#1
Which of the following is a basic principle of information classification?
Availability
Integrity
Confidentiality
Accountability
#2
What is the primary purpose of access control in security procedures?
To ensure data integrity
To prevent unauthorized access
To encrypt sensitive information
To monitor system performance
#3
Which of the following is a common authentication factor?
Something you know
Something you see
Something you breathe
Something you feel
#4
What does 'ACL' stand for in the context of security?
Automated Credentialing Layer
Access Control List
Advanced Cryptographic Logic
Application Compatibility Layer
#5
Which of the following is NOT a type of malware?
Trojan
Worm
Spyware
Firewall
#6
What is the purpose of 'encryption' in security?
To provide physical security for computer systems
To authenticate users on a network
To convert data into a form that cannot be easily understood
To manage user permissions and access control
#7
What does 'TLS' stand for in the context of security?
Transport Layer Security
Total Loss of Service
Trustworthy Logging System
Transaction Level Security
#8
In the context of security procedures, what does the term 'phishing' refer to?
A type of malware
A physical security breach
An attempt to obtain sensitive information by deception
A method of encrypting data
#9
What is the purpose of a 'firewall' in network security?
To prevent unauthorized access to or from a private network
To provide physical security for computer systems
To detect and remove malware from a system
To manage user authentication and authorization
#10
What does the term 'biometrics' refer to in security systems?
Using biological organisms for data storage
Verifying identity through physical or behavioral characteristics
Encrypting data using biological algorithms
Tracking biological threats in a network
#11
What is the purpose of a 'VPN' (Virtual Private Network) in security?
To create a secure connection over a public network
To physically isolate a private network
To analyze network traffic for security threats
To enhance website performance
#12
What is the purpose of 'Data Loss Prevention' (DLP) software?
To recover lost data from backup systems
To prevent sensitive data from being leaked or lost
To detect and remove viruses from a system
To optimize data storage and retrieval
#13
What is the purpose of 'penetration testing' in cybersecurity?
To detect vulnerabilities in a system or network
To physically break into a secure facility
To test the durability of cryptographic algorithms
To analyze network traffic patterns
#14
What is the primary goal of 'risk assessment' in security?
To eliminate all possible risks
To identify and prioritize potential risks
To implement security measures
To recover from security incidents
#15
What is the purpose of 'two-factor authentication'?
To provide redundancy in network connections
To authenticate users using two different passwords
To require two forms of verification for access
To encrypt data using two separate algorithms
#16
What is the purpose of 'role-based access control' (RBAC) in security?
To assign access permissions based on job functions
To restrict access based on geographic location
To encrypt data during transmission
To monitor network traffic
#17
What is 'social engineering' in the context of security?
A technique used to manipulate people into revealing confidential information
A method of encrypting data using social media platforms
A strategy for securing physical infrastructure
A type of malware attack
#18
What is the purpose of 'hashing' in security?
To compress data for efficient storage
To generate random numbers
To verify the integrity of data
To convert data into a format that cannot be reversed
#19
What is 'least privilege' principle in security?
Users should have the maximum possible privileges
Users should have the minimum privileges necessary to perform their tasks
Users should have privileges based on their job titles
Users should have privileges based on their seniority in the organization
#20
What is the purpose of a 'security policy'?
To enforce strict physical security measures
To outline guidelines and procedures for maintaining security
To manage network infrastructure
To analyze security threats
#21
What is 'multi-factor authentication' (MFA)?
An authentication method that uses multiple passwords
A technique for encrypting data using multiple algorithms
An approach that verifies identity using more than one authentication factor
A strategy for managing network traffic
#22
Which of the following is a common method of data sanitization?
Disk encryption
Access control lists
Database backups
Data wiping
#23
What is the primary purpose of 'intrusion detection systems' (IDS)?
To prevent unauthorized access to a network
To encrypt data during transmission
To detect and respond to unauthorized access attempts
To manage user authentication
#24
Which of the following is a characteristic of asymmetric encryption?
Uses the same key for encryption and decryption
Is faster than symmetric encryption
Requires a public and private key pair
Primarily used for bulk data encryption
#25
What is the difference between symmetric and asymmetric encryption?
Symmetric encryption uses a single key for both encryption and decryption, while asymmetric encryption uses different keys.
Asymmetric encryption is faster than symmetric encryption.
Symmetric encryption is more secure than asymmetric encryption.
Asymmetric encryption is used for encrypting data at rest, while symmetric encryption is used for encrypting data in motion.