- web.groovymark@gmail.com
- December 2, 2024
Question 01
What is the primary function of a firewall?
a) To monitor and control incoming and outgoing network traffic
b) To encrypt sensitive data
c) To store user credentials
d) To create user accounts
Correct Answer: a) To monitor and control incoming and outgoing network traffic
Explanation: Firewalls act as barriers between trusted and untrusted networks, filtering traffic based on security rules.
Question 02
What is the main purpose of penetration testing?
a) To monitor network performance
b) To identify vulnerabilities in systems
c) To develop software applications
d) To conduct user training
Correct Answer: b) To identify vulnerabilities in systems
Explanation: Penetration testing simulates attacks on a system to identify and address security weaknesses.
Question 03
What is the primary goal of encryption?
a) To improve system speed
b) To secure data by making it unreadable without a key
c) To facilitate data backups
d) To enhance user interface design
Correct Answer: b) To secure data by making it unreadable without a key
Explanation: Encryption transforms data into a format that is only accessible with a decryption key, protecting it from unauthorized access.
Question 04
Which of the following is a common sign of a phishing attack?
a) Unexpected email attachments from known contacts
b) Regularly scheduled system updates
c) Increased network performance
d) Stronger password requirements
Correct Answer: a) Unexpected email attachments from known contacts
Explanation: Phishing attacks often involve deceptive emails with attachments or links intended to steal sensitive information.
Question 05
What is a “threat actor”?
a) A person or group that initiates a cyber attack
b) A security tool used to detect vulnerabilities
c) An organization that provides cybersecurity training
d) A network security protocol
Correct Answer: a) A person or group that initiates a cyber attack
Explanation: Threat actors are individuals or entities that exploit vulnerabilities to conduct malicious activities.
Question 06
What does “malware” refer to?
a) Software that enhances system performance
b) Malicious software designed to harm or exploit devices
c) Software used for data management
d) An application for web browsing
Correct Answer: b) Malicious software designed to harm or exploit devices
Explanation: Malware includes various harmful software types, such as viruses, worms, and Trojans, designed to disrupt systems.
Question 07
Which of the following is an example of physical security?
a) Password policies
b) Firewalls
c) Security cameras
d) Antivirus software
Correct Answer: c) Security cameras
Explanation: Physical security involves protecting physical assets through measures like surveillance and access control systems.
Question 08
What is the purpose of a vulnerability assessment?
a) To develop new software applications
b) To identify and prioritize security weaknesses
c) To monitor user activity
d) To provide customer support
Correct Answer: b) To identify and prioritize security weaknesses
Explanation: A vulnerability assessment systematically identifies and evaluates security risks within a system or network.
Question 09
What is the role of a security operations center (SOC)?
a) To develop new software products
b) To monitor and respond to security incidents
c) To conduct employee training
d) To manage financial transactions
Correct Answer: b) To monitor and respond to security incidents
Explanation: An SOC is responsible for continuous monitoring and response to security events and incidents within an organization.
Question 10
What is “ransomware”?
a) A type of malware that encrypts files and demands payment
b) A security protocol for network communications
c) A method for backing up data
d) A tool for enhancing user authentication
Correct Answer: a) A type of malware that encrypts files and demands payment
Explanation: Ransomware restricts access to files by encrypting them and demands a ransom for the decryption key.
Question 11
Which of the following is a common method to secure sensitive data?
a) Using public Wi-Fi networks
b) Regularly changing passwords
c) Disabling firewalls
d) Ignoring software updates
Correct Answer: b) Regularly changing passwords
Explanation: Regularly changing passwords reduces the risk of unauthorized access and enhances data security.
Question 12
What is “social engineering”?
a) The study of social networks
b) Manipulating individuals into divulging confidential information
c) An approach to software development
d) A networking protocol
Correct Answer: b) Manipulating individuals into divulging confidential information
Explanation: Social engineering exploits human psychology to trick individuals into revealing sensitive information.
Question 13
What does “DDoS” stand for?
a) Data Distribution over Service
b) Distributed Denial of Service
c) Digital Data Operation System
d) Domain Detection over Security
Correct Answer: b) Distributed Denial of Service
Explanation: A DDoS attack overwhelms a target with traffic from multiple sources to disrupt its service.
Question 14
What is the main objective of risk management in cybersecurity?
a) To eliminate all risks
b) To assess and prioritize risks for informed decision-making
c) To monitor network performance
d) To develop software solutions
Correct Answer: b) To assess and prioritize risks for informed decision-making
Explanation: Risk management involves identifying, assessing, and prioritizing risks to make informed decisions about security measures.
Question 15
What is a “zero-day vulnerability”?
a) A vulnerability with no available patches
b) A vulnerability that has been known for years
c) A type of malware
d) A common security policy
Correct Answer: a) A vulnerability with no available patches
Explanation: A zero-day vulnerability is one that is unknown to the vendor and has no fix available at the time of discovery.
Question 16
What is the primary function of antivirus software?
a) To enhance system performance
b) To detect and remove malware
c) To manage user accounts
d) To encrypt sensitive data
Correct Answer: b) To detect and remove malware
Explanation: Antivirus software scans and removes malicious software from systems to protect against infections.
Question 17
What does “phishing” typically involve?
a) Secure coding practices
b) Deceptive emails or messages to steal personal information
c) Network traffic analysis
d) Data encryption techniques
Correct Answer: b) Deceptive emails or messages to steal personal information
Explanation: Phishing involves tricking individuals into providing sensitive information through fraudulent communications.
Question 18
What is the purpose of a data backup?
a) To improve system performance
b) To create a copy of data for recovery purposes
c) To secure user credentials
d) To enhance network security
Correct Answer: b) To create a copy of data for recovery purposes
Explanation: Data backups ensure that information can be restored in the event of loss or corruption.
Question 19
What is the significance of using multi-factor authentication (MFA)?
a) It simplifies password management
b) It adds an extra layer of security to user authentication
c) It reduces server load
d) It eliminates the need for passwords
Correct Answer: b) It adds an extra layer of security to user authentication
Explanation: MFA requires users to provide two or more verification factors to access an account, enhancing security.
Question 20
What is a “brute force attack”?
a) A method of encrypting data
b) An attack that uses trial-and-error to guess passwords
c) A type of network analysis
d) A secure coding technique
Correct Answer: b) An attack that uses trial-and-error to guess passwords
Explanation: Brute force attacks attempt all possible combinations to gain unauthorized access to an account or system.