Information Security Quiz

Questions and Answers

What is the key difference between authentication and authorization?

Authentication verifies the identity of a user, while authorization determines the access rights of the user. (correct)

Authorization is used for physical security, while authentication is used for information security.

Authentication determines the access rights of a user, while authorization verifies the identity of the user.

Authentication and authorization are two terms for the same process.

Why do web transmission protocols such as SSL and TLS use multiple forms of encryption?

To ensure compatibility with a wide range of devices and systems.

To comply with legal requirements for data encryption standards.

To provide a layered defense against different types of cyber-attacks. (correct)

To make the encryption process faster and more efficient.

What is the primary purpose of using a hash function to encrypt passwords on a computer system?

To securely store and verify passwords without storing the actual password. (correct)

To make the passwords unreadable to anyone, including the system administrator.

To ensure that passwords are always transmitted in encrypted form.

To allow easy retrieval of forgotten passwords in case of lockouts.

What is the key characteristic of symmetric encryption algorithms such as DES?

They use the same key for both encryption and decryption.

What is the main difference between viruses, worms, and Trojan horses?

Viruses require user interaction to spread, worms can self-replicate, and Trojan horses disguise themselves as legitimate files.