Practice Questions Flashcards
While working on a risk report, a security analyst in an IT firm didn’t report it. What type of risk response is this?
A. Risk rejection
B. Risk mitigation
C. Risk acceptance
D. Risk avoidance
A. Risk rejection
Under which category of cyber threat is ransomware?
A. Phishing attack
B. DoS attack
C. Worm
D. Malware
D. Malware
Which category best describes an attack that compromises the confidentiality of data?
A. Alteration
B. Interception
C. Modification
D. Interruption
B. Interception
Type of attack used for gaining access to the target system using a false identity.
A. Virus
B. Phishing
C. Spoofing
D. Replay
C. Spoofing
Which of these attacks is related to network resource consumption with the goal of preventing legitimate activity/traffic on a specific system?
A. Side Channel
B. Denial of Service (DoS)
C. Man-in-the-Middle
D. Replay
B. Denial of Service (DoS)
Which of the following is not a common behavior between a virus & worm?
A. Spread throughout the network
B. Destructive
C. Human interaction required
D. Destructive
C. Human interaction required
What’s another name for a Man-in-the-Middle (MITM) attack?
A. On-path attack
B. Distributed Denial of Service (DDoS) attack
C. Phishing attack
D. Smishing Attack
A. On-path attack
What type of threat is it when an employee downloads multiple company related documents before later joining a competitor company?
A. Market threat
B. Outsider threat
C. Competitor threat
D. Insider threat
D. Insider threat
Of the following choices, which is the best way of dealing with an insider threat?
A. Actively monitoring a coworker’s daily routine
B. Solve any threats that you identify
C. Identify and report any suspicious activity
D. Implement mantraps
C. Identify and report any suspicious activity
Wired connections for networked devices fall under which standard?
A. IEEE 802.1
B. IEEE 802.3
C. IEEE 802.5
D. IEEE 802.11
B. IEEE 802.3
___________ are used to protect the network while managing and controlling network traffic.
A. Switches
B. Intrusion Prevention Systems
C. Firewalls
D. Routers
C. Firewalls
Which protocol should be used to securely transfer files?
A. SFTP
B. FTP
C. SMTP
D. SNMP
A. SFTP
Someone gains access to your sensitive data and releases it on a public website. Which component of the CIA triad does this effect?
A. Availability
B. Confidentiality
C. Integrity
D. Authorization
B. Confidentiality
All of the following fall under the confidential category except?
A. PHI
B. Sensitive/Classified Information
C. PII
D. Email
D. Email
A security analyst recently found a threat and informed leadership of a security control to counter the threat. This is an example of risk __________.
A. Avoidance
B. Insurance
C. Mitigation
D. Transference
C. Mitigation