Comptia Security Plus

Question 2

What does the acronym CIA stand for in cybersecurity?

Answer 2

Confidentiality, Integrity, Availability

Question 3

True or False: A firewall is a device that monitors and controls incoming and outgoing network traffic.

Answer 3

True

Question 4

Fill in the blank: The process of converting plaintext into ciphertext is called __________.

Answer 4

encryption

Question 5

What type of attack involves overwhelming a system with traffic to make it unavailable?

Answer 5

Denial of Service (DoS) attack

Question 6

What is the main purpose of a VPN?

Answer 6

To create a secure connection over the internet

Question 7

Which of the following is a common malware type? A) Virus B) Firewall C) Router

Answer 7

A) Virus

Question 8

What is social engineering?

Answer 8

Manipulating individuals to divulge confidential information

Question 9

True or False: Multi-factor authentication requires two or more verification methods.

Answer 9

True

Question 10

What does the term ‘phishing’ refer to?

Answer 10

Fraudulent attempts to obtain sensitive information by disguising as a trustworthy entity

Question 11

Which protocol is commonly used for secure data transmission over the internet?

Answer 11

HTTPS

Question 12

What is the function of an Intrusion Detection System (IDS)?

Answer 12

To monitor network traffic for suspicious activity

Question 13

Fill in the blank: A __________ is a software or hardware tool used to filter traffic based on predetermined security rules.

Answer 13

firewall

Question 14

What does the term ‘zero-day vulnerability’ mean?

Answer 14

A flaw in software that is unknown to the vendor and has no patch available

Question 15

True or False: Encryption is only necessary for data at rest.

Answer 15

False

Question 16

What is the primary purpose of an SSL certificate?

Answer 16

To secure data transmitted over the internet

Question 17

What does DLP stand for in cybersecurity?

Answer 17

Data Loss Prevention

Question 18

Which of the following is NOT a type of malware? A) Trojan B) Worm C) Router

Answer 18

C) Router

Question 19

What is the principle of least privilege?

Answer 19

Users should have the minimum level of access necessary to perform their job functions

Question 20

Fill in the blank: __________ is the practice of regularly updating software to fix vulnerabilities.

Answer 20

Patch management

Question 21

What is a common method of protecting against unauthorized access to a network?

Answer 21

Using strong passwords and changing them regularly

Question 22

True or False: A man-in-the-middle attack occurs when an attacker secretly relays and possibly alters communication between two parties.

Answer 22

True

Question 23

What is the purpose of a security policy?

Answer 23

To establish guidelines for protecting an organization’s assets

Question 24

What does the acronym SIEM stand for?

Answer 24

Security Information and Event Management

Question 25

Which type of attack uses multiple compromised systems to launch a coordinated attack on a target?

Answer 25

Distributed Denial of Service (DDoS) attack

Question 26

Fill in the blank: __________ is the process of verifying the identity of a user or device.

Answer 26

Authentication

Question 27

What is the role of a digital certificate?

Answer 27

To verify the ownership of a public key

Question 28

True or False: Regularly backing up data is an important part of a disaster recovery plan.

Answer 28

True

Question 29

What does Ransomware do?

Answer 29

Encrypts files and demands payment for the decryption key

Question 30

What is the main goal of penetration testing?

Answer 30

To identify and exploit vulnerabilities in a system

Question 31

Fill in the blank: __________ is the unauthorized access and use of a computer system.

Answer 31

Hacking

Question 32

What is the purpose of a vulnerability assessment?

Answer 32

To identify, quantify, and prioritize vulnerabilities in a system

Question 33

True or False: Security awareness training is only necessary for IT staff.

Answer 33

False

Question 34

What does the acronym MFA stand for?

Answer 34

Multi-Factor Authentication

Question 35

Which of the following is a strong password? A) password123 B) 3z7!X@pQ C) 123456

Answer 35

B) 3z7!X@pQ

Question 36

What is the primary purpose of an endpoint security solution?

Answer 36

To protect endpoints like computers and mobile devices from threats

Question 37

Fill in the blank: __________ is the act of attempting to gain unauthorized access to a system or network.

Answer 37

Hacking

Question 38

What does the term 'vulnerability' refer to?

Answer 38

A weakness in a system that can be exploited by a threat actor

Question 39

True or False: Strong encryption can prevent unauthorized access to data.

Answer 39

True

Question 40

What is a security incident response plan?

Answer 40

A documented plan for responding to security breaches or incidents

Question 41

What does the term 'insider threat' mean?

Answer 41

A security risk that originates from within the organization

Question 42

Fill in the blank: __________ is a type of attack where an attacker tries to guess a password through trial and error.

Answer 42

Brute force attack

Question 43

What is the purpose of a security audit?

Answer 43

To evaluate the effectiveness of an organization's security measures

Question 44

True or False: Encryption keys should be stored in the same location as the encrypted data.

Answer 44

False

Question 45

What is the main function of a proxy server?

Answer 45

To act as an intermediary between a user's device and the internet

Question 46

What does the acronym IDS stand for?

Answer 46

Intrusion Detection System

Question 47

Fill in the blank: __________ is the process of recovering data after a data loss incident.

Answer 47

Data recovery

Question 48

What is a common consequence of a data breach?

Answer 48

Loss of sensitive information and potential financial loss

Question 49

True or False: The principle of defense in depth involves using multiple layers of security controls.

Answer 49

True

Question 50

What does the term 'malware' encompass?

Answer 50

Malicious software designed to harm or exploit any programmable device

Question 51

What is the primary goal of a risk assessment?

Answer 51

To identify and evaluate potential risks to an organization's assets

Question 52

Fill in the blank: __________ is an approach to security that involves identifying and mitigating risks.

Answer 52

Risk management

Question 53

What is the purpose of an access control list (ACL)?

Answer 53

To define who can access specific resources in a network

Question 54

True or False: All security incidents must be reported to management.

Answer 54

True

Question 55

What does the acronym BYOD stand for?

Answer 55

Bring Your Own Device

Question 56

What is the purpose of an antivirus program?

Answer 56

To detect and remove malicious software from a computer

Question 57

Fill in the blank: __________ is the unauthorized interception of data during transmission.

Answer 57

Eavesdropping

Question 58

What is the function of a security token?

Answer 58

To provide a means of authentication for a user

Question 59

True or False: A strong security posture helps to minimize the risk of data breaches.

Answer 59

True

Question 60

What does the term 'data breach' refer to?

Answer 60

An incident where unauthorized access to sensitive data occurs

Question 61

What is the purpose of a firewall rule?

Answer 61

To determine what traffic is allowed or denied through the firewall

Question 62

Fill in the blank: __________ is a technique used to protect network traffic by disguising it.

Answer 62

Tunneling

Question 63

What is the main benefit of using a cloud security solution?

Answer 63

Scalability and flexibility in managing security resources

Question 64

True or False: All users should have the same level of access to sensitive data.

Answer 64

False

Question 65

What does the acronym SOC stand for in cybersecurity?

Answer 65

Security Operations Center

Question 66

What is the role of a security researcher?

Answer 66

To identify and analyze security vulnerabilities and threats

Question 67

Fill in the blank: __________ is the practice of securing a network by segmenting it into smaller parts.

Answer 67

Network segmentation

Question 68

What is the purpose of a password manager?

Answer 68

To securely store and manage passwords for various accounts

Question 69

True or False: Physical security is not a concern for cybersecurity professionals.

Answer 69

False

Question 70

What does the term 'data integrity' mean?

Answer 70

The accuracy and consistency of data over its lifecycle

Question 71

What is a common method of preventing unauthorized access to a network?

Answer 71

Implementing strong authentication measures

Question 72

Fill in the blank: __________ is the act of monitoring network traffic for suspicious activity.

Answer 72

Traffic analysis