- web.groovymark@gmail.com
- December 4, 2024
Question 21
Which of the following types of attacks involves sending a large volume of unsolicited messages over instant messaging platforms?
A. Spam
B. SPIM
C. Phishing
D. Smishing
Correct Answer: B. SPIM
Explanation: SPIM is the practice of sending unsolicited messages over instant messaging platforms. Spam involves emails, phishing seeks personal information, and smishing uses SMS.
Question 22
Which of the following is an attack that manipulates a website’s database by sending malicious SQL statements?
A. Brute-force attack
B. SQL injection
C. Man-in-the-middle attack
D. Denial of Service (DoS)
Correct Answer: B. SQL injection
Explanation: SQL injection attacks manipulate a website's database by injecting malicious SQL queries. Brute-force attacks, man-in-the-middle attacks, and DoS attacks use different techniques.
Question 23
Which of the following is designed to detect and respond to potential security threats in real-time?
A. Penetration testing
B. Security Information and Event Management (SIEM)
C. Tokenization
D. MAC filtering
Correct Answer: B. Security Information and Event Management (SIEM)
Explanation: SIEM systems detect and respond to potential security threats in real-time by collecting and analyzing security data. Penetration testing, tokenization, and MAC filtering serve different security functions.
Question 24
Which of the following refers to an unauthorized attempt to gain access to sensitive data by eavesdropping on network communications?
A. Phishing
B. Smishing
C. Packet sniffing
D. Spoofing
Correct Answer: C. Packet sniffing
Explanation: Packet sniffing involves capturing and analyzing network communications to gain unauthorized access to sensitive data. Phishing, smishing, and spoofing involve different attack vectors.
Question 25
What type of attack involves the use of social engineering techniques to trick users into revealing confidential information through SMS?
A. Phishing
B. SPIM
C. Smishing
D. Spoofing
Correct Answer: C. Smishing
Explanation: Smishing is a type of phishing attack conducted through SMS messages to trick users into revealing confidential information. Phishing, SPIM, and spoofing involve different attack methods.
Question 26
Which of the following protocols is responsible for resolving domain names into IP addresses?
A. DNS
B. DHCP
C. TCP
D. FTP
Correct Answer: A. DNS
Explanation: DNS (Domain Name System) resolves domain names into IP addresses, allowing users to access websites using human-readable names. DHCP, TCP, and FTP serve different network functions.
Question 27
Which of the following protocols is used to securely transfer files over a network?
A. FTP
B. Telnet
C. SFTP
D. HTTP
Correct Answer: C. SFTP
Explanation: SFTP (Secure File Transfer Protocol) is used to securely transfer files over a network. FTP, Telnet, and HTTP are less secure alternatives.
Question 28
Which of the following attacks involves the use of a compromised system to launch attacks on other systems, forming a network of “zombies”?
A. SQL injection
B. Botnet
C. Man-in-the-middle attack
D. Phishing
Correct Answer: B. Botnet
Explanation: A botnet is a network of compromised systems (zombies) used to launch attacks, often distributed denial of service (DDoS) attacks. Other attack methods do not involve creating networks of compromised systems.
Question 29
Which of the following ensures that users cannot deny their involvement in a communication or transaction?
A. Confidentiality
B. Integrity
C. Non-repudiation
D. Availability
Correct Answer: C. Non-repudiation
Explanation: Non-repudiation ensures that users cannot deny their involvement in a communication or transaction. Confidentiality, integrity, and availability provide different security assurances.
Question 30
Which of the following refers to the use of encryption to protect data during transmission over a network?
A. Data at rest encryption
B. Data in transit encryption
C. Tokenization
D. Hashing
Correct Answer: B. Data in transit encryption
Explanation: Data in transit encryption protects data as it travels across a network. Data at rest encryption protects stored data, while tokenization and hashing serve different purposes.
Question 31
What type of malware is designed to replicate itself across a network without requiring user interaction?
A. Virus
B. Worm
C. Trojan
D. Ransomware
Correct Answer: B. Worm
Explanation: A worm is malware that replicates itself across a network without requiring user interaction. Viruses, trojans, and ransomware have different propagation methods.
Question 32
Which of the following is used to hide the true origin of an email or network packet?
A. Encryption
B. Spoofing
C. Hashing
D. VPN
Correct Answer: B. Spoofing
Explanation: Spoofing involves falsifying the origin of an email or network packet to disguise its true source. Encryption, hashing, and VPNs are different security techniques.
Question 33
Which of the following security principles ensures that data has not been altered or tampered with?
A. Availability
B. Confidentiality
C. Integrity
D. Non-repudiation
Correct Answer: C. Integrity
Explanation: Integrity ensures that data remains unaltered and untampered with during transmission or storage. Availability ensures access, confidentiality restricts access, and non-repudiation confirms action authenticity.
Question 34
Which of the following involves sending unsolicited commercial messages over email?
A. SPIM
B. Spam
C. Phishing
D. Smishing
Correct Answer: B. Spam
Explanation: Spam involves sending unsolicited commercial messages over email. SPIM, phishing, and smishing use different communication channels.
Question 35
What type of attack involves an attacker gaining unauthorized access to a Bluetooth device to steal data?
A. Bluesnarfing
B. Spoofing
C. Brute-force attack
D. Smishing
Correct Answer: A. Bluesnarfing
Explanation: Bluesnarfing involves gaining unauthorized access to a Bluetooth device to steal data. Spoofing, brute-force attacks, and smishing are different attack techniques.
Question 36
Which of the following refers to the process of replacing sensitive data with a non-sensitive equivalent that can be used in its place?
A. Encryption
B. Tokenization
C. Hashing
D. Salting
Correct Answer: B. Tokenization
Explanation: Tokenization replaces sensitive data with a non-sensitive equivalent, such as a token, that can be used in its place. Encryption, hashing, and salting are different security techniques.
Question 37
What is the primary purpose of a firewall?
A. To encrypt data in transit
B. To control incoming and outgoing network traffic
C. To provide secure remote access
D. To manage user accounts
Correct Answer: B. To control incoming and outgoing network traffic
Explanation: Firewalls control incoming and outgoing network traffic to protect systems from unauthorized access. They do not provide encryption or manage user accounts.
Question 38
Which of the following types of malware is designed to infect a system and allow an attacker to control it remotely?
A. Virus
B. Worm
C. Remote Access Trojan (RAT)
D. Ransomware
Correct Answer: C. Remote Access Trojan (RAT)
Explanation: A RAT is malware that infects a system and allows an attacker to control it remotely. Viruses, worms, and ransomware behave differently.
Question 39
Which of the following refers to a network architecture that isolates systems or data from the public internet?
A. VPN
B. DMZ
C. Firewall
D. Tokenization
Correct Answer: B. DMZ
Explanation: A DMZ (demilitarized zone) isolates certain systems or data from the public internet while allowing controlled access. VPNs, firewalls, and tokenization serve different purposes.
Question 40
Which of the following is used to provide secure communication over a public network, such as the internet?
A. MAC filtering
B. VPN
C. Firewall
D. Hashing
Correct Answer: B. VPN
Explanation: VPNs provide secure communication over a public network by encrypting traffic. MAC filtering, firewalls, and hashing offer different security functions.