Understanding Security Concepts Quiz

Authentication is the security control that verifies the identity of users, ensuring that only authorized individuals can access specific resources. This is crucial for protecting sensitive information.

The email requesting login credentials is a classic example of phishing, where attackers impersonate legitimate entities to steal sensitive information. Whaling targets high-profile individuals, while smishing and vishing involve SMS and voice calls, respectively.

Multi-Factor Authentication (MFA) enhances security by requiring both a password and a mobile authentication app, making it harder for unauthorized users to gain access compared to Single Sign-On or other methods.

Eavesdropping is a passive attack where an attacker secretly listens to private communications without altering them. In contrast, MITM, social engineering, and ransomware involve active interference or manipulation.

The Zero Trust Architecture enforces the principle of least privilege by requiring strict identity verification and assumes no implicit trust between systems, making it the correct choice for this question.

MFA is more secure than SSO because it requires multiple forms of verification, which significantly reduces the risk of unauthorized access. This layered approach enhances security compared to the single verification method used in SSO.

A phishing attack can compromise a company's network by tricking employees into revealing sensitive information, leading to unauthorized access to data. This highlights the importance of robust security measures.

Eavesdropping can gather some intelligence, but it often yields limited information and can be detected by security measures, making it less effective in cybersecurity compared to other methods.

Using network segmentation and continuous monitoring aligns with Zero Trust principles by ensuring that every access request is verified, minimizing the risk of unauthorized access, unlike relying on a single firewall or antivirus.

Redundancy is crucial for availability as it allows systems to continue functioning even if one component fails, ensuring minimal downtime and maintaining service continuity.