Terms

Question 1

What is a vulnerability in the context of cybersecurity?

Answer 1

A vulnerability is a weakness in a system that can be exploited by threats to gain unauthorized access or cause harm.

Question 2

True or False: An exploit is a tool or technique used to take advantage of a vulnerability.

Answer 2

True

Question 3

Fill in the blank: A software ________ is a flaw that can be exploited by attackers.

Answer 3

vulnerability

Question 4

What is the primary goal of an exploit?

Answer 4

To take advantage of a vulnerability to gain unauthorized access or perform malicious actions.

Question 5

What is a zero-day exploit?

Answer 5

A zero-day exploit is an attack that occurs on the same day a vulnerability is discovered, before a patch is available.

Question 6

Fill in the blank: An ________ is a piece of code that takes advantage of a vulnerability.

Answer 6

exploit

Question 7

True or False: Vulnerabilities can exist in hardware, software, and network configurations.

Answer 7

True

Question 8

What is the difference between a vulnerability and an exploit?

Answer 8

A vulnerability is a weakness, while an exploit is a method to take advantage of that weakness.

Question 9

What is the purpose of a vulnerability assessment?

Answer 9

To identify and evaluate vulnerabilities in a system.

Question 10

Fill in the blank: Exploits can be categorized as ________ or ________ based on their method of delivery.

Answer 10

remote, local

Question 11

What is the primary purpose of authentication?

Answer 11

To verify the identity of a user or system.

Question 12

True or False: Authorization determines what an authenticated user can do.

Answer 12

True

Question 13

Fill in the blank: __________ is the process of granting access to resources based on user permissions.

Answer 13

Authorization

Question 14

What is the difference between authentication and authorization?

Answer 14

Authentication verifies identity; authorization determines access rights.

Question 15

Short Answer: Name one common method of authentication.

Answer 15

Username and password

Question 16

Fill in the blank: __________ is often used to enhance authentication security by requiring multiple forms of verification.

Answer 16

Multi-factor authentication

Question 17

What is a vector in the context of cybersecurity?

Answer 17

A vector is a method or pathway by which an attacker gains access to a system or network.

Question 18

True or False: A payload is the part of malware that performs the intended malicious action.

Answer 18

True

Question 19

Fill in the blank: The __________ is often delivered via a vector and is responsible for executing harmful activities on the target system.

Answer 19

payload

Question 20

Short answer: What is the primary difference between a vector and a payload?

Answer 20

A vector is the delivery method for an attack, while a payload is the actual malicious code or action executed.

Question 21

Why does the OSI network model have the presentation and session layers while the TCP/IP network model does not?

Answer 21

The TCP/IP model is a simpler and more practical, designed around actual protocols used in real networks. It combines the functionality of the presentation and session layers into the application layer.