Stored and reflected are two types of which web application security vulnerability?
- Cross-Site Request Forgery
- Cross-Site Scripting (XSS)
- Information Disclosure
- SQL Injection
"Stored" and "Reflected" are two types of Cross-Site Scripting (XSS) vulnerabilities, which involve injecting malicious scripts into web pages that are viewed by other users.
A company's network administrator notices that an external IP address is repeatedly trying to access the company's internal resources. However, the firewall denies each attempt, and the source IP changes frequently. What type of attack might this represent?
- DDoS Attack
- Man-in-the-Middle (MitM) Attack
- Port Scanning
- Spear Phishing
This scenario suggests 'Port Scanning,' where an attacker systematically scans a range of ports on a network to identify vulnerabilities or open services.
After a recent audit, a company was advised to segregate their network to ensure sensitive data isn't accessible to all employees. Which network security best practice is being recommended?
- DMZ (Demilitarized Zone)
- IP Address Spoofing
- Network Segmentation
- Port Forwarding
Network Segmentation involves dividing a network into segments to restrict access, reducing the risk of unauthorized access to sensitive data and improving security.
An IDS that actively takes actions, such as blocking traffic or terminating sessions, when a threat is detected is referred to as _______.
- Firewall
- Honeypot
- Intrusion Prevention System
- Router
An Intrusion Prevention System (IPS) is an IDS that not only detects threats but also takes proactive measures to block or prevent them.
Which term describes the process of testing patches on non-critical systems before a full-scale rollout?
- Hotfix deployment
- Shadow IT
- Staging
- Zero-day mitigation
The process of testing patches on non-critical systems before a full-scale rollout is called "staging." During staging, patches are applied to a limited number of systems or environments to ensure they do not cause issues before wider deployment.
Heuristic analysis in the context of malware detection refers to what?
- Identifying new, unknown threats based on behavior
- Scanning for known viruses and malware
- Conducting penetration testing on network security
- Analyzing network traffic for performance issues
Heuristic analysis (option 1) involves identifying new, unknown threats based on their behavior rather than relying solely on known virus definitions. It helps detect and mitigate previously unidentified malware and suspicious activities by analyzing patterns and behaviors.
Insider threats can be categorized into malicious and _______. What fills the blank?
- Accidental
- Deliberate
- External
- Unintentional
Insider threats can be categorized into malicious (deliberate) and accidental. Malicious insiders intentionally harm the organization, while accidental insiders do so without intent, often due to negligence or lack of awareness.
An organization's detailed step-by-step approach to handle and report a security breach is known as what?
- Cybersecurity Awareness Program
- Incident Response Plan
- Server Configuration
- System Patch Management
An organization's detailed step-by-step approach to handle and report a security breach is known as an Incident Response Plan. It outlines the actions to take when a security incident occurs, helping mitigate potential damage and protect the organization.
After detecting a potential security incident on a mobile device, what is the first step an employee should typically take, as per standard reporting procedures?
- Attempt to resolve the incident independently
- Continue using the device as usual
- Disconnect from the network
- Immediately report it to the organization's IT or security team
The first step an employee should take upon detecting a potential security incident on a mobile device is to immediately report it to the organization's IT or security team. This ensures that the incident is addressed promptly and the necessary steps are taken to mitigate any potential risks.
The process of allowing certain traffic to bypass the usual security inspection based on specific criteria is known as firewall _______.
- Bypass
- Exception
- Exemption
- Whitelisting
Firewall 'Exception' allows specific traffic to bypass regular security inspection, based on predefined criteria or exceptions.