GUUUUUUUUUUUUUUUUUIIIIIIIIIIIIIAAA

1.- The phrase that best summarizes the purpose of the ISO/IEC 27001 standard is:
a) Always check security
b) Organize information security
c) What do we want to protect?
d) A checklist for security verification

2. The information security policy of a company defines:

a) The commitment to security with the company's information
b) The importance of information and security personnel
c) The management's commitment to information security
d) The importance of information and who is in charge of it

3.- An attack on the network that is carried out to gather information about possible entry points to the
network, is called:
a) Intrusion
b) Scanning
c) Sniffing
d) Phishing

4.- A security policy could be defined as:

a) Preserve the assets of an organization
b) Process by which threats and vulnerabilities in an organization are identified
c) The specification of the requirements for access control to information, applications and
services of an organization
A clear policy that links security with business objectives

5. ISO/IEC 27001 is an international standard that establishes requirements related to:

a) Information Security Management Systems ISMS
b) The groups of cybersecurity specialists in the organization
c) The company director and the company's IT professionals
d) The decision makers of each part of the company

6.- A poor definition of passwords increases the chances of success for what type of attack?
a) Dictionary-based attacks
b) Brute force attacks
c) Attack by password vulnerability detection
d) There are no weak passwords

7.- The components of the security triad are:

a) Availability, confidentiality, and integrity
b) Availability, efficiency, and confidentiality
c) Authenticity, confidentiality, and integrity
d) Authenticity, non-repudiation, and integrity

8.- A network inventory of programs allows:

a) Provide information for a hacker
b) Update online the programs that require it
c) Control the installed programs
d) Know the structure of the network

9.- The confidentiality and authenticity of messages exchanged in a secure internet session
enabled by the use of:
an antivirus
b) SSL
c) A pop-up blocker
a firewall
10.- Security management over time includes (choose 3)
a) Achieve security
b) Analyze security risks
c) Maintain security
d) Evaluate the security
e) Institutionalize security aspects

11. The following diagram shows an attack that corresponds to the type:

a) Interception
b) Modification
c) Interruption
d) Manufacturing

12. The attack on the security of the Manufacturing type is an attack on the __________ of the data
a) Authenticity
availability
c) confidentiality
d) integrity

13.- The THC-HYDRA software performs password cracking based on attacks of the type
(Choose 2)
a) Heuristics
b) brute force
c) Dictionary
d) Procedural
excessive force

14. The traceroute tool provides a system to trace the flow of traffic through
A network. What combination of protocols does it use for this? (Choose 3)
a) TCP
b) UDP
c) ICMP
d) PING
e) IP
f) ARP

15. What type of scanning is referred to as 'open medium tracking'?

a) TCP connect (-sT)
b) TCP SYN scan (-sS)
c) UDP scan (-sU)
d) Ping (-sP)
e) Christmas Tree
16.- If after running NMAP with the -sT option a RST/ACK is received, what does NMAP conclude?
about the port?
a) That the port is open
b) That the port is filtered
c) That the port is closed
d) That the port is indeterminate

17. After a scan with NMAP, you can obtain information about (Choose 3)
a) A list of open ports
b) TCP sequence numbers
c) Quality of user passwords on the network
d) Remote operating systems
e) Content of the packets transmitted over the network

18. After running NMAP with the -sS option, the following diagram is presented.
interaction, What can be said about this result? (Choose 2)

a) The attacking machine sends a TCP SYN-ACK segment (connection confirmation)

b) The attacking machine sends a TCP SYN segment
c) The attacked machine returns an RST (Reset) segment if the port is open
The attacked machine returns an RST (Reset) segment if the port is closed.

19. The two software components required for the execution of NESSUS are (Choose 2)
a) The NESSUS demon: nessusd
b) The NESSUS user account, provided via nessus-adduser
c) The client NESSUS: nessus
d) The NESSUS Attack Scripting Language: NASL

20.- NESSUS works fundamentally in two steps (Choose 2)

a) NESSUS starts by scanning the ports with NMAP to look for open ports
b) NESSUS checks the connection status with one or more remote devices by
between the echo request and echo reply packets (defined in the
ICMP network protocol
c) Open ports are attacked through various vulnerability tests.
d) NESSUS uses TCP and UDP packets to search for vulnerabilities associated with the
open ports
21.- Which of the following attacks are considered active attacks? (Choose 2)
a) Monitor the network traffic
b) Modify the content of a message
c) Obtain the content of a message
d) Denial of services
e) Port scanning

22. Which of the following are possible port states recognized by NMAP? (Choose 3)
Open-Filtered
b) Closed-Filtered
c) Unknown
d) Filtering
Unconditional

23. Regarding the relationship between security services and security mechanisms
it can be said:
a) Security services make use of one or more security mechanisms to
provide the service
b) Security mechanisms use one or more security services for the
implementation of the mechanism
c) According to ITU-T X.800, security services are independent of mechanisms.
of security

24. The following diagram corresponds to (Choose 2):

a) Symmetric cipher
b) Private key encryption
c) Public key encryption
d) Asymmetric encryption
25. There are two requirements for the safe use of symmetric encryption, these are (Choose 2):
a) A known and robust encryption algorithm
b) A public encryption key for the sender and a private encryption key
for the receiver
c) Sender and receiver must have obtained copies of the secret key securely.
d) That the keys are generated randomly

26.- Symmetric encryption algorithms are (Choose 3):

a) RSA
b) DES
c) Diffie-Hellman
3DES
e) IDEA

27.- According to the number of keys used, encryption algorithms can be

classify in (Choose 2):
a) Single key or private algorithms
b) Algorithms without encryption keys
c) Two-key or public key algorithms
d) Algorithms with multiple keys (more than 2)

28. Some of the information security controls are (Choose 2):

a) Preventive
b) Indeterminate
c) Non-repudiation
d) Disuaders

29. An example of information security control is trying to identify events.

unwanted after they have occurred, which of the following is an example of control
like the one mentioned?
perimeter firewall
b) NIDS
c) Backup copies
d) Automatic reconfiguration of firewall rules
e) Elimination of a virus

30. The ifconfig command in UNIX/LINUX is used to properly configure the interfaces.
From our system's network, ifconfig can be used to detect abnormal operation.
from the network card, which of the following could be considered functionalities
anomalous? (Choose 3):
a) Incorrect IP address
b) Incorrect MAC address
c) Duplicate IP address
d) Network card in promiscuous mode
e) Network card without MAC address
31.- To know which ports are being used by the clients we are running. Which
Which of the following commands and their options can we use? (Choose 2)
a) netstat -a
b) scanning -sT of NMAP
c) netstat -p
d) netstat -r
e) scanning –sS of NMAP

32. Which of the following statements best describes the functioning of NESSUS?
a) NESSUS checks the connection status with one or more remote devices by means of
the echo request and echo reply packets (defined in the ICMP network protocol)
b) NESSUS detects vulnerabilities according to the insecure.org list and then exploits them.
the vulnerabilities through the respective exploits.
c) NESSUS starts by scanning the ports with NMAP to look for open ports, then it
open ports are attacked through various vulnerability tests
d) NESSUS uses TCP and UDP packets to search for vulnerabilities associated with the ports
open

33. What type of VPN connection does the following figure correspond to?

a) From internal network to internal network (LAN to LAN)

b) From client to server
c) It is not a valid type of VPN connection
d) From client to internal network (client to LAN)

34. Malicious software (or MALWARE) that impersonates DNS in the local host file to lead us to
a fake website is called:
Trojan
b) Adware
c) Pharming
d) Phishing

35.- A packet filtering firewall allows:

a) Discard packets either by source or destination IP address, port and/or protocol type from a
determined traffic
b) Change its rules depending on network traffic
c) A hardware implementation of the firewall rules
d) Discard ALL network traffic

36.- A poor password definition increases the likelihood of success of what type of attack?
e) Dictionary-based attacks
f) Brute force attacks
g) Attack through password vulnerability detection
h) There are no weak passwords
37. If we want to block the TCP packets used to initiate a connection, which of the following rules
Should it be added to IPTABLES?
a) iptables -A INPUT -j REJECT
b) iptables -A INPUT -p tcp -j REJECT
c) iptables -A INPUT -p tcp --syn -j REJECT
d) iptables -A INPUT -m state --state ESTABLISHED -j REJECT

38.- ISO/IEC 27001 is an international standard that sets requirements related to:
e) Information Security Management Systems ISMS
f) The groups of information security specialists in the organization
g) The company's director and the company's IT specialists
h) The decision-makers of each part of the company

39. Which of the following security attacks are considered active attacks?
a) Port scanning or tracing
b) Monitor the network traffic
c) Obtain the content of a message
d) Modify the content of a message

40. The ________________ refers to the assurance that the information has not been altered or deleted.
copied, etc., well during the transmission process or on your own source equipment.
a) Confidentiality
Efficiency
c) Integrity
d) Availability

41. SHA-1 generates a summary or digest of a message of ______ bits.

a) 128
64
c) 160
256

42. In an IPsec VPN in transport mode:

a) encryption occurs only between the routers of each network
b) It is possible to establish connections through tunnels without encryption, that is, to perform only
encapsulation
c) The encapsulation method used is MPPE
d) Encryption occurs end-to-end, so all machines on the network
must support IPsec