Security Concepts

Quiz Summary

0 of 17 Questions completed

Questions:

You have already completed the quiz before. Hence you can not start it again.

Quiz is loading…

You must sign in or sign up to start the quiz.

You must first complete the following:

Results

Quiz complete. Results are being recorded.

Results

0 of 17 Questions answered correctly

Your time:

You have reached 0 of 0 point(s), (0)

Current
Review
Answered
Correct
Incorrect

Question 1 of 17

1. Question
Match the correct description/explanation to the term.
Sort elements
- is the practice of controlling access to something (a resource).
- this means that the information should only be known to authorized users.
- this means that the information is stored and transferred as intended and that any modification is authorized.
- this means that the information is accessible to those authorized to view or modify it
- Security
- Confidentiality
- Integrity
- Availability
Correct

Incorrect
Question 2 of 17

2. Question
Confidentiality means that information is only revealed to authorized people. Which of the following are confidentiality concerns? (Choose all that apply)
- Snooping
- Eavesdropping/wiretapping
- Social engineering/dumpster diving
- Man-in-the-Middle (MitM)
Correct

Incorrect
Question 3 of 17

3. Question
Integrity means that the data being stored and transferred has not been altered without authorization. Which of the following are integrity concerns? (Choose all that apply)
- Man-in-the-Middle (MitM)
- Snooping
- Replay
- Impersonation
Correct

Incorrect
Question 4 of 17

4. Question
Availability means keeping a service running so that authorized users can access and process data whenever necessary. Which of the following are availability concerns?
- Denial of Service (DoS)
- Impersonation
- Power outage
- Hardware failure
- Destruction
- Service outage
Correct

Incorrect
Question 5 of 17

5. Question
An access control system normally consists of one or more of the following types of controls: (Choose all that apply)
- Authentication
- Authorization
- Accounting
- Identification
Correct

Incorrect
Question 6 of 17

6. Question
Social engineering refers to means of getting users to reveal confidential information or obtaining unauthorized physical access to a resource.

What are some social engineering techniques? (Choose all that apply)
- Impersonation
- Trust and Dumpster Diving
- Identity Fraud
- Shoulder Surfing
- Destruction
- Denial of Service (DoS)
Correct

Incorrect
Question 7 of 17

7. Question
Windows authentication involves which of the following? (Choose all that apply)
- Windows local sign-in
- Windows network sign-in
- Remote sign-in
- Windows vector sign-in
Correct

Incorrect
Question 8 of 17

8. Question
With knowledge-based authentication passwords are stored as a __________________.
- key
- certificate
- hash
- text
Correct

Incorrect
Question 9 of 17

9. Question
Which of the following authentication method is the MOST appropriate to use?
- Multifactor
- Single-factor
Correct

Incorrect
Question 10 of 17

10. Question
John wants to make sure that he is the only person that can access his Bank account and no one else. How should John proceed?
- use something he knows and a password.
- Use something he have and a smart card.
- use a smart card and a location based device
Correct

Incorrect
Question 11 of 17

11. Question
John was using single factor authentication to access his network resources. One morning he reported to the IT department that he suspects his account has been compromised. Which did john most likely do? (Choose all that apply)
- His password could be written down or shared.
- He was the subject of a social engineering attack
- He received a text on his phone to verify he was logging into the system
Correct

Incorrect
Question 12 of 17

12. Question
Which of the following is represents identification?
- Identifies who you are
- Proving who you are
- Determine what rights you have to specific resources
- Tracking usage and access to resources and systems
Correct

Incorrect
Question 13 of 17

13. Question
A company purchased a software package and was told that it was infected with a specific type of malware? Which of the following should the company likely have done?
- Vendor Assessment
- Threat Research
- Least privilege
Correct

Incorrect
Question 14 of 17

14. Question
What are some of the general principles of Privileged access management (PAM)? Match them to their respective description/definition.
Sort elements
- Grants sufficient rights to perform a job and no more.
- Rights are granted based on roles
- Applies all necessary measures to security, without relying on a single entity.
- Least privilege
- Role-based access
- Zero trust
Correct

Incorrect
Question 15 of 17

15. Question
What is the difference between vulnerability assessment and Penetration testing?
- Vulnerability testing is non-intrusive while penetration testing is intrusive.
- Pretesting testing is non-intrusive while vulnerability testing is intrusive.
Correct

Incorrect
Question 16 of 17

16. Question
What is the difference between posture assessment and process assessment as it relates to risk? (Choose all that apply)
factors
- Posture assessment normally references an IT or security framework, while process assessment works within the confine /something specific within the framework
- Process assessment normally references an IT or security framework while posture assessment relates to overall risk.
- Posture assessment relates to overall risk, while process assessment while process assessment evaluates specific risk factors.
Correct

Incorrect
Question 17 of 17

17. Question
Risk management is a process for identifying, assessing, and mitigating vulnerabilities and threats to the essential functions that a business must perform to serve its customers.
- True
- False
Correct

Incorrect

Security Concepts

Quiz Summary

Information

Results

Results

Categories

1. Question

Sort elements

2. Question

3. Question

4. Question

5. Question

6. Question

7. Question

8. Question

9. Question

10. Question

11. Question

12. Question

13. Question

14. Question

Sort elements

15. Question

16. Question

17. Question