What is the main function of a VPN (Virtual Private Network)?

To provide secure remote access by encrypting data transmission

To prevent unauthorized access to files

To replace traditional firewalls

What does the principle of least privilege (PoLP) state?

Users should only have the minimum access necessary to perform their job functions

Users should have access to all resources on a system

Users must change their passwords every 30 days

Users should be granted administrator rights by default

What is the primary purpose of an Intrusion Detection System (IDS)?

To detect and alert on suspicious activity

To actively block unauthorized access attempts

To replace firewalls in network security

Which of the following best describes the concept of least privilege?

Users are granted only the minimum access necessary to perform their job functions.

Users are given administrative privileges to troubleshoot system issues.

Users must use multifactor authentication for all logins.

Users have unrestricted access to all resources.

What is the primary purpose of a VPN?

To encrypt data transmitted over a network

To scan networks for vulnerabilities

To block unauthorized access to files

A company wants to implement a security measure that ensures a user's identity is verified based on multiple authentication factors. Which method should they use?

Role-based access control (RBAC)

A company suspects an insider threat. Which of the following security controls would be most effective in detecting suspicious user activity?

Security information and event management (SIEM)

What is the primary purpose of a digital signature?

Provide integrity and non-repudiation

Encrypt messages for confidentiality

Establish a secure communication channel

Generate random cryptographic keys

What is the primary function of a certificate authority (CA) in a public key infrastructure (PKI)?

Issues and manages digital certificates

Encrypts messages for secure communication

What is the main advantage of elliptic curve cryptography (ECC) over traditional RSA?

ECC provides strong security with shorter key lengths

ECC requires larger key sizes for the same security level

Which of the following is the primary purpose of a risk assessment?

To identify, analyze, and prioritize risks

To eliminate all risks in an organization

To implement security controls without assessing risks

To ensure compliance with security policies

Which of the following BEST describes qualitative risk assessment?

Using experience and judgment to assess risk severity

Assigning numerical values to risk probabilities and impacts

Relying solely on financial loss estimates

Calculating the Annualized Loss Expectancy (ALE)

What is the primary purpose of implementing a Business Impact Analysis (BIA)?

To identify the most critical business functions and their impact if disrupted

To assess compliance with government regulations

To eliminate cybersecurity threats

What role does a risk register play in risk management?

It records identified risks, their impact, likelihood, and treatment plans

It lists security controls implemented in the organization

It is used only for financial reporting purposes

It replaces a business continuity plan

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Centralize log collection and analyze security events

Detect and respond to physical security threats

Encrypt stored sensitive information

Prevent zero-day attacks through firewall rules

Which of the following best describes a SOAR (Security Orchestration, Automation, and Response) platform?

A technology that automates and integrates security response workflows

A system designed to prevent malware infections

A software used only for network security monitoring

A database for storing security policies

What is the main advantage of an Endpoint Detection and Response (EDR) solution over traditional antivirus software?

It offers real-time monitoring and behavioral analysis

It only detects known malware signatures

It does not require cloud connectivity

It replaces the need for firewalls

Which of the following best defines the concept of "least privilege"?

Restricting access to only what is necessary for a user’s role

Granting users access to all systems for efficiency

Rotating access permissions weekly

Granting admin rights to all employees

What is the primary function of a Security Operations Center (SOC)?

To monitor, analyze, and respond to security threats

To develop software security patches

To manage an organization's HR policies

To physically secure the data center

Which of the following is the BEST way to protect against insider threats?

Conducting regular security awareness training and user activity monitoring

Implementing a strict password policy

Disabling all USB ports on company devices

A security analyst notices repeated failed login attempts on a privileged account. What is the BEST immediate action?

Disable the account and investigate the activity

Increase the password complexity requirement

Ignore the attempts unless they succeed

Notify the user to change their password

What is a major security concern with Shadow IT?

It creates potential security risks due to unapproved applications and devices

It increases IT department efficiency

It improves compliance with industry regulations

It reduces attack surface by limiting IT resources

What is the primary purpose of a buffer overflow attack?

To execute arbitrary code on a system

To inject malicious SQL commands

To overload a system with traffic

Which of the following BEST describes a zero-day vulnerability?

A vulnerability that remains unpatched and is actively exploited

A vulnerability that has been patched by the vendor

A vulnerability that requires user interaction to exploit

A vulnerability that only affects legacy systems

Which security control is MOST effective in preventing phishing attacks?

Implementing user awareness training

Disabling JavaScript in web browsers

An attacker intercepts communication between two parties to eavesdrop or alter messages. Which attack is this?

Cross-Site Request Forgery (CSRF)

67 Question Sec+ Quiz

12th Grade

•

58 Qs

Similar activities

Useful Knowledge Study Guide

9th - 12th Grade

•

53 Qs

Feedback Loops & Disease Vocabulary

8th - 12th Grade

•

62 Qs

KUIS Jelang PAS Kerajinan Limbah Tekstil

12th Grade

•

60 Qs

The Alchemist Quiz

12th Grade

•

57 Qs

Seberapa tau kamu tentang Covid-19?

1st - 12th Grade

•

60 Qs

Bioquímica Médica Primer Parcial

12th Grade - University

•

54 Qs

Los Mandatos y la Comida

9th - 12th Grade

•

56 Qs

Tema 3. Test 2. Operaciones con sólidos.

2nd Grade - University

•

60 Qs

67 Question Sec+ Quiz

Quiz

•

Other

•

12th Grade

•

Practice Problem

•

Easy

steven bair

Used 10+ times

FREE Resource

58 questions

Show all answers

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

60 questions

Sub Staff Mega Quiz

Quiz

•

12th Grade

58 questions

This is / That is / These are / Those are -Demonstrative Pronoun

Quiz

•

KG - Professional Dev...

60 questions

Colegio Hermano Hermas - Cultura General

Quiz

•

9th - 12th Grade

61 questions

Tugas Online Quizizz & Quipper

Quiz

•

12th Grade

54 questions

Familias SUD

Quiz

•

KG - Professional Dev...

61 questions

Sra. Mondragón Lección Preliminar Examen

Quiz

•

9th - 12th Grade

63 questions

Random Trivia

Quiz

•

KG - 12th Grade

60 questions

Harvard Style Referencing Practice 2

Quiz

•

11th - 12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Other

20 questions

-AR -ER -IR present tense

Quiz

•

10th - 12th Grade

15 questions

Making Inferences

Quiz

•

7th - 12th Grade

12 questions

Add and Subtract Polynomials

Quiz

•

9th - 12th Grade

7 questions

How James Brown Invented Funk

Interactive video

•

10th Grade - University

15 questions

Atomic Habits: Career Habits

Lesson

•

9th - 12th Grade

20 questions

Banking

Quiz

•

9th - 12th Grade

15 questions

Exponential Growth and Decay Word Problems Practice

Quiz

•

9th - 12th Grade

18 questions

AP Bio Insta-Review Topic 6.1*: DNA & RNA Structure

Quiz

•

9th - 12th Grade

67 Question Sec+ Quiz

58 questions

Which of the following best describes the CIA Triad?

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

What is the primary function of a firewall?

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

Which attack involves an attacker intercepting and modifying communications between two parties?

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

What is the purpose of multi-factor authentication (MFA)?

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

Which of the following is an example of a physical security control?

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

What type of malware disguises itself as legitimate software to trick users into installing it?

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

Which security measure is commonly used to prevent brute-force attacks?

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

What is the main function of a VPN (Virtual Private Network)?

The main function of a VPN is to provide secure remote access by encrypting data transmission, ensuring privacy and security while accessing the internet or private networks.

What does the principle of least privilege (PoLP) state?

The principle of least privilege (PoLP) states that users should only have the minimum access necessary to perform their job functions, ensuring security and reducing the risk of unauthorized access.

What is the primary purpose of an Intrusion Detection System (IDS)?

The primary purpose of an Intrusion Detection System (IDS) is to detect and alert on suspicious activity within a network, rather than actively blocking access or replacing firewalls.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other