Home » Cyber Security Quiz » Page 66

The process of continuously monitoring systems for vulnerabilities and applying necessary patches is known as _______.

  • Firewall Configuration
  • Intrusion Detection
  • Penetration Testing
  • Vulnerability Management
Vulnerability Management involves the systematic process of identifying and addressing vulnerabilities in a network or system. It includes vulnerability scanning, assessment, and patch management to ensure that the system is protected from known vulnerabilities.
Discuss it

To ensure that personal apps do not access company data on a BYOD device, organizations implement _______ solutions.

  • DNS
  • IDS
  • MDM
  • VPN
To ensure that personal apps do not access company data on a BYOD (Bring Your Own Device) device, organizations implement MDM (Mobile Device Management) solutions. MDM allows organizations to control and secure mobile devices used by their employees.
Discuss it

Stored and reflected are two types of which web application security vulnerability?

  • Cross-Site Request Forgery
  • Cross-Site Scripting (XSS)
  • Information Disclosure
  • SQL Injection
"Stored" and "Reflected" are two types of Cross-Site Scripting (XSS) vulnerabilities, which involve injecting malicious scripts into web pages that are viewed by other users.
Discuss it

A company's network administrator notices that an external IP address is repeatedly trying to access the company's internal resources. However, the firewall denies each attempt, and the source IP changes frequently. What type of attack might this represent?

  • DDoS Attack
  • Man-in-the-Middle (MitM) Attack
  • Port Scanning
  • Spear Phishing
This scenario suggests 'Port Scanning,' where an attacker systematically scans a range of ports on a network to identify vulnerabilities or open services.
Discuss it

After a recent audit, a company was advised to segregate their network to ensure sensitive data isn't accessible to all employees. Which network security best practice is being recommended?

  • DMZ (Demilitarized Zone)
  • IP Address Spoofing
  • Network Segmentation
  • Port Forwarding
Network Segmentation involves dividing a network into segments to restrict access, reducing the risk of unauthorized access to sensitive data and improving security.
Discuss it

An IDS that actively takes actions, such as blocking traffic or terminating sessions, when a threat is detected is referred to as _______.

  • Firewall
  • Honeypot
  • Intrusion Prevention System
  • Router
An Intrusion Prevention System (IPS) is an IDS that not only detects threats but also takes proactive measures to block or prevent them.
Discuss it

Which term describes the process of testing patches on non-critical systems before a full-scale rollout?

  • Hotfix deployment
  • Shadow IT
  • Staging
  • Zero-day mitigation
The process of testing patches on non-critical systems before a full-scale rollout is called "staging." During staging, patches are applied to a limited number of systems or environments to ensure they do not cause issues before wider deployment.
Discuss it

Heuristic analysis in the context of malware detection refers to what?

  • Identifying new, unknown threats based on behavior
  • Scanning for known viruses and malware
  • Conducting penetration testing on network security
  • Analyzing network traffic for performance issues
Heuristic analysis (option 1) involves identifying new, unknown threats based on their behavior rather than relying solely on known virus definitions. It helps detect and mitigate previously unidentified malware and suspicious activities by analyzing patterns and behaviors.
Discuss it

Insider threats can be categorized into malicious and _______. What fills the blank?

  • Accidental
  • Deliberate
  • External
  • Unintentional
Insider threats can be categorized into malicious (deliberate) and accidental. Malicious insiders intentionally harm the organization, while accidental insiders do so without intent, often due to negligence or lack of awareness.
Discuss it

An organization's detailed step-by-step approach to handle and report a security breach is known as what?

  • Cybersecurity Awareness Program
  • Incident Response Plan
  • Server Configuration
  • System Patch Management
An organization's detailed step-by-step approach to handle and report a security breach is known as an Incident Response Plan. It outlines the actions to take when a security incident occurs, helping mitigate potential damage and protect the organization.
Discuss it