- web.groovymark@gmail.com
- December 2, 2024
Question 01
What is “phishing”?
a) A method for data encryption
b) An attempt to acquire sensitive information by masquerading as a trustworthy entity
c) A type of malware
d) A process for securing networks
Correct Answer: b) An attempt to acquire sensitive information by masquerading as a trustworthy entity
Explanation: Phishing involves tricking individuals into providing personal information, often through deceptive emails or websites.
Question 02
What does “multi-factor authentication” (MFA) provide?
a) A single password for all accounts
b) An additional layer of security by requiring two or more verification methods
c) A method of data backup
d) A technique for data encryption
Correct Answer: b) An additional layer of security by requiring two or more verification methods
Explanation: MFA enhances security by requiring multiple forms of verification before granting access to an account or system.
Question 03
What is a “firewall”?
a) A device for monitoring network traffic
b) A security system that monitors and controls incoming and outgoing network traffic
c) A type of malware
d) A process for data backup
Correct Answer: b) A security system that monitors and controls incoming and outgoing network traffic
Explanation: Firewalls act as barriers between trusted and untrusted networks, helping to prevent unauthorized access.
Question 04
What is “malware”?
a) Software designed to improve system performance
b) Software intended to harm or exploit any programmable device
c) A method of data encryption
d) A type of user authentication
Correct Answer: b) Software intended to harm or exploit any programmable device
Explanation: Malware encompasses various malicious software types, including viruses, worms, and ransomware.
Question 05
What is “social engineering”?
a) An approach to network design
b) Manipulating individuals into divulging confidential information
c) A method of data encryption
d) A technique for managing user accounts
Correct Answer: b) Manipulating individuals into divulging confidential information
Explanation: Social engineering exploits human psychology to trick individuals into revealing sensitive information.
Question 06
What does “data loss prevention” (DLP) do?
a) Monitors network speed
b) Prevents unauthorized data access and transmission
c) A method of data encryption
d) A type of software application
Correct Answer: b) Prevents unauthorized data access and transmission
Explanation: DLP technologies help organizations safeguard sensitive data from unauthorized access and exfiltration.
Question 07
What is a “zero-day vulnerability”?
a) A known vulnerability with a patch
b) A previously unknown vulnerability that attackers can exploit
c) A type of firewall
d) A method for encrypting data
Correct Answer: b) A previously unknown vulnerability that attackers can exploit
Explanation: Zero-day vulnerabilities pose significant risks because they are not yet known to the vendor, making them unpatched.
Question 08
What is “security incident”?
a) A minor software bug
b) An event that compromises the confidentiality, integrity, or availability of information
c) A process for securing networks
d) A type of malware
Correct Answer: b) An event that compromises the confidentiality, integrity, or availability of information
Explanation: Security incidents can range from data breaches to system compromises, requiring an appropriate response.
Question 09
What is “encryption”?
a) A process for data backup
b) The method of converting information into a code to prevent unauthorized access
c) A type of malware
d) A software application
Correct Answer: b) The method of converting information into a code to prevent unauthorized access
Explanation: Encryption protects data by making it unreadable without the appropriate decryption key.
Question 10
What is a “security policy”?
a) A plan for software development
b) A formal document that outlines an organization’s security rules and procedures
c) A type of data backup
d) A method of network monitoring
Correct Answer: b) A formal document that outlines an organization's security rules and procedures
Explanation: Security policies guide employees on how to handle sensitive information and maintain security.
Question 11
What is “data breach”?
a) A secure transfer of data
b) An incident where unauthorized individuals gain access to sensitive data
c) A method of data encryption
d) A type of malware
Correct Answer: b) An incident where unauthorized individuals gain access to sensitive data
Explanation: Data breaches can result in significant financial and reputational damage to organizations.
Question 12
What does “threat intelligence” provide?
a) Information on network performance
b) Knowledge about current and potential threats to inform security decisions
c) A method of software development
d) A technique for data backup
Correct Answer: b) Knowledge about current and potential threats to inform security decisions
Explanation: Threat intelligence helps organizations anticipate and respond to security threats effectively.
Question 13
What is “cybersecurity”?
a) The protection of physical assets
b) The practice of defending computers, servers, mobile devices, and data from malicious attacks
c) A type of malware
d) A method of data backup
Correct Answer: b) The practice of defending computers, servers, mobile devices, and data from malicious attacks
Explanation: Cybersecurity encompasses various practices and technologies aimed at safeguarding information systems.
Question 14
What does “penetration testing” involve?
a) A method for data encryption
b) Simulating attacks on a system to identify vulnerabilities
c) Monitoring network traffic
d) A type of software development
Correct Answer: b) Simulating attacks on a system to identify vulnerabilities
Explanation: Penetration testing helps organizations discover and remediate security weaknesses before attackers can exploit them.
Question 15
What is “endpoint security”?
a) A method for securing databases
b) Measures designed to secure endpoints like computers and mobile devices
c) A process for managing user accounts
d) A technique for data encryption
Correct Answer: b) Measures designed to secure endpoints like computers and mobile devices
Explanation: Endpoint security aims to protect devices from threats and ensure that they do not become entry points for attackers.
Question 16
What is “incident management”?
a) A process for backing up data
b) The practice of responding to and managing security incidents
c) A method for monitoring network performance
d) A type of malware
Correct Answer: b) The practice of responding to and managing security incidents
Explanation: Incident management ensures that security incidents are addressed promptly to minimize their impact.
Question 17
What is “authentication”?
a) The process of verifying a user’s identity
b) A method for data encryption
c) A technique for monitoring network traffic
d) A type of software application
Correct Answer: a) The process of verifying a user's identity
Explanation: Authentication is essential for ensuring that only authorized users can access sensitive information and systems.
Question 18
What is “data encryption at rest”?
a) Encrypting data during transmission
b) Protecting data stored on a device or server
c) A method for managing user accounts
d) A technique for monitoring network traffic
Correct Answer: b) Protecting data stored on a device or server
Explanation: Data encryption at rest ensures that sensitive information is secured while stored, reducing the risk of unauthorized access.
Question 19
What is a “security audit”?
a) A method for backing up data
b) An assessment of an organization’s security policies and controls
c) A type of malware
d) A process for data encryption
Correct Answer: b) An assessment of an organization's security policies and controls
Explanation: Security audits help identify vulnerabilities and ensure compliance with security standards.
Question 20
What does “social media security” refer to?
a) The security of data stored on social media platforms
b) Protecting user accounts and information on social media sites
c) A method of data encryption
d) A type of malware
Correct Answer: b) Protecting user accounts and information on social media sites
Explanation: Social media security measures help safeguard personal and organizational information from unauthorized access and attacks.