Scribd
Upload
31 views7 pages

Security Management

Uploaded by

OMARY ABDUL AMIRI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
31 views7 pages

Security Management

Uploaded by

OMARY ABDUL AMIRI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

SECURITY MANAGEMENT

1. Which of the following is the primary purpose of a firewall?

 A) Detecting viruses
 B) Blocking unauthorized access
 C) Scanning for malware
 D) Performing network backups
Answer: B) Blocking unauthorized access

2. In cybersecurity, what does the principle of least privilege entail?

 A) Giving users access to everything


 B) Minimizing permissions to the necessary level
 C) Granting temporary access to all users
 D) Allowing full access to administrators
Answer: B) Minimizing permissions to the necessary level

3. Which protocol is used to securely transfer files over a network?

 A) FTP
 B) HTTP
 C) SSH
 D) SFTP
Answer: D) SFTP

4. Which of the following is a common method for ensuring data confidentiality?

 A) Compression
 B) Encryption
 C) Tokenization
 D) Fragmentation
Answer: B) Encryption

5. A Distributed Denial of Service (DDoS) attack primarily aims to:

 A) Disrupt the availability of a system


 B) Steal data from a network
 C) Bypass user authentication
 D) Corrupt stored data
Answer: A) Disrupt the availability of a system

6. What does VPN stand for?

 A) Virtual Private Network


 B) Verified Private Node
 C) Variable Protocol Network
 D) Virtual Protected Network
Answer: A) Virtual Private Network

7. In which type of attack does the attacker impersonate another device’s MAC
address?

 A) IP Spoofing
 B) MAC Spoofing
 C) Phishing
 D) Social Engineering
Answer: B) MAC Spoofing

8. Multi-Factor Authentication (MFA) typically requires:

 A) Only a username and password


 B) Two or more verification methods
 C) A single factor for authentication
 D) A security question
Answer: B) Two or more verification methods

9. Which of the following is an example of physical security?

 A) Firewalls
 B) Passwords
 C) CCTV cameras
 D) Data encryption
Answer: C) CCTV cameras

10. A hashing algorithm is primarily used to:

 A) Encrypt data
 B) Verify data integrity
 C) Compress files
 D) Authenticate users
Answer: B) Verify data integrity

11. In cybersecurity, what does CIA stand for?

 A) Central Intelligence Agency


 B) Confidentiality, Integrity, Availability
 C) Cybersecurity Intelligence Application
 D) Centralized Internet Access
Answer: B) Confidentiality, Integrity, Availability
12. Which of the following is considered a form of social engineering?

 A) Brute-force attack
 B) Phishing email
 C) Virus injection
 D) DDoS attack
Answer: B) Phishing email

13. An Intrusion Detection System (IDS) is designed to:

 A) Block unauthorized access


 B) Detect suspicious activity
 C) Backup data
 D) Encrypt information
Answer: B) Detect suspicious activity

14. Which of the following protocols provides end-to-end data encryption on the
web?

 A) HTTP
 B) HTTPS
 C) FTP
 D) SMTP
Answer: B) HTTPS

15. A security incident where an attacker modifies data in transit is called:

 A) Sniffing
 B) Tampering
 C) Spoofing
 D) Phishing
Answer: B) Tampering

16. Which tool is commonly used for network vulnerability scanning?

 A) SQL
 B) Nmap
 C) VPN
 D) Wireshark
Answer: B) Nmap

17. The act of monitoring and managing system and network logs is known as:

 A) Data mining
 B) Log analysis
 C) Security configuration
 D) Network mapping
Answer: B) Log analysis

18. What is the purpose of an SSL certificate?

 A) Encrypt email messages


 B) Authenticate server identity
 C) Protect against phishing attacks
 D) Improve network speed
Answer: B) Authenticate server identity

19. In a network, which device is often used to segment traffic and control flow
between subnets?

 A) Hub
 B) Switch
 C) Router
 D) Firewall
Answer: C) Router

20. Which of the following is an example of endpoint security?

 A) VPN
 B) Antivirus software
 C) HTTPS
 D) Firewall
Answer: B) Antivirus software

21. The process of analyzing potential security threats and vulnerabilities is


called:

 A) Patch management
 B) Penetration testing
 C) Risk assessment
 D) Threat mapping
Answer: C) Risk assessment

22. A “zero-day” vulnerability is:

 A) Known but unpatched


 B) Exploited immediately after discovery
 C) Fully mitigated
 D) Publicly disclosed
Answer: B) Exploited immediately after discovery
23. Which type of malware locks a user’s files until a ransom is paid?

 A) Trojan
 B) Spyware
 C) Ransomware
 D) Adware
Answer: C) Ransomware

24. What does “port scanning” do?

 A) Identifies open ports on a system


 B) Encrypts network traffic
 C) Blocks malware
 D) Creates backup copies
Answer: A) Identifies open ports on a system

25. Data encryption ensures:

 A) Data availability
 B) Data confidentiality
 C) Data usability
 D) Data integrity
Answer: B) Data confidentiality

26. An “air-gapped” system refers to:

 A) A system with wireless connectivity only


 B) A physically isolated system
 C) A system that encrypts all traffic
 D) A networked system with firewalls
Answer: B) A physically isolated system

27. Which layer of the OSI model is responsible for end-to-end data encryption?

 A) Physical
 B) Transport
 C) Session
 D) Application
Answer: D) Application

28. Which of the following helps to manage security policies centrally?

 A) RADIUS
 B) SIEM
 C) NAT
 D) DHCP
Answer: B) SIEM

29. What is the purpose of a honeypot in cybersecurity?

 A) To encrypt data
 B) To divert attackers from real targets
 C) To store backup files
 D) To monitor network traffic
Answer: B) To divert attackers from real targets

30. Which principle is used to ensure that system resources are accessed only by
authorized users?

 A) Access control
 B) Redundancy
 C) Layering
 D) Virtualization
Answer: A) Access control

31. Which type of attack involves overwhelming a network with traffic?

 A) Phishing
 B) DDoS
 C) Spoofing
 D) Tampering
Answer: B) DDoS

32. An ACL (Access Control List) is typically used to:

 A) Encrypt data
 B) Define permissions for users and devices
 C) Scan for malware
 D) Create system backups
Answer: B) Define permissions for users and devices

33. The primary purpose of regular software updates is to:

 A) Increase software speed


 B) Enhance security by patching vulnerabilities
 C) Add new features only
 D) Decrease storage usage
Answer: B) Enhance security by patching vulnerabilities

34. The process of reducing the risk of data breaches by limiting access is called:
 A) Risk mitigation
 B) Access control
 C) Network isolation
 D) Compliance monitoring
Answer: B) Access control

35. Which protocol is commonly used for secure email transmission?

 A) SMTP
 B) IMAP
 C) POP3
 D) SMTP over TLS
Answer: D

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy