01. An organization has noticed unusual network traffic and unauthorized access to its confidential databases over several months. The IT department suspects that this is not the result of random malware but rather a targeted attack by a group aiming to steal intellectual property.
Which of the following best describes this type of cyber threat?
a) Phishing
b) Ransomware
c) Advanced Persistent Threat (APT)
d) Adware
02. With the increase in employees using smartphones and tablets for work, a company implements a Mobile Device Management (MDM) solution to secure these devices. The MDM software allows the IT department to enforce security policies, remotely wipe data on lost devices, and manage application installations.
Which of the following statements best reflects the benefit of implementing an MDM solution in a corporate environment?
a) It makes the mobile devices slower and less efficient due to the additional security measures.
b) It enhances security and supports regulatory compliance by managing and protecting corporate data on mobile devices.
c) It provides a platform for monitoring employee personal activities on their devices.
d) It restricts employees' use of mobile devices, ensuring they cannot work outside the office.
03. Considering the role of firewalls in protecting network security, which statement accurately reflects the use of a next-generation firewall (NGFW) in an enterprise environment?
a) NGFWs only filter incoming traffic based on IP addresses and ports.
b) NGFWs are primarily used to enhance the speed of network traffic.
c) NGFWs combine traditional firewall technology with additional functionalities like encrypted traffic inspection and intrusion prevention systems.
d) NGFWs decrease network security by adding complexity without improving protection.
04. Which action enhances physical security?
a) Leaving devices unattended in public places
b) Using cable locks for laptops in public areas
c) Writing down passwords and keeping them under the keyboard
d) Sharing access codes with colleagues for convenience
05. How can individuals maintain their privacy on social networking sites?
a) By accepting all friend requests
b) By using their real name and birthdate in their profile
c) By sharing their location at all times
d) By regularly reviewing and adjusting privacy settings
06. Which of the following encryption algorithms is considered asymmetric?
a) AES
b) 3DES
c) Blowfish
d) RSA
07. What is a common sign that your operating system has been compromised?
a) Frequent system crashes or slow down
b) Increased storage capacity
c) Automatic updates are disabled
d) Faster than usual performance
08. A multinational corporation with sensitive customer data on its servers experiences a data breach. The company had an incident response plan in place, which they activated immediately upon discovery of the breach.
This plan included steps such as isolating affected systems, conducting a forensic analysis to understand the breach's extent, notifying affected customers, and working with law enforcement.
Which of the following best describes the primary benefit of the company having an incident response plan?
a) It completely prevented the data breach.
b) It minimized the damage and helped in the recovery process by providing a clear set of steps to follow.
c) It made the company immune to any legal consequences.
d) It ensured that the company's reputation would not be harmed.
09. Why is it important to use strong, unique passwords for cloud services?
a) To prevent unauthorized access to your data
b) To ensure data is easily accessible
c) To increase cloud storage capacity
d) To reduce the cost of cloud services
10. What distinguishes an Advanced Persistent Threat (APT) from other cyber threats?
a) APTs are less sophisticated than most malware attacks.
b) APTs involve prolonged and targeted cyberattack campaigns against specific entities.
c) APTs typically target individual users rather than organizations.
d) APTs are easily detected and mitigated with standard antivirus software.
The purpose of this Sample Question Set is to provide you with information about the EC-Council Certified Secure Computer User exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the 112-12 certification test. To get familiar with real exam environment, we suggest you try our Sample EC-Council CSCU Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual EC-Council Certified Secure Computer User (CSCU) certification exam.