What is the main function of a VPN (Virtual Private Network)?

To provide secure remote access by encrypting data transmission

What does the principle of least privilege (PoLP) state?

Users should only have the minimum access necessary to perform their job functions.

What is the primary purpose of an Intrusion Detection System (IDS)?

To detect and alert on suspicious activity

Which of the following best describes the concept of least privilege? Users are granted only the minimum access necessary to perform their job functions., Users are given administrative privileges to troubleshoot system issues., Users must use multifactor authentication for all logins., Users have unrestricted access to all resources.

Users are granted only the minimum access necessary to perform their job functions.

What is the primary purpose of a VPN?

To encrypt data transmitted over a network

A company suspects an insider threat. Which security control would be most effective in detecting suspicious user activity? Options: Security information and event management (SIEM), Data Loss Prevention (DLP), Antivirus software, Network segmentation

Security information and event management (SIEM)

What is the primary purpose of a digital signature?

Provide integrity and non-repudiation

What is the primary function of a certificate authority (CA) in a public key infrastructure (PKI)?

Issues and manages digital certificates

What is the main advantage of elliptic curve cryptography (ECC) over traditional RSA?

ECC provides strong security with shorter key lengths.

Which of the following is the primary purpose of a risk assessment? Options: To eliminate all risks in an organization, To identify, analyze, and prioritize risks, To implement security controls without assessing risks, To ensure compliance with security policies

To identify, analyze, and prioritize risks

Which of the following BEST describes qualitative risk assessment? Options: Assigning numerical values to risk probabilities and impacts, Using experience and judgment to assess risk severity, Relying solely on financial loss estimates, Calculating the Annualized Loss Expectancy (ALE)

Using experience and judgment to assess risk severity

What is the primary purpose of implementing a Business Impact Analysis (BIA)?

To identify the most critical business functions and their impact if disrupted

What role does a risk register play in risk management?

It records identified risks, their impact, likelihood, and treatment plans.

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Centralize log collection and analyze security events

Which of the following best describes a SOAR (Security Orchestration, Automation, and Response) platform? A system designed to prevent malware infections, A technology that automates and integrates security response workflows, A software used only for network security monitoring, A database for storing security policies

A technology that automates and integrates security response workflows

What is the main advantage of an Endpoint Detection and Response (EDR) solution over traditional antivirus software?

It offers real-time monitoring and behavioral analysis

Which of the following best defines the concept of "least privilege"? Options: Granting users access to all systems for efficiency, Restricting access to only what is necessary for a user’s role, Rotating access permissions weekly, Granting admin rights to all employees

Restricting access to only what is necessary for a user’s role

What is the primary function of a Security Operations Center (SOC)?

To monitor, analyze, and respond to security threats

Which of the following is the BEST way to protect against insider threats? Options: Implementing a strict password policy, Conducting regular security awareness training and user activity monitoring, Disabling all USB ports on company devices, Hiring more security personnel

Conducting regular security awareness training and user activity monitoring

A security analyst notices repeated failed login attempts on a privileged account. What is the BEST immediate action? Options: Disable the account and investigate the activity, Increase the password complexity requirement, Ignore the attempts unless they succeed, Notify the user to change their password

Disable the account and investigate the activity

What is a major security concern with Shadow IT?

It creates potential security risks due to unapproved applications and devices

What is the primary purpose of a buffer overflow attack?

To execute arbitrary code on a system

Which of the following BEST describes a zero-day vulnerability? A vulnerability that has been patched by the vendor, A vulnerability that remains unpatched and is actively exploited, A vulnerability that requires user interaction to exploit, A vulnerability that only affects legacy systems

A vulnerability that remains unpatched and is actively exploited

Which security control is MOST effective in preventing phishing attacks?

Implementing user awareness training

67 Question Sec+ Flashcard

Flashcard

•

Other

•

12th Grade

•

Practice Problem

•

Easy

Wayground Content

Used 1+ times

FREE Resource

Student preview

58 questions

Show all answers

FLASHCARD QUESTION

Front

Which of the following best describes the CIA Triad? Options: Confidentiality, Integrity, Authentication; Confidentiality, Integrity, Availability; Control, Integrity, Availability; Compliance, Integrity, Authentication

Back

Confidentiality, Integrity, Availability

Answer explanation

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

FLASHCARD QUESTION

Front

What is the primary function of a firewall?

Back

Blocking unauthorized access while permitting legitimate communication

Answer explanation

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

FLASHCARD QUESTION

Front

Which attack involves an attacker intercepting and modifying communications between two parties?

Back

Man-in-the-Middle (MitM)

Answer explanation

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

FLASHCARD QUESTION

Front

What is the purpose of multi-factor authentication (MFA)?

Back

To provide an additional layer of security by requiring two or more authentication factors

Answer explanation

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

FLASHCARD QUESTION

Front

Which of the following is an example of a physical security control? Antivirus software, Firewall, Security badge access, Password policy

Back

Security badge access

Answer explanation

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

FLASHCARD QUESTION

Front

What type of malware disguises itself as legitimate software to trick users into installing it?

Back

Trojan Horse

Answer explanation

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

FLASHCARD QUESTION

Front

Which security measure is commonly used to prevent brute-force attacks?

Back

Account lockout policy

Answer explanation

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

51 questions

Audit of Airlines

Flashcard

•

University

50 questions

Marcio SIGWX

Flashcard

•

Professional Development

45 questions

Advanced Vocabulary Flashcards

Flashcard

•

University

57 questions

BJU Chemistry Chapter 2 Test

Flashcard

•

9th - 12th Grade

58 questions

Vocabulary Flashcards

Flashcard

•

9th - 12th Grade

40 questions

19 3D graphics

Flashcard

•

University

55 questions

Bệnh thông liên thất và thông liên nhĩ

Flashcard

•

56 questions

Networking Concepts and Issues

Flashcard

•

KG - University

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Other

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

12 questions

Add and Subtract Polynomials

Quiz

•

9th - 12th Grade

13 questions

Model Exponential Growth and Decay Scenarios

Quiz

•

9th - 12th Grade

27 questions

7.2.3 Quadrilateral Properties

Quiz

•

9th - 12th Grade

7 questions

Amoeba Sisters Dihybrid Cross Punnett Square

Interactive video

•

9th - 12th Grade

10 questions

The Holocaust: Historical Overview

Interactive video

•

9th - 12th Grade

10 questions

Key Features of Quadratic Functions

Interactive video

•

8th - 12th Grade

11 questions

Exponent Quotient Rules A1 U7

Quiz

•

9th - 12th Grade

67 Question Sec+ Flashcard

58 questions

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

The main function of a VPN is to provide secure remote access by encrypting data transmission, ensuring privacy and security while accessing the internet or private networks.

The principle of least privilege (PoLP) states that users should only have the minimum access necessary to perform their job functions, ensuring security and reducing the risk of unauthorized access.

The primary purpose of an Intrusion Detection System (IDS) is to detect and alert on suspicious activity within a network, rather than actively blocking access or replacing firewalls.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other