Question: Which of the following is a small hardware device that generates a unique code used in authentication?
Answer Choices: Security token
Proxy server
VPN
Rootkit
Answer: Security token
Question: Which of the following terms refers to disguising communication from an unknown source as being from a known, trusted source?
Answer Choices: Spoofing
Phishing
Spamming
Sniffing
Answer: Spoofing
Question: Which of the following security principles states that users should only be given the minimum level of access necessary to perform their job functions?
Answer Choices: Need-to-know principle
Principle of least privilege
Confidentiality principle
Integrity principle
Answer: Principle of least privilege
Question: Which of the following is a cyberattack in which malicious code is inserted into a trusted website to target visitors?
Answer Choices: SQL injection
Man-in-the-middle attack
Cross-site scripting (XSS)
Spoofing
Answer: Cross-site scripting (XSS)
Question: Which of the following best describes social engineering in cybersecurity?
Answer Choices: Attacking the network infrastructure directly
Exploiting human behavior to gain unauthorized access
Using brute force methods to guess passwords
Infecting systems with ransomware
Answer: Exploiting human behavior to gain unauthorized access
Question: Which of the following is a type of malware that spreads by inserting copies of itself into other programs or files?
Answer Choices: Trojan horse
Worm
Virus
Rootkit
Answer: Virus
Question: Which of the following is NOT an example of a strong password practice?
Answer Choices: Using a combination of letters, numbers, and symbols
Reusing the same password across multiple accounts
Creating long and unique passwords
Changing passwords regularly
Answer: Reusing the same password across multiple accounts
Question: Which of the following refers to secretly capturing data packets traveling across a network?
Answer Choices: Phishing
Sniffing
Spamming
Spoofing
Answer: Sniffing
Question: Which of the following refers to ensuring that systems and data are available when needed?
Answer Choices: Availability
Integrity
Confidentiality
Authorization
Answer: Availability
Question: Which of the following is the primary objective of confidentiality in information security?
Answer Choices: Ensuring reliable access to data
Protecting sensitive data from unauthorized access
Preventing downtime of services
Ensuring data accuracy
Answer: Protecting sensitive data from unauthorized access
Question: Which of the following is a measure used to ensure that data is accurate, complete, and has not been altered?
Answer Choices: Confidentiality
Availability
Integrity
Authentication
Answer: Integrity
Question: What is the primary purpose of a proxy server?
Answer Choices: To encrypt data
To provide anonymity and act as an intermediary between a client and the internet
To detect intrusions
To generate authentication codes
Answer: To provide anonymity and act as an intermediary between a client and the internet
Question: Which of the following is the last step in the cybersecurity incident response process?
Answer Choices: Detection
Lessons learned
Containment
Preparation
Answer: Lessons learned
Question: Which of the following is the first step in the cybersecurity incident response process?
Answer Choices: Containment
Eradication
Preparation
Recovery
Answer: Preparation
Question: Which of the following best describes SQL injection?
Answer Choices: Injecting malware into files
Injecting malicious code into a database query
Inserting spyware into applications
Overloading a server with traffic
Answer: Injecting malicious code into a database query