OBJ 1 Needs to Know Flashcards
(33 cards)
What does the acronym CIA stand for in information security?
Confidentiality, Integrity, Availability
True or False: Confidentiality ensures that information is accessible only to authorized users.
True
What is the primary goal of integrity in information security?
To ensure that data is accurate and unaltered.
Fill in the blank: Availability ensures that information and resources are ______ when needed.
accessible
Which of the following is a common method to ensure data confidentiality? A) Encryption B) Backup C) Firewall
A) Encryption
What is the purpose of access controls in information security?
To restrict access to data and resources based on user roles.
True or False: Multi-factor authentication increases security by requiring multiple forms of verification.
True
What is a security policy?
A formal set of rules that govern how an organization manages its security.
Which type of attack involves overwhelming a system with traffic? A) Phishing B) Denial of Service C) Man-in-the-Middle
B) Denial of Service
What is the primary function of a firewall?
To monitor and control incoming and outgoing network traffic.
What does the principle of least privilege entail?
Users should have the minimum level of access necessary to perform their tasks.
Fill in the blank: A ______ is a malicious software designed to harm or exploit any programmable device.
virus
True or False: Social engineering is a technique used to manipulate individuals into divulging confidential information.
True
What is the difference between a threat and a vulnerability?
A threat is a potential danger, while a vulnerability is a weakness that can be exploited.
Which of the following is an example of a physical security control? A) Encryption B) Security Guards C) Firewalls
B) Security Guards
What is the purpose of incident response?
To manage and mitigate the impact of security breaches or attacks.
Fill in the blank: A ______ is a documented set of procedures for addressing security incidents.
incident response plan
True or False: Regular software updates can help mitigate security vulnerabilities.
True
What is the role of an intrusion detection system (IDS)?
To monitor network traffic for suspicious activity and potential threats.
What does the term ‘phishing’ refer to?
A fraudulent attempt to obtain sensitive information by impersonating a trustworthy entity.
Which of the following is a strong password policy? A) Short and simple passwords B) Long passwords with special characters C) Using the same password for all accounts
B) Long passwords with special characters
What is the purpose of a security audit?
To evaluate and improve an organization’s security measures.
Fill in the blank: ______ is the process of converting plaintext into ciphertext to protect information.
Encryption
Which security framework provides guidelines for managing cybersecurity risks?
NIST Cybersecurity Framework
