
Cisco 100-160試験問題集で[2025年最新] 有効な試験練習問題集解答
100-160問題集で掴み取れ![最新2025]Cisco試験合格させます
質問 # 121
Which of the following is an example of a source of evidence (artifact) in a cybersecurity investigation?
- A. Configuration files of network devices.
- B. Firewall logs recording network traffic.
- C. Training materials for security awareness.
- D. Security policy documents.
正解:B
解説:
In a cybersecurity investigation, evidence or artifacts play a crucial role in determining the nature of an incident. Firewall logs recording network traffic can provide valuable information regarding communication between systems, including IP addresses, ports, protocols, and timestamps. Analyzing these logs can help identify potential threats or suspicious activities within a network.
質問 # 122
What type of encryption is used to secure data that is stored on a hard drive or other storage media?
- A. Hash encryption
- B. File-based encryption
- C. Symmetric encryption
- D. Public Key Infrastructure (PKI)
正解:C
解説:
Symmetric encryption is a type of encryption where the same key is used for both the encryption and decryption processes. It is commonly employed to secure data at rest, such as on a hard drive or other storage media. With symmetric encryption, the key must be kept secret to ensure the confidentiality of the encrypted data.
質問 # 123
Which of the following best describes the purpose of the MITRE ATT&CK; Matrix?
- A. To track the global distribution of cyber threat actors
- B. To analyze the impact of cyber threats on critical infrastructure
- C. To provide a standardized way to categorize cyber threat tactics and techniques
- D. To map vulnerabilities and exposures in computer systems
正解:C
解説:
The MITRE ATT&CK; Matrix provides a comprehensive framework that categorizes various tactics, techniques, and procedures (TTPs) used by cyber threat actors. It enables organizations to understand how different attackers operate and helps in developing effective cybersecurity defenses and detection mechanisms.
質問 # 124
Which of the following is a primary purpose of software inventory in a cybersecurity program?
- A. Analyzing network traffic for potential threats
- B. Ensuring compliance with software licensing agreements
- C. Monitoring user access and permissions
- D. Identifying vulnerabilities and patch requirements
正解:D
解説:
Software inventory is an essential component of a cybersecurity program as it helps in identifying the software applications installed on devices within the network. By maintaining an accurate software inventory, organizations can identify vulnerabilities and track patch requirements to keep their systems secure and up to date.
質問 # 125
Which of the following best describes the role of automated threat intelligence in a cybersecurity system?
- A. It provides advanced analytics for proactive threat mitigation
- B. All of the above
- C. It automates the detection and response to security incidents
- D. It enables real-time monitoring of threat landscapes
正解:B
解説:
Automated threat intelligence plays a multifaceted role in a cybersecurity system. Firstly, it enables real-time monitoring of threat landscapes by continuously collecting and analyzing data from various sources. This allows organizations to stay updated on emerging threats and trends. Secondly, it automates the detection and response to security incidents by leveraging machine learning algorithms and predefined rules. Finally, automated threat intelligence provides advanced analytics for proactive threat mitigation, helping organizations anticipate and prevent potential security breaches.
質問 # 126
Which of the following is a common vulnerability management practice?
- A. Encrypting all data at rest in a database.
- B. Installing antivirus software on all company devices.
- C. Regularly patching software and operating systems.
- D. Restricting network access based on IP addresses.
正解:C
解説:
Regularly patching software and operating systems is a common practice in vulnerability management. Software and operating system vendors release security patches and updates to address known vulnerabilities. By regularly applying these patches, organizations can mitigate the risk of exploitation. Failure to patch systems in a timely manner can leave them vulnerable to attacks that exploit known vulnerabilities.
質問 # 127
Which of the following describes the purpose of a firewall in network infrastructure?
- A. To provide high-speed connectivity between different networks
- B. To monitor network traffic for potential security threats
- C. To regulate the flow of data between different network segments
- D. To identify and prevent unauthorized access to the network
正解:C
解説:
A firewall is a network security device that is designed to monitor and control the incoming and outgoing network traffic. It acts as a barrier between different network segments, regulating the flow of data according to predefined security policies. Firewalls help to prevent unauthorized access to the network by allowing only authorized traffic and blocking any potentially harmful traffic.
質問 # 128
Which protocol is used for broadcasting and resolving MAC addresses to IP addresses?
- A. UDP
- B. ARP
- C. ICMP
- D. TCP
正解:B
解説:
ARP (Address Resolution Protocol) is used for broadcasting and resolving MAC (Media Access Control) addresses to IP addresses within a local network. It helps devices determine the MAC address associated with a given IP address, enabling proper communication on the network. ARP operates at the data link layer of the OSI model.
質問 # 129
Which component of network security architecture is designed to separate the internal network from the external network?
- A. Virtualization
- B. Cloud
- C. Proxy
- D. DMZ
正解:D
解説:
A DMZ, or demilitarized zone, is a network segment that is used to separate the internal network from the external network. It acts as a buffer zone between the organization's network and the internet, providing an additional layer of security. By placing servers, such as web servers or email servers, in the DMZ, organizations can ensure that external traffic is filtered and scrutinized before reaching the internal network.
質問 # 130
Which of the following best defines a vulnerability assessment in the context of cybersecurity?
- A. A process that mitigates the impact of cybersecurity incidents on an organization.
- B. A process that identifies potential security flaws or weaknesses in a system.
- C. A process that determines the level of risk associated with a cybersecurity incident.
- D. A process that identifies potential cybersecurity threats in an organization.
正解:B
解説:
A vulnerability assessment is a systematic process that identifies potential security flaws or weaknesses in a system, network, or application. It focuses on identifying vulnerabilities that could be exploited by attackers. It involves scanning and testing for known vulnerabilities and vulnerabilities resulting from misconfigurations or poor security practices. The assessment provides valuable information for organizations to prioritize their efforts in remediating identified vulnerabilities and improving their overall security posture.
質問 # 131
Which of the following represents a strong passphrase for securing a wireless SoHo network?
- A. 0
- B. P@ssword!
- C. jumpr0pe
- D. CorrectHorseBatteryStaple
正解:D
解説:
A strong passphrase should be long, include a combination of uppercase and lowercase letters, numbers, and special characters. "CorrectHorseBatteryStaple" represents a strong passphrase as it is long and includes multiple words combined with special characters. Options A, B, and D are weak passphrases as they are either too short or do not contain a combination of the mentioned elements.
質問 # 132
Which security feature provides network segmentation by creating virtual networks?
- A. VLANs
- B. VLANs
- C. Virtual Private Network (VPN)
- D. Intrusion Prevention System (IPS)
正解:A
解説:
Option 1: Correct, VLANs (Virtual Local Area Networks) provide network segmentation by creating virtual networks, allowing different groups of devices to be logically separated on the same physical network.
Option 2: Incorrect, Firewalls are designed to monitor and filter network traffic based on predetermined security rules, but they do not provide network segmentation by creating virtual networks.
Option 3: Incorrect, An Intrusion Prevention System (IPS) is a security appliance or software that monitors network traffic for suspicious activity and takes action to prevent potential threats, but it does not provide network segmentation by creating virtual networks.
Option 4: Incorrect, A Virtual Private Network (VPN) is a secure tunnel between two or more devices, typically used to connect remote sites or allow remote users to access the private network. It does not provide network segmentation by creating virtual networks.
質問 # 133
Which protocol is used to assign IP addresses to devices on a network?
- A. UDP
- B. ICMP
- C. TCP
- D. DHCP
正解:D
解説:
DHCP (Dynamic Host Configuration Protocol) is used to assign IP addresses dynamically to devices on a network. Instead of manually configuring IP addresses on each device, DHCP allows for automated IP address allocation, making network administration more efficient.
質問 # 134
Which regulation sets standards for the security and privacy of protected health information (PHI) in the United States?
- A. HIPAA
- B. BYOD
- C. GDPR
- D. PCI DSS
正解:A
解説:
The Health Insurance Portability and Accountability Act (HIPAA) is a regulation in the United States that sets standards for the security and privacy of protected health information (PHI). It applies to organizations, such as healthcare providers, health plans, and healthcare clearinghouses, that handle PHI.
質問 # 135
What is the primary goal of a threat actor in a cyber attack?
- A. To identify and mitigate security risks
- B. To cause damage or disruption to a target
- C. To exploit vulnerabilities in a system
- D. To gain unauthorized access to a network
正解:B
解説:
The primary goal of a threat actor in a cyber attack is typically to cause damage, disruption, or gain some form of unauthorized advantage. They may aim to steal sensitive data, encrypt files for ransom, disrupt services, or compromise the integrity of a system. Understanding the motivations of threat actors helps in building effective defense strategies.
質問 # 136
Which of the following tools is primarily used for analyzing network packets?
- A. Wireshark
- B. Norton Antivirus
- C. Cisco AnyConnect
- D. Oracle Database
正解:A
解説:
Wireshark is a popular open-source tool used for network packet analysis and protocol troubleshooting. It allows users to capture, examine, and analyze network packets in real-time. Wireshark provides detailed information about the different protocols, traffic patterns, and network anomalies, assisting cybersecurity professionals in diagnosing network issues, identifying security vulnerabilities, and detecting potential attacks.
質問 # 137
What regulation is specifically designed to ensure the security of payment card data processed by organizations?
- A. HIPAA
- B. BYOD
- C. PCI DSS
- D. GDPR
正解:C
解説:
The Payment Card Industry Data Security Standard (PCI DSS) is a regulation that focuses on ensuring the security of payment card data processed by organizations. It provides a set of security requirements that organizations handling payment card data must follow to protect against fraud and data breaches.
質問 # 138
Which of the following refers to a list of all hardware components installed on an endpoint system?
- A. Software inventory
- B. Configuration inventory
- C. Hardware inventory
- D. Firmware inventory
正解:C
解説:
Hardware inventory refers to a comprehensive list of all hardware components installed on an endpoint system. This includes information about the CPU, memory, storage devices, network adapters, and any other hardware components.
質問 # 139
Which of the following is true about security policies and procedures?
- A. They should be kept confidential and not shared with employees.
- B. They should be documented once and never changed.
- C. They should be regularly reviewed and updated to reflect changing threats and technologies
- D. They should only be accessible to the IT department.
正解:C
解説:
Option 1: Correct: Security policies and procedures should be regularly reviewed and updated to ensure they align with changing threats and technologies. This helps to maintain the effectiveness of the policies and processes.
Option 2: Incorrect: Security policies and procedures should be accessible to relevant employees and stakeholders, not restricted only to the IT department. It is important for everyone to understand and adhere to the policies and procedures.
Option 3: Incorrect: Security policies and procedures should be regularly updated as needed, not documented once and never changed. The changing threat landscape and evolving technologies necessitate the periodic review and update of security policies and procedures.
Option 4: Incorrect: Security policies and procedures should be communicated and shared with employees to ensure everyone understands and follows them. Keeping them confidential and not sharing them would hinder their effectiveness.
質問 # 140
What action should be taken when a user reports a suspicious email with a potential phishing link?
- A. Click on the link to verify its validity before taking any action.
- B. Forward the email to other users to raise awareness about potential threats.
- C. Escalate the issue to the security team for further investigation.
- D. Delete the email and inform the user that it is safe to proceed.
正解:C
解説:
When a user reports a suspicious email with a potential phishing link, it is important to escalate the issue to the security team for further investigation. Phishing attacks can pose significant risks to organizations, and it is crucial to involve the appropriate experts to assess and address the threat appropriately.
質問 # 141
Which technology allows on-demand access to shared pools of configurable computing resources over a network?
- A. Virtualization
- B. DMZ
- C. Cloud
- D. Proxy
正解:C
解説:
Cloud computing refers to the delivery of on-demand computing resources, including servers, storage, databases, networking, software, and analytics, over the internet. It provides organizations with the ability to access and use shared pools of configurable computing resources quickly and easily, without the need for extensive upfront infrastructure investments. Cloud computing offers scalability, cost-efficiency, and flexibility, making it an essential component of modern IT environments.
質問 # 142
Which encryption algorithm is commonly used for securing wireless network communication?
- A. RC4
- B. AES
- C. SSL
- D. DES
正解:B
解説:
AES (Advanced Encryption Standard) is widely used for securing wireless network communications. It is considered a strong and secure symmetric encryption algorithm that provides confidentiality and data integrity in wireless networks. AES has become the standard encryption algorithm for securing Wi-Fi networks (WPA2).
質問 # 143
Which of the following is an integral part of the CIA triad in cybersecurity?
- A. Intrusion Detection System (IDS)
- B. Firewall
- C. Two-factor authentication (2FA)
- D. Data loss prevention (DLP)
正解:C
解説:
The CIA triad in cybersecurity stands for confidentiality, integrity, and availability. Two-factor authentication (2FA) ensures confidentiality by adding an extra layer of security, requiring users to provide two forms of authentication before gaining access. It helps protect against unauthorized access and adds an additional level of assurance for ensuring data confidentiality.
質問 # 144
......
100-160試験問題集PDF正確率保証と更新された問題:https://www.goshiken.com/Cisco/100-160-mondaishu.html
合格させる100-160試験にはリアル試験エンジンPDFには310問題あります:https://drive.google.com/open?id=1KBaDUNR-mEop1jd3NU7h6ZJwna1McnnK