CC - Certified in Cybersecurity Questions and Answers
Question 117
Which is the loopback address?
Options:
A.
::1
B.
127.0.0.1
C.
255.255.255.0
D.
Both A and B
Answer:
D
Explanation:
The loopback address allows a system to test its own network stack.127.0.0.1is the IPv4 loopback address, while::1is its IPv6 equivalent. Both route traffic internally without leaving the host.
Question 118
The order of controls used in defense in depth:
Options:
A.
Assets → Physical → Administrative → Technical
B.
Assets → Administrative → Physical → Technical
C.
Physical → Administrative → Technical → Assets
D.
Assets → Administrative → Technical → Physical
Answer:
D
Explanation:
Defense in depth begins by identifying assets, followed by administrative controls (policies), technical controls (logical), and physical controls to protect systems at multiple layers.
Question 119
What is the primary goal of input validation?
Options:
A.
Secure storage
B.
Prevent unauthorized access
C.
Prevent code injection attacks
D.
Encrypt data
Answer:
C
Explanation:
Input validation ensures user inputs are sanitized and conform to expected formats, preventing injection attacks such as SQL injection and command injection.
Question 120
A backup is which type of security control?
Options:
A.
Preventive
B.
Deterrent
C.
Recovery
D.
Corrective
Answer:
C
Explanation:
Backups are recovery controls because they restore data and systems after failures, attacks, or disasters.
