Isdcs Exam
Isdcs Exam
Section A: Linux
OS - Moderate
2. When you issue a “top” command on a linux machine, what are the useful parameters you can
see? (Choose five):
OS - Dfficult
OS - Moderate
OS - Moderate
OS - Moderate
Page 1 of 12
Information Services
Fresh Graduate Program
What is the scheduled date the command “/bin/bash /command/to/run.bash” will run
based on the Cronjob settings above?
OS - Difficult
Page 2 of 12
Information Services
Fresh Graduate Program
Section B: Security
1. “Locky” is among the things which have been a widely publicized topic in information
security affecting both enterprise and home machines. Which of the following statements
best describes it?
a. They are a group of techniques which can be used to break the encryption used
between the target’s machine and the other machines it communicates with.
b. They are usually used as a form of ransomware; encrypting target’s files and attempting
to extort payment in exchange for decrypting their data.
c. They are a suite of vulnerabilities in the cryptographic exchange that happens within the
SSL/TLS protocol.
d. They are specialized malware affecting Linux-based machines; encrypting system files so
that normal function is impaired.
e. They are hidden code embedded by hardware manufacturers into the firmware of
certain devices in efforts to bypass privacy brought about by encryption.
Cyberthreat - Difficult
2. Your company’s official website has apparently been modified to show the following
publicly visible message: “I hv pwned you, ABC Inc. I gots into yo systems”. Among the
options below, which best describes this security incident?
a. Installation of backdoor malware
b. Denial-of-service (DoS) attack
c. Data exfiltration
d. Information disclosure
e. Website defacement
Cyberthreat – Easy
3. Social engineering is a prevalent security concern which exploits inherent weaknesses in the
human element of an organization. Phishing attacks are a popular form of social
engineering. Which of the following best describes the most common goal of a phishing
attempt?
a. Man-in-the-middle eavesdropping
b. Account password theft
c. Theft of peripheral storage media
d. Breach of restricted physical area
e. Destruction of system files
Cyberthreat – Easy
Page 3 of 12
Information Services
Fresh Graduate Program
4. You are tasked to develop a web application containing several different pages and forms,
user accounts, and a database connection. What is the foremost mechanism you would
implement into this web application in order to increase security?
a. Modularization. Segment the different functions and features of the web
application into individual modules to ensure that the failure of one does not affect
the other.
b. Input validation and output encoding. Sanitize all user input and system output to
remove certain characters or strings which may be used in attacking the web
application.
c. Verbose error output. Show detailed error information on webpages in order to
facilitate faster debugging and issue resolution.
d. Reuse older developed code. Leverage previously developed code which should
already be more mature and stable.
e. Hash user data. Include code which will hash user data including account passwords
before these are stored into the database.
Cyberthreat - Difficult
5. Your organization has set up a website which is connected to a backend database server.
Which of the following issues/techniques may allow attackers to steal data from the
database?
a. Cross-site scripting (XSS)
b. SQL injection
c. Cross-site request forgery (CSRF)
d. Directory listing
e. Cookie manipulation
Cyberthreat - Difficult
6. You receive a phone call from a phone number you are not familiar with. The caller claims to
be an employee of your company and even gives you his name but claims he has left his
computer at home. He says that he needs to get in touch with his manager urgently and
asks you to give him contact details of this specific person from the company address book.
Which of the following best describes the most appropriate action from your part in this
situation?
a. Give him the information on that specific person since not giving it may adversely
affect the business of the company.
b. Transfer the call to the team which he claims to belong to.
c. Only give him this specific person’s email address and not any other details such as
the person’s mobile phone number.
d. Validate the claimed identity of the caller by checking if he knows information only
real employees would, but ultimately do not give him any information, then
immediately report the call to the company security team.
e. Do not give him any information, but since calls like this are common and are
difficult to trace, you just ignore this. Cyberthreat - Easy
Page 4 of 12
Information Services
Fresh Graduate Program
Page 5 of 12
Information Services
Fresh Graduate Program
Section C: Virtualization
1. Which of these applications are usually good candidates for virtualization? (Choose one)
a. Applications that are computing-intensive
b. Applications that suffer low utilization
c. Both of the above
d. None of the above
Moderate
Easy
3. Which of the following statements are true for VMWare snapshots? (Choose two)
a. A snapshot is the state of a virtual machine and generally, its storage devices, at an
exact point in time.
b. It is not possible to create multiple snapshots of a virtual machine.
c. The creation of a snapshot increases the performance and reliability of a virtual
machine.
d. Snapshots can be useful as a short-term and rapid backup technique.
Moderate
Easy
5. Identify all required layers for a virtual infrastructure to function. (Choose three):
a. Physical server c. Shared Storage
b. Hypervisor d. Virtual machine
Application/Software e. Virtual switch
Moderate
Page 6 of 12
Information Services
Fresh Graduate Program
6. Can virtualization allow for automated distribution of virtual machines? (Choose one):
a. Yes, the feature called Distributed Resource Scheduler (DRS) can move and group virtual
machines.
b. Yes, the feature called Resource Pools can dynamically allocate resources by moving
distributing virtual machines.
c. No, virtual machines are associated with their hypervisor host and require vMotion to
be moved.
d. No, automated distribution is accomplished by a third party application such as a Load
Balancer.
Difficult
Page 7 of 12
Information Services
Fresh Graduate Program
Section D: Windows
1. What is the default port for HTTPS?
a. 21 c. 53
b. 443 d. 8080
Easy
2. Windows service is a:
a. program or process that runs in the background and does not require user intervention.
b. hardware driver that provides support to a specific device.
c. program or process that runs in the foreground.
d. hardware driver that provides support to the operating system.
Easy
3. An Application layer protocol used to monitor and manage network devices and gather statistics
about network traffic. It operates on UDP ports 161 and 162.
a. Server Message Block (SMB) c. Telnet
b. Secure Shell d. Simple Network Management Protocol (SNMP)
Moderate
Moderate
5. After you configure an IP address and subnet mask on a Windows 7 PC, you want to check the
configuration and confirm that the IP and subnet is configured, which of the below command is
used.
a. ifconfig c. traceroute
b. ping d. ipconfig
Easy
Page 8 of 12
Information Services
Fresh Graduate Program
Section E: Database
1. You have database that contains tables named Customers and Orders. The tables are related by a
column named CustomerID. You need to create a query that meets the following requirements:
Returns the CustomerName for all customers and the OrderDate for any orders that they have
placed. Results must include customers who have not placed any orders. Which join would you
use?
SELECT CustomerName, OrderDate Select the join to fill in the blank:
FROM Customers
________________ Orders a. RIGHT OUTER JOIN
ON Customers.CustomerID = b. JOIN
Orders.CustomerID c. CROSS JOIN
d. LEFT OUTER JOIN
2. You administer a database that supports a banking transaction management application.
You need to retrieve a list of account holders who live in cities that do not have a branch location.
Which Transact-SQL query or queries should you use? (Each correct answer presents a complete
solution. Choose all that apply.)?
a. SELECT AccountHolderID c. SELECT AccountHolderID
FROM AccountHolder FROM AccountHolder
WHERE CityID NOT IN (SELECT WHERE CityID <> SOME (SELECT
CityID FROM BranchMaster) CityID FROM BranchMaster)
b. SELECT AccountHolderID d. SELECT AccountHolderID
FROM AccountHolder FROM AccountHolder
WHERE CityID <> ALL (SELECT CityID WHERE CityID <> ANY (SELECT
FROM BranchMaster) CityID FROM BranchMaster)
Customers Table:
Orders Table:
Page 9 of 12
Information Services
Fresh Graduate Program
You need an SQL statement that will return a list of all orders, and include the corresponding
customer information, only if customer information is available. The table should output the
columns Order ID, OrderDate, Customer ID, and CustomerName.
Indicate if:
a. It is 100% Correct
b. It is incorrect
c. It is partially correct. Should have used an inner join.
d. It is partially correct. Should have used a right outer join.
Page 10 of 12
Information Services
Fresh Graduate Program
Section F: Programming
a. 111111
b. 234561
c. 222221
d. 222222
e. 234567
f. 0
g. None of the choices
Page 11 of 12
Information Services
Fresh Graduate Program
function bubbleSort(a)
{
var swapped;
do {
swapped = false;
for (var i=0; i < a.length- _______; i++) {
if (a[i] _______ a[i+1]) {
var temp = a[i];
a[i] = a[i+1];
a[i+1] = temp;
swapped = _________;
}
}
} while (swapped);
}
bubbleSort(a);
console.log(a);
Page 12 of 12