What is the main function of a VPN (Virtual Private Network)?

To provide secure remote access by encrypting data transmission

What does the principle of least privilege (PoLP) state?

Users should only have the minimum access necessary to perform their job functions.

What is the primary purpose of an Intrusion Detection System (IDS)?

To detect and alert on suspicious activity

Which of the following best describes the concept of least privilege? Users are granted only the minimum access necessary to perform their job functions., Users are given administrative privileges to troubleshoot system issues., Users must use multifactor authentication for all logins., Users have unrestricted access to all resources.

Users are granted only the minimum access necessary to perform their job functions.

What is the primary purpose of a VPN?

To encrypt data transmitted over a network

A company suspects an insider threat. Which security control would be most effective in detecting suspicious user activity? Options: Security information and event management (SIEM), Data Loss Prevention (DLP), Antivirus software, Network segmentation

Security information and event management (SIEM)

What is the primary purpose of a digital signature?

Provide integrity and non-repudiation

What is the primary function of a certificate authority (CA) in a public key infrastructure (PKI)?

Issues and manages digital certificates

What is the main advantage of elliptic curve cryptography (ECC) over traditional RSA?

ECC provides strong security with shorter key lengths.

Which of the following is the primary purpose of a risk assessment? Options: To eliminate all risks in an organization, To identify, analyze, and prioritize risks, To implement security controls without assessing risks, To ensure compliance with security policies

To identify, analyze, and prioritize risks

Which of the following BEST describes qualitative risk assessment? Options: Assigning numerical values to risk probabilities and impacts, Using experience and judgment to assess risk severity, Relying solely on financial loss estimates, Calculating the Annualized Loss Expectancy (ALE)

Using experience and judgment to assess risk severity

What is the primary purpose of implementing a Business Impact Analysis (BIA)?

To identify the most critical business functions and their impact if disrupted

What role does a risk register play in risk management?

It records identified risks, their impact, likelihood, and treatment plans.

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Centralize log collection and analyze security events

Which of the following best describes a SOAR (Security Orchestration, Automation, and Response) platform? A system designed to prevent malware infections, A technology that automates and integrates security response workflows, A software used only for network security monitoring, A database for storing security policies

A technology that automates and integrates security response workflows

What is the main advantage of an Endpoint Detection and Response (EDR) solution over traditional antivirus software?

It offers real-time monitoring and behavioral analysis

Which of the following best defines the concept of "least privilege"? Options: Granting users access to all systems for efficiency, Restricting access to only what is necessary for a user’s role, Rotating access permissions weekly, Granting admin rights to all employees

Restricting access to only what is necessary for a user’s role

What is the primary function of a Security Operations Center (SOC)?

To monitor, analyze, and respond to security threats

Which of the following is the BEST way to protect against insider threats? Options: Implementing a strict password policy, Conducting regular security awareness training and user activity monitoring, Disabling all USB ports on company devices, Hiring more security personnel

Conducting regular security awareness training and user activity monitoring

A security analyst notices repeated failed login attempts on a privileged account. What is the BEST immediate action? Options: Disable the account and investigate the activity, Increase the password complexity requirement, Ignore the attempts unless they succeed, Notify the user to change their password

Disable the account and investigate the activity

What is a major security concern with Shadow IT?

It creates potential security risks due to unapproved applications and devices

What is the primary purpose of a buffer overflow attack?

To execute arbitrary code on a system

Which of the following BEST describes a zero-day vulnerability? A vulnerability that has been patched by the vendor, A vulnerability that remains unpatched and is actively exploited, A vulnerability that requires user interaction to exploit, A vulnerability that only affects legacy systems

A vulnerability that remains unpatched and is actively exploited

Which security control is MOST effective in preventing phishing attacks?

Implementing user awareness training

67 Question Sec+ Flashcard

Flashcard

•

Other

•

12th Grade

•

Practice Problem

•

Easy

Wayground Content

Used 1+ times

FREE Resource

Student preview

58 questions

Show all answers

FLASHCARD QUESTION

Front

Which of the following best describes the CIA Triad? Options: Confidentiality, Integrity, Authentication; Confidentiality, Integrity, Availability; Control, Integrity, Availability; Compliance, Integrity, Authentication

Back

Confidentiality, Integrity, Availability

Answer explanation

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

FLASHCARD QUESTION

Front

What is the primary function of a firewall?

Back

Blocking unauthorized access while permitting legitimate communication

Answer explanation

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

FLASHCARD QUESTION

Front

Which attack involves an attacker intercepting and modifying communications between two parties?

Back

Man-in-the-Middle (MitM)

Answer explanation

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

FLASHCARD QUESTION

Front

What is the purpose of multi-factor authentication (MFA)?

Back

To provide an additional layer of security by requiring two or more authentication factors

Answer explanation

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

FLASHCARD QUESTION

Front

Which of the following is an example of a physical security control? Antivirus software, Firewall, Security badge access, Password policy

Back

Security badge access

Answer explanation

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

FLASHCARD QUESTION

Front

What type of malware disguises itself as legitimate software to trick users into installing it?

Back

Trojan Horse

Answer explanation

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

FLASHCARD QUESTION

Front

Which security measure is commonly used to prevent brute-force attacks?

Back

Account lockout policy

Answer explanation

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

45 questions

VNU_B1_2_Holidays and travel

Flashcard

•

University

45 questions

Ôn Tập Kiểm Tra Giữa Kỳ I TIN

Flashcard

•

11th Grade

49 questions

Keywords and definitions

Flashcard

•

10th Grade

64 questions

DAY 01

Flashcard

•

42 questions

Entrepreneurship Reviewer

Flashcard

•

12th Grade

54 questions

Network Components and Protocols

Flashcard

•

11th Grade

48 questions

Đề cương Địa cho em San

Flashcard

•

11th Grade

47 questions

Câu Hỏi Về Cụm Từ Tiếng Anh

Flashcard

•

University

Popular Resources on Wayground

10 questions

Forest Self-Management

Lesson

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

30 questions

Thanksgiving Trivia

Quiz

•

9th - 12th Grade

30 questions

Thanksgiving Trivia

Quiz

•

6th Grade

11 questions

Would You Rather - Thanksgiving

Lesson

•

KG - 12th Grade

48 questions

The Eagle Way

Quiz

•

6th Grade

10 questions

Identifying equations

Quiz

•

KG - University

10 questions

Thanksgiving

Lesson

•

5th - 7th Grade

Discover more resources for Other

30 questions

Thanksgiving Trivia

Quiz

•

9th - 12th Grade

11 questions

Would You Rather - Thanksgiving

Lesson

•

KG - 12th Grade

10 questions

Identifying equations

Quiz

•

KG - University

18 questions

Thanksgiving Trivia

Quiz

•

4th - 12th Grade

20 questions

Thanksgiving

Quiz

•

KG - 12th Grade

28 questions

Ser vs estar

Quiz

•

9th - 12th Grade

10 questions

hands washing

Quiz

•

5th - 12th Grade

53 questions

US History Domain 1 Review CP 2025 (Tech Enhanced)

Quiz

•

9th - 12th Grade

67 Question Sec+ Flashcard

58 questions

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

The main function of a VPN is to provide secure remote access by encrypting data transmission, ensuring privacy and security while accessing the internet or private networks.

The principle of least privilege (PoLP) states that users should only have the minimum access necessary to perform their job functions, ensuring security and reducing the risk of unauthorized access.

The primary purpose of an Intrusion Detection System (IDS) is to detect and alert on suspicious activity within a network, rather than actively blocking access or replacing firewalls.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other