Which encryption algorithm is considered asymmetric and is commonly used to secure data transmission over the internet?

RSA (Rivest–Shamir–Adleman)

AES (Advanced Encryption Standard)

What is the primary purpose of network segmentation in an organization's cybersecurity strategy?

To limit the spread of a breach by isolating different parts of the network

To increase internet speed across all departments

To reduce the cost of network hardware

To allow all users unrestricted access to all resources

Which of the following best describes how ransomware operates once it infects a system?

It encrypts the victim's files and demands payment for the decryption key

It silently copies files to an external server without the user's knowledge

It displays unwanted advertisements to generate revenue for the attacker

It slows down the system by consuming CPU resources for cryptocurrency mining

An organization has experienced a data breach. The incident response team must prioritize their actions. Using the NIST Incident Response lifecycle, which sequence of phases should the team follow?

Preparation → Detection and Analysis → Containment, Eradication, and Recovery → Post-Incident Activity

Detection → Containment → Preparation → Recovery → Post-Incident Analysis

Containment → Detection → Eradication → Preparation → Recovery

Detection → Preparation → Containment → Post-Incident Activity → Recovery

A company's security team discovers that an attacker has been impersonating an IT support technician and calling employees to obtain their passwords. Considering the principles of social engineering defense, which combination of countermeasures would be most effective in preventing this attack?

Training employees to verify caller identity through official channels and enforcing a policy of never sharing passwords verbally

Installing antivirus software and updating firewalls regularly

Implementing a strict password policy and encrypting all emails

Blocking all external phone calls and restricting internet access

A security analyst is evaluating two encryption methods for protecting a large database. Method A uses AES-256 symmetric encryption, and Method B uses RSA-2048 asymmetric encryption. Considering performance and security, which approach should the analyst recommend for encrypting the bulk data, and why?

Method A (AES-256), because symmetric encryption is significantly faster for large volumes of data while still providing strong security

Method B (RSA-2048), because asymmetric encryption is always more secure than symmetric encryption

Method B (RSA-2048), because it uses two keys, making it impossible to decrypt without authorization

Method A (AES-256), because symmetric encryption does not require a key to decrypt the data

An attacker sends thousands of emails disguised as a trusted software vendor, containing a malicious attachment. Several employees open the attachment, installing malware that begins spreading across the network. Using a layered security approach, which combination of defenses would have been most effective in preventing this attack?

Deploying email filtering to block malicious attachments, training employees to recognize phishing, and using endpoint protection to detect malware

Using a strong password policy and enabling two-factor authentication only

Disabling all email communication and using only internal messaging systems

Installing a VPN and encrypting all outbound traffic

A penetration tester is assessing a company's vulnerability to social engineering. They call an employee, claim to be from the IT department, and say there is an urgent security issue requiring the employee's credentials immediately. The employee complies. Which combination of organizational failures allowed this attack to succeed?

Lack of employee security awareness training and absence of identity verification protocols

Weak firewall configuration and outdated antivirus software

Poor network segmentation and unencrypted data storage

Insufficient logging and monitoring of network traffic

A healthcare organization stores patient records and must comply with data protection regulations. They are designing their encryption strategy. Which approach best balances security, compliance, and operational efficiency?

Use AES-256 encryption for data at rest and TLS for data in transit, with strict key management policies

Encrypt only the database backups using DES encryption to save processing time

Store all data in plaintext on internal servers protected only by a firewall

Use RSA encryption for all stored data, as it provides the highest level of security for large datasets

During a post-incident review, a cybersecurity team finds that a worm spread through the network by exploiting an unpatched vulnerability, compromising 40% of systems before being contained. Which strategic changes to the incident response plan would most effectively prevent a similar incident in the future?

Implementing a regular patch management process, improving network segmentation, and establishing faster detection and containment protocols

Purchasing more powerful antivirus software and increasing server storage capacity

Hiring more IT staff and replacing all existing hardware

Restricting all employees from using the internet during work hours

An attacker uses a combination of a phishing email and a fake login page that mirrors a company's internal portal to harvest employee credentials. Analyzing this attack, which multi-layered defense strategy would have been most effective in disrupting this attack at multiple stages?

Implementing multi-factor authentication, deploying anti-phishing email filters, and conducting regular employee phishing simulation training

Blocking all external websites and using only internal applications

Enforcing complex password requirements and changing passwords every 30 days

Using network traffic encryption and installing a new DNS server

A company's network security team detects a Distributed Denial of Service (DDoS) attack overwhelming their web servers. They must respond quickly to minimize downtime. Which strategic response plan best addresses both immediate mitigation and long-term prevention?

Immediately reroute traffic through a DDoS mitigation service, implement rate limiting, and later deploy a Content Delivery Network (CDN) with built-in DDoS protection

Shut down all servers immediately and restore them after 24 hours

Block all incoming traffic from every IP address and notify users of scheduled maintenance

Increase server bandwidth and wait for the attack to subside naturally

A cybersecurity analyst is reviewing logs and notices that an insider threat has been slowly exfiltrating sensitive data over several months by sending small encrypted files to a personal cloud storage account. Which combination of security controls, if implemented earlier, would have been most effective in detecting and preventing this insider threat?

User behavior analytics to detect anomalous data transfers, Data Loss Prevention (DLP) tools to restrict unauthorized file transfers, and regular auditing of access logs

Stronger password policies and mandatory screen lock after inactivity

Encrypting all internal communications and disabling USB ports

Implementing two-factor authentication and updating the firewall rules

Cyber Security Knowledge Assessment

Authored by Deepak Kumar

Other

University

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

20 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A user receives an email claiming to be from their bank, asking them to click a link and verify their account details. Which characteristic of this email most strongly indicates it is a phishing attempt?

The email was sent during business hours

The email uses the bank's official logo

The email creates a sense of urgency and requests sensitive information via a link

The email is written in formal language

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following best describes the difference between symmetric and asymmetric encryption?

Symmetric encryption uses two different keys, while asymmetric encryption uses one key

Symmetric encryption uses one key for both encryption and decryption, while asymmetric encryption uses a public and private key pair

Symmetric encryption is only used for emails, while asymmetric encryption is used for files

Symmetric encryption is slower than asymmetric encryption in all scenarios

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A network administrator notices unusual outbound traffic from a workstation late at night when no employees are present. Which type of malware is most likely responsible for this behavior?

Ransomware

Adware

Trojan horse acting as a backdoor

Boot sector virus

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following network security measures is specifically designed to monitor and filter incoming and outgoing network traffic based on predetermined security rules?

VPN

Firewall

DNS server

Load balancer

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

In the context of social engineering, what does "pretexting" refer to?

Sending bulk phishing emails to random users

Creating a fabricated scenario to manipulate a victim into providing information

Installing malware through a USB drive

Intercepting network communications between two parties

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

Which of the following is a key component of an Incident Response Plan that ensures an organization can resume normal operations after a cyber attack?

Penetration testing schedule

Recovery and remediation procedures

Employee onboarding documentation

Software licensing agreements

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

A student receives a message on social media from someone claiming to be a classmate, asking for login credentials to access a shared project. Which phishing technique is being used?

Whaling

Vishing

Spear phishing

Smishing

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Microsoft

or continue with

Facebook

Apple

Others

Already have an account?

Popular Resources on Wayground

28 questions

US History Regents Review

Quiz

•

11th Grade

36 questions

Biology Regents Review

Quiz

•

9th - 10th Grade

20 questions

Math Review

Quiz

•

3rd Grade

38 questions

Regents Life Science General Review

Quiz

•

9th Grade

20 questions

Math Review

Quiz

•

6th Grade

21 questions

EOY Grade 6 Benchmark Assessment - Content Skills

Quiz

•

6th Grade

20 questions

Inferences

Quiz

•

4th Grade

20 questions

Figurative Language Review

Quiz

•

6th Grade

Discover more resources for Other

16 questions

TSI Math 2.0 Practice

Quiz

•

9th Grade - University

59 questions

SS Final Exam Review

Quiz

•

KG - University

23 questions

super heros

Quiz

•

KG - Professional Dev...