Which type of penetration testing focuses on testing from an attacker's perspective without prior knowledge of the target infrastructure?
- Black-Box Testing
- Gray-Box Testing
- Vulnerability Scanning
- White-Box Testing
'Black-Box Testing' is a type of penetration testing where testers simulate an attacker with no prior knowledge of the target infrastructure. The goal is to identify vulnerabilities as if they were an external attacker.
Which type of attack involves intercepting and possibly altering communications between two parties without their knowledge?
- DDoS Attack
- Malware
- Man-in-the-Middle Attack
- Phishing
A 'Man-in-the-Middle (MitM) Attack' is a form of cyberattack where an attacker intercepts and possibly alters communications between two parties without their knowledge, compromising data integrity and privacy.
What is the main difference between a shallow neural network and a deep neural network?
- Activation Function
- Learning Rate
- Number of Layers
- Number of Neurons
The main difference between a shallow neural network and a deep neural network is the 'number of layers.' Shallow networks have only a few layers, while deep networks have many hidden layers.
In IT governance, the framework that provides a reference model to organize IT processes and consider their governance is known as _______.
- Agile
- COBIT
- DevOps
- ITIL
COBIT (Control Objectives for Information and Related Technologies) is a widely used framework for IT governance. It provides a set of best practices and standards to organize and govern IT processes, ensuring they align with business goals.
An embedded system, like a microwave or a washing machine, needs an operating system. What type of OS would be most suitable for such systems?
- Linux
- Real-time Operating System (RTOS)
- Windows OS
- macOS
Embedded systems, like microwaves or washing machines, benefit from a 'Real-time Operating System (RTOS)' because it provides predictable and timely responses, essential for control and automation in such devices.
A structured approach to aligning IT with business objectives and ensuring its optimal performance is often referred to as IT _______.
- Alignment
- Collaboration
- Enhancement
- Optimization
IT Alignment is the practice of ensuring that an organization's information technology (IT) strategy and initiatives are closely aligned with its business objectives. This alignment is crucial for maximizing the value IT can provide to the business.
A(n) _______ attack attempts to make a computer resource unavailable to its intended users by flooding it with superfluous requests.
- Denial of Service
- Encryption
- Intrusion
- Phishing
A 'Denial of Service' attack aims to disrupt a computer resource's availability by overwhelming it with excessive requests. This is often done maliciously to disrupt services.
What is the primary purpose of a firewall in network security?
- Access Control
- Data Encryption
- Network Monitoring
- Virus Detection
The primary purpose of a 'firewall' in network security is to enforce access control policies. It acts as a barrier between a trusted network and an untrusted network, allowing or blocking network traffic based on predefined rules.
In IT risk management, a(n) _______ is an unforeseen event that can have negative consequences for an organization's objectives.
- Incident
- Risk
- Threat
- Vulnerability
An unforeseen event with the potential to harm an organization's objectives is referred to as a 'Threat' in IT risk management. It's a factor or circumstance that could exploit a vulnerability and negatively impact an organization.
Which method is commonly used by malware analysts to observe the behavior of malware in a controlled environment without endangering real systems?
- Debugging
- Penetration testing
- Sandboxing
- Vulnerability scanning
Malware analysts often use 'sandboxing' to run malware in a controlled, isolated environment. This method allows them to observe the malware's behavior without risking damage to real systems. Sandbox environments are designed for this purpose.