Penetration Testing

25. NetCut is used to do what? (Choose all applicable answers)

51 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

1. Which is not a designation of cyber security professional?

52 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

2. A vulnerability assessor and a penetration tester perform same functionality.

53 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

3. Which bug bounty platform is the best?

54 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

4. We can find cyber security related works at:________. (Choose all applicable answers)

55 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

5. Which job role is the highest paid?

56 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

6. Facebook, Google has their own bug bounty platform:

57 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

7. Which one is a bug bounty platform?

58 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

8. In a bug bounty platform, bug submission shouldn’t be:

59 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

9. Any newly discovered bug is defined as:

60 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

10. The full form of CEH is:

61 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

11. Full form of CISA is “Certified Information Security Auditor”

62 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

12. Full form of CISM:

63 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

13. Which certification is the highest paid in the world?

64 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

14. Which one is the most effective path to select

65 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

15. LPT is a certification of:

66 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

16. Choosing cyber security career path is the most basic step to be an information security analyst.

67 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

17. ISC2 stands for:

68 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

18. SANS stands for:

69 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

19. Which organizations need cyber security specialists? (Choose all applicable answers)

70 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

20. The job role of “Vulnerability Assessment and Penetration Testing” is for: ________ . (Choose all applicable answers)

71 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

21. LPT stands for:

72 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

22. Which is not a skill of cyber security engineers?

73 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

23. “PCI DSS” stands for:

74 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

24. Which policy is for healthcare sector?

75 / 100

Category: Vendor Certifications and Opportunities for Cyber Security Professionals

25. Cyber security specialists should have knowledge of cyber security guidelines and policy.

76 / 100

Category: Cyber Law and Ethics

1. If any person commits fraud by means of any digital or electronic medium then that activity of that particular person will be an offense under the Act and the person will be penalized with imprisonment for a term not exceeding ______ years or by fine not exceeding _____ lacs taka or with _____.

77 / 100

Category: Cyber Law and Ethics

2. If any person commits fraud by means of any digital or electronic medium then that activity of that particular person will be an offense under the Act for the second time, the person will be penalized with imprisonment for a term not exceeding ______ years or by fine not exceeding _____ lacs taka or with _____.

78 / 100

Category: Cyber Law and Ethics

3. Punishment for Publishing, sending of offensive, false or fear inducing data information second time is:

79 / 100

Category: Cyber Law and Ethics

4. If any person commits or aids and abets in committing an offence under Official Secrets Act, 1923 (Act No XIX of 1923) through computer, digital device, computer network, digital network or through any other digital medium then he will be punished to a term of imprisonment not exceeding 14(fourteen) years or with fine not exceeding Tk.25 (Twenty Five) Lac or with both.

80 / 100

Category: Cyber Law and Ethics

5. Punishment for Illegal Entrance in Critical Information Infrastructure for second time:

81 / 100

Category: Cyber Law and Ethics

6. Punishment for illegal entrance in computer, digital device, computer system, etc is:

82 / 100

Category: Cyber Law and Ethics

7. Punishment for second time damage of computer, computer System, etc is:

83 / 100

Category: Cyber Law and Ethics

8. What is the punishment for offenses relating to Computer Source Code Change?(Choose all applicable answers)

84 / 100

Category: Cyber Law and Ethics

9. Punishment for Any propaganda or campaign against liberation war, Cognition of liberation war, Father of the nation, National Anthem or National Flag:

85 / 100

Category: Cyber Law and Ethics

10. If any person commits forgery by means of any digital or electronic medium,  the person will be penalized with imprisonment for a term not exceeding 5 (five) years or with a fine not exceeding 5 (five) lacs taka or with both for second time.

86 / 100

Category: Cyber Law and Ethics

11. Punishment for Digital or Electronic Fraud for second time is:

87 / 100

Category: Cyber Law and Ethics

12. Punishment for Digital or Electronic Forgery is:

88 / 100

Category: Cyber Law and Ethics

13. If any person intentionally or knowingly uses any computer, computer Program, computer system, computer network, digital device, digital system or digital network with the intention of deceiving or cheating carries the identity of another person or shows any person’s identity as his own, or intentionally by forgery assuming the identity of a alive or dead person as one’s own for the following purpose will be penalized by imprisonment for a term not exceeding 5 (five) years or fine not exceeding 5 (five) lacs taka or both.

89 / 100

Category: Cyber Law and Ethics

14. If any person without any legal authority collects, sells, takes possession, supplies or uses any person’s identity information then the punishment will be:

90 / 100

Category: Cyber Law and Ethics

15. Punishment for committing Cyber-terrorism is:

91 / 100

Category: Cyber Law and Ethics

16. Punishment for Publication, Broadcast, etc. of such information in any website or in any electronic format that hampers the religious sentiment or values is:

92 / 100

Category: Cyber Law and Ethics

17. Punishment for publishing, broadcasting etc defamation information is:

93 / 100

Category: Cyber Law and Ethics

18. E-Transaction without legal authority Offence and Punishment is:

94 / 100

Category: Cyber Law and Ethics

19. The Deterioration of Act-order and Punishment is:

95 / 100

Category: Cyber Law and Ethics

20. Punishment for Breaching Government Secret Offence is:

96 / 100

Category: Cyber Law and Ethics

21. Punishment of Illegal Transferring, Saving etc. of Data-Information can be:

97 / 100

Category: Cyber Law and Ethics

22. If a person commits hacking then it will be considered an offence for second time or repeatedly then:

98 / 100

Category: Cyber Law and Ethics

23. If a person cause financial damage to another person under Section 22 digital or electronic forgery, under Section 23 digital or electric fraud and under Section 24 identification fraud or by means of disguise, the tribunal, may order him to compensate the affected person by giving money equivalent to the damage caused or a suitable amount after considering the damage caused.

99 / 100

Category: Cyber Law and Ethics

24. The Offence mentioned in Sections 17, 19, 21, 22, 23, 24, 26, 27, 28, 30, 31, 32, 33 and 34 are imperceptible and bailable offence.

100 / 100

Category: Cyber Law and Ethics

25. If a person cause financial damage to another person under Section 22 digital or electronic forgery, under Section 23 digital or electric fraud and under Section 24 identification fraud or by means of disguise, the tribunal, may order him to compensate the affected person by giving money equivalent to the damage caused or a suitable amount after considering the damage caused.

0%