22 Questions
What is the primary purpose of implementing multi-factor authentication (MFA) in card-based authentication systems?
To increase the level of security by requiring multiple forms of verification
Which of the following social engineering techniques involves creating a fabricated scenario to manipulate targets?
Pretexting
Which of the following security controls is recommended to protect RFID access badges from unauthorized access?
Using shielded wallets or sleeves
Which of the following fundamental security concepts does the CIA triad represent?
Confidentiality, Integrity, Availability
Which of the following social engineering techniques involves impersonating a trusted figure to gain the target's trust?
Impersonation
Which of the following is a recommended security awareness practice to mitigate social engineering attacks?
Educating users about social engineering threats
What is the primary motivation of nation-state actors in cyber attacks?
Achieving long-term strategic goals
What is an insider threat?
A threat posed by individuals within an organization who have authorized access
Which of the following is NOT a form that an insider threat can take?
Distributed Denial of Service (DDoS) attack
What is the best way for organizations to mitigate the risk of an insider threat?
All of the above
What is shadow IT?
The use of unauthorized IT systems and applications within an organization
Which security principle is primarily concerned with ensuring that only authorized individuals or entities have access to information or systems?
Access control
What is the primary function of a stage one dropper or downloader?
Retrieve additional portions of malware code
Which indicator may suggest a possible malware attack according to the text?
Multiple simultaneous user sessions
What is the purpose of out-of-cycle logging in cybersecurity monitoring?
To generate logs at odd hours
What is data protection primarily focused on?
Safeguarding information from corruption, compromise, or loss
How can data classification help organizations?
Provide appropriate protection resources allocation
Which term refers to a strategy to prevent sensitive information from leaving an organization?
Data tokenization
What type of data is regulated by laws and governance structures within a specific nation?
Data sovereignty
Which method is NOT commonly used for securing data?
'Living off the Land' strategy
What is the main objective of the 'Actions on Objectives' phase carried out by threat actors?
'Data exfiltration' and file encryption
'Resource Inaccessibility' may be an indicator of which type of malware attack?
'Ransomware'
Test your knowledge on implementing advanced encryption, multi-factor authentication, updating security protocols, educating users, shielded wallets, access log monitoring, and more in card-based authentication systems. This quiz is based on the CompTIA Security+ (SY0-701) study notes with a focus on social engineering objectives.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free