Which of the following methods can be used to ensure integrity of data during transmission?
- A . Passwords
- B . Encryption
- C . Two-factor authentication
- D . Redundancy
Which of the following backup types is best suited for daily use?
- A . Synthetic backup
- B . Full backup
- C . Incremental backup
- D . Differential backup
Which of the following is a security implication of physical access to a computer?
- A . Unauthorized access to data
- B . Improved processor performance
- C . Decreased memory capacity
- D . Increased network speed
You want to access a website that is blocked in your country.
Which of the following solutions would be the most appropriate for accessing the website?
- A . Network-attached storage
- B . Using an unencrypted public Wi-Fi network
- C . A public VPN provider
- D . Clearing your browser’s cache
You are setting up a Bluetooth connection between your smartphone and a wireless speaker.
What security measure should you take to protect your data?
- A . Use a strong and unique password for the Bluetooth connection
- B . Enable Bluetooth pairing mode on your smartphone
- C . Leave the Bluetooth connection open to all nearby devices
- D . Disable Bluetooth after the connection is established
What is the primary function of an endpoint firewall?
- A . To protect a single device from unauthorized access or attacks
- B . To store data securely
- C . To manage hardware components
- D . To improve network performance
What is the darknet?
- A . A type of network that is used for illegal activities
- B . A type of network that is only accessible through TOR
- C . A type of network that is not connected to the internet
- D . Cloud Storage
Which of the following legal concepts is concerned with compensating someone for harm caused by a security breach?
- A . Public law
- B . Copyright law
- C . Financial compensation claims
- D . Liability
What is the purpose of the GDPR?
- A . To encourage the collection and sharing of personal data without restriction
- B . To encourage the use of insecure data storage methods
- C . The GDPR is a type of virus that infects computer systems and steals personal information
- D . To protect personal information of individuals in the European Union
Which of the following is a type of software that is embedded in hardware devices and provides instructions to the hardware to perform specific tasks?
- A . Desktop applications
- B . Server software
- C . Firmware
- D . Web applications
What is blockchain?
- A . Blockchain is a digital currency.
- B . Blockchain is a type of database management system
- C . Blockchain is a proprietary software platform developed by a single company.
- D . A type of database that uses a network of nodes to store information in a decentralized manner
Which of the following is a fraudulent activity designed to deceive individuals into providing sensitive information or transferring funds to unauthorized parties in the context of IT security?
- A . Intrusion detection system
- B . Data encryption
- C . Firewall
- D . Scamming
What is the purpose of an RFID tag?
- A . To enable wireless communication between devices
- B . To store and transfer data wirelessly
- C . To connect devices to the internet
- D . To control network traffic
Which type of asymmetric encryption algorithm provides better security than an equivalent RSA key of the same size and is commonly used in mobile devices?
- A . RSA
- B . Diffie-Hellman
- C . ECC
- D . IDEA
Which of the following is a technology used for sending and receiving encrypted emails in Mozilla Thunderbird?
- A . SMTP
- B . OpenPGP and S/MIME
- C . POP3
- D . IMAP
What is the most effective type of phishing for targeting key executives within an organization?
- A . Spearphishing
- B . Whaling
- C . Vishing
- D . Smishing
You are tasked with securely storing backups of sensitive data in a cloud service.
Which security measure should you implement to help ensure data privacy?
- A . Physical security measures for the cloud server
- B . Encryption of backups before uploading to the cloud service
- C . Two-factor authentication for accessing backups
- D . Password-protected backups
Which of the following is a type of attack where an attacker intercepts and reads network traffic?
- A . Botnet
- B . Traffic interception
- C . DoS
- D . Packet filter
Which of the following pertains to the possible damage resulting from mistakes and service disruptions?
- A . Cost Reduction
- B . Operational Risks
- C . Increased Productivity
- D . System Errors
Which of the following risk management strategies seeks to minimize risk to an acceptable level?
- A . Risk avoidance
- B . Risk transfer
- C . Risk mitigation
- D . Risk acceptance
You suspect that someone has been intercepting and reading the network traffic on your home WiFi network.
What type of attack is this?
- A . Distributed Denial of Service (DDoS)
- B . DoS
- C . Traffic interception
- D . Botnet
Dion Solutions, a large enterprise company, needs to deploy a new software application for their employees to use. They want to make sure that their employees have access to the latest version of the software and that it is easy to manage.
Which cloud deployment model would be the best choice for them?
- A . SaaS
- B . IaaS
- C . PaaS
- D . SECaaS
Which of the following is a key feature of BitLocker?
- A . Free and open-source
- B . Cross-platform support
- C . Integrated with Windows
- D . Encrypts only files
Which of the following threats to personal information uses stolen information to make purchases or obtain loans?
- A . Identity theft
- B . Cyberbullying
- C . Financial fraud
- D . Social engineering attack
Which of the following is an example of confidential information?
- A . Publicly available information
- B . Bug Bounty programs
- C . Public press releases
- D . Personal identification numbers (PINs)
Which of the following is true about S/MIME?
- A . S/MIME provides end-to-end encryption and digital signatures for email communications.
- B . S/MIME provides protection against spam.
- C . S/MIME is limited to certain email clients.
- D . S/MIME is a server that manages email communications.
Which of the following is the role of OpenPGP key servers?
- A . OpenPGP key servers manage email communications.
- B . OpenPGP key servers are only used with Mozilla Thunderbird.
- C . OpenPGP key servers provide antivirus protection for email communications.
- D . They allow users to store and retrieve public keys associated with an email address.
Which of the following is a plain text protocol?
- A . SSL
- B . HTTP
- C . TLS
- D . HTTPS
Which of the following devices is an example of an IoT device?
- A . Router
- B . Smartphone
- C . Desktop computer
- D . Printer
Which of the following is a router that is used as a gateway to forward traffic from a device to other networks?
- A . Default Gateway
- B . Switch
- C . Modem
- D . Access Point
Which term describes the ability to prove that a specific individual or entity performed an action, such as sending a message or conducting a transaction?
- A . Non-repudiation
- B . Confidentiality
- C . Availability
- D . Integrity
What is a script blocker?
- A . A browser extension that prevents pop-up windows
- B . A browser extension that removes or blocks advertisements
- C . A browser extension that blocks scripts from running on websites
- D . A browser extension that helps users control and manage cookies
You are concerned about your internet activity being tracked by your ISP.
Which of the following solutions would be the most appropriate for protecting your privacy?
- A . End-to-end encryption
- B . TOR
- C . Transfer encryption
- D . Disabling your firewall
Your computer has become infected with a program that is causing it to perform slowly and display unwanted advertisements.
What type of attack is this?
- A . DoS
- B . Malware
- C . Phishing
- D . Exploit
What is Trusted Computing?
- A . A protocol for secure communication between devices
- B . A method for encrypting data on a physical medium
- C . A security standard for IoT devices
- D . A set of hardware and software technologies to enhance security
What is the primary goal of an attacker who interrupts services, such as by launching a Distributed Denial of Service (DDoS) attack?
- A . To manipulate or delete data
- B . To extort ransom from the targeted organization
- C . To cause a disruption in the availability of the targeted system or service
- D . To gain unauthorized access to the targeted system or service
Which of the following is an example of an administrative control?
- A . Firewalls
- B . Biometric scanners
- C . Password policies
- D . Intrusion detection systems
Which tool can help protect your privacy by preventing user tracking through browser fingerprinting?
- A . HTTP cookies
- B . User tracking software
- C . Script blockers
- D . Ad blockers
As the IT administrator of a company, you are responsible for implementing a cloud storage solution. You need to consider the potential issues related to the use of cloud services, especially concerning data synchronization and accessibility.
Which of the following should you be particularly aware of when deploying the cloud storage solution?
- A . Data loss prevention
- B . Encryption at rest
- C . Data redundancy
- D . Dependence on Internet connection
What is multi-factor authentication (MFA)?
- A . A tool used to bypass authentication
- B . A security measure that uses only one factor to authenticate a user
- C . A security measure that uses multiple factors to authenticate a user
- D . A tool used to securely store passwords
What is OpenPGP?
- A . An email client for encryption and signing messages.
- B . An open-source implementation of the S/MIME standard.
- C . An open standard for email encryption and signing using public key cryptography.
- D . A certificate authority (CA) for S/MIME encryption.
Which of the following terms refers to the deliberate act of accessing, manipulating, or deleting data without authorization?
- A . Firewall
- B . Encryption
- C . Phishing
- D . Hacking
What device is used to cable network jacks from a wall into a central location for termination into a single punch down block?
- A . Router
- B . Firewall
- C . Switch
- D . Patch panel
What is a common function of adware?
- A . Encrypting data on a system
- B . Stealing sensitive information
- C . Displaying unwanted advertisements
- D . Providing remote access to a system
What is single sign-on (SSO)?
- A . A tool used to securely store and generate passwords
- B . A tool used to create weak passwords
- C . A tool used to decrypt passwords
- D . A tool that allows users to log in to multiple systems with a single set of credentials
Which of the following is a common source for security incident information and guidance?
- A . Computer Emergency Response Team (CERT)
- B . Security incident response plan
- C . Risk assessment report
- D . IT forensics report
Your friend complains that they recently installed a new browser extension to help find online discounts. However, since installing it, they have been experiencing an excessive amount of pop-up ads and unrelated advertising banners on web pages.
What type of malware is most likely responsible for these symptoms?
- A . Trojan malware
- B . Adware
- C . Ransomware
- D . Spyware
You work for a large company that has employees who need to access the company network from remote locations.
Which of the following solutions would be the most appropriate for providing secure remote access?
- A . An organization-specific VPN
- B . Setting up an open Wi-Fi network
- C . Using plaintext email for communication
- D . Relying on FTP for file transfers
You are using a public Wi-Fi network at a coffee shop to access sensitive information.
What security measure should you take to protect your information?
- A . Use a weak password for your accounts
- B . Share your login credentials with others using the same Wi-Fi network
- C . Leave your computer unattended while you step away
- D . Use a virtual private network (VPN) to encrypt your data
What is the purpose of The Onion Router (TOR) network?
- A . Anonymity and Privacy
- B . Network Monitoring
- C . Data Storage
- D . Speed Optimization
What is one of the primary factors that determines data retention requirements for backups?
- A . The cost implications of retaining backup data for extended periods
- B . The sensitivity of the data being backed up
- C . The length of time an organization has been in operation
- D . Regulatory requirements and compliance
What is the purpose of a Public Key Infrastructure (PKI)?
- A . To manage private keys
- B . To manage digital certificates and public keys
- C . To manage user accounts
- D . To manage encryption algorithms
Which of the following provides even stronger security through the use of Simultaneous Authentication of Equals (SAE) encryption?
- A . WPA3
- B . WPA2
- C . WEP
- D . WPA
Which of the following is a characteristic of a secure password?
- A . Short length
- B . No special characters
- C . Complexity
- D . Infrequent changes
What are some security risks associated with Smart Devices and IoT networks?
- A . Overheating and battery malfunction
- B . Poor internet connectivity and network lag
- C . Data breaches and unauthorized access
- D . Display and resolution issues
What do web browsers check when verifying the validity of an X.509 certificate?
- A . subjectAltName
- B . Expiration date and issuer
- C . Key usage
- D . Subject
You want to send a private message to a friend using an instant messaging app.
Which of the following solutions would be the most appropriate for ensuring the privacy of your conversation?
- A . TOR
- B . A proxy server
- C . Transfer encryption
- D . End-to-end encryption
What potential issue can arise from using some security tools that mistakenly identify legitimate activities as malicious?
- A . False positives
- B . False negatives
- C . Improved detection accuracy
- D . Reduced system performance impact
Which of the following terms refers to a process of evaluating a system’s security posture?
- A . Security Audit
- B . CVE
- C . Security assessments
- D . ISMS
Which of the following is a fraudulent Wi-Fi access point that appears to be legitimate and is used to eavesdrop on wireless communications?
- A . Captive portal
- B . De-authentication attack
- C . Karma attack
- D . Evil twin
Which of the following backup types only copies data that has changed since the last backup, regardless of which type of backup it was last performed?
- A . Full backup
- B . Incremental backup
- C . Differential backup
- D . Synthetic backup
Which of the following is a private IPv4 address?
- A . 2001:0db8:85a3:0000:0000:8a2e:0370:7334
- B . AC:DE:48:00:11:22
- C . 172.16.0.1
- D . 66.23.15.63
Which of the following is an example of a hybrid encryption scheme?
- A . RSA
- B . HTTPS
- C . AES
- D . SHA-256
Which of the following is a network of compromised devices used to perform malicious activities?
- A . Man in the Middle
- B . Traffic interception
- C . DoS
- D . Botnet
What is email spam?
- A . Sensitive information sent via email
- B . Unsolicited and unwanted email
- C . Emails from trusted sources
- D . Encrypted email
Which protocol is used to translate domain names into IP addresses?
- A . DHCP
- B . SMTP
- C . 802.11
- D . DNS
Which backup rotation scheme uses a sequence of full, differential, and incremental backups to create a backup history?
- A . Tower of Hanoi
- B . Grandfather-Father-Son
- C . 3-2-1 Backup Rule
- D . Monthly-Weekly-Daily
Which concept ensures that only the intended recipients can read a message?
- A . End-to-end encryption
- B . Transfer encryption
- C . TOR
- D . Proxy servers
Which of the following is a wired network connection commonly used for local area networks?
- A . Twisted pair
- B . Bluetooth
- C . Fiber optic
- D . Coaxial
What is the potential risk of publishing personal information online?
- A . Enhanced privacy
- B . Identity theft
- C . Increased productivity
- D . Improved mental health
Which of the following encryption methods is used for email encryption and requires the use of a public key and a private key pair?
- A . Certificate Authority
- B . S/MIME
- C . OpenPGP
- D . SMTP STARTTLS
Which of the following is used to verify the identity of a website?
- A . X.509 digital certificate
- B . SSL/TLS
- C . Certificate Signing Request (CSR)
- D . Diffie-Hellman key exchange
Which of the following is the BEST way to securely procure and install software?
- A . Downloading software from an unsecured website
- B . Purchasing software from an unverified vendor
- C . Installing software from a USB drive
- D . Installing software from an app store
Which of the following is a network address used to identify devices in layer three of the OSI model?
- A . TCP port number
- B . DNS address
- C . MAC address
- D . IP address
What is the purpose of a rootkit?
- A . To increase network speed
- B . To encrypt data on a system
- C . To detect and remove malware
- D . To provide remote access to a system
Which of the following is a characteristic of Perfect Forward Secrecy (PFS)?
- A . It relies on a single long-term private key for all sessions.
- B . It is not used in modern encryption protocols.
- C . It generates a unique session key for each session.
- D . It uses symmetric encryption for all sessions.
What is an non-disclosure agreement (NDA)?
- A . An agreement to not disclose any information
- B . A contract that requires sharing confidential information with others in a business relationship
- C . An agreement to disclose all information
- D . An agreement to disclose some information
What is a major security concern when installing mobile applications from unknown sources?
- A . Malware infection
- B . Incompatible hardware components
- C . Reduced storage capacity
- D . Limited network connectivity
What are email spam filters?
- A . Filters used to block sensitive information sent via email
- B . Filters used to block all incoming email
- C . Filters used to block only unsolicited and unwanted email
- D . Filters used to block all outgoing email
What is end-to-end encryption?
- A . A method for optimizing website performance
- B . A software development process
- C . A type of encryption that protects data as it travels between two endpoints
- D . A technique for compressing files
Which of the following is a security implication of shared access to data in the cloud?
- A . Increased risk of unauthorized access to data
- B . Improved data security
- C . Improved data accessibility
- D . Decreased risk of data loss
Which of the following fields in an X.509 certificate identifies the domain name of a website?
- A . Issuer
- B . Subject
- C . Validity
- D . subjectAltName
Which of the following concepts is related to the process of verifying a user’s identity?
- A . Authorization
- B . Digital identity
- C . Authentication
- D . Accounting
What is information classification?
- A . The process of deleting information
- B . The process of encrypting information
- C . The process of categorizing information based on its sensitivity
- D . The process of sharing information with others
Which protocol provides secure communication over the Internet by encrypting data in transit?
- A . SMTP
- B . FTP
- C . HTTP
- D . HTTPS