#1
Which of the following is a common method for securing classified information?
Using strong and unique passwords
ExplanationEmploying robust and distinctive passwords enhances security for sensitive data.
#2
What is the purpose of a firewall in a cybersecurity infrastructure?
To monitor and control network traffic based on predetermined security rules
ExplanationFirewalls regulate network traffic, enforcing predefined security rules.
#3
What is the purpose of the principle of least privilege in cybersecurity?
To limit access rights for users to the bare minimum necessary to perform their job functions
ExplanationLeast Privilege principle restricts user access to the minimum required for job functions.
#4
What is the significance of the term 'Encryption' in the realm of cybersecurity?
It involves converting data into a secure code to prevent unauthorized access
ExplanationEncryption secures data by converting it into a code, thwarting unauthorized access.
#5
What is the primary purpose of a Certificate Authority (CA) in the context of cybersecurity?
To issue digital certificates for secure communication
ExplanationCAs issue digital certificates ensuring secure communication.
#6
What does the term 'Phishing' refer to in the context of cybersecurity?
A fraudulent attempt to obtain sensitive information
ExplanationPhishing involves deceitful endeavors to acquire confidential data.
#7
Which of the following is a recommended practice for securing mobile devices?
Regularly updating software and apps
ExplanationConsistently updating software and applications is advisable to enhance mobile device security.
#8
What is the primary goal of Data Loss Prevention (DLP) in cybersecurity?
To prevent unauthorized access and protect sensitive data
ExplanationDLP aims to prevent unauthorized access and safeguard sensitive data.
#9
What does the term 'Zero-Day Vulnerability' refer to in cybersecurity?
A vulnerability that is unknown to the software vendor and has no patch available
ExplanationZero-Day Vulnerability denotes an unknown software flaw lacking a patch.
#10
What does the term 'Social Engineering' refer to in the context of cybersecurity attacks?
Manipulating individuals to disclose confidential information
ExplanationSocial Engineering involves manipulating individuals to reveal confidential data.
#11
Why is it crucial to conduct regular cybersecurity awareness training for employees?
To educate employees about potential security threats and safe practices
ExplanationRegular cybersecurity training educates employees about security threats and best practices.
#12
What is the purpose of a VPN (Virtual Private Network) in cybersecurity?
Encrypting internet traffic for secure communication
ExplanationVPN encrypts internet traffic, ensuring secure communication.
#13
In the context of cybersecurity, what is 'Two-Factor Authentication' (2FA) used for?
Adding extra layers of security by using multiple verification methods
Explanation2FA enhances security by employing multiple verification methods.
#14
Why is it essential to regularly update and patch software in a cybersecurity strategy?
To fix security vulnerabilities and bugs
ExplanationRegularly updating software patches security vulnerabilities and bugs.
#15
What is the role of an Intrusion Detection System (IDS) in cybersecurity?
To detect and alert on potential security threats or breaches
ExplanationIDS identifies and notifies about potential security threats or breaches.
#16
What is the primary purpose of a Security Information and Event Management (SIEM) system in cybersecurity?
To provide real-time analysis of security alerts
ExplanationSIEM offers real-time analysis of security alerts for effective cybersecurity management.
#17
In the context of cybersecurity, what is the role of a penetration tester (pen tester)?
To simulate cyberattacks and identify vulnerabilities in a system
ExplanationPen testers simulate cyberattacks to pinpoint system vulnerabilities.