uizGPTInformation Security Quiz & Flashcards
Master Information Security concepts with our interactive study cards featuring 52 practice Quiz questions and 57 flashcards to boost your exam scores and retention in Government.
Quiz Complete!
0%
0
You are currently studying 10 out of 52 Questions
Sign in to unlock allCreate your own study sets
Turn any PDF, lecture notes, or ChatGPT conversation into interactive quizzes in seconds.
52 Multiple Choice Questions and Answers on Information Security
Revise and practice with 52 comprehensive MCQ on Information Security, featuring detailed explanations to deepen your understanding of Government Quiz concepts. Perfect for quick review and exam preparation.
1 What is the primary purpose of encryption?
Encryption encodes data to prevent unauthorized access, not for speed, size, or redundancy.
2 Which principle of the CIA Triad is concerned with ensuring data is accurate and trustworthy?
Integrity ensures data accuracy and consistency; confidentiality and availability do not address accuracy.
3 How does a firewall protect a network?
Firewalls filter traffic to protect networks, not encrypt data, store backups, or provide internet speed.
4 What type of attack involves tricking individuals into providing confidential information?
Social engineering involves manipulating individuals; phishing is a form of it but not the only one.
5 Which of the following is a common method to enhance security by requiring multiple verification methods?
MFA requires multiple verification methods; SSO is one sign-on, not multiple verifications.
6 What is the main function of a Security Information and Event Management (SIEM) system?
SIEM systems aggregate and analyze security data, not encrypt, manage passwords, or update software.
7 Which attack involves overwhelming a service with excessive requests?
A DoS attack overwhelms a service; phishing, SQL injection, and XSS are different attack types.
8 What does a Virtual Private Network (VPN) primarily provide?
VPNs encrypt internet traffic; they do not inherently increase speed, reduce usage, or remove viruses.
9 What distinguishes a Distributed Denial of Service (DDoS) attack from a standard DoS attack?
DDoS uses multiple systems; a standard DoS uses one. Neither specifically targets websites or encrypts traffic.
10 What is a primary goal of encryption in information security?
Encryption ensures data confidentiality; it does not reduce size, boost performance, or streamline processing.
11 Which term refers to a network of compromised computers used for malicious purposes?
A botnet is a network of compromised computers; firewalls, VPNs, and malware are different concepts.
12 What is the main purpose of a penetration test?
Penetration tests identify vulnerabilities, not encrypt data, increase speed, or backup data.
13 What does a Data Loss Prevention (DLP) system protect against?
DLP systems protect against unauthorized data access, not changes in speed, redundancy, or transmission.
14 Which of the following is a method of verifying identity using biological characteristics?
Biometrics uses biological characteristics for verification; passwords, encryption, and access lists do not.
15 What is a common characteristic of a Trojan Horse malware?
Trojans disguise as legitimate software; they are not self-replicating, nor do they affect speed or defragmentation.
16 How does a Man-in-the-Middle (MitM) attack compromise security?
MitM attacks intercept communications; they do not encrypt, backup, or increase redundancy of data.
17 What is a primary function of a Security Token?
Security tokens provide authentication; they do not encrypt, increase speed, or manage backups.
18 Which type of malware is specifically designed to demand payment by encrypting user data?
Ransomware encrypts data for payment; spyware, adware, and Trojans have different purposes.
19 What does patch management primarily involve?
Patch management updates software to fix vulnerabilities; it does not backup, encrypt, or monitor speed.
20 What is the role of an Intrusion Detection System (IDS)?
IDS monitors for suspicious activity; it does not speed up, encrypt, or update data or software.
21 What type of attack is SQL Injection?
SQL Injection manipulates databases via code injection; it does not overload, spy, or intercept.
22 How does a Cross-Site Scripting (XSS) attack work?
XSS injects malicious scripts; it does not overload, intercept, or encrypt data.
23 What is the main purpose of a sandbox in information security?
Sandboxes isolate untrusted programs; they do not increase speed, encrypt, or backup files.
24 What is the function of Public Key Infrastructure (PKI)?
PKI manages certificates and encryption; it does not handle redundancy, speed, or defragmentation.
25 Which of the following best describes a Zero Trust Model?
Zero Trust assumes no inherent trust inside or outside; it does not trust internal, external, or encrypted data by default.
26 What is a common aim of a brute force attack?
Brute force attacks aim to crack passwords; they do not encrypt, backup, or monitor traffic.
27 What is the role of an Intrusion Prevention System (IPS)?
IPS detects and prevents threats; it does not encrypt, backup, or increase speed.
28 What does a Zero-day exploit take advantage of?
Zero-day exploits target unpatched vulnerabilities; they do not use known, patched, or encrypted data.
29 Which of the following is a common feature of spyware?
Spyware monitors activity; it does not encrypt, speed up, or backup data.
30 What is the main benefit of using a hash function?
Hash functions ensure integrity by generating fixed-size strings; they do not encrypt, increase redundancy, or monitor.
31 Which method helps to verify the authenticity and integrity of a digital message?
Digital signatures verify authenticity and integrity; encryption, backup, and firewalls do not directly do this.
32 What is the primary role of network segmentation?
Network segmentation improves security by isolation; it does not inherently speed up, encrypt, or defragment.
33 What is the function of a digital signature?
Digital signatures verify authenticity; they do not encrypt, store, or backup messages.
34 Which scenario is an example of a phishing attack?
Phishing involves fraudulent emails asking for information; the other options are different attack types.
35 What is the main function of an Access Control List (ACL)?
ACLs regulate access to resources; they do not encrypt, speed up, or backup data.
36 What does a security audit primarily evaluate?
Security audits evaluate system security; they do not assess speed, redundancy, or encryption specifically.
37 What is a primary characteristic of Advanced Persistent Threats (APTs)?
APTs are prolonged and targeted; they are not random, quick, or focused on speed or encryption.
38 Which of the following is a primary function of a Security Information and Event Management (SIEM) tool?
SIEM tools aggregate and analyze security data; they do not encrypt, backup, or defragment data.
39 What is the primary purpose of a vulnerability assessment?
Vulnerability assessments identify vulnerabilities; they do not encrypt, backup, or enhance speed.
40 What is a key benefit of network segmentation?
Network segmentation improves security by isolation; it does not increase speed, encrypt, or reduce redundancy.
41 How does two-factor authentication enhance security?
Two-factor authentication requires two IDs; it does not encrypt, speed up logins, or create backups.
42 What is the primary goal of a Security Token?
Security tokens authenticate identity; they do not encrypt, speed up, or backup data.
43 In information security, what is the role of a digital certificate?
Digital certificates verify identities; they do not encrypt, backup, or defragment data.
44 How can encryption help protect data?
Encryption converts data into unreadable code; it does not speed up, increase redundancy, or monitor traffic.
45 Which of the following describes the main purpose of a firewall?
Firewalls monitor and control traffic; they do not encrypt, backup, or increase speed.
46 What is the primary function of a Public Key in cryptography?
Public keys encrypt data; they do not decrypt, increase redundancy, or monitor activity.
47 What does a Role-based Access Control (RBAC) system manage?
RBAC manages access based on roles; it does not handle encryption, speed, or redundancy.
48 Which of the following is a primary characteristic of malware?
Malware harms or exploits systems; it does not enhance performance, automatically encrypt, or monitor traffic.
49 What is a primary goal of the Zero Trust security model?
Zero Trust never automatically trusts; it does not inherently encrypt or increase speed.
50 Which of the following is a benefit of using a VPN?
VPNs encrypt internet traffic; they do not increase speed, reduce usage, or provide virus protection.
51 What is a defining feature of ransomware?
Ransomware encrypts and demands payment; it does not monitor, speed up, or backup.
52 What is the main function of a digital signature?
Digital signatures validate authenticity; they do not encrypt, store, or backup messages.