Home » Cyber Security Quiz » Page 17

A company wants to ensure that their inter-branch communication over the internet is secure, confidential, and has data integrity. Which protocol would best serve this purpose?

  • FTP
  • HTTP
  • HTTPS
  • Telnet
HTTPS (Hypertext Transfer Protocol Secure) is a secure communication protocol that provides encryption, data integrity, and confidentiality over the internet.
Discuss it

An attacker sets up a rogue wireless access point with the same SSID as a legitimate network to trick users into connecting to it. What is this type of attack called?

  • Brute Force Attack
  • Denial-of-Service Attack
  • Man-in-the-Middle Attack
  • Phishing Attack
This is a "Man-in-the-Middle Attack" where the attacker intercepts communication between a user and a legitimate network by positioning themselves between them.
Discuss it

The _______ protocol of IPsec ensures authentication and data integrity but not confidentiality.

  • AH (Authentication Header)
  • DNS (Domain Name System)
  • ESP (Encapsulating Security Payload)
  • IKE (Internet Key Exchange)
The AH (Authentication Header) in IPsec provides authentication and data integrity, but it doesn't offer confidentiality.
Discuss it

An organization implements a new software solution and within a week receives a message on their server stating that their data has been encrypted and will only be released upon payment. Which type of cybersecurity threat is this scenario depicting?

  • Data Breach
  • Phishing Attack
  • Ransomware Attack
  • Zero-Day Exploit
This scenario depicts a ransomware attack. Ransomware is a type of malware that encrypts a victim's data and demands a ransom for the decryption key. It is a serious cybersecurity threat that can lead to data loss and financial losses.
Discuss it

In the context of operating systems, what is the primary purpose of a security policy?

  • Control system updates
  • Define rules and guidelines for system security
  • Manage user accounts
  • Optimize system performance
In the context of operating systems, a security policy's primary purpose is to define rules and guidelines for system security. It outlines what actions are allowed and what is prohibited, helping to protect the system from unauthorized access, data breaches, and other security threats. Security policies are crucial for maintaining the integrity and confidentiality of a computer system.
Discuss it

HIPAA’s Privacy Rule establishes national standards to protect what kind of individual information?

  • Financial data
  • Personal communication records
  • Protected health information (PHI)
  • Social Security numbers
HIPAA's Privacy Rule establishes national standards to protect Protected Health Information (PHI). PHI includes health records, medical history, patient identifiers, and other health-related data. These regulations are crucial for ensuring the privacy and security of sensitive health information.
Discuss it

A piece of malware designed to spread across networks by exploiting vulnerabilities in networked devices is called a _______.

  • Ransomware
  • Trojan Horse
  • Virus
  • Worm
A worm is a type of malware that is designed to self-replicate and spread across networks by exploiting vulnerabilities in networked devices. Unlike viruses, worms don't need a host file to propagate.
Discuss it

An effective incident reporting procedure should prioritize which aspect to ensure timely remediation?

  • Incident Classification
  • Incident Escalation
  • Incident Identification
  • Incident Notification
An effective incident reporting procedure should prioritize incident classification to ensure timely remediation. Properly classifying incidents based on their severity and impact helps in allocating resources efficiently. Critical incidents can be addressed with higher priority, leading to timely remediation and reduced potential damage.
Discuss it

An employee receives an email from her bank asking her to verify her account details due to recent security breaches. The email contains a link to a website that looks similar to her bank's website. She becomes suspicious because the email has typos and the URL seems off. This email is likely an example of which type of attack?

  • Phishing
  • Spear Phishing
  • Malware
  • Social Engineering
This scenario is an example of "Phishing." Phishing attacks involve sending deceptive emails, often impersonating trusted entities, to trick recipients into revealing sensitive information or clicking on malicious links. In this case, the email's typos and suspicious URL are typical signs of phishing.
Discuss it

A system that combines the features of both firewalls and IDS/IPS is commonly referred to as a _______.

  • DMZ (Demilitarized Zone)
  • NAT (Network Address Translation)
  • SIEM (Security Information and Event Management)
  • UTM (Unified Threat Management)
A UTM (Unified Threat Management) system combines the functionalities of both firewalls and IDS/IPS, providing comprehensive security.
Discuss it