Full Transcript

1. Data masking is a technique used to hide sensitive information by replacing it with fictional data. - **True** 2. Data encryption at rest is not necessary if the data is encrypted during transmission. - **False** 3. A Denial of Service (DoS) attack attempts to make a ma...

1. Data masking is a technique used to hide sensitive information by replacing it with fictional data. - **True** 2. Data encryption at rest is not necessary if the data is encrypted during transmission. - **False** 3. A Denial of Service (DoS) attack attempts to make a machine or network resource unavailable to its intended users. - **True** 4. Two-factor authentication (2FA) enhances security by requiring two forms of verification before granting access. - **True** 5. What type of attack involves overwhelming a system with traffic to make it unavailable to users? - **Denial of Service (DOS)** 6. Ransomware encrypts the victim\'s data and demands payment for the decryption key. - **True** 7. Encrypting data ensures that it cannot be accessed by unauthorized users. - **True** 8. What computer threat involves the attacker intercepting and altering communication between the two parties? - **Man-in-the-middle** 9. Data integrity refers to the accuracy and consistency of data over its lifecycle. - **True** 10. Zero-day vulnerabilities are security flaws that are known to the software vendor but not yet patched. - **True** 11. A strong password should be easy to remember. - **False** 12. A Distributed Denial of Service (DDoS) attack aims to steal sensitive data from a target server. - **False** 13. Keeping your operating system and software up to date reduces your risk of infection. - **True** 14. Educating employees about phishing and conducting regular security training can significantly reduce the risk of phishing attacks in an organization. - **True** 15. You will receive an email that appears to be from your bank asking you to verify your account information by clicking on the link. The email looks legitimate, but you are suspicious. What type of threat is this scenario most likely an example of? - **Phishing** 16. Phishing attacks often involve tricking users into providing sensitive information through deceptive emails or websites. - **True** 17. All phishing emails are immediately flagged and moved to the spam folder by email security filters. - **False** 18. What is the primary purpose of a firewall in network security? - **To prevent unauthorized access** 19. Using default database passwords is an acceptable practice in data management. - **False** 20. Antivirus software is the only defense you need against computer threats. - **False** 21. Strong passwords are at least 8 characters long and include a mix of letters, numbers, and symbols. - **True** 22. SSL/TLS certificates are used to establish a secure, encrypted connection between a web server and a client. - **True** 23. Using secure coding practices helps prevent vulnerabilities in software that could be exploited to access data. - **True** 24. Network Intrusion Detection Systems (NIDS) can prevent attacks by blocking malicious traffic in real-time. - **False** 25. Having strong physical security measures in place can mitigate the risks posed by insider threats. - **True** 26. What is the primary function of a Network Intrusion Detection System (NIDS)? - **To detect and alert on suspicious network activity** 27. Installing antivirus software is enough to completely secure a computer. - **False** 28. A data retention policy defines how long data should be kept and when it should be deleted. - **True** 29. A firewall can protect a computer from all types of malware. - **False** 30. Access control mechanisms are used to restrict access to data based on user roles. - **True** 31. Data classification involves categorizing data based on its sensitivity and importance to the organization. - **True** 32. Using a public Wi-Fi network for sensitive transactions, such as online banking, is secure if the website uses HTTPS. - **False** 33. After connecting to a public Wi-Fi network, a user notices that their communications are being intercepted and altered by an attacker. What type of attack is this scenario most likely describing? - **Man-in-the-middle** 34. Regular data backups are a crucial part of data management and IT security. - **True** 35. What is the purpose of using SSL/TLS in internet communications? - **To ensure the integrity, confidentiality, and authenticity of data** 36. Phishing attacks often involve tricking individuals into providing sensitive information via email. - **True** 37. Physical security is only concerned with protecting hardware from theft and does not involve securing facilities from environmental hazards like fire or flooding. - **False** 38. Auditing and monitoring data access logs are unnecessary if access controls are in place. - **False** 39. Spyware is a type of malware designed to gather information about a person or organization without their knowledge. - **True** 40. Using a strong password on your router protects your devices from malware on websites you visit. - **False** 41. The company wants to store customer credit card information securely in their database. Which method is the most appropriate to ensure that even if the database is compromised, the information remains secure? - **Symmetric Encryption** 42. Clicking on a link in a suspicious email is harmless as long as you don\'t download anything. - **False** 43. Free public Wi-Fi is perfectly safe for browsing the internet. - **True** 44. Sharing your home network\'s IP address publicly automatically makes your devices vulnerable to hackers. - **True** 45. A data breach only occurs when an external attacker gains access to sensitive information. - **False**

Use Quizgecko on...
Browser
Browser