PAPER SECURITY MNH

Question 4: What is the MOST common security risk of a mobile device?

A) Insecure communications link

B) Data leakage

C) Malware infection

D) Data spoofing

Question 5: What technology could Amanda's employer implement to help prevent confidential
data from being emailed out of the organization?

A) DLP

B) A firewall

C) UDP

Question 6: What is the purpose of a security information and event management (SIEM)
system?

A) To enforce security policies and control access to a network or system

B) To monitor network traffic for signs of compromise and alert security personnel to potential
threats

C) To identify vulnerabilities in a network or system by scanning for known security weaknesses

D) To detect and block malicious traffic

Question 7: What three types of interfaces are typically tested during software testing?

A) Application, programmatic, and user interfaces

B) APIs, UIs, and physical interfaces

C) Network interfaces, APIs, and UIs

D) Network, physical, and application interfaces

Question 10: What is the purpose of the data protection audit under the Tanzanian Data
Protection Act?

A) All options are correct

C) To identify areas for improvement in the policies

D) To assess the organization’s compliance with data protection regulations

Question 13: What malware analysis operation can the investigator perform using the jv16 tool?

A) Files and Folder Monitor

B) Network Traffic Monitoring/Analysis

C) Registry Analysis/Monitoring

Question 15: Which regulation requires companies to appoint a Data Protection Officer (DPO) if
they process large amounts of personal data?

A) Cyber Crime Act, 2015

B) National Payment Systems (NPS) Act, 2016

C) EPOCA

D) The Personal Data Protection Act, 2022

Question 16: What is the primary purpose of a security incident response plan?

A) To encrypt sensitive data during transmission

B) To detect and remove malware from a system

C) To block malicious websites

D) To outline procedures for responding to and managing cybersecurity incidents

Question 19: What type of vulnerability scan accesses configuration information from the
systems it is run against as well as information that can be accessed via services available via the
network?

A) Web application scans

B) Port scans

C) Authenticated scans

D) Unauthenticated scans

Question 20: Which among the following is the best example of the third step (delivery) in the
cyber kill chain?
A) An intruder creates malware to be used as a malicious attachment to an email

B) An intruder sends a malicious attachment via email to a target

C) An intruder’s malware is installed on a target’s machine

D) An intruder’s malware is triggered when a target opens a malicious email attachment

Question 22: What type of attack is the creation and exchange of state tokens intended to
prevent?

A) CSRF

B) SQL injection

C) XACML D) XSS

Question 25: Which one of the following is not a valid key length for the Advanced Encryption
Standard?

A) 256 bits

B) 384 bits

C) 128 bits

D) 192 bits

Question 26: What is the purpose of data anonymization?

A) To ensure data accuracy

B) To remove identifying information to protect privacy

C) To make data processing faster

D) To enable data sharing with third parties

Question 28: Why would you need to find out the gateway of a device when investigating a
wireless attack?

A) The gateway will be the IP of the attacker computer

B) The gateway will be the IP of the proxy server used by the attacker to launch the attack

C) The gateway will be the IP used to manage the RADIUS server

D) The gateway will be the IP used to manage the access point

A) ps -ef | grep -a

B) lsmod -a

C) ls -l (jibu sahihi)

D) lsmod

Question 30: What is the term used to describe a cybersecurity attack that occurs
simultaneously from multiple sources?

A) Coordinated attack

B) Spear phishing

C) Zero-day attack

D) Brute-force attack

Question 31: What type of attack occurs when an attacker can force a router to stop forwarding
packets by flooding the router with many open connections simultaneously so that all the hosts
behind the router are effectively disabled?

A) ARP redirect

B) Physical attack

C) Denial of service

D) Digital attack

Question 32: What is the purpose of a Data Protection Policy?

A) To increase data storage capacity

B) To improve marketing strategies

C) To ensure compliance with financial regulations

D) To outline how an organization will manage and protect personal data

Question 34: What is the principle of accountability in data protection?

B) Demonstrating compliance with data protection laws

C) Keeping personal data for as long as necessary

Question 35: When using Windows acquisitions tools to acquire digital evidence, it is important
to use a well-tested hardware write-blocking device to __________

A) Prevent contamination to the evidence drive

B) Acquire data from the host-protected area on a disk

C) Automate collection from image files

D) Avoid copying data from the boot partition

Question 36: What utility could be used to avoid sniffing of traffic?

A) Proxyfy

B) Shark

C) SandroProxy

D) Psiphon

Question 39: What type of security issue arises when an attacker can deduce a more sensitive
piece of information by analyzing several pieces of information classified at a lower level?

A) Inference

B) Parameterization

C) SQL injection

D) Multilevel security

Question 41: What is the purpose of a security token in authentication?

A) To encrypt sensitive data during transmission

B) To verify the identity of a user

C) To detect and remove malware from a system

D) To block spam emails

A) Data retention

B) Data processing

C) Data breach

D) Data encryption

Question 45: Which principle requires that personal data be collected for specified, explicit, and
legitimate purposes?

A) Data minimization

B) Purpose limitation

C) Storage limitation

D) Accuracy

Question 46: What mode must be configured to allow an NIC to capture all traffic on the wire?

A) Extended mode

B) 10/100

C) Promiscuous mode

D) Monitor mode

Question 47: What security control does MAC cloning attempt to bypass for wired networks?

A) VLAN hopping

B) 802.1q trunking

C) Etherkiller prevention

D) Port security

Question 49: Which section of the assessment report addresses separate vulnerabilities,
weaknesses, and gaps?

A) Risk review section

B) Key findings section

C) Executive summary with full details

Question 50: What is the purpose of the data protection register maintained by the Personal
Data Protection Commission in Tanzania?

A) All options are correct

B) To facilitate the enforcement of data protection laws

C) To record all data processing activities in the country

D) To register all data controllers and data processors