CCNA Scor Security Concepts Questions

5 of 80 questions · Page 2/2 · Scor Security Concepts topic · Answers revealed

76
Multi-Selectmedium

A security analyst is investigating a malware outbreak. Analysis reveals a remote access trojan (RAT) that communicates with a command-and-control (C2) server. Which TWO behaviors are typical of a RAT? (Choose two.)

Select 2 answers
A.Encrypts files and demands ransom
B.Steals sensitive data from the system
C.Logs keystrokes and captures credentials
D.Performs distributed denial-of-service attacks
E.Allows remote control of the infected system
AnswersC, E

Many RATs include keylogging functionality.

Why this answer

RATs provide remote control, often allowing data exfiltration and keystroke logging. Ransomware encrypts files, and botnets perform DDoS; those are not typical RAT behaviors.

77
MCQeasy

Which cryptographic algorithm is considered deprecated and should be avoided due to known vulnerabilities, especially when used in digital signatures and certificate signing?

A.SHA-256
B.SHA-3
C.AES-256
D.MD5
AnswerD

MD5 is broken and should not be used for cryptographic purposes.

Why this answer

MD5 is a hashing algorithm with known collision vulnerabilities, making it unsuitable for security-sensitive applications like digital signatures.

78
MCQmedium

When a certificate is revoked, which protocol allows a client to check the revocation status in real-time without downloading a full CRL?

A.CRL (Certificate Revocation List)
B.PKI certificate chain
C.SSL/TLS handshake
D.OCSP (Online Certificate Status Protocol)
AnswerD

OCSP allows real-time checking.

Why this answer

OCSP (Online Certificate Status Protocol) provides real-time revocation status without the overhead of CRLs.

79
MCQmedium

A security engineer is evaluating authentication methods. Which authentication factor category does a fingerprint scanner fall under?

A.Possession
B.Knowledge
C.Location
D.Inherence
AnswerD

Inherence factors are biometric characteristics.

Why this answer

Fingerprints are inherent characteristics of a person, placing them in the 'inherence' category (something you are).

80
MCQeasy

Which symmetric encryption algorithm is considered the current standard and is often used in VPNs and SSL/TLS?

A.MD5
B.AES
C.3DES
D.RSA
AnswerB

AES is the current standard for symmetric encryption.

Why this answer

AES (Advanced Encryption Standard) is widely used and recommended.

← PreviousPage 2 of 2 · 80 questions total

Ready to test yourself?

Try a timed practice session using only Scor Security Concepts questions.