In cybersecurity, a detailed step-by-step approach on how to respond to and manage a security breach is termed a(n) _______.
- Incident Response Plan
- Penetration Test Plan
- Security Policy
- Vulnerability Assessment
An "Incident Response Plan" outlines the actions to take when a security breach occurs, helping to manage and respond to such incidents.
John, a network administrator, notices a sudden spike in outbound traffic from a single workstation in the organization. Upon further investigation, he discovers that the workstation is contacting multiple external IP addresses. This could be indicative of which type of threat?
- Botnet Infection
- Data Exfiltration
- Insider Threat
- Malware Infection
The sudden spike in outbound traffic from a workstation contacting multiple external IP addresses is a strong indicator of a botnet infection. A botnet is a network of compromised devices controlled by an attacker, often used for various malicious activities, including sending spam or launching DDoS attacks.
Which layer of the OSI model does SSL/TLS primarily operate at?
- Application
- Data Link Layer
- Physical Layer
- Transport Layer
SSL/TLS (Secure Sockets Layer/Transport Layer Security) primarily operates at the Application Layer (Layer 7) of the OSI model. It provides encryption and security for application-level data.
A hospital's electronic record system was breached, exposing patient records. The hospital is based in the United States. Which regulation mandates that the hospital notify affected patients of the breach?
- CCPA
- FERPA
- GDPR
- HIPAA
HIPAA (Health Insurance Portability and Accountability Act) is a U.S. federal law that mandates the protection of health information privacy and security. It requires healthcare organizations to notify affected patients in the event of a data breach involving their protected health information.
A company's IT department is implementing a system where every employee's email will have a digital signature. The primary reason for this implementation is to:
- Accelerate email delivery
- Ensure confidentiality
- Prevent email loss
- Verify sender identity
The primary reason for implementing digital signatures on emails is to verify the sender's identity. Digital signatures provide authentication, ensuring that the email indeed comes from the claimed sender and has not been altered in transit.
A backup technique that captures every version of a file or database record every time it changes is referred to as _______ backup.
- Differential
- Full
- Incremental
- Versioning
A backup technique that captures every version of a file or database record every time it changes is referred to as "Versioning" backup. This type of backup maintains a history of changes, allowing you to restore a file or record to a specific point in time.
Which header can be used by web applications to instruct the browser to block certain types of attacks by declaring which sources are legitimate?
- Access-Control-Allow-Origin
- Content-Security-Policy
- Cross-Origin Resource Sharing
- Referrer-Policy
The "Content-Security-Policy" header is used to instruct the browser to block certain types of attacks, such as XSS, by specifying which sources are considered legitimate for loading content.
A software company releases a critical security update for its widely-used application. After a week, a major cyber attack targets organizations that have not applied this update. This scenario underscores the importance of what?
- Firewall Configuration
- Intrusion Detection
- Patch Management
- Secure Coding
This scenario highlights the critical importance of patch management. Failing to apply security updates promptly can leave systems vulnerable to known exploits.
A phishing attack that involves multiple methods, such as emails and phone calls, to deceive victims is known as?
- Smishing
- Spear Phishing
- Vishing
- Whaling
Whaling is a type of phishing attack that specifically targets high-profile individuals or senior executives within an organization. It often involves various methods, such as emails, phone calls, and even in-person social engineering, to deceive victims and gain sensitive information or access.
The use of multiple layers of security measures, including both malware detection and patch management, is referred to as a _______ approach.
- Defense-in-Depth
- Multi-Factor Authentication
- Redundant Backup
- Single Sign-On
Defense-in-Depth is a security strategy that employs multiple layers of security controls and measures to protect against various security threats. This approach includes not only malware detection but also patch management, firewalls, intrusion detection systems, and more, creating a robust security posture.