The act of monitoring and potentially manipulating network traffic to extract information or disrupt the communication is known as _______.
- Cyberbullying
- Encryption
- Packet Sniffing
- Social Engineering
"Packet Sniffing" is the practice of intercepting and examining data packets in a network to gather information, often used in network security analysis.
Patch _______ is the process of deciding which patches should be applied to systems and in what order.
- Deployment
- Management
- Prioritization
- Selection
Patch prioritization is the process of deciding which patches should be applied to systems and in what order. It involves assessing the criticality of vulnerabilities and the potential impact on systems to determine the patching order.
Which type of phishing attack targets a specific individual or organization?
- Pharming
- Smishing
- Spear Phishing
- Vishing
Spear Phishing is a highly targeted form of phishing where the attacker tailors the attack to a specific individual or organization. It often involves researching the target to create a convincing email or message.
In operating system hardening, why might an administrator choose to disable unused services and protocols?
- To increase system performance
- To reduce software licensing costs
- To minimize security risks
- To improve user experience
Administrators might choose to disable unused services and protocols in operating system hardening to minimize security risks. Unused services and protocols can be exploited by attackers, leading to vulnerabilities and potential breaches. By disabling them, administrators reduce the attack surface and enhance the system's security posture.
The _______ is a standard protocol for securely accessing and managing remote devices.
- FTP (File Transfer Protocol)
- IP (Internet Protocol)
- SSH (Secure Shell)
- TCP (Transmission Control Protocol)
The SSH (Secure Shell) protocol is a standard for securely accessing and managing remote devices. It provides secure remote access, file transfers, and network services, using strong encryption and authentication methods to protect communication.
What primary purpose does a firewall serve in a network?
- Distribute IP addresses
- Filter and control network traffic
- Physically connect devices
- Provide network speed optimization
A firewall primarily serves to filter and control network traffic, allowing or denying packets based on specified criteria, enhancing network security.
What is the primary purpose of a Web Application Firewall (WAF)?
- To block malicious web traffic
- To design web interfaces
- To manage web application sessions
- To speed up web application loading
A Web Application Firewall (WAF) primarily serves to block malicious web traffic and protect web applications from various cyber threats and attacks.
In the context of operating system security, which mechanism dictates how privileges are escalated or restricted for processes?
- ACL (Access Control List)
- DAC (Discretionary Access Control)
- MAC (Mandatory Access Control)
- UAC (User Account Control)
MAC (Mandatory Access Control) is a security mechanism that dictates how privileges are escalated or restricted for processes. It enforces a predefined set of access rules and is commonly used in high-security environments such as military and government systems.
An IT administrator is setting up a secure file transfer service for his company. He needs a protocol that provides directory listing, file transfers, and file management capabilities. Which protocol should he consider?
- FTP
- HTTP
- SMTP
- SSH
The protocol that provides directory listing, file transfers, and file management capabilities is FTP (File Transfer Protocol). FTP is commonly used for these purposes, allowing secure and efficient file transfers.
Alice visits a popular news website and sees a pop-up that says "Hacked!". Upon investigation, it's found that the website itself was not compromised but the script from an ad provider was. What kind of attack was most likely leveraged?
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Distributed Denial of Service (DDoS)
- SQL Injection
Alice likely experienced a Cross-Site Scripting (XSS) attack, where malicious code was injected into the ad provider's script, affecting the website's visitors.