-
web.groovymark@gmail.com
- December 2, 2024
Question 21
What is “cyber threat intelligence”?
a) The collection and analysis of information about potential cyber threats
b) A method of data encryption
c) A type of malware
d) A data backup solution
Correct Answer: a) The collection and analysis of information about potential cyber threats
Explanation: Cyber threat intelligence helps organizations understand and mitigate threats more effectively.
Question 22
What is “threat hunting”?
a) The process of identifying and mitigating security threats
b) A method of data encryption
c) A type of malware
d) A network monitoring tool
Correct Answer: a) The process of identifying and mitigating security threats
Explanation: Threat hunting involves proactively searching for indicators of compromise within networks and systems.
Question 23
What is a “botnet”?
a) A type of firewall
b) A network of infected devices controlled by an attacker
c) A data backup solution
d) A method of user authentication
Correct Answer: b) A network of infected devices controlled by an attacker
Explanation: Botnets are often used to launch distributed denial-of-service (DDoS) attacks or distribute malware.
Question 24
What does “malware analysis” involve?
a) The process of backing up data
b) The examination of malicious software to understand its behavior and impact
c) A type of firewall
d) A method of user authentication
Correct Answer: b) The examination of malicious software to understand its behavior and impact
Explanation: Malware analysis helps security professionals develop effective countermeasures against threats.
Question 25
What is “network segmentation”?
a) Dividing a network into smaller parts to enhance security
b) A type of malware
c) A method of data encryption
d) A backup solution
Correct Answer: a) Dividing a network into smaller parts to enhance security
Explanation: Network segmentation helps contain security incidents and improve overall network performance.
Question 26
What is “data encryption at rest”?
a) Encrypting data while in transit
b) Encrypting data stored on disk
c) A type of malware
d) A method of user authentication
Correct Answer: b) Encrypting data stored on disk
Explanation: Data encryption at rest protects sensitive information from unauthorized access while it is stored.
Question 27
What is “cloud security”?
a) A method of data backup
b) The practice of protecting cloud computing environments and data
c) A type of firewall
d) A process for managing user accounts
Correct Answer: b) The practice of protecting cloud computing environments and data
Explanation: Cloud security involves implementing security measures to protect data and applications hosted in the cloud.
Question 28
What is “patch management”?
a) The process of identifying, acquiring, and installing updates for software
b) A method of encrypting data
c) A type of malware
d) A network monitoring tool
Correct Answer: a) The process of identifying, acquiring, and installing updates for software
Explanation: Patch management helps fix vulnerabilities in software and ensures systems remain secure.
Question 29
What is a “security incident”?
a) An event that compromises the confidentiality, integrity, or availability of information
b) A type of malware
c) A method of user authentication
d) A data backup solution
Correct Answer: a) An event that compromises the confidentiality, integrity, or availability of information
Explanation: Security incidents require immediate response to mitigate damage.
Question 30
What is “insider threat”?
a) Threats from external attackers
b) Threats originating from within the organization
c) A type of malware
d) A method of user authentication
Correct Answer: b) Threats originating from within the organization
Explanation: Insider threats can involve employees or contractors misusing access to sensitive information.
Question 31
What does “incident management” entail?
a) A process for handling and resolving security incidents
b) A method for encrypting data
c) A type of firewall
d) A data backup solution
Correct Answer: a) A process for handling and resolving security incidents
Explanation: Incident management ensures timely response and recovery from security events.
Question 32
What is “disaster recovery”?
a) The process of backing up data
b) A set of policies and procedures for recovering from a disruptive event
c) A type of malware
d) A network monitoring tool
Correct Answer: b) A set of policies and procedures for recovering from a disruptive event
Explanation: Disaster recovery focuses on restoring critical systems and operations after a disaster.
Question 33
What is “regulatory compliance”?
a) The process of managing user accounts
b) Adhering to laws, regulations, and guidelines relevant to an organization’s operations
c) A type of malware
d) A method of data encryption
Correct Answer: b) Adhering to laws, regulations, and guidelines relevant to an organization's operations
Explanation: Regulatory compliance helps organizations avoid legal penalties and enhance their reputation.
Question 34
What does “threat modeling” involve?
a) Creating visual representations of security incidents
b) Identifying and prioritizing potential threats to a system or application
c) A method of data encryption
d) A type of malware
Correct Answer: b) Identifying and prioritizing potential threats to a system or application
Explanation: Threat modeling helps organizations understand risks and implement appropriate security measures.
Question 35
What is “email security”?
a) A type of firewall
b) The practice of protecting email accounts and communications
c) A method of data encryption
d) A data backup solution
Correct Answer: b) The practice of protecting email accounts and communications
Explanation: Email security measures help prevent phishing, spam, and unauthorized access to email accounts.
Question 36
What is “digital rights management” (DRM)?
a) A method for encrypting data
b) A technology used to control access to digital content
c) A type of malware
d) A data backup solution
Correct Answer: b) A technology used to control access to digital content
Explanation: DRM helps protect intellectual property by preventing unauthorized use and distribution.
Question 37
What is “API security”?
a) A type of malware
b) The practice of securing application programming interfaces from threats
c) A method of data encryption
d) A network monitoring tool
Correct Answer: b) The practice of securing application programming interfaces from threats
Explanation: API security involves protecting APIs from attacks that could compromise data or services.
Question 38
What does “malicious code” refer to?
a) Code that enhances software functionality
b) Code designed to harm, exploit, or compromise a computer system
c) A method of data encryption
d) A type of firewall
Correct Answer: b) Code designed to harm, exploit, or compromise a computer system
Explanation: Malicious code includes viruses, worms, trojans, and ransomware.
Question 39
What is “internet security”?
a) A method for backing up data
b) A practice that encompasses security measures for protecting users and data on the internet
c) A type of malware
d) A data encryption method
Correct Answer: b) A practice that encompasses security measures for protecting users and data on the internet
Explanation: Internet security aims to safeguard online communications and transactions from threats.
Question 40
What does “security policy” refer to?
a) A method of data encryption
b) A document outlining an organization’s security requirements and procedures
c) A type of malware
d) A data backup solution
Correct Answer: b) A document outlining an organization's security requirements and procedures
Explanation: Security policies help ensure consistent security practices within an organization.
