1. What is the primary goal of a Disaster Recovery (DR) plan in the
context of security operations?
A. To prevent security breaches from happening
B. To recover systems and data after an attack or disaster
C. To monitor ongoing security incidents in real time
D. To conduct regular vulnerability scans on critical systems
Answer: B) To recover systems and data after an attack or disaster
Rationale: A Disaster Recovery plan focuses on restoring systems and
data to normal operations after a disaster or attack, ensuring business
continuity.
2. What is the main objective of patch management in a security
operations program?
A. To reduce the likelihood of social engineering attacks
B. To close vulnerabilities in software and systems
C. To ensure data is encrypted during transmission
D. To control access to sensitive data
Answer: B) To close vulnerabilities in software and systems
Rationale: Patch management involves identifying, acquiring, and
installing updates (patches) to software and systems to close security
vulnerabilities that could be exploited by attackers.
,3. Which of the following is an example of a physical security control?
A. Antivirus software
B. Biometric access control systems
C. Firewalls
D. Data encryption
Answer: B) Biometric access control systems
Rationale: Physical security controls include measures to protect
physical access to assets, such as biometric access controls, locks, and
surveillance systems.
4. Which of the following best describes the concept of defense in
depth?
A. Using multiple layers of security controls to protect an asset
B. Encrypting data at rest to prevent unauthorized access
C. Monitoring the network for malicious traffic
D. Blocking all external network connections
Answer: A) Using multiple layers of security controls to protect an
asset
Rationale: Defense in depth involves applying multiple layers of
security controls to protect critical assets, ensuring that if one layer is
breached, others remain to provide protection.
, 5. What is the main function of a vulnerability scanner?
A. To automatically patch vulnerabilities in systems
B. To identify potential weaknesses in systems and applications
C. To monitor network traffic for malicious activity
D. To block unauthorized users from accessing resources
Answer: B) To identify potential weaknesses in systems and
applications
Rationale: Vulnerability scanners are used to identify potential
vulnerabilities in systems, software, and networks, allowing
organizations to address them before they can be exploited.
6. What is the function of a Web Application Firewall (WAF)?
A. To block unauthorized access to internal networks
B. To monitor and block malicious web traffic to web applications
C. To scan for malware in web applications
D. To prevent denial-of-service attacks
Answer: B) To monitor and block malicious web traffic to web
applications
Rationale: A WAF is designed to filter and monitor HTTP/HTTPS
traffic to and from a web application, protecting it from attacks such as
SQL injection, cross-site scripting (XSS), and others.
context of security operations?
A. To prevent security breaches from happening
B. To recover systems and data after an attack or disaster
C. To monitor ongoing security incidents in real time
D. To conduct regular vulnerability scans on critical systems
Answer: B) To recover systems and data after an attack or disaster
Rationale: A Disaster Recovery plan focuses on restoring systems and
data to normal operations after a disaster or attack, ensuring business
continuity.
2. What is the main objective of patch management in a security
operations program?
A. To reduce the likelihood of social engineering attacks
B. To close vulnerabilities in software and systems
C. To ensure data is encrypted during transmission
D. To control access to sensitive data
Answer: B) To close vulnerabilities in software and systems
Rationale: Patch management involves identifying, acquiring, and
installing updates (patches) to software and systems to close security
vulnerabilities that could be exploited by attackers.
,3. Which of the following is an example of a physical security control?
A. Antivirus software
B. Biometric access control systems
C. Firewalls
D. Data encryption
Answer: B) Biometric access control systems
Rationale: Physical security controls include measures to protect
physical access to assets, such as biometric access controls, locks, and
surveillance systems.
4. Which of the following best describes the concept of defense in
depth?
A. Using multiple layers of security controls to protect an asset
B. Encrypting data at rest to prevent unauthorized access
C. Monitoring the network for malicious traffic
D. Blocking all external network connections
Answer: A) Using multiple layers of security controls to protect an
asset
Rationale: Defense in depth involves applying multiple layers of
security controls to protect critical assets, ensuring that if one layer is
breached, others remain to provide protection.
, 5. What is the main function of a vulnerability scanner?
A. To automatically patch vulnerabilities in systems
B. To identify potential weaknesses in systems and applications
C. To monitor network traffic for malicious activity
D. To block unauthorized users from accessing resources
Answer: B) To identify potential weaknesses in systems and
applications
Rationale: Vulnerability scanners are used to identify potential
vulnerabilities in systems, software, and networks, allowing
organizations to address them before they can be exploited.
6. What is the function of a Web Application Firewall (WAF)?
A. To block unauthorized access to internal networks
B. To monitor and block malicious web traffic to web applications
C. To scan for malware in web applications
D. To prevent denial-of-service attacks
Answer: B) To monitor and block malicious web traffic to web
applications
Rationale: A WAF is designed to filter and monitor HTTP/HTTPS
traffic to and from a web application, protecting it from attacks such as
SQL injection, cross-site scripting (XSS), and others.
