What does the acronym CIA stand for in cybersecurity?
Confidentiality, Integrity, Availability
True or False: A firewall can be both hardware and software.
True
Fill in the blank: The process of converting plaintext into ciphertext is called __________.
encryption
Which of the following is a type of malware? A) Virus B) Firewall C) Router D) Switch
A) Virus
What is the primary purpose of an Intrusion Detection System (IDS)?
To monitor network traffic for suspicious activity
True or False: Multi-factor authentication requires at least two forms of verification.
True
What does VPN stand for?
Virtual Private Network
Which of the following is NOT a common type of attack? A) Phishing B) SQL Injection C) DNS Spoofing D) Debugging
D) Debugging
Fill in the blank: The principle of __________ ensures that users have the minimum level of access necessary.
least privilege
What is the main function of a Digital Certificate?
To verify the identity of a user or device
True or False: Social engineering attacks rely on exploiting human psychology.
True
What does the term ‘zero-day vulnerability’ refer to?
A security flaw that is exploited before the vendor releases a patch
Which of the following protocols is used for secure web browsing? A) HTTP B) FTP C) HTTPS D) SNMP
C) HTTPS
What is the main purpose of a penetration test?
To identify security vulnerabilities in a system
True or False: Antivirus software can completely protect a system from all malware.
False
Fill in the blank: __________ is a method of securing a network by segmenting it into multiple zones.
Network segmentation
Which of the following is an example of a denial-of-service attack? A) DDoS B) Phishing C) Ransomware D) Worm
A) DDoS
What is the role of a Security Information and Event Management (SIEM) system?
To aggregate and analyze security data from multiple sources
True or False: Encryption is only necessary for data at rest.
False
Which security framework is widely used to manage cybersecurity risks?
NIST Cybersecurity Framework
What does the term ‘phishing’ refer to?
A fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity
Fill in the blank: A __________ is a document that outlines an organization’s security policies and procedures.
security policy
What is the purpose of a patch management process?
To ensure that software updates are applied regularly to fix vulnerabilities
True or False: A strong password should include a mix of letters, numbers, and symbols.
True
