_______ attacks specifically target high-ranking officials within an organization.
- Botnet
- DDoS
- Malware
- Spear Phishing
Spear Phishing attacks specifically target high-ranking officials within an organization. These attacks are highly targeted, personalized, and often aim to trick executives into revealing sensitive information or taking malicious actions.
What is the primary purpose of a digital signature in electronic documents?
- Data Compression
- Data Duplication
- Data Encryption
- Ensuring Authenticity
The primary purpose of a digital signature in electronic documents is to ensure authenticity. It provides a way to verify that the document has not been tampered with and that it was indeed signed by the claimed sender. Digital signatures use cryptographic techniques to achieve this.
What is the most common motivation behind insider threats in an organization?
- Accidental actions
- Defending against external threats
- Lack of security measures
- Personal gain
The most common motivation behind insider threats is personal gain. This can include financial gain, revenge against the organization, or selling sensitive information to third parties. Understanding these motivations is essential for preventing and mitigating insider threats.
A company's incident reporting procedure mandates the use of a specific platform for logging incidents to ensure traceability and accountability. This is an example of what kind of control?
- Administrative Control
- Physical Control
- Preventive Control
- Technical Control
This is an example of an Administrative Control. Administrative controls are measures and policies put in place to manage and regulate security practices. In this case, mandating the use of a specific platform is an administrative measure to ensure traceability and accountability when logging incidents.
In a scenario where an attacker pretends to be a maintenance worker to gain physical access to a secured area, which social engineering technique are they employing?
- Baiting
- Impersonation
- Piggybacking
- Tailgating
The attacker is employing the "Tailgating" social engineering technique. This involves following an authorized person into a secure area without their knowledge or consent, often by pretending to be an employee or someone with a legitimate reason to enter the area.
Alice receives an email with a signed document from Bob. She verifies the digital signature using Bob's public key and finds it valid. This ensures that the document was:
- Authenticated
- Encrypted
- Not tampered with
- Sent securely
When Alice verifies the digital signature using Bob's public key, it ensures that the document was not tampered with. Digital signatures provide data integrity, and if the signature is valid, it means the document has not been altered since it was signed by Bob.
Which countermeasure involves training employees to recognize and report suspicious requests or messages?
- Antivirus Software
- Firewall Configuration
- Intrusion Detection System
- User Awareness Training
User Awareness Training is a proactive security measure that educates employees on recognizing and reporting suspicious activities, requests, or messages. This helps organizations prevent falling victim to various forms of cyberattacks, including phishing and social engineering.
A _______ is a program or piece of code that appears harmless but carries a malicious intent.
- Denial of Service (DoS)
- Firewall Bypass
- Trojan Horse
- Worm
A "Trojan Horse" is a type of malware that disguises itself as a benign program but contains malicious code, named after the Greek myth.
The act of monitoring and potentially manipulating network traffic to extract information or disrupt the communication is known as _______.
- Cyberbullying
- Encryption
- Packet Sniffing
- Social Engineering
"Packet Sniffing" is the practice of intercepting and examining data packets in a network to gather information, often used in network security analysis.
What is the primary purpose of using a Virtual Private Network (VPN)?
- Browse the web anonymously
- Improve computer performance
- Securely connect to a private network
- Stream high-quality videos
The primary purpose of a VPN is to securely connect to a private network over the internet, ensuring data privacy and security, often used for remote work or accessing sensitive information.