Which of the following is considered a secure coding practice?

Hardcoding passwords into applications

Relying only on client-side validation

Allowing unrestricted file uploads

What does OWASP stand for?

Open Web Application Security Project

Online Web Application Security Project

Organization for Web Application Secure Programming

Official Web Access Security Program

Which action is the most effective defense against ransomware attacks?

Regularly backing up important data

Installing multiple antivirus programs

which of the following best describes an Intrusion Detection System (IDS)?

A system that monitors and alerts suspicious activity

A device that prevents all malicious traffic

A tool that encrypts all network traffic

Which challenge is common with anomaly-based intrusion detection systems?

Failure to detect known malware

Security Information and Event Management (SIEM) systems are primarily used for:

Monitoring and correlating security events

Deep packet inspection (DPI) provides security by:

Examining both header and payload of packets

Blocking all external connections

During SDLC design, the team decides to use encryption for sensitive data storage. This is an example of:

Security control implementation

A ransomware attack encrypts company files. What is the best immediate action ?

Disconnect infected machines from the network

An organization wants to stop SQL injection attempts, detect malware spreading on the network, and analyze logs for suspicious activity. Which combination of security practices best addresses these needs? (3pts.)

Input validation, antivirus software, SIEM monitoring

Encryption, backup systems, firewall

User training, password policies, router configuration

Data redundancy, intrusion prevention, hashing

Which control best prevents Broken Authentication issues in web applications?

Strong password policies and multi-factor authentication

A company is forced to shut down after a Cross-Site Scripting (XSS) exploit. Which mistake did they make?

They failed to sanitize user input

A security analyst observes that a malware sample modifies Windows registry keys. What does this indicate?

The malware is trying to achieve persistence

The malware is encrypting files

The malware is spreading via network shares

The malware is disguising itself as a Trojan

If a ransomware attack occurs, which strategy ensures recovery without paying ransom ?

Cloud-based backups tested regularly

Installing a new antivirus after the attack

Ignoring the infection until it stops

A suspicious program runs differently in a sandbox versus a real machine. What does this reveal about the malware?

It has sandbox evasion techniques

A company deploys an IPS that blocks malicious traffic in real-time. What is the key advantage over IDS?

It prevents intrusions actively

Deep packet inspection (DPI) can identify malicious payloads inside traffic. Which limitation does DPI face?

It cannot inspect encrypted traffic

It works only on email protocols

A multinational company wants to secure its systems against SQL Injection, detect ransomware spreading across networks, and ensure continuous operations even during outages. Which combination of solutions is best?

Input validation, SIEM monitoring, regular data backups

Password policies, firewall, cloud storage

Antivirus, data redundancy, user training

Rootkit removal tools, anomaly detection, hashing

Information Assurance and Security 2- Prelim

Authored by Regino Vll Guinto

Computers

University

Used 1+ times

Information Assurance and Security 2- Prelim

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

46 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following best represents the three main goals of information security?

Confidentiality, Integrity, Availability

Protection, Encryption, Authentication

Prevention, Detection, Recovery

Hardware, Software, Network

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What does “integrity” in the CIA triad primarily ensure?

Data is protected from unauthorized access

Data is accurate and has not been tampered with

Data is available when needed

Data is encrypted during transmission

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is an example of ensuring confidentiality?

Using encryption to protect sensitive files

Backing up critical business data

Implementing redundancy in servers

Monitoring system logs

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which threat directly affects availability?

SQL Injection

Denial-of-Service Attack

Phishing Email

Weak Passwords

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Business continuity planning is primarily designed to ensure:

Recovery after a disruption

Prevention of all cyberattacks

Enforcement of confidentiality

Replacement of firewalls

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In the Secure Development Lifecycle (SDLC), which phase involves testing applications for vulnerabilities?

Planning

Design

Implementation

Testing

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which OWASP Top 10 vulnerability is exploited when user inputs are not sanitized, allowing attackers to run scripts in a victim’s browser?

Injection

Broken Authentication

Cross-Site Scripting (XSS)

Sensitive Data Exposure

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

48 questions

Module 10

Quiz

•

University

47 questions

Networking - Practice Test #1

Quiz

•

9th Grade - University

44 questions

AWS Certified Cloud Practitioner

Quiz

•

5th Grade - Professio...

50 questions

Test 1 - SDT 2113

Quiz

•

University

42 questions

COMPUTER NETWORKS [LEC] - UAC PREPARATION

Quiz

•

University

50 questions

GEOGRAPHICAL INFORMATION SYSTEM

Quiz

•

University

50 questions

Cyber Quiz

Quiz

•

University

50 questions

Informática P1

Quiz

•

12th Grade - University

Popular Resources on Wayground

8 questions

Spartan Way - Classroom Responsible

Quiz

•

9th - 12th Grade

15 questions

Fractions on a Number Line

Quiz

•

3rd Grade

14 questions

Boundaries & Healthy Relationships

Lesson

•

6th - 8th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

3 questions

Integrity and Your Health

Lesson

•

6th - 8th Grade

25 questions

Multiplication Facts

Quiz

•

5th Grade

9 questions

FOREST Perception

Lesson

•

20 questions

Main Idea and Details

Quiz

•

5th Grade

Discover more resources for Computers

20 questions

Disney Trivia

Quiz

•

University

7 questions

Fragments, Run-ons, and Complete Sentences

Interactive video

•

4th Grade - University

7 questions

Renewable and Nonrenewable Resources

Interactive video

•

4th Grade - University

10 questions

DNA Structure and Replication: Crash Course Biology

Interactive video

•

11th Grade - University

7 questions

Force and Motion

Interactive video

•

4th Grade - University

20 questions

Implicit vs. Explicit

Quiz

•

6th Grade - University

14 questions

Ch.3_TEACHER-led

Quiz

•

University

7 questions

Comparing Fractions

Interactive video

•

1st Grade - University

Information Assurance and Security 2- Prelim

Which of the following best represents the three main goals of information security?

What does “integrity” in the CIA triad primarily ensure?

Which of the following is an example of ensuring confidentiality?

Which threat directly affects availability?

Business continuity planning is primarily designed to ensure:

In the Secure Development Lifecycle (SDLC), which phase involves testing applications for vulnerabilities?

Which OWASP Top 10 vulnerability is exploited when user inputs are not sanitized, allowing attackers to run scripts in a victim’s browser?

What is the best method to prevent SQL Injection attacks?

Which of the following is considered a secure coding practice?

What does OWASP stand for?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers