What is the main function of a VPN (Virtual Private Network)?

To provide secure remote access by encrypting data transmission

To prevent unauthorized access to files

To replace traditional firewalls

What does the principle of least privilege (PoLP) state?

Users should only have the minimum access necessary to perform their job functions

Users should have access to all resources on a system

Users must change their passwords every 30 days

Users should be granted administrator rights by default

What is the primary purpose of an Intrusion Detection System (IDS)?

To detect and alert on suspicious activity

To actively block unauthorized access attempts

To replace firewalls in network security

Which of the following best describes the concept of least privilege?

Users are granted only the minimum access necessary to perform their job functions.

Users are given administrative privileges to troubleshoot system issues.

Users must use multifactor authentication for all logins.

Users have unrestricted access to all resources.

What is the primary purpose of a VPN?

To encrypt data transmitted over a network

To scan networks for vulnerabilities

To block unauthorized access to files

A company wants to implement a security measure that ensures a user's identity is verified based on multiple authentication factors. Which method should they use?

Role-based access control (RBAC)

A company suspects an insider threat. Which of the following security controls would be most effective in detecting suspicious user activity?

Security information and event management (SIEM)

What is the primary purpose of a digital signature?

Provide integrity and non-repudiation

Encrypt messages for confidentiality

Establish a secure communication channel

Generate random cryptographic keys

What is the primary function of a certificate authority (CA) in a public key infrastructure (PKI)?

Issues and manages digital certificates

Encrypts messages for secure communication

What is the main advantage of elliptic curve cryptography (ECC) over traditional RSA?

ECC provides strong security with shorter key lengths

ECC requires larger key sizes for the same security level

Which of the following is the primary purpose of a risk assessment?

To identify, analyze, and prioritize risks

To eliminate all risks in an organization

To implement security controls without assessing risks

To ensure compliance with security policies

Which of the following BEST describes qualitative risk assessment?

Using experience and judgment to assess risk severity

Assigning numerical values to risk probabilities and impacts

Relying solely on financial loss estimates

Calculating the Annualized Loss Expectancy (ALE)

What is the primary purpose of implementing a Business Impact Analysis (BIA)?

To identify the most critical business functions and their impact if disrupted

To assess compliance with government regulations

To eliminate cybersecurity threats

What role does a risk register play in risk management?

It records identified risks, their impact, likelihood, and treatment plans

It lists security controls implemented in the organization

It is used only for financial reporting purposes

It replaces a business continuity plan

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Centralize log collection and analyze security events

Detect and respond to physical security threats

Encrypt stored sensitive information

Prevent zero-day attacks through firewall rules

Which of the following best describes a SOAR (Security Orchestration, Automation, and Response) platform?

A technology that automates and integrates security response workflows

A system designed to prevent malware infections

A software used only for network security monitoring

A database for storing security policies

What is the main advantage of an Endpoint Detection and Response (EDR) solution over traditional antivirus software?

It offers real-time monitoring and behavioral analysis

It only detects known malware signatures

It does not require cloud connectivity

It replaces the need for firewalls

Which of the following best defines the concept of "least privilege"?

Restricting access to only what is necessary for a user’s role

Granting users access to all systems for efficiency

Rotating access permissions weekly

Granting admin rights to all employees

What is the primary function of a Security Operations Center (SOC)?

To monitor, analyze, and respond to security threats

To develop software security patches

To manage an organization's HR policies

To physically secure the data center

Which of the following is the BEST way to protect against insider threats?

Conducting regular security awareness training and user activity monitoring

Implementing a strict password policy

Disabling all USB ports on company devices

A security analyst notices repeated failed login attempts on a privileged account. What is the BEST immediate action?

Disable the account and investigate the activity

Increase the password complexity requirement

Ignore the attempts unless they succeed

Notify the user to change their password

What is a major security concern with Shadow IT?

It creates potential security risks due to unapproved applications and devices

It increases IT department efficiency

It improves compliance with industry regulations

It reduces attack surface by limiting IT resources

What is the primary purpose of a buffer overflow attack?

To execute arbitrary code on a system

To inject malicious SQL commands

To overload a system with traffic

Which of the following BEST describes a zero-day vulnerability?

A vulnerability that remains unpatched and is actively exploited

A vulnerability that has been patched by the vendor

A vulnerability that requires user interaction to exploit

A vulnerability that only affects legacy systems

Which security control is MOST effective in preventing phishing attacks?

Implementing user awareness training

Disabling JavaScript in web browsers

An attacker intercepts communication between two parties to eavesdrop or alter messages. Which attack is this?

Cross-Site Request Forgery (CSRF)

67 Question Sec+ Quiz

Authored by steven bair

Other

12th Grade

Used 13+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

58 questions

Show all answers

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

60 questions

12 ATAR Psychology - Personality

Quiz

•

12th Grade

56 questions

biisnis Online kelas XII

Quiz

•

12th Grade

56 questions

Tener and Tener Expressions

Quiz

•

8th - 12th Grade

54 questions

Marketing- 3-1: Logos & Slogans

Quiz

•

9th - 12th Grade

57 questions

Haircutting

Quiz

•

11th - 12th Grade

63 questions

Roots 10th Grade

Quiz

•

9th - 12th Grade

60 questions

CNA Vital signs Measurement & Assessment 24

Quiz

•

12th Grade

54 questions

Through the Eyes of Travellers

Quiz

•

12th Grade

Popular Resources on Wayground

10 questions

5.P.1.3 Distance/Time Graphs

Quiz

•

5th Grade

10 questions

Fire Drill

Quiz

•

2nd - 5th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

15 questions

Hargrett House Quiz: Community & Service

Quiz

•

5th Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Other

32 questions

College Trivia

Quiz

•

9th - 12th Grade

18 questions

Informative or Argumentative essay

Quiz

•

5th Grade - University

20 questions

Women History Month

Quiz

•

6th - 12th Grade

20 questions

Career

Quiz

•

9th - 12th Grade

20 questions

Grammar

Quiz

•

9th - 12th Grade

7 questions

History of St. Patrick's Day for Kids | Bedtime History

Interactive video

•

1st - 12th Grade

16 questions

Identifying Angles

Quiz

•

7th - 12th Grade

21 questions

College Trivia!

Quiz

•

11th - 12th Grade

67 Question Sec+ Quiz

Which of the following best describes the CIA Triad?

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

What is the primary function of a firewall?

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

Which attack involves an attacker intercepting and modifying communications between two parties?

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

What is the purpose of multi-factor authentication (MFA)?

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

Which of the following is an example of a physical security control?

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

What type of malware disguises itself as legitimate software to trick users into installing it?

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

Which security measure is commonly used to prevent brute-force attacks?

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

What is the main function of a VPN (Virtual Private Network)?

The main function of a VPN is to provide secure remote access by encrypting data transmission, ensuring privacy and security while accessing the internet or private networks.

What does the principle of least privilege (PoLP) state?

The principle of least privilege (PoLP) states that users should only have the minimum access necessary to perform their job functions, ensuring security and reducing the risk of unauthorized access.

What is the primary purpose of an Intrusion Detection System (IDS)?

The primary purpose of an Intrusion Detection System (IDS) is to detect and alert on suspicious activity within a network, rather than actively blocking access or replacing firewalls.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other