When developing cybersecurity policies, what factor is crucial to ensure its effectiveness across the organization?
- Compliance with legal regulations
- Employee awareness and adherence
- Involving only the IT department
- Strong encryption techniques
Effective cybersecurity policies require not just compliance with regulations but also the active involvement of all employees. Employee awareness, understanding, and adherence to policies play a crucial role in ensuring organizational security.
Mike, an IT professional, finds a USB drive in the parking lot with a label reading "Salary Details 2023". Curious, he plugs it into his office computer, leading to the installation of malware. Which social engineering technique successfully targeted Mike?
- Spear Phishing
- Baiting
- Tailgating
- Pretexting
This scenario is an example of "Baiting." Baiting involves leaving physical devices, such as infected USB drives, in places where individuals might find them and be tempted to use them. Mike's curiosity led to the installation of malware.
What is the primary difference between SSL and its successor, TLS?
- SSL is faster
- SSL is older
- TLS is a separate protocol
- TLS is more secure
The primary difference is that TLS (Transport Layer Security) is an updated version of SSL (Secure Sockets Layer). They serve the same purpose, but TLS has addressed vulnerabilities present in SSL, making it more secure. TLS is a separate protocol with improvements over SSL.
A _______ is a set of predefined rules in a firewall that determines whether to allow or block specific traffic.
- Access Control List (ACL)
- DNS Server
- Encryption Algorithm
- Intrusion Detection System
An Access Control List (ACL) is a set of rules used in a firewall to control traffic by allowing or blocking based on defined criteria.
The process of converting encrypted data back into its original form is termed as _______.
- Deciphering
- Encoding
- Encryption
- Hashing
The process of converting encrypted data back into its original form is termed as "Deciphering." This process uses the decryption key to transform the encrypted data into its original, readable format.
Which of the following is NOT a recommended practice to prevent SQL injection?
- Sanitizing Input
- Storing Passwords in Plain Text
- Using Dynamic Queries
- Using Prepared Statements
Using dynamic queries is not recommended to prevent SQL injection. It opens the door to SQL injection attacks by allowing user input directly in SQL queries.
In the context of operating systems, what does the principle of "least privilege" refer to?
- Giving users the highest level of access rights
- Providing maximum system resources to all users
- Providing system access based on need
- Denying system access to all users
The principle of "least privilege" (also known as the principle of least privilege, or POLP) refers to providing system access based on the principle of "need to know" and giving users the minimum levels of access rights required to accomplish their tasks. This reduces the risk of unauthorized access and potential security breaches.
In the context of encryption, what ensures that data remains unchanged from its source and has not been accidentally or maliciously altered?
- Data Authentication
- Data Availability
- Data Confidentiality
- Data Integrity
Data Integrity, in encryption, ensures that data remains unchanged from its source and has not been accidentally or maliciously altered. This is vital to ensure the trustworthiness of data in transit or storage.
Firewalls that operate at the network layer and make decisions based on IP addresses are called _______ firewalls.
- Application Firewall
- Packet Filtering Firewall
- Proxy Firewall
- Stateful Firewall
Packet Filtering Firewalls operate at the network layer and make decisions based on IP addresses and ports.
Which type of malware typically does not replicate itself but allows unauthorized access to the affected computer?
- Trojan
- Worm
- Virus
- Spyware
A Trojan horse (option 1) is a type of malware that disguises itself as a legitimate software or file to trick users into downloading it. Unlike viruses or worms, Trojans typically do not replicate themselves. Once executed, they can provide unauthorized access to the affected computer.