Which protocol is often used for lightweight communication in IoT devices due to its low power consumption?
- FTP (File Transfer Protocol)
- HTTP (Hypertext Transfer Protocol)
- MQTT (Message Queuing Telemetry Transport)
- TCP (Transmission Control Protocol)
MQTT is widely used in IoT because it's designed for low-power, efficient communication. MQTT's publish-subscribe model minimizes overhead and is well-suited for resource-constrained devices.
Which type of penetration testing focuses on testing from an attacker's perspective without prior knowledge of the target infrastructure?
- Black-Box Testing
- Gray-Box Testing
- Vulnerability Scanning
- White-Box Testing
'Black-Box Testing' is a type of penetration testing where testers simulate an attacker with no prior knowledge of the target infrastructure. The goal is to identify vulnerabilities as if they were an external attacker.
Which type of attack involves intercepting and possibly altering communications between two parties without their knowledge?
- DDoS Attack
- Malware
- Man-in-the-Middle Attack
- Phishing
A 'Man-in-the-Middle (MitM) Attack' is a form of cyberattack where an attacker intercepts and possibly alters communications between two parties without their knowledge, compromising data integrity and privacy.
What is the main difference between a shallow neural network and a deep neural network?
- Activation Function
- Learning Rate
- Number of Layers
- Number of Neurons
The main difference between a shallow neural network and a deep neural network is the 'number of layers.' Shallow networks have only a few layers, while deep networks have many hidden layers.
In IT governance, the framework that provides a reference model to organize IT processes and consider their governance is known as _______.
- Agile
- COBIT
- DevOps
- ITIL
COBIT (Control Objectives for Information and Related Technologies) is a widely used framework for IT governance. It provides a set of best practices and standards to organize and govern IT processes, ensuring they align with business goals.
An embedded system, like a microwave or a washing machine, needs an operating system. What type of OS would be most suitable for such systems?
- Linux
- Real-time Operating System (RTOS)
- Windows OS
- macOS
Embedded systems, like microwaves or washing machines, benefit from a 'Real-time Operating System (RTOS)' because it provides predictable and timely responses, essential for control and automation in such devices.
A structured approach to aligning IT with business objectives and ensuring its optimal performance is often referred to as IT _______.
- Alignment
- Collaboration
- Enhancement
- Optimization
IT Alignment is the practice of ensuring that an organization's information technology (IT) strategy and initiatives are closely aligned with its business objectives. This alignment is crucial for maximizing the value IT can provide to the business.
A(n) _______ attack attempts to make a computer resource unavailable to its intended users by flooding it with superfluous requests.
- Denial of Service
- Encryption
- Intrusion
- Phishing
A 'Denial of Service' attack aims to disrupt a computer resource's availability by overwhelming it with excessive requests. This is often done maliciously to disrupt services.
After installing a new intrusion detection system, a company notices it's getting alerts for normal user activities. What type of error is the system likely experiencing?
- False Negative
- False Positive
- True Negative
- True Positive
The system is likely experiencing a 'False Positive' error. This occurs when the system incorrectly detects normal user activities as security threats. False positives can lead to alert fatigue and should be minimized to ensure effective intrusion detection.
In IT risk management, a(n) _______ is an unforeseen event that can have negative consequences for an organization's objectives.
- Incident
- Risk
- Threat
- Vulnerability
An unforeseen event with the potential to harm an organization's objectives is referred to as a 'Threat' in IT risk management. It's a factor or circumstance that could exploit a vulnerability and negatively impact an organization.