Security

Question 1

A script that runs automatically when a user logs in, often used to map network drives, set environment variables, or launch apps.

Answer 1

Login Script

Question 2

A central collection of users, computers, and resources managed under a single set of rules and policies in Active Directory.

Answer 2

Domain

Question 3

A centralized way to control settings for users and computers in an AD environment, including enforcing updates, passwords, desktop restrictions, and more.

Answer 3

Group Policy / Updates

Question 4

A personal network folder assigned to a user for storing files; typically mapped to a specific drive letter at login.

Answer 4

Home Folder

Question 5

AD objects used to assign permissions to resources or delegate rights to multiple users simultaneously.

Answer 5

Security Groups

Question 6

A policy that redirects user data folders (like Documents or Desktop) to a network location for easier backup and roaming profiles.

Answer 6

Folder Redirection

Question 7

A wireless security protocol that uses AES encryption and was the industry standard for many years; more secure than WEP or WPA.

Answer 7

Wi-Fi Protected Access 2 (WPA2)

Question 8

The latest wireless security protocol offering stronger encryption, individualized encryption per device, and protection against brute-force attacks.

Answer 8

WPA3

Question 9

An older encryption protocol used with WPA; less secure than AES and gradually being phased out due to known vulnerabilities.

Answer 9

Temporal Key Integrity Protocol (TKIP)

Question 10

A symmetric encryption algorithm used by WPA2 and WPA3; offers strong security and is widely used across various technologies, not just Wi-Fi.

Answer 10

Advanced Encryption Standard (AES)

Question 11

A secure, password-based authentication method used in WPA3 that replaces the less secure PSK method from WPA2; protects against offline dictionary attacks and provides forward secrecy.

Answer 11

Simultaneous Authentication of Equals (SAE)

Question 12

A centralized authentication protocol used for remote access and network services; uses UDP, combines authentication and authorization, and encrypts only the password.

Answer 12

Remote Authentication Dial-In User Service (RADIUS)

Question 13

A Cisco-developed protocol for centralized authentication; uses TCP, separates authentication, authorization, and accounting, and encrypts the entire payload.

Answer 13

Terminal Access Controller Access-Control System Plus (TACACS+)

Question 14

A secure network authentication protocol that uses tickets and a trusted third party to verify users and services. Common in Active Directory environments.

Answer 14

Kerberos

Question 15

An authentication approach that requires two or more verification methods from different categories: something you know (password), something you have (token), or something you are (biometric).

Answer 15

Multifactor Authentication (MFA)

Question 16

A broad term for any malicious software designed to harm, exploit, or compromise data, devices, or networks. Includes viruses, trojans, spyware, ransomware, and more.

Answer 16

Malware

Question 17

A type of malware disguised as a legitimate program but contains malicious code that runs once the program is executed.

Answer 17

Trojan

Question 18

A stealthy form of malware that gives attackers privileged access to a system while hiding its presence from standard detection tools.

Answer 18

Rootkit

Question 19

A type of malicious software that attaches itself to a file or program and spreads to other files or systems when executed.

Answer 19

Virus

Question 20

Software that secretly gathers user information, such as browsing habits or personal data, often without consent.

Answer 20

Spyware

Question 21

Malware that locks or encrypts user data and demands payment (a ransom) to restore access.

Answer 21

Ransomware

Question 22

Records every keystroke typed by a user to steal sensitive data like passwords, PINs, or credit card numbers.

Answer 22

Keylogger

Question 23

A type of virus that infects the master boot record (MBR) of a storage device, loading before the operating system starts.

Answer 23

Boot Sector Virus

Question 24

Malware that hijacks system resources to secretly mine cryptocurrency, often degrading system performance.

Answer 24

Cryptominers

Question 25

A special boot environment that starts the OS with minimal drivers and services; used to isolate malware and run cleanup tools safely.

Answer 25

Recovery Mode

Question 26

Software specifically designed to detect and remove viruses, often providing real-time protection and scanning capabilities.

Answer 26

Antivirus

Question 27

A broader security tool that targets various forms of malicious software including spyware, ransomware, trojans, and more—not just viruses.

Answer 27

Anti-malware

Question 28

Security software that monitors and controls incoming and outgoing network traffic on a single device to help block unauthorized access or suspicious activity.

Answer 28

Software Firewalls

Question 29

Training programs that help users recognize fraudulent emails or websites designed to steal sensitive data like passwords or credit card numbers.

Answer 29

Anti-phishing Training

Question 30

Educating users on how to avoid malware through best practices like not clicking unknown links, using strong passwords, and updating software regularly.

Answer 30

User Education Regarding Common Threats

Question 31

A last-resort option for malware removal that wipes the system clean and reinstalls a fresh version of the operating system.

Answer 31

OS Reinstallation

Question 32

Manipulating people into giving up confidential information or performing actions that compromise security, often through deception or trust exploitation.

Answer 32

Social Engineering

Question 33

A type of attack that uses emails or messages posing as legitimate sources to trick users into clicking malicious links or revealing sensitive data.

Answer 33

Phishing

Question 34

Voice-based social engineering where attackers call victims pretending to be someone trustworthy to gather sensitive information.

Answer 34

Vishing

Question 35

Looking over someone’s shoulder to observe sensitive information, such as passwords or PINs, often in public or work environments.

Answer 35

Shoulder Surfing

Question 36

A phishing attack targeting high-profile individuals like executives or public officials, often using highly personalized tactics.

Answer 36

Whaling

Question 37

Following someone closely through a secure door or entry point without authorization, often pretending to be an employee or delivery person.

Answer 37

Tailgating

Question 38

Pretending to be someone trusted—like tech support or a coworker—to gain access or information. Often used in person, via email, or phone.

Answer 38

Impersonation

Question 39

Searching through trash or recycling bins to find sensitive documents or data that can be used for fraud or further attacks.

Answer 39

Dumpster Diving

Question 40

A rogue Wi-Fi access point that mimics a legitimate one to trick users into connecting, allowing attackers to intercept data or install malware.

Answer 40

Evil Twin

Question 41

An attack where multiple compromised systems flood a target with traffic, overwhelming its resources and making it unavailable to users.

Answer 41

Distributed Denial of Service (DDoS)

Question 42

An attack where a single system floods a network or service with excessive requests to disrupt access or functionality.

Answer 42

Denial of Service (DoS)

Question 43

An attack that exploits a previously unknown software vulnerability before a patch is available, leaving systems defenseless.

Answer 43

Zero-day Attack

Question 44

Falsifying the identity of a user or system in order to deceive or gain unauthorized access (e.g., IP, email, or MAC address).

Answer 44

Spoofing

Question 45

Also known as a man-in-the-middle (MITM) attack; the attacker secretly intercepts and possibly alters communications between two parties.

Answer 45

On-path Attack

Question 46

An attack where an attacker tries every possible combination of characters to guess a password.

Answer 46

Brute-force Attack

Question 47

A password-cracking method that tries words from a predefined list or dictionary, often targeting weak or common passwords.

Answer 47

Dictionary Attack

Question 48

A security threat originating from someone within the organization who misuses access—either maliciously or accidentally.

Answer 48

Insider Threat

Question 49

An injection attack where malicious SQL commands are entered into input fields to manipulate or access backend databases.

Answer 49

Structured Query Language (SQL) Injection

Question 50

A web-based attack that injects malicious scripts into trusted websites, allowing attackers to steal data from users who visit the page.

Answer 50

Cross-site Scripting (XSS)

Question 51

A network of compromised computers or devices (often called zombies) controlled remotely by an attacker to launch coordinated attacks like DDoS.

Answer 51

botnet

Question 52

An individual device that has been infected with malware and is being controlled by an attacker as part of a larger botnet, often without the user's knowledge.

Answer 52

Zombie

Question 53

A type of cyberattack where the attacker secretly intercepts and possibly alters the communication between two parties without their knowledge. Often used to steal data or credentials. Also known as a man-in-the-middle (MITM) attack.

Answer 53

On-path Attack

Question 54

A weakness or flaw in software, hardware, or organizational processes that can be exploited by threats to gain unauthorized access, cause damage, or steal data.

Answer 54

Vulnerability

Question 55

FTP

Answer 55

20 (data), 21 (control)

Question 56

SSH

Answer 56

22

Question 57

Telnet

Answer 57

23

Question 58

SMTP

Answer 58

25

Question 59

DNS

Answer 59

53

Question 60

HTTP

Answer 60

80

Question 61

DHCP

Answer 61

67 (server), 68 (client)

Question 62

POP3

Answer 62

110

Question 63

NetBIOS

Answer 63

137–139

Question 64

IMAP

Answer 64

143

Question 65

SNMP

Answer 65

161/162

Question 66

LDAP

Answer 66

389

Question 67

HTTPS

Answer 67

443

Question 68

SMB

Answer 68

445

Question 69

RDP

Answer 69

3389

Question 70

Transfers files between computers using a control and data channel

Answer 70

FTP

Question 71

Provides secure remote login and command execution using encryption

Answer 71

SSH

Question 72

Allows remote login to another host without encryption

Answer 72

Telnet

Question 73

Sends email messages between servers

Answer 73

SMTP

Question 74

Resolves domain names to IP addresses

Answer 74

DNS

Question 75

Loads websites using unencrypted web traffic

Answer 75

HTTP

Question 76

Assigns IP addresses dynamically on a network

Answer 76

DHCP

Question 77

Retrieves email from a server and downloads it to a local device

Answer 77

POP3

Question 78

Provides legacy file and printer sharing in older Windows networks

Answer 78

NetBIOS

Question 79

Retrieves email while keeping it on the mail server

Answer 79

IMAP

Question 80

Collects and organizes network device information and monitoring data

Answer 80

SNMP

Question 81

Provides directory services like user and device lookups

Answer 81

LDAP

Question 82

Loads websites using encrypted web traffic

Answer 82

HTTPS

Question 83

Shares files, printers, and other resources in Windows networks

Answer 83

SMB

Question 84

Allows remote desktop access to another computer over a network

Answer 84

RDP

Question 85

A user profile created and stored on the device itself versus one linked to an online identity for syncing settings, apps, and services across devices.

Answer 85

Local vs. Microsoft Account

Question 86

Account type that is intended for everyday use. It allows users to run apps, use the internet, and customize their personal environment, but it cannot install or uninstall software, change system settings, or manage other user accounts. It's considered the safest type for daily use.

Answer 86

Standard Account

Question 87

An account type that has full control of the system. It can install and uninstall software, create and manage user accounts, change system-wide settings, and access protected system files. Administrator privileges are required for most maintenance and troubleshooting tasks.

Answer 87

Administrator

Question 88

Account type that is a built-in, very limited access profile designed for temporary or infrequent users. It cannot install programs, change settings, or access other users' files. It’s disabled by default in modern Windows versions for security reasons.

Answer 88

Guest User

Question 89

Account type that is a legacy Windows group that has more permissions than a standard user but fewer than an administrator. It could install some software and access some system tools, but was restricted from high-level system management. This group is largely deprecated in modern Windows versions.

Answer 89

Power User

Question 90

Securely removing data from a storage device so it cannot be recovered. Often involves overwriting the drive multiple times with random data.

Answer 90

Erasing/Wiping

Question 91

A deeper, manufacturer-level formatting process that fully resets a storage device by rewriting sectors and mapping out bad ones

Answer 91

Low-Level Formatting

Question 92

The process of setting up a file system and clearing the file allocation table; does not fully erase existing data and is less secure for recycling.

Answer 92

Standard Formatting

Question 93

A network protocol that allows devices on the same network to discover each other and automatically configure services like media sharing or port forwarding. Convenient, but can introduce security risks if not properly managed

Answer 93

Universal Plug and Play (UPnP)

Question 94

the process of redirecting communication requests from one address and port number to another

Answer 94

Port Forwarding

Question 95

a process that takes the contents of a file and runs it through a mathematical algorithm to create a unique string of characters, known as a hash or checksum

Answer 95

Hashing

Question 96

What does UAC stand for in Windows security? (Set 813) A) User Access Control B) Universal Admin Control C) User Account Control D) Unified Access Control

Answer 96

Answer: C) User Account Control

Question 97

Which port does HTTPS typically use? (Set 638) A) 443 B) 80 C) 22 D) 21

Answer 97

Answer: A) 443

Question 98

What type of malware disguises itself as legitimate software? (Set 127) A) Worm B) Ransomware C) Trojan D) Spyware

Answer 98

Answer: C) Trojan

Question 99

Which Windows feature encrypts the entire disk? (Set 386) A) Firewall B) BitLocker C) EFS D) Windows Hello

Answer 99

Answer: B) BitLocker

Question 100

Which of the following methods ensures data is unreadable without the correct key? (Set 878) A) Authentication B) Authorization C) Encryption D) Hashing

Answer 100

Answer: C) Encryption

Question 101

Arrange the steps to enable BitLocker on a drive: 1) Right-click the drive 2) Select 'Turn on BitLocker' 3) Choose how to unlock drive 4) Choose where to save recovery key 5) Start encryption

Answer 101

1. Right-click the drive 2. Select 'Turn on BitLocker' 3. Choose how to unlock drive 4. Choose where to save recovery key 5. Start encryption

Question 102

Arrange the steps for setting up a strong password policy: 1) Open Group Policy Editor 2) Navigate to Password Policy 3) Set password length 4) Set expiration days 5) Apply policy

Answer 102

1. Open Group Policy Editor 2. Navigate to Password Policy 3. Set password length 4. Set expiration days 5. Apply policy

Question 103

Put the malware removal process in order: 1) Identify symptoms 2) Quarantine the system 3) Remediate 4) Schedule future scans 5) Reconnect to network

Answer 103

1. Identify symptoms 2. Quarantine the system 3. Remediate 4. Schedule future scans 5. Reconnect to network

Question 104

Put the steps in order for configuring a firewall rule: 1) Open Windows Defender Firewall 2) Click Advanced Settings 3) Create new rule 4) Define ports and protocol 5) Apply rule

Answer 104

1. Open Windows Defender Firewall 2. Click Advanced Settings 3. Create new rule 4. Define ports and protocol 5. Apply rule

Question 105

Put the steps to enable multifactor authentication (MFA) in order: 1) Sign in to security settings 2) Select MFA options 3) Enter verification method 4) Confirm and test MFA

Answer 105

1. Sign in to security settings 2. Select MFA options 3. Enter verification method 4. Confirm and test MFA