TechNova Inc. is moving to the cloud and wants to ensure that only authorized users can access data, even if credentials are stolen. What should they implement?

Security Information and Event Management (SIEM)

A government agency implements a system where users can only access data based on security clearance levels. What type of access control is this?

Discretionary Access Control (DAC)

Attribute-Based Access Control (ABAC)

Which of the following security best practices should developers at DevSecure Inc. follow to reduce vulnerabilities in code?

Implement input validation and sanitization

Hardcode credentials in applications

Use weak cryptographic algorithms for faster performance

Acme IT Solutions employees frequently fall for phishing attacks. What is the most effective long-term solution?

Conduct regular security awareness training

Monitor employee browsing history

Which of the following is a common method used by attackers to gain unauthorized access to a network by exploiting software vulnerabilities?

Exploiting Zero-Day Vulnerabilities

What is the primary purpose of implementing a Virtual Private Network (VPN) in a corporate environment?

To provide secure remote access to the corporate network

What is the primary function of a firewall in a network security architecture?

To block unauthorized access while permitting outward communication

To provide secure remote access

Which of the following is a key benefit of implementing a Security Information and Event Management (SIEM) system?

Centralized logging and real-time analysis of security alerts

Which of the following is a primary advantage of using a Next-Generation Firewall (NGFW) over a traditional firewall?

Integrated intrusion prevention and application awareness

What is the main purpose of implementing a Data Loss Prevention (DLP) solution in an organization?

To prevent unauthorized data transfer and leakage

To increase data storage capacity

What is the primary purpose of using a honeypot in cybersecurity?

To detect and analyze unauthorized access attempts

To provide secure remote access

Which of the following is a common method to prevent unauthorized access to a network by verifying user identities?

Two-Factor Authentication (2FA)

What is the primary purpose of using a sandbox in cybersecurity?

To isolate and analyze potentially malicious software

To provide secure remote access

Which of the following is a key benefit of implementing Multi-Factor Authentication (MFA) in an organization?

Improved security by requiring multiple forms of verification

Increased data storage capacity

Cybersecurity General Review

Authored by Krissy Wong

Computers

12th Grade

Used 1+ times

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

30 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Company XYZ is implementing security controls to reduce the risk of unauthorized access to sensitive financial records. Which of the following is an example of a technical control?

Security awareness training

Employee background checks

Encryption of database records

Security policy enforcement

Answer explanation

Encryption of database records is a technical control that protects sensitive data by converting it into a secure format, preventing unauthorized access. The other options are administrative controls.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An employee at Acme Industries downloads a file from an unknown email sender. Shortly after, their computer starts encrypting files and demanding payment in Bitcoin. What type of malware is this?

Rootkit

Ransomware

Spyware

Adware

Answer explanation

The scenario describes ransomware, which encrypts files and demands payment, typically in Bitcoin. Other options like rootkits, spyware, and adware do not fit this behavior.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Beta Corp wants to implement a login system requiring employees to provide a password and scan their fingerprint. Which authentication method is being used?

Single Sign-On (SSO)

Multifactor Authentication (MFA)

Role-Based Access Control (RBAC)

Token-Based Authentication

Answer explanation

The login system requires both a password and a fingerprint scan, which involves two different factors for authentication. This is a clear example of Multifactor Authentication (MFA), enhancing security beyond just a password.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

An attacker calls an employee at Omega Technologies pretending to be the company’s IT help desk, requesting their password to 'fix an account issue.' What type of attack is this?

Phishing

Spear phishing

Vishing

Smishing

Answer explanation

This scenario describes vishing, or voice phishing, where an attacker uses phone calls to trick individuals into revealing sensitive information, such as passwords, by impersonating a trusted entity.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The security team at Gamma Systems detects a security breach. According to the incident response lifecycle, what is the first step they should take?

Containment

Eradication

Identification

Recovery

Answer explanation

The first step in the incident response lifecycle is Identification. This involves detecting and confirming the security breach to understand its nature and scope before taking further actions like containment or eradication.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Alpha Corp wants to segment its internal departments so that only HR can access payroll systems. Which of the following should be used?

VLANs

NAT

DNS Filtering

Load Balancer

Answer explanation

VLANs (Virtual Local Area Networks) are used to segment network traffic, allowing only specific departments, like HR, to access certain resources such as payroll systems. This ensures security and access control.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

SecureNet Inc. wants a system that monitors traffic and automatically blocks malicious activity in real-time. Which solution should they implement?

Firewall

IDS

IPS

VPN

Answer explanation

An IPS (Intrusion Prevention System) actively monitors network traffic and can automatically block malicious activity in real-time, making it the ideal solution for SecureNet Inc.'s needs.

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

27 questions

Unit 2 Computer Science Review

Quiz

•

10th - 12th Grade

25 questions

IB_Computer_Science_1.2

Quiz

•

12th Grade

25 questions

Remedial PTS Teori Internet Gateway (NAT)

Quiz

•

12th Grade

26 questions

Hardware Komputer

Quiz

•

10th Grade - University

25 questions

Jaringan Komputer dan Internet

Quiz

•

8th Grade - University

25 questions

Quize SK

Quiz

•

12th Grade - University

25 questions

Повторение файлы и устройства ПК 7 класс

Quiz

•

7th Grade - University

25 questions

Domains 1-2 Sec+

Quiz

•

12th Grade

Popular Resources on Wayground

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

54 questions

Analyzing Line Graphs & Tables

Quiz

•

4th Grade

$fractions$

22 questions

fractions

Quiz

•

3rd Grade

20 questions

Main Idea and Details

Quiz

•

5th Grade

20 questions

Context Clues

Quiz

•

6th Grade

15 questions

Equivalent Fractions

Quiz

•

4th Grade

Discover more resources for Computers

18 questions

[AP CSP] JavaScript Programming Lesson 2025-2026

Lesson

•

9th - 12th Grade

57 questions

[AP CSP] Unit 5 Review: Internet & Cybersecurity

Quiz

•

9th - 12th Grade

Cybersecurity General Review

Company XYZ is implementing security controls to reduce the risk of unauthorized access to sensitive financial records. Which of the following is an example of a technical control?

Encryption of database records is a technical control that protects sensitive data by converting it into a secure format, preventing unauthorized access. The other options are administrative controls.

An employee at Acme Industries downloads a file from an unknown email sender. Shortly after, their computer starts encrypting files and demanding payment in Bitcoin. What type of malware is this?

The scenario describes ransomware, which encrypts files and demands payment, typically in Bitcoin. Other options like rootkits, spyware, and adware do not fit this behavior.

Beta Corp wants to implement a login system requiring employees to provide a password and scan their fingerprint. Which authentication method is being used?

The login system requires both a password and a fingerprint scan, which involves two different factors for authentication. This is a clear example of Multifactor Authentication (MFA), enhancing security beyond just a password.

An attacker calls an employee at Omega Technologies pretending to be the company’s IT help desk, requesting their password to 'fix an account issue.' What type of attack is this?

This scenario describes vishing, or voice phishing, where an attacker uses phone calls to trick individuals into revealing sensitive information, such as passwords, by impersonating a trusted entity.

The security team at Gamma Systems detects a security breach. According to the incident response lifecycle, what is the first step they should take?

The first step in the incident response lifecycle is Identification. This involves detecting and confirming the security breach to understand its nature and scope before taking further actions like containment or eradication.

Alpha Corp wants to segment its internal departments so that only HR can access payroll systems. Which of the following should be used?

VLANs (Virtual Local Area Networks) are used to segment network traffic, allowing only specific departments, like HR, to access certain resources such as payroll systems. This ensures security and access control.

SecureNet Inc. wants a system that monitors traffic and automatically blocks malicious activity in real-time. Which solution should they implement?

An IPS (Intrusion Prevention System) actively monitors network traffic and can automatically block malicious activity in real-time, making it the ideal solution for SecureNet Inc.'s needs.

Which encryption method is best suited for encrypting large volumes of data at rest on a server at Delta Corp?

AES (Advanced Encryption Standard) is ideal for encrypting large volumes of data at rest due to its efficiency and speed. Unlike RSA and ECC, which are better for small data or key exchange, AES is designed for bulk data encryption.

TechNova Inc. is moving to the cloud and wants to ensure that only authorized users can access data, even if credentials are stolen. What should they implement?

Zero Trust Security ensures that access is granted based on strict identity verification, regardless of whether credentials are compromised. This approach minimizes risks associated with stolen credentials.

A cybercriminal sets up a rogue Wi-Fi network in a coffee shop named 'Public Wi-Fi' to capture login credentials from unsuspecting users. What type of attack is this?

The attack described is an 'Evil twin attack', where a rogue Wi-Fi network mimics a legitimate one to intercept users' data, such as login credentials. This is distinct from other attacks listed.

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers