:
1. Which of the following BEST describes the CIA Triad?
• A) Confidentiality, Integrity, Availability
• B) Control, Investigation, Assessment
• C) Cryptography, Identity, Authorization
• D) Compliance, Integrity, Audit
ANSWER A
2. A user receives an email claiming to be from IT asking them to reset their
password via a link. This is an example of:
• A) Pharming
• B) Phishing
• C) Vishing
• D) Smishing
ANSWER B
3. Which attack involves intercepting communication between two parties
without their knowledge?
• A) Replay attack
• B) DoS attack
• C) Man-in-the-Middle (MitM)
• D) SQL Injection
,ANSWER C
4. What does a firewall primarily do?
• A) Encrypts all network traffic
• B) Monitors and filters network traffic based on rules
• C) Detects and removes malware
• D) Manages user authentication
ANSWER B
5. Which type of malware disguises itself as legitimate software?
• A) Worm
• B) Ransomware
• C) Trojan Horse
• D) Rootkit
ANSWER C
6. What is the purpose of a VPN?
• A) To speed up internet connection
• B) To create an encrypted tunnel for secure remote access
• C) To block malicious websites
• D) To manage user passwords
ANSWER B
7. Which protocol provides secure web communication?
• A) HTTP
• B) FTP
• C) HTTPS
, • D) SMTP
ANSWER C
8. What is the FIRST step in the incident response process?
• A) Containment
• B) Eradication
• C) Identification/Detection
• D) Recovery
ANSWER C
9. Which type of access control assigns permissions based on job roles?
• A) DAC (Discretionary Access Control)
• B) MAC (Mandatory Access Control)
• C) RBAC (Role-Based Access Control)
• D) ABAC (Attribute-Based Access Control)
ANSWER C
10. What is the purpose of multi-factor authentication (MFA)?
• A) To replace passwords entirely
• B) To require multiple verification methods to authenticate a user
• C) To encrypt user data
• D) To monitor login attempts
ANSWER B
11. A self-replicating malware that spreads across networks without user
interaction is called a:
• A) Virus
• B) Trojan
, • C) Worm
• D) Spyware
ANSWER C
12. Which of the following is an example of a physical security control?
• A) Firewall
• B) Antivirus software
• C) Security badge/access card
• D) Encryption
ANSWER C
13. What does the principle of least privilege mean?
• A) Users should have the fewest possible login credentials
• B) Users should only have the minimum access needed to do their job
• C) Admins should limit the number of users on a system
• D) Systems should use the lowest level of encryption
ANSWER B
14. Which type of scan finds open ports and running services on a target
system?
• A) Vulnerability scan
• B) Port scan
• C) Penetration test
• D) Packet capture
ANSWER B
15. What is the main goal of a penetration test?
• A) Monitor network traffic in real time
1. Which of the following BEST describes the CIA Triad?
• A) Confidentiality, Integrity, Availability
• B) Control, Investigation, Assessment
• C) Cryptography, Identity, Authorization
• D) Compliance, Integrity, Audit
ANSWER A
2. A user receives an email claiming to be from IT asking them to reset their
password via a link. This is an example of:
• A) Pharming
• B) Phishing
• C) Vishing
• D) Smishing
ANSWER B
3. Which attack involves intercepting communication between two parties
without their knowledge?
• A) Replay attack
• B) DoS attack
• C) Man-in-the-Middle (MitM)
• D) SQL Injection
,ANSWER C
4. What does a firewall primarily do?
• A) Encrypts all network traffic
• B) Monitors and filters network traffic based on rules
• C) Detects and removes malware
• D) Manages user authentication
ANSWER B
5. Which type of malware disguises itself as legitimate software?
• A) Worm
• B) Ransomware
• C) Trojan Horse
• D) Rootkit
ANSWER C
6. What is the purpose of a VPN?
• A) To speed up internet connection
• B) To create an encrypted tunnel for secure remote access
• C) To block malicious websites
• D) To manage user passwords
ANSWER B
7. Which protocol provides secure web communication?
• A) HTTP
• B) FTP
• C) HTTPS
, • D) SMTP
ANSWER C
8. What is the FIRST step in the incident response process?
• A) Containment
• B) Eradication
• C) Identification/Detection
• D) Recovery
ANSWER C
9. Which type of access control assigns permissions based on job roles?
• A) DAC (Discretionary Access Control)
• B) MAC (Mandatory Access Control)
• C) RBAC (Role-Based Access Control)
• D) ABAC (Attribute-Based Access Control)
ANSWER C
10. What is the purpose of multi-factor authentication (MFA)?
• A) To replace passwords entirely
• B) To require multiple verification methods to authenticate a user
• C) To encrypt user data
• D) To monitor login attempts
ANSWER B
11. A self-replicating malware that spreads across networks without user
interaction is called a:
• A) Virus
• B) Trojan
, • C) Worm
• D) Spyware
ANSWER C
12. Which of the following is an example of a physical security control?
• A) Firewall
• B) Antivirus software
• C) Security badge/access card
• D) Encryption
ANSWER C
13. What does the principle of least privilege mean?
• A) Users should have the fewest possible login credentials
• B) Users should only have the minimum access needed to do their job
• C) Admins should limit the number of users on a system
• D) Systems should use the lowest level of encryption
ANSWER B
14. Which type of scan finds open ports and running services on a target
system?
• A) Vulnerability scan
• B) Port scan
• C) Penetration test
• D) Packet capture
ANSWER B
15. What is the main goal of a penetration test?
• A) Monitor network traffic in real time
