Question 1

Which of the following algorithms is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits?

ADSA

BMD5

CSHA

DAES

Answer : D

AES (Advanced Encryption Standard) is an iterated block cipher that works by repeating the defined steps multiple times and has a 128-bit block size, having key sizes of 128, 192, and 256 bits. AES is a symmetric-key algorithm that encrypts and decrypts data using the same secret key. AES operates on a 4x4 matrix of bytes called the state, which undergoes 10, 12, or 14 rounds of transformation depending on the key size. Each round consists of four steps: sub-bytes, shift-rows, mix-columns, and add-round-key. AES is widely used for securing data in various applications and platforms, such as web browsers, VPNs, wireless networks, and smart grids. AES is the algorithm that matches the description given in the question. Reference:

AES - Week 4: Cryptography Techniques

Advanced Encryption Standard (AES) - NIST

AES Encryption and Decryption Online Tool - Code Beautify

Question 2

Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this, Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose.

Identify the IA principle employed by Bob in the above scenario.

AAuthentication

BConfidentiality

CIntegrity

DAvailability

Answer : D

Question 3

Stephen, a security specialist, was instructed to identify emerging threats on the organization's network. In

this process, he employed a computer system on the Internet intended to attract and trap those who

attempt unauthorized host system utilization to penetrate the organization's network.

Identify the type of security solution employed by Stephen in the above scenario.

AFirewall

BHoneypot

CIDS

DProxy server

Answer : B

Question 4

Carol is a new employee at ApTech Sol Inc., and she has been allocated a laptop to fulfill his job activities.

Carol tried to install certain applications on the company's laptop but could not complete the installation as she requires administrator privileges to initiate the installation process. The administrator imposed an access policy on the company's laptop that only users with administrator privileges have installation rights.

Identify the access control model demonstrated in the above scenario.

ARule-based access control {RB-RBAC)

BMandatory access control {MAC)

CRole-based access control (RBAC)

DDiscretionary access control (DAC)

Answer : C

Role-based access control (RBAC) is a model that assigns permissions and privileges to users based on their roles in an organization. In RBAC, the administrator defines the roles and the access rights for each role, and then assigns users to those roles. This way, the administrator can control the access of users to the resources without having to manage each user individually. In the scenario, Carol is assigned a role that does not have the installation rights, while the administrator has a role that does. Therefore, the access control model demonstrated in the scenario is RBAC. Reference: Network Defense Essentials - EC-Council Learning, Network Defense Essentials (NDE) | Coursera, EC-Council Network Defense Essentials | NDE Certification

Question 5

Daniel, a networking specialist, identifies a glitch in a networking tool and fixes it on a priority using a system. Daniel was authorized to make a copy of computers programs while maintaining or repairing the system.

Which of the following acts was demonstrated in the above scenario?

ASarbanes-Oxley Act (SOX)

BThe Digital Millennium Copyright Act (DMCA)

CData Protection Act 2018 (DPA)

DGramm-Leach-Bliley Act (GLBA)