R10

Question 1

What are the components of the CIA Triad?

Answer 1

Confidentiality, Integrity, Availability.

Question 2

What does Confidentiality ensure?

Answer 2

Data is only accessible to authorised users.

Question 3

What does Integrity ensure?

Answer 3

Data remains accurate and unaltered.

Question 4

What does Availability ensure?

Answer 4

Systems and data are accessible when needed by authorised users.

Question 5

What are the components of the IAAA Model?

Answer 5

Identification
Authentication
Authorisation
Accountability

Question 6

What is Identification in IAAA?

Answer 6

Recognising a user/system via unique identifiers.

Question 7

What is Authentication in IAAA?

Answer 7

Verifying identities through methods like passwords or biometrics.

Question 8

What is Authorisation in IAAA?

Answer 8

Granting users specific access rights to resources based on their identity and role.

Question 9

What is Accountability in IAAA?

Answer 9

Tracking and logging users’ actions to ensure responsibility and traceability.

Question 10

Name some Non-Technical Threats:

Answer 10

S – Social Engineering
P – Physical
I – Insider
E – Environmental
S – Social Media
D – Dumpster Diving

Question 11

What is a Physical Threat?

Answer 11

Risk to physical assets (e.g., theft, break-ins).

Question 12

What is Social Engineering?

Answer 12

Tricking people into revealing sensitive info (e.g., phishing).

Question 13

Name some Technical Threats:

Answer 13

C – Cracking
H – Hacking
A – APTs
M – Malware
M – Misuse
E – Errors
D – Data Leakage
D – DDoS
M – Mobile Threats
C – Cloud Threats

Question 14

What is Hacking?

Answer 14

Unauthorised access to damage or steal data.

Question 15

What is Malware?

Answer 15

Harmful software designed to damage or steal data.

Question 16

What is a DDoS attack?

Answer 16

Overloading a server with traffic to disrupt service.

Question 17

What is MFA (Multi-Factor Authentication)?

Answer 17

Combining multiple verification methods (e.g., password + fingerprint).

Question 18

What is PKI? (Public Key infrastructure)

Answer 18

A system using public/private keys to secure communication.

Question 19

What is a Public Key in PKI?

Answer 19

Shared key used to encrypt data.

Question 20

What is a Private Key in PKI?

Answer 20

Secret key used to decrypt data or sign documents.

Question 21

What is a Certificate Authority (CA)?

Answer 21

An entity within PKI that verifies and issues digital certificates to authenticate their public keys.

Question 22

What does a Router do?

Answer 22

Connects multiple devices to a network and directs traffic between them.

Question 23

What does a Switch do?

Answer 23

Connects devices within a LAN.

Question 24

What is a Firewall?

Answer 24

Security device used to block unauthorised access to a network.

Question 25

Name three network topologies:

Answer 25

Star - All devices connect to a central switch Mesh - Devices are interconnected for redundancy Hybrid - Combination of different topologies

Question 26

What is Cryptography?

Answer 26

The practice of securing information through encoding.

Question 27

What is Encryption?

Answer 27

Converting plaintext into ciphertext.

Question 28

What is Decryption?

Answer 28

Converting ciphertext back into plaintext.

Question 29

What is a Symmetric Key?

Answer 29

A single key used for both encryption and decryption.

Question 30

What is an Asymmetric Key?

Answer 30

Uses 2 separate keys: Public key encrypts, private key decrypts.

Question 31

What is Hashing?

Answer 31

One-way conversion of data into a fixed-length string

Question 32

What are White Hat Hackers?

Answer 32

Ethical hackers testing systems for vulnerabilities

Question 33

What are Black Hat Hackers?

Answer 33

Malicious hackers exploiting systems for personal gain.

Question 34

What is a SQL Injection?

Answer 34

Inserting a malicious code into a database to manipulate or extract data.

Question 35

What is a Man-in-the-Middle (MITM) Attack?

Answer 35

Intercepting and potentially altering communication between two parties.

Question 36

What is Ransomware?

Answer 36

Malware that locks data and demands payment for decryption.

Question 37

What is a digital signature?

Answer 37

Confirms data authenticity and integrity using asymmetric encryption.

Question 38

What is the purpose of a Digital Signature?

Answer 38

To verify the authenticity and integrity of digital documents.