Home » Cyber Security Quiz » Page 15

In the context of firewalls, what does the term "stateful inspection" refer to?

  • A method for tracking network packets
  • A process for encrypting data transmissions
  • A technique for blocking network traffic
  • A way to filter website content
"Stateful inspection" in firewalls refers to the method of tracking the state of active connections and making decisions based on the context of the traffic, enhancing security by understanding the state of network connections.
Discuss it

The principle that emphasizes using multiple layers of security measures to protect information and systems is called what?

  • Defense-in-Depth
  • Encryption
  • Single Sign-On (SSO)
  • Two-Factor Authentication
Defense-in-Depth is a security strategy that advocates implementing multiple layers of security measures. This approach helps to provide redundancy and ensure that even if one layer is breached, other layers can still protect the system. Single Sign-On, Two-Factor Authentication, and Encryption are important security concepts but not the same as Defense-in-Depth.
Discuss it

When an IDS generates an alert for an activity that isn't actually malicious, it's termed as a _______.

  • False Negative
  • False Positive
  • True Negative
  • True Positive
When an IDS generates an alert for non-malicious activity, it's called a 'False Positive,' indicating a potential security concern that is, in fact, benign.
Discuss it

When an attacker leaves a malware-infected USB drive in a public place hoping someone will find it and plug it into a computer, this technique is known as?

  • Baiting
  • Pharming
  • Phishing
  • Spoofing
This technique is called "baiting." It involves leaving a device (in this case, a malware-infected USB drive) in a location where someone may find it and plug it into a computer out of curiosity. Once connected, the malware can infect the victim's computer.
Discuss it

When performing ethical hacking, what permission level should the hacker ideally have?

  • Limited Access
  • No Permission
  • Root/Administrator Access
  • Standard User
Ethical hackers should ideally have Standard User permissions. Giving them full access could lead to unintended consequences, while having no access impedes their work. Standard User access provides a balance of access for testing without causing harm.
Discuss it

Which cryptographic technique ensures that the content of a message or document has not been altered during transmission?

  • Compression
  • Encryption
  • Hashing
  • Steganography
Hashing is a cryptographic technique that ensures data integrity. It creates a fixed-size hash value from the original data, and any alteration in the data will result in a different hash value, indicating that the data has been tampered with.
Discuss it

Emily, a system administrator, is configuring a new server. She ensures that only necessary services run, disables default accounts, and sets strong password policies. What process is Emily engaged in?

  • Patch Management
  • Server Clustering
  • Server Hardening
  • Server Virtualization
Emily is engaged in the process of "Server Hardening." This involves securing a server by minimizing vulnerabilities, such as disabling unnecessary services, strengthening password policies, and removing or disabling default accounts. The goal is to reduce the server's attack surface.
Discuss it

A common technique used by attackers where they trick users into revealing their passwords by pretending to be legitimate tech support is called _______.

  • Phishing
  • Ransomware
  • Social Engineering
  • Spear Phishing
The technique where attackers trick users into revealing their passwords by pretending to be legitimate tech support is known as Social Engineering. It's a psychological manipulation technique to gain confidential information.
Discuss it

During a penetration test, a tester was able to access a company's internal network by mimicking an employee's behavior and tailgating into a secure area. This tester exploited a weakness in what area of security?

  • Access Control Systems
  • Network Security
  • Physical Security
  • Social Engineering
The tester exploited a weakness in Social Engineering, as they used tactics to manipulate people into allowing unauthorized physical access.
Discuss it

The GDPR regulation primarily pertains to the protection of personal data for citizens of which region?

  • Australia
  • Canada
  • European Union
  • United States
The GDPR (General Data Protection Regulation) primarily pertains to the protection of personal data for citizens of the European Union. It is a comprehensive data protection law that sets strict standards for how organizations handle personal data of EU residents, regardless of where the organization is based.
Discuss it