-
web.groovymark@gmail.com
- December 2, 2024
Question 41
Which of the following is a component of the CIA triad in information security?
a) Accessibility
b) Integration
c) Availability
d) Authentication
Correct Answer: c) Availability
Explanation: The CIA triad consists of Confidentiality, Integrity, and Availability, which are fundamental principles for ensuring information security.
Question 42
What is a “man-in-the-middle” attack?
a) A technique for securing communications
b) An attack where an attacker intercepts communication between two parties
c) A method for data encryption
d) A type of network monitoring
Correct Answer: b) An attack where an attacker intercepts communication between two parties
Explanation: In a man-in-the-middle attack, the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.
Question 43
What is the purpose of network segmentation?
a) To increase network traffic
b) To divide a network into smaller, isolated segments for improved security
c) To eliminate firewalls
d) To simplify network design
Correct Answer: b) To divide a network into smaller, isolated segments for improved security
Explanation: Network segmentation enhances security by isolating different segments of a network, making it harder for attackers to access the entire network if one segment is compromised.
Question 44
What does “malicious code” refer to?
a) Code that improves system performance
b) Code that is intended to harm or exploit a system
c) Code that is open-source
d) Code that is written in Python
Correct Answer: b) Code that is intended to harm or exploit a system
Explanation: Malicious code encompasses various forms of harmful software, such as viruses, worms, and Trojans, designed to disrupt or damage systems.
Question 45
What does “user training” in cybersecurity aim to achieve?
a) To improve system performance
b) To educate users about security risks and best practices
c) To automate security processes
d) To reduce hardware costs
Correct Answer: b) To educate users about security risks and best practices
Explanation: User training in cybersecurity is essential for raising awareness about potential security threats and teaching best practices to minimize risks.
Question 46
What is a “security incident”?
a) A security policy violation
b) An event that compromises the confidentiality, integrity, or availability of information
c) A scheduled security update
d) A user access request
Correct Answer: b) An event that compromises the confidentiality, integrity, or availability of information
Explanation: A security incident refers to any event that threatens or compromises the security of an organization's information.
Question 47
Which of the following is a benefit of using a VPN?
a) Slower internet speed
b) Enhanced security for data in transit
c) Increased physical presence
d) Permanent data loss
Correct Answer: b) Enhanced security for data in transit
Explanation: A VPN (Virtual Private Network) encrypts internet traffic, enhancing security for data transmitted over potentially insecure networks.
Question 48
What is the main goal of incident response?
a) To prevent all security incidents
b) To respond effectively to security incidents to minimize damage
c) To monitor network traffic
d) To develop software solutions
Correct Answer: b) To respond effectively to security incidents to minimize damage
Explanation: Incident response aims to effectively manage security incidents to reduce their impact and restore normal operations as quickly as possible.
Question 49
What does “data encryption” do?
a) Increases data accessibility
b) Converts data into a secure format that can only be read with a key
c) Reduces data storage requirements
d) Automatically deletes data
Correct Answer: b) Converts data into a secure format that can only be read with a key
Explanation: Data encryption transforms information into a format that is unreadable without the appropriate decryption key, protecting it from unauthorized access.
Question 50
Which of the following is a common type of cyber attack?
a) Traffic analysis
b) Phishing
c) Data management
d) Software development
Correct Answer: b) Phishing
Explanation: Phishing is a prevalent type of cyber attack that deceives individuals into providing sensitive information by pretending to be a trustworthy entity.
