Network and Endpoint Security Quiz
20 Questions
7 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the main purpose of the BYOD (Bring Your Own Device) policy in Endpoint Security?

  • To connect private devices to the company network
  • To detect and respond to malicious activity
  • To enforce data protection
  • To expand the enterprise security perimeter (correct)

Which component of Endpoint Security blocks incoming and outgoing connections to/from the workstation?

  • HIDS/HIPS
  • Internal Firewall (correct)
  • Sandbox
  • Device Control

Which component of Endpoint Security focuses on detecting and responding to malicious activity on the host?

  • EDR (correct)
  • Sandbox
  • HIDS/HIPS
  • AV

What is the difference between EDR and AV?

<p>AV has a single purpose: detecting and removing malware (D)</p> Signup and view all the answers

What is the main benefit of securing endpoints with real-time visibility of all activities?

<p>To prevent attacks from becoming breaches (D)</p> Signup and view all the answers

Which open-source and cross-platform AV software is mainly a CLI tool?

<p>ClamAV (B)</p> Signup and view all the answers

What type of signature does ClamAV use to compare specific sequences of suspicious file bytes with malware models stored in a database?

<p>Body-Based Signature (A)</p> Signup and view all the answers

What is the file extension for YARA rules in ClamAV?

<p>.yara (A)</p> Signup and view all the answers

What is the maximum number of strings allowed per YARA rule in ClamAV?

<p>64 (C)</p> Signup and view all the answers

What is the purpose of the PhishSigs database in ClamAV?

<p>To store file signatures related to phishing (B)</p> Signup and view all the answers

Which of the following best describes the purpose of antivirus software?

<p>To detect and remove viruses (B)</p> Signup and view all the answers

What is a false positive in the context of antivirus software?

<p>A test result falsely indicates the presence of a condition (B)</p> Signup and view all the answers

What is a zero-day flaw?

<p>A newly discovered flaw in a program (A)</p> Signup and view all the answers

Which of the following techniques can be used to bypass antivirus software?

<p>All of the above (D)</p> Signup and view all the answers

Why is it important to update antivirus signatures?

<p>To evolve and adapt to new viruses (A)</p> Signup and view all the answers

What is the best practice regarding the number of antivirus software installed on a workstation?

<p>Only one antivirus software should be installed (C)</p> Signup and view all the answers

What is a false negative in the context of antivirus software?

<p>A test result mistakenly negates a condition (A)</p> Signup and view all the answers

What are some causes of false positives in antivirus software?

<p>Heuristics, behavioral analysis, and machine learning (A)</p> Signup and view all the answers

What does the term 'zero-day flaws' refer to?

<p>Newly discovered flaws in programs (D)</p> Signup and view all the answers

What is the purpose of network and endpoint security?

<p>All of the above (D)</p> Signup and view all the answers

More Like This

Use Quizgecko on...
Browser
Browser