100-160 無料問題集「Cisco Certified Support Technician (CCST) Cybersecurity」

（A）Compliance frameworks establish standards and guidelines for incident handling.

（B）Compliance frameworks are only relevant for incident response teams.

（C）Compliance frameworks focus primarily on prevention, not incident handling.

（D）Compliance frameworks have no impact on incident handling.

（A）To track changes made to hardware configurations

（B）To identify potential gaps in security policies

（C）To ensure compliance with hardware standards

（D）To determine software compatibility requirements

（A）Malicious software that encrypts files on a victim's computer and demands ransom for their release.

（B）A technique used by attackers to obtain sensitive information through deception.

（C）A software program that is designed to damage, disrupt, or gain unauthorized access to a computer system.

（D）A form of cyber attack that attempts to gain unauthorized access to a network.

（A）To detect and block malicious network traffic

（B）To encrypt sensitive data transmission

（C）To assess the performance and latency of network devices

（D）To identify any exploitable weaknesses in a system or network

（A）To block unauthorized access

（B）To encrypt network traffic

（C）To detect network vulnerabilities

（D）To authenticate users

（A）DHCP server

（B）Firewall

（C）Router

（D）DNS server

（A）Hashing algorithm

（B）Symmetric encryption

（C）HMAC algorithm

（D）Asymmetric encryption

（A）To reduce costs

（B）To simplify the authentication process

（C）To improve performance

（D）To provide an additional layer of security

（A）"Password123"

（B）"abcdabcd"

（C）"StR0ngP@$$w0rd!"

（D）"123456"

（A）DNS

（B）UDP

（C）HTTP

（D）TCP

（A）An attack that overwhelms a target system with a flood of traffic or requests, rendering it inaccessible to legitimate users.

（B）A technique used by attackers to obtain sensitive information through deception.

（C）A software program that is designed to damage, disrupt, or gain unauthorized access to a computer system.

（D）A form of cyber attack that attempts to gain unauthorized access to a network.

（A）They should only be accessible to the IT department.

（B）They should be documented once and never changed.

（C）They should be kept confidential and not shared with employees.

（D）They should be regularly reviewed and updated to reflect changing threats and technologies

（A）TACACS+

（B）RADIUS

（C）LDAP

（D）SSH

（A）SWGs provide protection against malware and advanced threats

（B）SWGs are primarily used to secure internal web applications.

（C）SWGs can only be deployed on-premises

（D）SWGs are no longer necessary with the advent of cloud-based applications.

（A）Data Masking

（B）Firewall

（C）Intrusion Detection System

（D）Encryption