Security Assessment Flashcards
What is the primary goal of security monitoring?
A. To prevent all system attacks.
B. To ensure accountability and detect incidents.
C. To encrypt data in transit.
D. To create network access policies.
B
Which of the following is a feature of monitoring?
A. Data compression.
B. Real-time event analysis.
C. Physical network segmentation.
D. Role-based access control.
B
Which tool is commonly used for log analysis in large networks?
A. Wireshark.
B. SIEM systems.
C. Nessus.
D. Hping.
B
What is an audit log?
A. A collection of hashed passwords.
B. A log of user activities and system events.
C. A real-time threat mitigation mechanism.
D. A backup of sensitive data.
B
What does SIEM stand for?
A. Security Information and Event Monitoring.
B. Secure Information and Endpoint Management.
C. Security Integration and Event Management.
D. Security Information and Event Management.
D
Which of the following is NOT a function of a SIEM tool?
A. Real-time alerts.
B. Data encryption.
C. Report generation.
D. Log correlation.
B
Which of these is a popular SIEM tool?
A. Splunk.
B. Wireshark.
C. OpenVAS.
D. Hping.
A
How does a SIEM enhance threat detection?
A. By encrypting sensitive data.
B. By aggregating and analyzing logs from various sources.
C. By limiting user access to resources.
D. By blocking unauthorized users.
B
What is the role of an Intrusion Detection System (IDS)?
A. To block malicious traffic.
B. To detect and alert about potential intrusions.
C. To monitor physical access points.
D. To create password policies.
B
Which type of IDS relies on predefined patterns for detection?
A. Behavior-based IDS.
B. Signature-based IDS.
C. Host-based IDS.
D. Anomaly-based IDS.
B
Which is a feature of Host-based IDS (HIDS)?
A. Monitors network traffic.
B. Detects unauthorized activities on a single host.
C. Filters packets at the firewall level.
D. Blocks malicious emails.
B
What is the main limitation of behavior-based detection?
A. High false-positive rate.
B. Limited detection capability for zero-day attacks.
C. Inability to work in real-time.
D. Requirement for large storage space.
A
What is the primary function of a firewall?
A. Encrypt sensitive data.
B. Block unauthorized access to a network.
C. Analyze hashed passwords.
D. Perform penetration tests.
B
Which firewall type inspects individual packets for access control?
A. Stateful inspection.
B. Packet filtering.
C. Application gateway.
D. Circuit-level gateway.
B
What is a Next-Generation Firewall (NGFW)?
A. A firewall that encrypts data.
B. A firewall with integrated intrusion prevention capabilities.
C. A physical firewall device for home networks.
D. A firewall only used in cloud environments.
B
What is the purpose of a DMZ in firewall architecture?
A. To isolate internal resources from public-facing services.
B. To store encryption keys securely.
C. To manage distributed denial-of-service attacks.
D. To monitor login attempts.
A
What is the goal of penetration testing?
A. To identify vulnerabilities in a system.
B. To encrypt sensitive data.
C. To prevent social engineering attacks.
D. To monitor network traffic in real-time.
A
Which of the following is a penetration testing tool?
A. Metasploit.
B. Nessus.
C. Wireshark.
D. Hping.
A
What is the first step in a penetration test?
A. Exploitation.
B. Pre-engagement.
C. Reporting.
D. Vulnerability scanning.
B
What framework is commonly used for penetration testing?
A. PTES.
B. PCI DSS.
C. ISO 27001.
D. NIST SP 800-53.
A
What is the primary purpose of vulnerability scanning?
A. To identify potential weaknesses in a system.
B. To monitor user activity logs.
C. To encrypt sensitive files.
D. To perform role-based access control.
A
Which tool is widely used for network vulnerability scanning?
A. Nessus.
B. HIDS.
C. Metasploit.
D. Wireshark.
A
What does OS fingerprinting determine?
A. The type of encryption used.
B. The operating system of a target machine.
C. The user permissions on a system.
D. The presence of malware on a host.
B
Which of the following is a key feature of Nmap?
A. Password cracking.
B. Port scanning.
C. Encryption key generation.
D. Social engineering.
B