security

Question 1

What does the CIA Triad stand for?

Answer 1

Confidentiality, Integrity, Availability.

Question 2

Define risk in cybersecurity.

Answer 2

Risk = (Threat × Vulnerability) / Countermeasures.

Question 3

What are the three categories of security controls?

Answer 3

• Administrative
• Technical
• Physical

Question 4

What is the purpose of defense-in-depth?

Answer 4

To use multiple layers of security controls to increase the work factor for attackers.

Question 5

What is the difference between threat and vulnerability?

Answer 5

A threat is a potential danger, while a vulnerability is a weakness that can be exploited.

Question 6

How does a DDoS attack work?

Answer 6

Overwhelms a target with traffic from multiple compromised systems (bots).

Question 7

What is the goal of a phishing attack?

Answer 7

To trick users into revealing sensitive information via deceptive emails or websites.

Question 8

Name three types of malware mentioned.

Answer 8

• Ransomware
• Trojan
• Spyware

Question 9

What is social engineering?

Answer 9

Manipulating individuals into divulging confidential information (e.g., Kevin Mitnick’s tactics).

Question 10

What is a zero-day exploit?

Answer 10

An attack targeting a previously unknown vulnerability.

Question 11

What are the five core functions of the NIST Cybersecurity Framework (CSF)?

Answer 11

• Identify
• Protect
• Detect
• Respond
• Recover

Question 12

What is the purpose of ISO 27005?

Answer 12

To provide guidelines for information security risk management.

Question 13

List three components of a security policy.

Answer 13

• Plans
• Standards
• Procedures

Question 14

What does SLE stand for in risk assessment?

Answer 14

Single Loss Expectancy (SLE = Asset Value × Exposure Factor).

Question 15

What is the role of a CERT/CSIRT?

Answer 15

To respond to and manage cybersecurity incidents.

Question 16

What does a Penetration Tester do?

Answer 16

Ethically hacks systems to identify vulnerabilities.

Question 17

Name three certifications mentioned.

Answer 17

• CISSP
• CISM
• CEH

Question 18

What is the primary responsibility of a CISO?

Answer 18

Overseeing an organization’s information security strategy.

Question 19

What skills are required for a Cybersecurity Engineer?

Answer 19

• Network security
• Scripting
• Risk analysis

Question 20

What is non-repudiation?

Answer 20

Ensuring a party cannot deny the authenticity of their actions (e.g., via digital signatures).

Question 21

Which layer of the OSI model is targeted in a SYN Flood attack?

Answer 21

Transport Layer (Layer 4).

Question 22

What is the difference between HTTPS and HTTP?

Answer 22

HTTPS encrypts data using SSL/TLS.

Question 23

What does TOR stand for, and what is its purpose?

Answer 23

The Onion Router; anonymizes internet traffic.

Question 24

What is encryption at rest vs. encryption in transit?

Answer 24

• At rest: Data stored on devices.
• In transit: Data moving across networks.

Question 25

What is a botnet?

Answer 25

A network of compromised devices controlled by an attacker.

Question 26

In EXP3-Lab, what is the goal of sending multiple SYN requests?

Answer 26

To exhaust server resources and cause a Denial-of-Service (DoS).

Question 27

What vulnerability does EXP7-Lab demonstrate?

Answer 27

Email spoofing to trick users into revealing credentials.

Question 28

In EXP9-Lab, why might UDP floods be harder to mitigate than TCP floods?

Answer 28

UDP is connectionless, making it easier to spoof source IPs.

Question 29

What is the purpose of a smurf attack (EXP1-Lab)?

Answer 29

To amplify ICMP requests and overwhelm a target’s network.

Question 30

How does ransomware typically propagate (EXP5-Lab)?

Answer 30

Via phishing emails, malicious downloads, or exploiting vulnerabilities.

Question 31

What are the prerequisites for the IT Security course?

Answer 31

* Computer Architecture * Communication Networks * IP Networks

Question 32

What is the primary goal of IT Security from a strategic perspective?

Answer 32

Implementing security measures, audits, procedures, standards, technologies, and policies.

Question 33

Name two entry points for cyberattacks mentioned.

Answer 33

* Shared Desktops * Dedicated Desktops * Applications * Profiles/Data

Question 34

What is identity theft in the context of computer crime?

Answer 34

Unauthorized use of someone’s personal information to commit fraud (e.g., phishing, hacking).

Question 35

What is web jacking?

Answer 35

Taking control of a website to redirect users to malicious sites.

Question 36

Describe the hierarchy of a cybercriminal organization.

Answer 36

* Criminal Boss * Underboss (Trojan Manager) * Attackers/Campaign Managers * Affiliation Networks * Stolen Data Resellers

Question 37

What role does a Trojan Command and Control (C&C) Server play?

Answer 37

Manages infected devices (bots) to execute attacks like DDoS or data theft.

Question 38

What percentage of the digital universe is on the Deep Web?

Answer 38

Approximately 96%.

Question 39

Name three social media platforms listed as risks for cybercrime.

Answer 39

* Facebook * WhatsApp * Instagram * TikTok

Question 40

What is the primary risk of social media proliferation?

Answer 40

Increased attack surfaces for social engineering, fake profiles, and data harvesting.

Question 41

What is DNS amplification?

Answer 41

A DDoS attack exploiting DNS servers to flood a target with amplified traffic.

Question 42

What is SQL injection?

Answer 42

Injecting malicious SQL code into a database query to manipulate or steal data.

Question 43

How does ransomware typically encrypt files?

Answer 43

Using asymmetric encryption (public-private key pairs) to lock data until a ransom is paid.

Question 44

What is APT (Advanced Persistent Threat)?

Answer 44

A prolonged, targeted attack where hackers remain undetected to steal sensitive data.

Question 45

Which country in the Arab States has the highest GCI Score?

Answer 45

Oman (0.87).

Question 46

What are the five categories in the Global Cybersecurity Index (GCI)?

Answer 46

* Legal * Technical * Organizational * Capacity Building * Cooperation

Question 47

What is the purpose of ISO 27001?

Answer 47

To establish an Information Security Management System (ISMS).

Question 48

Calculate ALE if SLE = 10,000 and ARO = 0.5.

Answer 48

ALE = 10,000 × 0.5 = $5,000.

Question 49

What is risk transference?

Answer 49

Shifting risk to a third party (e.g., insurance, cloud providers).

Question 50

Define work factor in defense-in-depth.

Answer 50

The effort/time required for an attacker to bypass security controls.

Question 51

What is the purpose of an Intrusion Prevention System (IPS)?

Answer 51

Monitors network traffic to block malicious activity in real-time.

Question 52

How does a firewall differ from a VPN?

Answer 52

Firewalls filter traffic; VPNs encrypt connections for secure remote access.

Question 53

What is ARP table poisoning?

Answer 53

Manipulating ARP caches to redirect traffic to an attacker’s device.

Question 54

In EXP2-Lab, what vulnerability does memcached exploitation target?

Answer 54

Unsecured memcached servers used for DDoS amplification.

Question 55

What is the impact of Stuxnet?

Answer 55

Destroyed 20% of Iran’s nuclear centrifuges by targeting industrial control systems.

Question 56

In EXP4-Lab, what is teardrop attack?

Answer 56

Sending fragmented IP packets to overwhelm a target’s reassembly process.

Question 57

What is the average salary range for a Cybersecurity Architect?

Answer 57

129,260–217,775.

Question 58

Which certification focuses on secure software development?

Answer 58

CSSLP (Certified Secure Software Lifecycle Professional).

Question 59

What does CISSP stand for?

Answer 59

Certified Information Systems Security Professional.

Question 60

Name three preventive controls.

Answer 60

* Firewalls * Encryption * Access control lists (ACLs)

Question 61

What is a compensating control?

Answer 61

An alternative measure used when primary controls are impractical (e.g., manual audits).