Q71. What does “security incident response” involve?
a) Managing network traffic
b) Responding to and managing security breaches or attacks
c) Creating strong passwords
d) Enhancing system performance
Show Answer
Correct Answer: b) Responding to and managing security breaches or attacks
Explanation: Security incident response involves the actions taken to address and manage security breaches or attacks. It includes detecting, analyzing, containing, and recovering from security incidents to minimize their impact.
Q72. What is a “phishing scam”?
a) A method for encrypting data
b) A fraudulent attempt to obtain sensitive information by pretending to be a legitimate entity
c) A type of firewall
d) A technique for managing network traffic
Show Answer
Correct Answer: b) A fraudulent attempt to obtain sensitive information by pretending to be a legitimate entity
Explanation: A phishing scam involves deceiving individuals into providing sensitive information by pretending to be a trustworthy source. It often uses deceptive emails or messages to lure victims.
Q73. What is the function of a “security token”?
a) To encrypt data
b) To provide a physical or digital means of authentication
c) To manage network traffic
d) To create backups of data
Show Answer
Correct Answer: b) To provide a physical or digital means of authentication
Explanation: A security token is a device or digital tool used for authentication. It provides a means of verifying the identity of users, often as part of a multi-factor authentication process.
Q74. What is a “rootkit”?
a) A type of antivirus software
b) A malicious program designed to hide the presence of other malware
c) A tool for encrypting data
d) A network monitoring tool
Show Answer
Correct Answer: b) A malicious program designed to hide the presence of other malware
Explanation: A rootkit is a type of malware designed to conceal the presence of other malicious software on a system. It can manipulate system functions and make it difficult to detect and remove the malware it hides.
Q75. What does “data encryption” involve?
a) Creating backups of data
b) Converting data into an unreadable format to protect it from unauthorized access
c) Monitoring network traffic
d) Managing software updates
Show Answer
Correct Answer: b) Converting data into an unreadable format to protect it from unauthorized access
Explanation: Data encryption involves converting data into an unreadable format using algorithms to protect it from unauthorized access. Only authorized parties with the decryption key can access the original data.
Q76. What is “penetration testing”?
a) A method for encrypting data
b) A technique for identifying security vulnerabilities by simulating attacks
c) A tool for managing network traffic
d) A method for creating backups of data
Show Answer
Correct Answer: b) A technique for identifying security vulnerabilities by simulating attacks
Explanation: Penetration testing involves simulating attacks on a system to identify security vulnerabilities and weaknesses. It helps organizations understand their security posture and improve their defenses.
Q77. What does “network security” focus on?
a) Protecting individual devices
b) Protecting the integrity, confidentiality, and availability of network data
c) Managing software updates
d) Creating backups of data
Show Answer
Correct Answer: b) Protecting the integrity, confidentiality, and availability of network data
Explanation: Network security focuses on protecting the integrity, confidentiality, and availability of data transmitted over a network. It involves implementing measures to safeguard network infrastructure and data from various threats.
Q78. What is a “security breach”?
a) A method for securing data
b) An incident where unauthorized access to systems or data occurs
c) A type of malware
d) A tool for monitoring network traffic
Show Answer
Correct Answer: b) An incident where unauthorized access to systems or data occurs
Explanation: A security breach is an event where unauthorized access to systems or data occurs, potentially compromising sensitive information and exposing it to unauthorized individuals or entities.
Q79. What does “data masking” involve?
a) Encrypting data
b) Hiding or obscuring specific data elements to protect privacy
c) Creating backups of data
d) Monitoring network traffic
Show Answer
Correct Answer: b) Hiding or obscuring specific data elements to protect privacy
Explanation: Data masking involves hiding or obscuring specific data elements to protect privacy and prevent unauthorized access while still allowing the data to be used for legitimate purposes.
Q80. What is “multi-layered security”?
a) Using multiple types of encryption
b) Implementing multiple security controls and measures to protect systems
c) Scanning for multiple types of malware
d) Managing network traffic with multiple tools
Show Answer
Correct Answer: b) Implementing multiple security controls and measures to protect systems
Explanation: Multi-layered security involves using various security controls and measures to create multiple layers of defense. This approach helps to protect systems from different types of threats and vulnerabilities by providing overlapping safeguards.