Security Posture

Question 1

The process of identifying the difference between current security measures and desired standards or compliance requirements. It highlights weaknesses and areas for improvement.

Answer 1

Gap Analysis

Question 2

Educates employees about cybersecurity risks, best practices, and how to recognize and respond to threats such as phishing, malware, and social engineering.

Answer 2

Security Awareness Training

Question 3

Involves identifying, analyzing, and evaluating risks to an organization’s assets, systems, or data. It determines potential threats, their likelihood, and their impact, guiding decisions to mitigate those risks.

Answer 3

Risk Assessment

Question 4

A discussion-based simulation where participants review and practice their response to hypothetical security incidents or emergencies. It is conducted in a low-stress environment to identify weaknesses in procedures.

Answer 4

Tabletop Exercise

Question 5

A security framework that assumes no user, device, or system should be trusted by default, even if they are inside the network perimeter. Verification is required for every access request.

Answer 5

Zero Trust Model

Question 6

Implement Least Privilege
Never Trust, Always Verify
Assume Breach

Answer 6

Zero Trust Model

Question 7

The implementation of the Zero Trust Model in an organization’s network and systems. It integrates technologies like identity management, multi-factor authentication, and micro-segmentation to enforce the “never trust, always verify” principle.

Answer 7

Zero Trust Architecture

Question 8

The operational practice of implementing the Zero Trust Model by enforcing strict identity verification and least privilege access across all systems, users, and devices.

Answer 8

Zero Trust Security

Question 9

The outdated security assumption that everything inside an organization’s network is secure and trustworthy. It contrasts with the Zero Trust Model, which assumes that no user, device, or system should be trusted without verification.

Answer 9

Implicit Trust

Question 10

Continuously tracking and recording activity on networks, systems, and applications. Logs capture events like user access, file changes, or system errors for analysis.

Answer 10

Monitoring and Logging

Question 11

A dynamic security approach that adjusts access controls based on the context of a user’s behavior, location, device, or other factors. It is often used in conjunction with multi-factor authentication (MFA).

Answer 11

Adaptive Identity

Question 12

A network security strategy that divides a network into smaller segments and applies security policies to each one. This limits lateral movement by attackers and isolates potential breaches.

Answer 12

Microsegmentation

Question 13

The decision-making component in an access control system. It evaluates access requests against policies to determine if access should be granted or denied.

Answer 13

Policy Engine (PE)

Question 14

The component that enforces access control decisions made by the Policy Engine. It allows or blocks access to resources based on those decisions.

Answer 14

Policy Enforcement Point (PEP)

Question 15

The intermediary component that communicates between the Policy Engine and the Policy Enforcement Point. It pushes configuration changes and enforces policies at the enforcement point.

Answer 15

Policy Administrator (PA)

Question 16

The component within an access control system responsible for evaluating access requests against policies and making the “allow” or “deny” decision.

Receives access requests from the Policy Engine (PE) and the Policy Enforcement Point (PEP).

Answer 16

Policy Decision Point (PDP)

Question 17

A physical security measure consisting of a small, enclosed area with two sets of interlocking doors. Only one door can open at a time, ensuring controlled entry and exit.

Used to prevent unauthorized access by verifying credentials before allowing entry.

Answer 17

Access Control Vestibule

Question 18

A decoy system or resource set up to attract attackers, detect their activities, and analyze their methods. It mimics a legitimate target without providing real value to the attacker.

Answer 18

Honeypot

Question 19

A network of honeypots designed to simulate a larger environment, such as an enterprise network. It provides a more realistic target for attackers, making it easier to study complex threats.

Answer 19

Honeynet

Question 20

A piece of data, such as a fake document, file, or database entry, designed to lure attackers. Accessing or using this could trigger an alert, indicating unauthorized activity.

Answer 20

Honeytoken

Question 21

A decoy file intentionally placed in a system or network to detect unauthorized access or insider threats. It is designed to appear valuable or interesting to an attacker, such as a document labeled “Passwords” or “Confidential Plans.”

Answer 21

Honeyfile

Question 22

A security tool that monitors network traffic or system activity for malicious behavior and sends alerts to administrators when suspicious activity is detected.

Examples: Network-Based IDS & Host-based IDS.

Answer 22

Intrusion Detection System (IDS)

Question 23

A security tool that monitors network traffic or system activity, detects malicious behavior, and takes proactive actions (e.g., blocking traffic) to stop threats in real time.

Answer 23

Intrusion Prevention System (IPS)

Question 24

A formal agreement between two or more organizations that outlines the roles, responsibilities, and expectations for a business partnership.

Answer 24

Business Partnership Agreement (BPA)

Question 25

A process used to identify critical business functions, assess the impact of disruptions, and prioritize resources for recovery.

Answer 25

Business Impact Analysis (BIA)

Question 26

A calculation used in risk management to estimate the monetary loss from a single security incident. It quantifies the potential financial impact for planning and mitigation.

Calculation: Asset Value (AV) x Exposure Factor (EF) = ???

Answer 26

Single Loss Expectancy (SLE)

Question 27

A documented strategy to ensure critical business operations continue during and after a disaster or disruption.

Answer 27

Business Continuity Plan (BCP)

Question 28

A framework for managing digital keys and certificates used for encryption and authentication. This enables secure communication by providing a way to exchange encryption keys and verify identities.

Key Components include Public and private keys, digital certificates, and certificate authorities (CA).

Answer 28

Public Key Infrastructure (PKI)

Question 29

A part of a Public Key Infrastructure (PKI) that acts as an intermediary between users and the Certificate Authority (CA). It verifies the identity of users or entities requesting digital certificates.

Answer 29

Registration Authority (RA)

Question 30

A set of standards developed to promote the use of public key cryptography. It defines formats for cryptographic messages, certificates, and private keys.

Answer 30

Public Key Cryptography Standards (PKCS)

Question 31

What PKCS Standard Number represents Cryptographic Message Syntax?

Answer 31

PKCS #7

Question 32

What is PKCS Standard Number represents Personal Information Exchange Format?

Answer 32

PKCS #12

Question 33

What is PKCS Standard Number represents Certification Request Format?

Answer 33

PKCS #10

Question 34

An entity that issues digital certificates used to verify the identity of entities in a network. This entity is responsible for signing and validating certificates, ensuring secure communications.

Answer 34

Certificate Authority (CA)

Question 35

A pair of cryptographic keys used in asymmetric encryption systems. These keys are mathematically linked, where one key (the public key) is used to encrypt data, and the other key (the private key) is used to decrypt it.

Answer 35

Public-Private Key

Question 36

A key that is shared openly and used to encrypt data or verify a signature.

Answer 36

Public Key

Question 37

A key that is kept secret and used to decrypt data or create a digital signature.

Answer 37

Private Key

Question 38

A type of encryption where the same key is used for both encrypting and decrypting data. Both the sender and receiver must have access to the shared secret key.

Examples: AES, DES, 3DES

Answer 38

Symmetric Encryption

Question 39

A type of encryption that uses a pair of keys: a public key for encryption and a private key for decryption. Only the private key can decrypt data encrypted with the corresponding public key.

Example: RSA, ECC, DSA, & EFS

Answer 39

Asymmetric Encryption

Question 40

A security arrangement where the cryptographic keys used for encryption are stored by a trusted third party. In case the original key is lost or the entity responsible for the key is unable to access encrypted data, the escrowed key can be retrieved by the third party.

Answer 40

Key Escrow

Question 41

A physical device used to generate, store, and manage cryptographic keys securely. It provides high levels of protection for sensitive data and ensures secure encryption and decryption operations.

Answer 41

(Hardware Security Module) HSM

Question 42

A specialized hardware component designed to securely store cryptographic keys, passwords, and certificates within a computer or device. It ensures that data and devices are protected from unauthorized access and tampering.

Answer 42

Trusted Platform Module (TPM)

Question 43

A built-in feature of Microsoft Windows that allows users to encrypt files and folders on a local computer. This uses asymmetric encryption to secure data and protect it from unauthorized access.

Answer 43

Encrypting File System (EFS)

Question 44

A hardware-based solution where the drive itself automatically encrypts and decrypts data. It uses a built-in cryptographic engine, meaning no software is required for encryption.

Answer 44

Self-Encrypting Drive (SED)

Question 45

A security measure that encrypts the entire storage drive of a computer or device, protecting all data stored on it, including the operating system, applications, and files.

Example: MS Windows Bitlocker

Answer 45

Full Disk Encryption (FDE)

Question 46

A secure connection over the internet that allows users to send and receive data as if they were directly connected to a private network. It encrypts internet traffic, ensuring privacy and security.

Answer 46

Virtual Private Network (VPN)

Question 47

A free, open-source tool used for encrypting data and creating digital signatures. It implements the OpenPGP standard for public key cryptography.

Answer 47

GNU Privacy Guard (GPG)

Question 48

A cryptographic network protocol used to securely access and manage network devices and servers remotely.

Answer 48

Secure Shell (SSH)

Question 49

A suite of protocols used to secure internet protocol (IP) communications by authenticating and encrypting each IP packet in a communication session.

Examples: Authentication Header (AH) & ESP (Encapsulating Security Payload)

Answer 49

Internet Protocol Security (IPsec)

Question 50

A data encryption and decryption program used for securing emails and files. It uses both symmetric encryption for the message and asymmetric encryption for key management.

Answer 50

Pretty Good Privacy (PGP)

Question 51

A free software operating system that aims to provide a Unix-like environment composed entirely of free software.

Answer 51

GNU (“GNU” not Unix)

Question 52

A network protocol used to securely transfer files over a secure SSH connection. Unlike FTP, it encrypts both the commands and the data to protect it from eavesdropping or tampering.

Answer 52

Secure File Transfer Protocol (SFTP)

Question 53

An extension of HTTP that uses SSL/TLS encryption to secure communications between a client (e.g., browser) and a web server, ensuring confidentiality and integrity.

Answer 53

HyperText Transfer Protocol Secure (HTTPS)

Question 54

An extension of FTP that adds security features through the use of SSL/TLS to encrypt the control and/or data channels during file transfer.

Answer 54

File Transfer Protocol Secure (FTPS)

Question 55

A protocol used for managing and monitoring network devices (e.g., routers, switches, servers) by gathering information about their performance and operational status.

Answer 55

Simple Network Management Protocol (SNMP)

Question 56

A protocol used for sending digitally signed and encrypted email messages. It adds security features such as authentication, message integrity, and confidentiality to email communication.

Answer 56

Secure/Multipurpose Internet Mail Extensions (S/MIME)

Question 57

A command used to upgrade an existing insecure connection (typically on ports like 25, 110, or 143) to a secure connection using TLS/SSL encryption. It is often used in email protocols such as SMTP, IMAP, and POP3.

Answer 57

startTLS

Question 58

An email authentication method that uses public-key cryptography to verify that the email message was sent from the domain it claims to be from and that its content has not been altered in transit.

Answer 58

DomainKeys Identified Mail (DKIM)

Question 59

The version of SMTP that uses SSL/TLS encryption to secure email communication. Unlike STARTTLS, which upgrades an existing connection, this version requires encryption from the beginning of the session.

Answer 59

Simple Mail Transfer Protocol Secure (SMTPS)

Question 60

A protocol designed to provide encryption, message authentication, and integrity for real-time communications, such as voice and video calls, over IP networks.

Answer 60

Secure Real-Time Transport Protocol (SRTP)