An attacker scans a system and finds an unpatched service, then uses a script to gain access.
Which combination correctly identifies the elements?
A. Threat = script, Vulnerability = attacker
B. Threat = attacker, Vulnerability = unpatched service
C. Threat = service, Exploit = attacker
D. Vulnerability = script, Exploit = attacker
Answer: B
Explanation:
- Threat = attacker
- Vulnerability = weakness (unpatched service)
*Exploit = script used
Which of the following is considered a security incident?
A. Installing antivirus
B. User logging in successfully
C. Malware detected on a system
D. Updating software
Answer: C
Explanation:
An incident = violation of security policy → malware detection qualifies
Which statement is correct?
A. Exploit is a weakness in a system
B. Vulnerability is used to attack a system
C. Exploit uses a vulnerability to gain access
D. Vulnerability is always malicious
Answer: C
An attacker identifies a weak password, uses brute force to gain access, and installs malware.
Which sequence is correct?
A. Exploit → Threat → Vulnerability
B. Vulnerability → Exploit → Incident
C. Threat → Incident → Vulnerability
D. Exploit → Vulnerability → Threa
Answer: B
Explanation:
Weak password = Vulnerability
Brute force = Exploit
Malware infection = Incident
Which scenario BEST represents an insider threat?
A. External hacker scanning ports
B. Employee accessing restricted data without permission
C. Firewall blocking traffic
D. Antivirus scanning files
Answer: B
Which is NOT a vulnerability?
A. Outdated software
B. Weak password
C. Hacker using exploit
D. Misconfigured firewal
Answer: C
What is a threat?
A. Weakness in a system
B. Malicious actor with intent and capability
C. A firewall
D. A patch
Answer: B
Explanation:
A threat is any entity (individual, group, or system) that has both the intent and capability to perform malicious actions. Threats can come from external attackers or insiders within the organisation. They exploit vulnerabilities to cause harm, which is why monitoring both internal and external activity is essential.
What is a vulnerability?
A. Attack method
B. Weakness in system
C. Malware
D. Policy
Answer: B
Explanation:
A vulnerability is a flaw or weakness in software, hardware, or processes that can be exploited. Examples include outdated systems, weak passwords, or misconfigurations. It does not cause harm on its own, but becomes dangerous when a threat exploits it.
What is an exploit?
A. Weakness
B. Method used to attack vulnerability
C. Security policy
D. Firewall
Answer: B
Explanation:
An exploit is the technique, tool, or code used to take advantage of a vulnerability. It often includes a payload that performs malicious actions such as executing commands or gaining access. Exploits are what attackers use to turn vulnerabilities into actual incidents.
What is an incident?
A. Normal activity
B. Security policy violation
C. Backup
D. Log
Answer: B
Explanation:
An incident is any event that violates or threatens to violate security policies. Examples include malware infections, unauthorised access, or data breaches. It represents an active or imminent threat that requires response from the security team.
Which is an example of an exploit?
A. Weak password
B. SQL injection
C. Employee
D. Firewall
Answer: B
Explanation:
SQL injection is a technique used to exploit vulnerabilities in web applications. It allows attackers to manipulate database queries and access sensitive data. It is not the weakness itself (that is the vulnerability), but the method used to attack it.
Which is an insider threat?
A. External hacker
B. Employee accessing restricted data
C. Firewall
D. Antivirus
Answer: B
Explanation:
An insider threat originates from within the organisation, such as an employee misusing their access privileges. This can be intentional (malicious) or accidental. Insider threats are important because they already have some level of authorised access.
Which is NOT a vulnerability?
A. Weak password
B. Outdated software
C. Hacker
D. Misconfiguration
Answer: C
Explanation:
A hacker is a threat, not a vulnerability. Vulnerabilities are weaknesses that attackers exploit. Weak passwords, outdated systems, and misconfigurations all create opportunities for attackers to gain access.
Relationship between vulnerability and exploit?
A. Same
B. Exploit uses vulnerability
C. Vulnerability uses exploit
D. None
Answer: B
Explanation:
A vulnerability is the weakness, and an exploit is the method used to take advantage of it. Without a vulnerability, an exploit cannot succeed. This relationship is fundamental in understanding how attacks occur.
Which leads to an incident?
A. Threat only
B. Vulnerability only
C. Exploit + vulnerability
D. Firewall
Answer: C
Explanation:
An incident occurs when a threat successfully uses an exploit to take advantage of a vulnerability. All three elements (threat, vulnerability, exploit) are typically involved in an attack chain.
What does a payload do?
A. Detect attack
B. Execute malicious action
C. Store logs
D. Encrypt data
Answer: B
Explanation:
A payload is the part of an exploit that carries out the malicious action, such as opening a shell, stealing data, or installing malware. It is delivered after the vulnerability has been successfully exploited.
-
Week 1 Questions11
-
Week 2 Questions6
-
Week 3 Questions5
-
Week 4 Questions1
-
Week 5 Questions5
-
Week 6 Questions14
-
Practice Questions16
-
Chapter 2 Questions23
-
Chapter 3 Questions19
-
Chapter 4 Questions18
-
Chapter 5 Questions21
-
Chapter 6 Questions17
-
Chapter 7 Questions17
-
Chapter 8 Questions15
-
Chapter 10 Questions8
