What is the main function of a VPN (Virtual Private Network)?

To provide secure remote access by encrypting data transmission

To prevent unauthorized access to files

To replace traditional firewalls

What does the principle of least privilege (PoLP) state?

Users should only have the minimum access necessary to perform their job functions

Users should have access to all resources on a system

Users must change their passwords every 30 days

Users should be granted administrator rights by default

What is the primary purpose of an Intrusion Detection System (IDS)?

To detect and alert on suspicious activity

To actively block unauthorized access attempts

To replace firewalls in network security

Which of the following best describes the concept of least privilege?

Users are granted only the minimum access necessary to perform their job functions.

Users are given administrative privileges to troubleshoot system issues.

Users must use multifactor authentication for all logins.

Users have unrestricted access to all resources.

What is the primary purpose of a VPN?

To encrypt data transmitted over a network

To scan networks for vulnerabilities

To block unauthorized access to files

A company wants to implement a security measure that ensures a user's identity is verified based on multiple authentication factors. Which method should they use?

Role-based access control (RBAC)

A company suspects an insider threat. Which of the following security controls would be most effective in detecting suspicious user activity?

Security information and event management (SIEM)

What is the primary purpose of a digital signature?

Provide integrity and non-repudiation

Encrypt messages for confidentiality

Establish a secure communication channel

Generate random cryptographic keys

What is the primary function of a certificate authority (CA) in a public key infrastructure (PKI)?

Issues and manages digital certificates

Encrypts messages for secure communication

What is the main advantage of elliptic curve cryptography (ECC) over traditional RSA?

ECC provides strong security with shorter key lengths

ECC requires larger key sizes for the same security level

Which of the following is the primary purpose of a risk assessment?

To identify, analyze, and prioritize risks

To eliminate all risks in an organization

To implement security controls without assessing risks

To ensure compliance with security policies

Which of the following BEST describes qualitative risk assessment?

Using experience and judgment to assess risk severity

Assigning numerical values to risk probabilities and impacts

Relying solely on financial loss estimates

Calculating the Annualized Loss Expectancy (ALE)

What is the primary purpose of implementing a Business Impact Analysis (BIA)?

To identify the most critical business functions and their impact if disrupted

To assess compliance with government regulations

To eliminate cybersecurity threats

What role does a risk register play in risk management?

It records identified risks, their impact, likelihood, and treatment plans

It lists security controls implemented in the organization

It is used only for financial reporting purposes

It replaces a business continuity plan

What is the primary purpose of a Security Information and Event Management (SIEM) system?

Centralize log collection and analyze security events

Detect and respond to physical security threats

Encrypt stored sensitive information

Prevent zero-day attacks through firewall rules

Which of the following best describes a SOAR (Security Orchestration, Automation, and Response) platform?

A technology that automates and integrates security response workflows

A system designed to prevent malware infections

A software used only for network security monitoring

A database for storing security policies

What is the main advantage of an Endpoint Detection and Response (EDR) solution over traditional antivirus software?

It offers real-time monitoring and behavioral analysis

It only detects known malware signatures

It does not require cloud connectivity

It replaces the need for firewalls

Which of the following best defines the concept of "least privilege"?

Restricting access to only what is necessary for a user’s role

Granting users access to all systems for efficiency

Rotating access permissions weekly

Granting admin rights to all employees

What is the primary function of a Security Operations Center (SOC)?

To monitor, analyze, and respond to security threats

To develop software security patches

To manage an organization's HR policies

To physically secure the data center

Which of the following is the BEST way to protect against insider threats?

Conducting regular security awareness training and user activity monitoring

Implementing a strict password policy

Disabling all USB ports on company devices

A security analyst notices repeated failed login attempts on a privileged account. What is the BEST immediate action?

Disable the account and investigate the activity

Increase the password complexity requirement

Ignore the attempts unless they succeed

Notify the user to change their password

What is a major security concern with Shadow IT?

It creates potential security risks due to unapproved applications and devices

It increases IT department efficiency

It improves compliance with industry regulations

It reduces attack surface by limiting IT resources

What is the primary purpose of a buffer overflow attack?

To execute arbitrary code on a system

To inject malicious SQL commands

To overload a system with traffic

Which of the following BEST describes a zero-day vulnerability?

A vulnerability that remains unpatched and is actively exploited

A vulnerability that has been patched by the vendor

A vulnerability that requires user interaction to exploit

A vulnerability that only affects legacy systems

Which security control is MOST effective in preventing phishing attacks?

Implementing user awareness training

Disabling JavaScript in web browsers

An attacker intercepts communication between two parties to eavesdrop or alter messages. Which attack is this?

Cross-Site Request Forgery (CSRF)

67 Question Sec+ Quiz

12th Grade

•

58 Qs

Similar activities

Culinary 1 2024 review

12th Grade

•

63 Qs

Equipment, Measuring and Safety

9th - 12th Grade

•

60 Qs

Energies and power plants

9th - 12th Grade

•

57 Qs

Focus on Foods Final Review

KG - University

•

60 Qs

Accounting / Komputer Akuntansi / MYOB

11th - 12th Grade

•

60 Qs

Odprawa posłów greckich

12th Grade

•

53 Qs

FORMATIF 3 KELAS X

10th Grade - University

•

60 Qs

Muscles of the Shoulder, Chest, Upper limb, Hip and Lower Limb

12th Grade

•

53 Qs

67 Question Sec+ Quiz

Quiz

•

Other

•

12th Grade

•

Practice Problem

•

Easy

steven bair

Used 9+ times

FREE Resource

58 questions

Show all answers

Create a free account and access millions of resources

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

55 questions

Harry Potter

Quiz

•

KG - Professional Dev...

60 questions

National 5 Bus Mgt Finance

Quiz

•

KG - University

60 questions

LATIH TUBI BAHAGIAN A SEM 2 PENGAJIAN AM

Quiz

•

12th Grade

59 questions

Construction Site Safety Basics Unit Review

Quiz

•

9th - 12th Grade

60 questions

Welcome Fun Quiz

Quiz

•

KG - 12th Grade

55 questions

Peribahasa

Quiz

•

1st - 12th Grade

54 questions

Global Foods

Quiz

•

9th - 12th Grade

59 questions

Dog Breed Id Quizizz

Quiz

•

9th - 12th Grade

Popular Resources on Wayground

5 questions

This is not a...winter edition (Drawing game)

Quiz

•

1st - 5th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

10 questions

Identify Iconic Christmas Movie Scenes

Interactive video

•

6th - 10th Grade

20 questions

Christmas Trivia

Quiz

•

6th - 8th Grade

18 questions

Kids Christmas Trivia

Quiz

•

KG - 5th Grade

11 questions

How well do you know your Christmas Characters?

Lesson

•

3rd Grade

14 questions

Christmas Trivia

Quiz

•

5th Grade

20 questions

How the Grinch Stole Christmas

Quiz

•

5th Grade

Discover more resources for Other

26 questions

Christmas Movie Trivia

Lesson

•

8th Grade - Professio...

15 questions

Christmas Song Emoji Pictionary

Quiz

•

7th - 12th Grade

20 questions

Christmas Movies

Quiz

•

1st - 12th Grade

55 questions

CHS Holiday Trivia

Quiz

•

12th Grade

20 questions

Christmas Movie Trivia

Quiz

•

9th - 12th Grade

29 questions

christmas facts

Lesson

•

5th - 12th Grade

20 questions

Christmas Trivia

Quiz

•

5th - 12th Grade

20 questions

Stages of Meiosis

Quiz

•

9th - 12th Grade

67 Question Sec+ Quiz

58 questions

Which of the following best describes the CIA Triad?

The CIA Triad stands for Confidentiality, Integrity, and Availability. These three principles are essential for ensuring the security and reliability of information systems, making this the correct choice.

What is the primary function of a firewall?

The primary function of a firewall is to block unauthorized access while permitting legitimate communication, ensuring network security by controlling incoming and outgoing traffic.

Which attack involves an attacker intercepting and modifying communications between two parties?

The Man-in-the-Middle (MitM) attack occurs when an attacker secretly intercepts and alters the communication between two parties, making it the correct choice. Other options like phishing, DoS, and SQL injection do not involve this type of interception.

What is the purpose of multi-factor authentication (MFA)?

The correct choice highlights that multi-factor authentication (MFA) adds an extra layer of security by requiring two or more authentication factors, making it harder for unauthorized users to gain access.

Which of the following is an example of a physical security control?

Security badge access is a physical security control that restricts access to facilities. In contrast, antivirus software, firewalls, and password policies are examples of logical security controls.

What type of malware disguises itself as legitimate software to trick users into installing it?

A Trojan Horse is a type of malware that pretends to be legitimate software, tricking users into installing it. Unlike worms or ransomware, it relies on user action to spread and execute.

Which security measure is commonly used to prevent brute-force attacks?

An account lockout policy is designed to prevent brute-force attacks by temporarily locking accounts after a certain number of failed login attempts, thereby thwarting unauthorized access attempts.

What is the main function of a VPN (Virtual Private Network)?

The main function of a VPN is to provide secure remote access by encrypting data transmission, ensuring privacy and security while accessing the internet or private networks.

What does the principle of least privilege (PoLP) state?

The principle of least privilege (PoLP) states that users should only have the minimum access necessary to perform their job functions, ensuring security and reducing the risk of unauthorized access.

What is the primary purpose of an Intrusion Detection System (IDS)?

The primary purpose of an Intrusion Detection System (IDS) is to detect and alert on suspicious activity within a network, rather than actively blocking access or replacing firewalls.

Create a free account and access millions of resources

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Other