1) What does the "C" in the CIA Triad stand for? a) Confidentiality b) Control c) Connectivity d) Communication 2) What is the "I" in the CIA Triad? a) Integrity b) Interruption c) Interaction d) Innovation 3) What does "availability" mean in the context of the CIA Triad? a) Ensuring that authorized users can access resources when needed b) Preventing unauthorized data access c) Blocking malicious activity d) Maintaining encryption standards 4) Integrity ensures that data is not altered without authorization. a) True b) False 5) Which of the following best describes confidentiality? a) Ensuring data is accessible only to authorized users b) Making data available during downtime c) Protecting data from viruses d) Verifying user identities 6) What is the primary function of a firewall? a) To block unauthorized access to a network b) To encrypt network data c) To assign IP addresses d) To improve network speed 7) A firewall can prevent all types of malware. a) True b) False 8) What type of firewall filters traffic based on source and destination IP addresses? a) Packet-filtering firewall b) Application-level firewall c) Proxy firewall d) Stateful inspection firewall 9) Where is a firewall typically placed in a network? a) Between the internal network and the internet b) Inside each computer c) Between devices in a LAN d) On the DNS server 10) Firewalls can log network activity. a) True b) False 11) Which type of attack floods a network with excessive traffic? a) Denial-of-Service (DoS) b) Phishing c) Malware injection d) Packet sniffing 12) What type of attack tricks users into providing sensitive information? a) Phishing b) Brute force c) Social engineering d) Man-in-the-middle 13) Malware can include viruses, worms, and Trojans. a) True b) False 14) What is a Trojan horse? a) Malware disguised as legitimate software b) A type of virus c) A phishing attempt d) A denial-of-service tool 15) Which attack uses multiple systems to flood a network? a) Distributed Denial-of-Service (DDoS) b) Replay attack c) SQL injection d) Session hijacking 16) What is the purpose of authentication in cybersecurity? a) To verify the identity of users b) To block unauthorized traffic c) To encrypt sensitive data d) To log network activity 17) Encryption transforms data into an unreadable format. a) True b) False 18) Which encryption method uses the same key for encryption and decryption? a) Symmetric encryption b) Asymmetric encryption c) Hashing d) Public key cryptography 19) What is the main purpose of hashing? a) To verify data integrity b) To encrypt data c) To authenticate users d) To secure networks 20) Which protocol is used to encrypt data on websites? a) HTTPS b) FTP c) SMTP d) DNS 21) What is an example of social engineering? a) Tricking a user into revealing passwords b) Encrypting data for ransom c) Stealing data through a virus d) Altering files on a network 22) Insider threats only involve malicious actions. a) True b) False 23) Which of the following can help reduce social engineering attacks? a) Employee training b) Installing a firewall c) Using hashing algorithms d) Encrypting network traffic 24) Social engineering exploits human behavior rather than technical vulnerabilities. a) True b) False 25) What is a common method used by insiders to bypass firewalls? a) Setting up unauthorized backdoors b) Encrypting traffic c) Using brute force d) Installing antivirus software 26) What is the purpose of a cybersecurity policy? a) To establish guidelines for protecting organizational assets b) To encrypt sensitive data c) To monitor network traffic d) To assign user permissions 27) All employees should be aware of the organization’s cybersecurity policy. a) True b) False 28) What is multi-factor authentication (MFA)? a) A security measure that requires multiple forms of verification b) Encrypting data with two keys c) Blocking unauthorized IP addresses d) Using a password and firewall together 29) Which of the following is an example of multi-factor authentication? a) Password and a fingerprint scan b) Two different passwords c) Public and private keys d) A hashed password 30) Using a password alone is sufficient for securing sensitive accounts. a) True b) False 31) What is the purpose of intrusion detection systems (IDS)? a) To monitor and detect suspicious network activity b) To encrypt sensitive data c) To block malware d) To assign IP addresses 32) An IDS can actively block attacks. a) True b) False 33) What is the role of antivirus software? a) To detect and remove malicious software b) To encrypt user data c) To assign IP addresses d) To configure firewalls 34) Which tool helps ensure data is recoverable after a security breach? a) Regular backups b) Firewalls c) DNS servers d) Password managers 35) A VPN can prevent unauthorized network access. a) True b) False 36) What is ransomware? a) Malware that encrypts data and demands payment for decryption b) Software that scans for viruses c) A type of phishing attack d) A tool for securing networks 37) Zero-day attacks exploit vulnerabilities before they are patched. a) True b) False 38) What is the purpose of penetration testing? a) To identify vulnerabilities in a system b) To block unauthorized access c) To encrypt sensitive data d) To monitor network traffic 39) Which type of attack involves intercepting communication between two parties? a) Man-in-the-middle attack b) Brute force c) SQL injection d) Replay attack 40) What is the main goal of a brute force attack? a) To guess passwords through trial and error b) To block network traffic c) To encrypt sensitive data d) To install malware

Security Principles Quiz

โดย
ฝัง

ลีดเดอร์บอร์ด

สไตล์ภาพ

ตัวเลือก

สลับแม่แบบ

คืนค่าการบันทึกอัตโนมัติ: ใช่ไหม