InfoSec Quiz 1

A software company wants to adopt a security framework that ensures compliance with industry regulations and improves its overall security posture.

Which of the following frameworks should they consider?

A user reports that their files have become inaccessible and are displaying a message demanding payment for decryption.
What type of malware is involved?

A company's IT team discovers an attacker has gained unauthorized access to their internal systems through a vulnerability that had a patch released three months ago but was never applied.

What could have prevented this security breach?

An attacker bombards a company's web server with a massive amount of fake traffic, causing it to crash.

Which type of attack is taking place?

A company wants to ensure its data remains available to employees even in the event of a cyberattack.
Which security principle does this align with?

An employee working remotely logs into a company system using only a simple password. Later, unauthorized access is detected from an unknown device.
What security measure could have prevented this incident?

A company's database containing customer information was accessed by an unauthorized individual. The company discovered that a weak default password was still being used for administrative access.
Which security vulnerability contributed to this breach?

A company employee receives an email warning that their account will be locked unless they click a link to verify their credentials. The email appears to be from the IT department but contains spelling errors and an unusual sender address.
What type of attack is this?

What is the primary purpose of Information Security?

Which of the following best describes the concept of Information Security?