Information Assuarance Fundamentals

Contents

Results

#1. What term refers to the protection of information systems against unauthorized access, disclosure, disruption, modification, or destruction?

Cybersecurity

Encryption

Data integrity

Network security

#2. Which of the following is a common method for ensuring the confidentiality of sensitive information during transmission over the internet?

Firewalls

Virtual Private Network (VPN)

Antivirus software

Intrusion Detection System (IDS)

#3. The process of converting plaintext into ciphertext to secure data is known as:

Decryption

Hashing

Encryption

Authentication

#4. What is the primary purpose of a firewall in the context of internet security?

Data encryption

Access control

Virus detection

Network monitoring

#5. Two-factor authentication typically involves the combination of:

Username and password

Fingerprint and retina scan

Security question and answer

Smart card and PIN

#6. Which of the following combinations is typically used in Two-Factor Authentication (2FA)?

Something you know and something you have

Something you are and something you possess

Something you remember and something you prove

Something you possess and something you inquire

#7. Which type of malware disguises itself as legitimate software but carries out malicious activities without the user's knowledge?

Spyware

Adware

Trojan horse

Worm

#8. In the context of internet security, what does the term "phishing" refer to?

Gaining unauthorized access to a system

Intercepting network traffic

Sending deceptive emails to trick individuals into revealing sensitive information

Modifying data packets during transmission

#9. The process of verifying the identity of a user, system, or application is called:

Authorization

Authentication

Access control

Encryption

#10. Which cryptographic algorithm is commonly used for secure communication over the internet, providing confidentiality and integrity?

RSA

AES

MD5

SHA-1

#11. 10. What is the purpose of a Virtual Private Network (VPN) in the context of internet security?

a) Securely connect remote users to a private network over the internet

b) Block malicious websites

c) Encrypt data stored on a local server

d) Monitor network traffic for anomalies

#12. 11. The term "zero-day vulnerability" refers to:

a) A software bug that has been exploited for zero days

b) A newly discovered security flaw with no available patch or fix

c) A type of encryption algorithm

d) The first day of a cyber attack

#13. 12. What is the primary goal of access control in information security?

a) Ensure data confidentiality

b) Prevent unauthorized access to systems and resources

c) Detect and remove malware

d) Monitor network traffic for suspicious activities

#14. 13. Which security measure involves encoding information to make it unreadable without the appropriate decryption key?

a) Authentication

b) Authorization

c) Encryption

d) Firewall

#15. 14. A security token, such as a smart card or hardware token, is an example of:

a) Encryption technology

b) Biometric authentication

c) Two-factor authentication

d) Intrusion Detection System (IDS)

#16. 15. What is the purpose of an Intrusion Detection System (IDS) in the context of internet security?

a) Encrypt data transmission

b) Monitor and detect suspicious activities or attacks

c) Control access to network resources

d) Filter malicious emails

#17. 16. The process of ensuring that data is not altered or tampered with during transmission or storage is known as:

a) Authentication

b) Encryption

c) Data integrity

d) Access control

#18. 17. Which of the following is a best practice for password security?

a) Use easily guessable passwords

b) Share passwords with trusted colleagues

c) Use a combination of uppercase and lowercase letters, numbers, and symbols

d) Never change passwords

#19. 18. What is the primary purpose of a Secure Sockets Layer (SSL) certificate on a website?

a) Protect against phishing attacks

b) Ensure data integrity during transmission

c) Encrypt communication between the web server and the user's browser

d) Block malicious software downloads

#20. 19. The term "denial of service" (DoS) refers to:

a) Unauthorized access to a system

b) Encrypting data to make it unreadable

c) Overloading a system or network to disrupt normal functioning

d) Intercepting communication between two parties

#21. 20. The concept of "least privilege" in access control involves:

a) Providing users with the highest level of access by default

b) Granting access to all resources on the network

c) Giving users the minimum level of access necessary for their job roles

d) Allowing unrestricted access to sensitive information

#22. 21. Which type of malware is designed to spread rapidly across a network, often exploiting software vulnerabilities?

a) Adware

b) Worm

c) Trojan horse

d) Ransomware

#23. 22. A biometric authentication method that analyzes the physical characteristics of an individual's face is called:

a) Fingerprint recognition

b) Iris scanning

c) Facial recognition

d) Voice authentication

#24. 23. The process of regularly updating and patching software to address known vulnerabilities is known as:

a) Intrusion detection

b) Software hardening

c) Vulnerability management

d) Network segmentation

#25. 24. Which of the following is an example of a physical security measure in the context of information assurance?

a) Firewalls

b) Biometric authentication

c) Security cameras

d) Encryption algorithms

#26. 25. The term "social engineering" refers to:

a) Hacking social media accounts

b) Manipulating individuals to disclose confidential information

c) Building social networks for cybersecurity professionals

d) Enhancing interpersonal skills for cybersecurity jobs

#27. 26. The process of backing up data regularly and storing it in a separate location is a strategy for:

a) Data integrity

b) Disaster recovery

c) Access control

d) Encryption

#28. 27. What is the primary purpose of a proxy server in the context of internet security?

a) Encrypt data transmission

b) Monitor network traffic for anomalies

c) Control and filter access to web resources

d) Authenticate users

#29. 28. The concept of "sandboxing" involves:

a) Creating a secure area for testing and executing untrusted code

b) Encrypting sensitive data during transmission

c) Filtering malicious emails

d) Analyzing network traffic for potential threats

#30. 29. The process of validating the integrity and authenticity of digital messages or documents is achieved through:

a) Biometric authentication

b) Digital signatures

c) Two-factor authentication

d) Hashing algorithms

#31. 30. The principle of "security through obscurity" suggests:

a) Relying on hidden security measures to protect information

b) Openly sharing security protocols for transparency

c) Avoiding encryption to maintain system simplicity

d) Using easily guessable passwords for accessibility

Finish