Cisco 100-160 Exam Questions (Updated 2025) 100% Real Question Answers [Q119-Q139]

Share

Cisco 100-160 Exam Questions (Updated 2025) 100% Real Question Answers

Pass Cisco 100-160 Exam Quickly With Prep4sures


Cisco 100-160 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Vulnerability Assessment and Risk Management: This section of the exam measures the skills of a Risk Management Analyst and entails identifying and assessing vulnerabilities, understanding risk priorities, and applying mitigation strategies that help manage threats proactively within an organization's systems
Topic 2
  • Basic Network Security Concepts: This section of the exam measures the skills of a Network Defender and focuses on understanding network-level protections, including firewalls, VPNs, and intrusion detection
  • prevention systems, providing insight into how threats are mitigated within network environments.
Topic 3
  • Incident Handling: This section of the exam measures the skills of an Incident Responder and centers on recognizing security incidents, responding appropriately, and containing threats—forming the essential foundation of incident response procedures.
Topic 4
  • Endpoint Security Concepts:This section of the exam measures the skills of an Endpoint Security Specialist and includes securing individual devices, understanding protections such as antivirus, patching, and access control at the endpoint level, essential for maintaining device integrity.
Topic 5
  • Essential Security Principles: This section of the exam measures the skills of a Cybersecurity Technician and covers foundational cybersecurity concepts such as the CIA triad (confidentiality, integrity, availability), along with basic threat types and vulnerabilities, laying the conceptual groundwork for understanding how to protect information systems.

 

NEW QUESTION # 119
Which of the following is an example of a network layer (Layer 3) security control?

  • A. Encryption
  • B. Antivirus software
  • C. Firewall
  • D. Intrusion Detection System (IDS)

Answer: C

Explanation:
A firewall operates at the network layer (Layer 3) of the OSI model and is designed to control incoming and outgoing network traffic based on a set of predetermined security rules. It acts as a barrier between an internal network and external networks, filtering and inspecting packets to prevent unauthorized access and protect against various types of network attacks.


NEW QUESTION # 120
You are reviewing your company's disaster recovery plan.
Which two daily data backup actions should the plan include? (Choose 2.)

  • A. Back up the data by using RAID on a local external hard drive with a secondary power source.
  • B. Back up the data to removable media and store it off-site.
  • C. Back up the data by using cloud services.
  • D. Back up each department's data to a separate local server.

Answer: B,C

Explanation:
The CCST Cybersecurity Study Guide emphasizes that backups should be stored off-site or in the cloud to ensure recovery even if the primary location is damaged or compromised.
"A comprehensive disaster recovery plan includes performing regular backups and ensuring copies are stored in locations not subject to the same physical risks as the primary site. Off-site storage and cloud-based backups provide resilience against local disasters." (CCST Cybersecurity, Essential Security Principles, Backup and Disaster Recovery section, Cisco Networking Academy) A is correct: Off-site removable media ensures recovery even if the main site is destroyed.
B is incorrect: Local-only backups are vulnerable to the same risks as production systems.
C is correct: Cloud services provide geographically separate storage with automated redundancy.
D is incorrect: RAID is for hardware fault tolerance, not a complete backup solution.


NEW QUESTION # 121
Which of the following best describes the concept of "defense in depth" in cybersecurity?

  • A. Establishing strong password policies and enforcing multi-factor authentication
  • B. Deploying advanced encryption algorithms to secure sensitive data
  • C. Utilizing multiple layers of security measures to protect against threats
  • D. Regularly conducting training programs for employees to promote cybersecurity awareness

Answer: C

Explanation:
Defense in depth refers to the practice of implementing multiple layers of security controls and measures to protect against various cyber threats. This approach reduces the likelihood of a single point of failure and increases the overall resilience of the cybersecurity infrastructure.


NEW QUESTION # 122
Which of the following best defines a vulnerability assessment in the context of cybersecurity?

  • A. A process that mitigates the impact of cybersecurity incidents on an organization.
  • B. A process that determines the level of risk associated with a cybersecurity incident.
  • C. A process that identifies potential security flaws or weaknesses in a system.
  • D. A process that identifies potential cybersecurity threats in an organization.

Answer: C

Explanation:
A vulnerability assessment is a systematic process that identifies potential security flaws or weaknesses in a system, network, or application. It focuses on identifying vulnerabilities that could be exploited by attackers. It involves scanning and testing for known vulnerabilities and vulnerabilities resulting from misconfigurations or poor security practices. The assessment provides valuable information for organizations to prioritize their efforts in remediating identified vulnerabilities and improving their overall security posture.


NEW QUESTION # 123
Which of the following is a data protection technique that involves the transformation of data into a format that is unreadable to unauthorized users?

  • A. Intrusion Detection System
  • B. Encryption
  • C. Firewall
  • D. Authentication

Answer: B

Explanation:
Option 1: Incorrect. Authentication refers to the process of verifying the identity of a user or system.
Option 2: Correct. Encryption is a data protection technique that transforms data into a format that is unreadable to unauthorized users. It provides confidentiality and ensures that even if the data is intercepted, it cannot be easily understood.
Option 3: Incorrect. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules.
Option 4: Incorrect. An Intrusion Detection System (IDS) is a security tool that monitors network traffic for suspicious activity or violations of security policies.


NEW QUESTION # 124
Which of the following best defines vulnerability management?

  • A. A process of identifying, classifying, and mitigating vulnerabilities in a system or network.
  • B. An approach to monitor and analyze network traffic for security threats.
  • C. A technique used to encrypt data while in transit over a network.
  • D. A method to detect and respond to unauthorized access attempts on a system.

Answer: A

Explanation:
Vulnerability management is the practice of systematically identifying, categorizing, and addressing vulnerabilities in a system or network. It involves activities such as vulnerability scanning, vulnerability assessment, and vulnerability remediation. The goal of vulnerability management is to minimize the risk of potential exploits by proactively identifying and addressing security weaknesses.


NEW QUESTION # 125
Which of the following features of the Cisco Identity Services Engine (ISE) allows network administrators to define policies for controlling access to network resources based on user identities and user or group attributes?

  • A. TrustSec
  • B. Profiling
  • C. Network Access Profiles
  • D. Identity Firewall

Answer: B

Explanation:
Option 1: Network Access Profiles: Network Access Profiles in Cisco ISE define the behavior of network devices when they are accessed by authenticated users. They are a set of policies that determine how network resources are allocated to users or user groups, and what level of access they have.
Option 2: Identity Firewall: Cisco ISE's Identity Firewall feature enables network administrators to apply firewall policies based on user identities. It allows for granular control over network access and can enforce allow, deny, or redirect actions based on user attributes.
Option 3: Profiling: This is the correct answer. Cisco ISE's Profiling feature is used to dynamically classify endpoints connecting to the network based on their characteristics, such as their MAC addresses, IP addresses, and DHCP options. This information is then used to enforce access policies.
Option 4: TrustSe TrustSec is a Cisco security solution that provides secure access control across the network infrastructure. While TrustSec is related to identity and access management, it is not a feature of Cisco ISE specifically.


NEW QUESTION # 126
What is an Advanced Persistent Threat (APT)?

  • A. A cyberattack that compromises multiple devices simultaneously.
  • B. A type of malware that spreads rapidly through a network.
  • C. A vulnerability in network communication protocols.
  • D. A sophisticated and targeted attack that aims to gain unauthorized access and maintain persistence over a long period.

Answer: D

Explanation:
Advanced Persistent Threats (APTs) are stealthy and prolonged attacks targeted at specific organizations or entities. APTs typically employ sophisticated techniques, including social engineering and zero-day exploits. The primary objectives of APTs are to gain unauthorized access, maintain persistence within the target network or system, and conduct reconnaissance or exfiltrate sensitive data without being detected for an extended period of time.


NEW QUESTION # 127
Which of the following is a common vulnerability management practice?

  • A. Restricting network access based on IP addresses.
  • B. Installing antivirus software on all company devices.
  • C. Encrypting all data at rest in a database.
  • D. Regularly patching software and operating systems.

Answer: D

Explanation:
Regularly patching software and operating systems is a common practice in vulnerability management. Software and operating system vendors release security patches and updates to address known vulnerabilities. By regularly applying these patches, organizations can mitigate the risk of exploitation. Failure to patch systems in a timely manner can leave them vulnerable to attacks that exploit known vulnerabilities.


NEW QUESTION # 128
A SOC analyst notices repeated failed login attempts from a foreign IP address followed by a successful login to a privileged account.
What is the most appropriate next step?

  • A. Ignore the event unless it happens again.
  • B. Reset the affected user's password and investigate the scope of compromise.
  • C. Block all foreign IP addresses from accessing the network.
  • D. Run a full vulnerability scan of the corporate network.

Answer: B

Explanation:
The CCST Cybersecurity course highlights that signs of brute-force attacks followed by successful access require immediate account security actions and an investigation to determine if other systems were accessed.
"When suspicious login activity is detected, immediate containment steps such as password resets and log analysis are necessary to limit damage and identify the extent of the compromise." (CCST Cybersecurity, Incident Handling, Account Compromise Response section, Cisco Networking Academy)


NEW QUESTION # 129
You notice that a new CVE has been shared to an email group that you belong to.
What should you do first with the CVE?

  • A. Research measures to prevent the CVE from attacking the network.
  • B. Add the CVE to the firewall rules for your organization.
  • C. Look up details of the vulnerability to determine whether it applies to your network.
  • D. Record the CVE as part of the disaster recovery plan.

Answer: C

Explanation:
The CCST Cybersecurity material describes that the first step after receiving a new CVE notification is to review its details-such as affected systems, severity, and exploitability-to determine if it is relevant to your organization.
"Upon learning of a new CVE, security teams should analyze the vulnerability description, affected products, and CVSS score to determine applicability and urgency of mitigation." (CCST Cybersecurity, Vulnerability Assessment and Risk Management, Vulnerability Prioritization section, Cisco Networking Academy) A is correct: Confirming applicability avoids unnecessary remediation for irrelevant vulnerabilities.
B is done after confirming applicability.
C (disaster recovery plan) is unrelated to immediate CVE handling.
D (adding to firewall rules) is premature without confirming impact.


NEW QUESTION # 130
Which of the following is an example of an active vulnerability mitigation technique?

  • A. Intrusion prevention system (IPS)
  • B. Security awareness training
  • C. Log monitoring
  • D. Network segmentation

Answer: A

Explanation:
An intrusion prevention system (IPS) is an active vulnerability mitigation technique that sits in-line with network traffic and actively monitors for and blocks suspicious or malicious activities. It helps to prevent potential vulnerabilities from being exploited by detecting and blocking malicious network traffic.


NEW QUESTION # 131
What is vishing?

  • A. A physical attack where an unauthorized person gains entry to a restricted area by following closely behind an authorized person.
  • B. A form of social engineering attack that uses voice or telephone calls to trick victims into revealing sensitive information.
  • C. A cyber attack where an attacker manipulates and deceives an individual to reveal sensitive information.
  • D. A type of phishing attack that targets specific individuals or organizations.

Answer: B

Explanation:
Vishing, which stands for voice phishing, involves using voice or telephone calls to deceive and manipulate individuals into revealing sensitive information. The attacker may pretend to be a legitimate entity, such as a bank representative, and persuade the victim to provide personal or financial details over the phone. Vishing exploits the trust people often have in phone calls and can be used in combination with other attacks.


NEW QUESTION # 132
Which of the following involves dividing a network into smaller, more manageable segments?

  • A. Subnetting
  • B. DHCP configuration
  • C. VLAN configuration
  • D. IP addressing

Answer: A

Explanation:
Subnetting is the process of dividing a network into smaller subnetworks, called subnets or subnetworks. It helps in improving network performance, optimizing address allocation, and enhancing network security. Subnetting is typically done by using a subnet mask to determine the network and host portions of an IP address.


NEW QUESTION # 133
Which of the following is a secure method for sharing sensitive documentation with external parties?

  • A. Using an encrypted communication channel
  • B. Uploading the documents to a public file-sharing service
  • C. Printing the documents and sending them through traditional mail
  • D. Sending the documents via email attachments

Answer: A

Explanation:
Sending sensitive documentation via email or public file-sharing services presents security risks. It is recommended to use an encrypted communication channel, such as secure file transfer protocol (SFTP) or a secure cloud-based collaboration platform, to protect the confidentiality and integrity of the information being shared.


NEW QUESTION # 134
Which compliance framework is specifically related to protecting the personal data and privacy of European Union (EU) citizens?

  • A. GDPR
  • B. PCI-DSS
  • C. HIPAA
  • D. FERPA

Answer: A

Explanation:
The General Data Protection Regulation (GDPR) is a compliance framework implemented by the European Union to protect the personal data and privacy of EU citizens. It focuses on the collection, processing, and storage of personal data, and it applies to any organization that handles EU citizens' data, regardless of its location.


NEW QUESTION # 135
For each statement, select True if it is a common motivation to commit cyber attacks or False if it is not.
Note: You will receive partial credit for each correct selection.

Answer:

Explanation:


NEW QUESTION # 136
Which compliance framework is primarily concerned with securing payment card data and ensuring it is protected against unauthorized access?

  • A. PCI-DSS
  • B. GDPR
  • C. HIPAA
  • D. FERPA

Answer: A

Explanation:
The Payment Card Industry Data Security Standard (PCI-DSS) is a compliance framework developed by the major credit card companies to safeguard payment card data and prevent fraud. It provides guidelines, requirements, and best practices for organizations that handle cardholder information, ensuring that it is stored, processed, and transmitted securely.


NEW QUESTION # 137
Which of the following is a common security control measure used to protect applications from unauthorized access?

  • A. File compression
  • B. Hard disk formatting
  • C. Biometric authentication
  • D. Data anonymization

Answer: C

Explanation:
Biometric authentication is a security control measure that uses physical or behavioral characteristics, such as fingerprint scanning or facial recognition, to verify a user's identity. By implementing biometric authentication, organizations can add an extra layer of protection to their applications and control access to sensitive data. File compression, data anonymization, and hard disk formatting are not directly related to application security measures.


NEW QUESTION # 138
Which of the following is NOT a typical phase of the planning process in cybersecurity?

  • A. Vulnerability scanning
  • B. Risk assessment
  • C. Incident response planning
  • D. Policy development

Answer: A

Explanation:
The planning process in cybersecurity typically includes several phases, such as risk assessment, policy development, and incident response planning. Vulnerability scanning, although an important activity in cybersecurity, is considered a technical control rather than a specific phase of the planning process.


NEW QUESTION # 139
......

Real Cisco 100-160 Exam Questions [Updated 2025]: https://www.prep4sures.top/100-160-exam-dumps-torrent.html

Prepare 100-160 Question Answers - 100-160 Exam Dumps: https://drive.google.com/open?id=18yT2fidFFRylH8u0TIkEvQ4OfIVSVQet