An IDS that actively takes actions, such as blocking traffic or terminating sessions, when a threat is detected is referred to as _______.
- Firewall
- Honeypot
- Intrusion Prevention System
- Router
An Intrusion Prevention System (IPS) is an IDS that not only detects threats but also takes proactive measures to block or prevent them.
After a recent audit, a company was advised to segregate their network to ensure sensitive data isn't accessible to all employees. Which network security best practice is being recommended?
- DMZ (Demilitarized Zone)
- IP Address Spoofing
- Network Segmentation
- Port Forwarding
Network Segmentation involves dividing a network into segments to restrict access, reducing the risk of unauthorized access to sensitive data and improving security.
A company's network administrator notices that an external IP address is repeatedly trying to access the company's internal resources. However, the firewall denies each attempt, and the source IP changes frequently. What type of attack might this represent?
- DDoS Attack
- Man-in-the-Middle (MitM) Attack
- Port Scanning
- Spear Phishing
This scenario suggests 'Port Scanning,' where an attacker systematically scans a range of ports on a network to identify vulnerabilities or open services.
Stored and reflected are two types of which web application security vulnerability?
- Cross-Site Request Forgery
- Cross-Site Scripting (XSS)
- Information Disclosure
- SQL Injection
"Stored" and "Reflected" are two types of Cross-Site Scripting (XSS) vulnerabilities, which involve injecting malicious scripts into web pages that are viewed by other users.
To ensure that personal apps do not access company data on a BYOD device, organizations implement _______ solutions.
- DNS
- IDS
- MDM
- VPN
To ensure that personal apps do not access company data on a BYOD (Bring Your Own Device) device, organizations implement MDM (Mobile Device Management) solutions. MDM allows organizations to control and secure mobile devices used by their employees.
The process of continuously monitoring systems for vulnerabilities and applying necessary patches is known as _______.
- Firewall Configuration
- Intrusion Detection
- Penetration Testing
- Vulnerability Management
Vulnerability Management involves the systematic process of identifying and addressing vulnerabilities in a network or system. It includes vulnerability scanning, assessment, and patch management to ensure that the system is protected from known vulnerabilities.
After adopting a new BYOD policy, a company notices an increase in security incidents related to mobile devices. What might be an effective measure to decrease these incidents while still allowing BYOD?
- Ban BYOD entirely
- Decrease the security awareness training
- Implement Mobile Device Management (MDM) solutions
- Increase the number of personal devices allowed
Implementing Mobile Device Management (MDM) solutions can be an effective measure to decrease security incidents related to mobile devices while still allowing BYOD. MDM solutions provide better control and security for company data on personal devices, allowing for features like remote wipe, device encryption, and app management to mitigate risks.
When employees fail to report security incidents due to fear of reprisal, it's often a sign of a weak _______ culture.
- Compliance
- Ethical
- Organizational
- Security
When employees fail to report security incidents due to fear of reprisal, it's often a sign of a weak organizational culture. A strong security culture encourages employees to report incidents without fear of negative consequences and emphasizes the importance of security.
Bob receives an email with a link to a site that looks like his bank's website. When he enters his credentials, they are sent to an attacker instead of the bank. While the real bank's site was not compromised, what kind of attack did Bob fall victim to?
- Distributed Denial of Service (DDoS)
- Man-in-the-Middle Attack
- Phishing Attack
- SQL Injection
Bob fell victim to a Phishing Attack, where he was deceived into entering his credentials on a fake site. The bank's site itself wasn't compromised.
The process of allowing certain traffic to bypass the usual security inspection based on specific criteria is known as firewall _______.
- Bypass
- Exception
- Exemption
- Whitelisting
Firewall 'Exception' allows specific traffic to bypass regular security inspection, based on predefined criteria or exceptions.
After detecting a potential security incident on a mobile device, what is the first step an employee should typically take, as per standard reporting procedures?
- Attempt to resolve the incident independently
- Continue using the device as usual
- Disconnect from the network
- Immediately report it to the organization's IT or security team
The first step an employee should take upon detecting a potential security incident on a mobile device is to immediately report it to the organization's IT or security team. This ensures that the incident is addressed promptly and the necessary steps are taken to mitigate any potential risks.
An organization's detailed step-by-step approach to handle and report a security breach is known as what?
- Cybersecurity Awareness Program
- Incident Response Plan
- Server Configuration
- System Patch Management
An organization's detailed step-by-step approach to handle and report a security breach is known as an Incident Response Plan. It outlines the actions to take when a security incident occurs, helping mitigate potential damage and protect the organization.