Sec+

Question 1

What does the acronym CIA stand for in information security?

Answer 1

Confidentiality, Integrity, Availability

Question 2

True or False: A firewall can prevent all types of cyber attacks.

Answer 2

False

Question 3

Fill in the blank: _______ is the process of converting plaintext into ciphertext.

Answer 3

Encryption

Question 4

What type of attack involves overwhelming a system with traffic?

Answer 4

Denial of Service (DoS)

Question 5

Which protocol is commonly used for secure data transmission?

Answer 5

HTTPS

Question 6

What is the primary purpose of an Intrusion Detection System (IDS)?

Answer 6

To monitor network traffic for suspicious activity

Question 7

True or False: Multi-factor authentication requires two or more verification methods.

Answer 7

True

Question 8

What is the term for a security breach that involves unauthorized access to data?

Answer 8

Data breach

Question 9

Which of the following is a common method for securing wireless networks? (a) WEP (b) WPA2 (c) Both

Answer 9

b) WPA2

Question 10

What does the term ‘phishing’ refer to?

Answer 10

A method of tricking individuals into providing sensitive information

Question 11

Fill in the blank: _______ is a type of malware that can replicate itself.

Answer 11

Virus

Question 12

What is the primary function of a VPN?

Answer 12

To create a secure connection over the internet

Question 13

True or False: Social engineering attacks rely on technical vulnerabilities.

Answer 13

False

Question 14

What is the difference between symmetric and asymmetric encryption?

Answer 14

Symmetric uses the same key for encryption and decryption, while asymmetric uses a pair of keys.

Question 15

Which of the following is an example of a strong password? (a) 123456 (b) Password (c) P@ssw0rd123!

Answer 15

c) P@ssw0rd123!

Question 16

What is a common use for a digital certificate?

Answer 16

To verify the identity of a website or user

Question 17

Fill in the blank: A _______ is a software application designed to detect and remove malware.

Answer 17

Antivirus

Question 18

What does the term ‘zero-day exploit’ mean?

Answer 18

An attack that occurs on the same day a vulnerability is discovered

Question 19

True or False: Regular software updates can help protect against security vulnerabilities.

Answer 19

True

Question 20

What is the purpose of a security policy?

Answer 20

To define the rules and procedures for maintaining security within an organization

Question 21

What type of malware is designed to hold a user’s data hostage?

Answer 21

Ransomware

Question 22

Which of the following is a risk associated with using public Wi-Fi? (a) Data interception (b) Enhanced performance (c) Secure connections

Answer 22

a) Data interception

Question 23

What is an example of a physical security control?

Answer 23

Security cameras

Question 24

Fill in the blank: _______ is the practice of assessing a system for vulnerabilities.

Answer 24

Penetration testing

Question 25

What is the purpose of access control?

Answer 25

To restrict access to sensitive information and systems

Question 26

True or False: Encryption can help protect data at rest.

Answer 26

True

Question 27

What does the principle of least privilege entail?

Answer 27

Users should have only the access necessary to perform their job functions

Question 28

What is a common characteristic of a worm?

Answer 28

It can replicate itself and spread independently

Question 29

Fill in the blank: A _______ is a malicious software that disguises itself as a legitimate program.

Answer 29

Trojan horse

Question 30

What is the role of a security audit?

Answer 30

To evaluate the effectiveness of an organization's security measures

Question 31

Which of the following is NOT a type of malware? (a) Trojan (b) Worm (c) Firewall

Answer 31

c) Firewall

Question 32

What does the term 'social engineering' refer to?

Answer 32

Manipulating people into divulging confidential information

Question 33

True or False: Strong passwords should include a mix of letters, numbers, and symbols.

Answer 33

True

Question 34

What is a DDoS attack?

Answer 34

A Distributed Denial of Service attack that uses multiple systems to overwhelm a target

Question 35

Fill in the blank: _______ is the process of verifying the identity of a user or system.

Answer 35

Authentication

Question 36

What does the term 'malware' encompass?

Answer 36

All types of malicious software

Question 37

Which of the following is a method of physical security? (a) Passwords (b) Biometric scanners (c) Firewalls

Answer 37

b) Biometric scanners

Question 38

What is the purpose of a security incident response plan?

Answer 38

To outline the steps to take in response to a security breach

Question 39

True or False: Virtual Private Networks (VPNs) encrypt internet traffic.

Answer 39

True

Question 40

What is a common method for securing email communications?

Answer 40

Using encryption

Question 41

Fill in the blank: The _______ is a framework for managing and mitigating IT risks.

Answer 41

Risk management process

Question 42

What is the primary goal of a cybersecurity framework?

Answer 42

To provide a structured approach to managing cybersecurity risks

Question 43

Which of the following is a type of security control? (a) Preventive (b) Detective (c) Corrective (d) All of the above

Answer 43

d) All of the above

Question 44

What does 'data loss prevention' (DLP) refer to?

Answer 44

Strategies to prevent sensitive data from being accessed or transmitted unauthorized

Question 45

True or False: Security patches should be applied as soon as they are available.

Answer 45

True