Q81. What is “cyber hygiene”?
a) Regularly updating and maintaining security practices and tools
b) Scanning for malware
c) Creating backups of data
d) Managing network traffic
Show Answer
Correct Answer: a) Regularly updating and maintaining security practices and tools
Explanation: Cyber hygiene refers to the practice of regularly updating and maintaining security practices, tools, and procedures to protect systems and data from cyber threats. It includes actions such as updating software, changing passwords, and monitoring for security issues.
Q82. What is a “botnet”?
a) A tool for encrypting data
b) A network of compromised devices controlled by a malicious actor
c) A type of firewall
d) A method for data backup
Show Answer
Correct Answer: b) A network of compromised devices controlled by a malicious actor
Explanation: A botnet is a network of compromised devices that are controlled by a malicious actor. These devices, often referred to as “bots,” can be used to perform various malicious activities, such as launching DDoS attacks or distributing spam.
Q83. What does “security patch” refer to?
a) A method for encrypting data
b) An update released to fix security vulnerabilities in software
c) A tool for managing network traffic
d) A type of malware
Show Answer
Correct Answer: b) An update released to fix security vulnerabilities in software
Explanation: A security patch is an update released by software vendors to address and fix security vulnerabilities. Applying patches helps protect systems from potential exploits and reduces the risk of security breaches.
Q84. What is a “zero-day vulnerability”?
a) A vulnerability that has been fixed with a security patch
b) A vulnerability that is unknown to the software vendor and has no fix available
c) A type of malware
d) A method for encrypting data
Show Answer
Correct Answer: b) A vulnerability that is unknown to the software vendor and has no fix available
Explanation: A zero-day vulnerability refers to a security flaw that is unknown to the software vendor and does not have a fix available. Exploiting such vulnerabilities can pose significant risks as there is no immediate remedy.
Q85. What is “two-factor authentication”?
a) Using two different passwords for the same account
b) Requiring two different types of verification to access an account or system
c) Encrypting data with two algorithms
d) Scanning for two types of malware
Show Answer
Correct Answer: b) Requiring two different types of verification to access an account or system
Explanation: Two-factor authentication requires users to provide two different types of verification, such as a password and a code sent to their mobile device, to access an account or system. This adds an extra layer of security.
Q86. What does “security posture” refer to?
a) The physical location of security tools
b) The overall security status and effectiveness of security measures
c) The process of creating backups of data
d) The speed of the network
Show Answer
Correct Answer: b) The overall security status and effectiveness of security measures
Explanation: Security posture refers to the overall security status and effectiveness of the security measures in place within an organization. It reflects how well the organization is protected against threats and vulnerabilities.
Q87. What is “ransomware”?
a) Software that encrypts data and demands a ransom for decryption
b) A tool for managing network traffic
c) A type of firewall
d) A method for data encryption
Show Answer
Correct Answer: a) Software that encrypts data and demands a ransom for decryption
Explanation: Ransomware is a type of malware that encrypts a victim’s data and demands a ransom payment in exchange for the decryption key. It effectively locks users out of their own data until the ransom is paid.
Q88. What is “security incident management”?
a) Managing network traffic
b) Handling and responding to security incidents and breaches
c) Encrypting data
d) Creating strong passwords
Show Answer
Correct Answer: b) Handling and responding to security incidents and breaches
Explanation: Security incident management involves handling and responding to security incidents and breaches. It includes detecting, analyzing, containing, and recovering from security events to minimize their impact on the organization.
Q89. What does “data loss prevention” aim to achieve?
a) Encrypting data
b) Preventing unauthorized access to or loss of data
c) Managing network traffic
d) Scanning for malware
Show Answer
Correct Answer: b) Preventing unauthorized access to or loss of data
Explanation: Data loss prevention (DLP) aims to prevent unauthorized access to or loss of sensitive data. It involves implementing controls and measures to protect data from being compromised or lost, ensuring its confidentiality and integrity.
Q90. What is a “security breach notification”?
a) A method for securing data
b) A formal communication about a security breach to affected parties
c) A type of malware
d) A tool for network management
Show Answer
Correct Answer: b) A formal communication about a security breach to affected parties
Explanation: A security breach notification is a formal communication that informs affected parties about a security breach. It provides details about the breach, its impact, and the steps being taken to address it and mitigate potential harm.