Security Awareness Quiz

1. This is a set of related programs, usually located at a network gateway server, that protects the resources of a private network from other networks

Firewall

Sandbox

Rootkit

Password checker

General protection fault

A firewall is a set of related programs that are located at a network gateway server. Its main purpose is to protect the resources of a private network from other networks. It acts as a barrier between the internal network and external networks, monitoring and controlling incoming and outgoing network traffic. By examining the data packets and applying predetermined security rules, a firewall can prevent unauthorized access, block malicious activities, and ensure the privacy and integrity of the network.

Explanation

A firewall is a set of related programs that are located at a network gateway server. Its main purpose is to protect the resources of a private network from other networks. It acts as a barrier between the internal network and external networks, monitoring and controlling incoming and outgoing network traffic. By examining the data packets and applying predetermined security rules, a firewall can prevent unauthorized access, block malicious activities, and ensure the privacy and integrity of the network.

2. This is a program or file that is specifically developed for the purpose of doing harm.

Buffer overflow

Bastion host

Malware

Ping sweep

Passphrase

Malware refers to any malicious software or program that is designed to cause harm to a computer system, network, or user. It includes various types of harmful software such as viruses, worms, trojans, ransomware, spyware, adware, etc. Malware can damage or disrupt computer operations, steal sensitive information, or gain unauthorized access to systems. It is specifically developed with the intention of causing harm, making it the correct answer in this context.

Explanation

Malware refers to any malicious software or program that is designed to cause harm to a computer system, network, or user. It includes various types of harmful software such as viruses, worms, trojans, ransomware, spyware, adware, etc. Malware can damage or disrupt computer operations, steal sensitive information, or gain unauthorized access to systems. It is specifically developed with the intention of causing harm, making it the correct answer in this context.

3. This is the conversion of data into a ciphertext that cannot be easily understood by unauthorized people.

Brute force cracking

Tunneling

Encryption

Ciphertext feedback

Cloaking

Encryption is the process of converting data into a ciphertext that cannot be easily understood by unauthorized people. It is a method used to protect sensitive information and ensure its confidentiality. By encrypting data, it becomes unreadable to anyone who does not have the encryption key, making it difficult for unauthorized individuals to access or interpret the information.

Explanation

Encryption is the process of converting data into a ciphertext that cannot be easily understood by unauthorized people. It is a method used to protect sensitive information and ensure its confidentiality. By encrypting data, it becomes unreadable to anyone who does not have the encryption key, making it difficult for unauthorized individuals to access or interpret the information.

4. This is a class of programs that searches your hard drive and floppy disks for any known or potential viruses.

Intrusion detection

Security idnetifier

Antigen

Prob

Antivirus software

Antivirus software is a type of program that scans and searches a computer's hard drive and floppy disks for any known or potential viruses. It is designed to detect and remove viruses, protecting the computer from potential harm. By regularly running antivirus software, users can ensure that their computer is protected from malicious software that could compromise their data or system functionality.

Explanation

Antivirus software is a type of program that scans and searches a computer's hard drive and floppy disks for any known or potential viruses. It is designed to detect and remove viruses, protecting the computer from potential harm. By regularly running antivirus software, users can ensure that their computer is protected from malicious software that could compromise their data or system functionality.

5. This is a program in which malicious or harmful code is contained inside apparently harmless programming or data.

War dialer

Spam trap

Smurf

Trojan horse

Walled garden

A trojan horse is a type of malicious program that disguises itself as a harmless file or software. It tricks users into downloading or executing it, allowing it to gain unauthorized access to their system. This type of malware can cause significant harm, such as stealing sensitive information, damaging files, or allowing remote control of the infected device. Unlike viruses or worms, trojan horses do not replicate themselves but rely on social engineering tactics to deceive users.

Explanation

A trojan horse is a type of malicious program that disguises itself as a harmless file or software. It tricks users into downloading or executing it, allowing it to gain unauthorized access to their system. This type of malware can cause significant harm, such as stealing sensitive information, damaging files, or allowing remote control of the infected device. Unlike viruses or worms, trojan horses do not replicate themselves but rely on social engineering tactics to deceive users.

6. This is the process of determining whether someone or something is, in fact, who or what it is declared to be.

Conditional access

Anonymizer

Bypass

User profile

Authentication

Authentication is the process of verifying the identity of someone or something. It ensures that the person or entity claiming to be a particular individual or system is indeed that entity. This can be done through various methods such as passwords, biometrics, or security tokens. Authentication is crucial in ensuring the security and integrity of systems and data, as it prevents unauthorized access and protects against identity theft or impersonation.

Explanation

Authentication is the process of verifying the identity of someone or something. It ensures that the person or entity claiming to be a particular individual or system is indeed that entity. This can be done through various methods such as passwords, biometrics, or security tokens. Authentication is crucial in ensuring the security and integrity of systems and data, as it prevents unauthorized access and protects against identity theft or impersonation.

7. To be effective, this should ideally contain at least one digit and not match a natural language word.

Digital signature

Smart card

Public key

Password

Signature

The correct answer is "password" because a password is a combination of characters that provides security and access to a system or account. It is effective when it contains at least one digit and does not match a natural language word, as this makes it harder for others to guess or hack. Using a password that includes numbers and avoids common words helps to enhance security and protect personal information.

Explanation

The correct answer is "password" because a password is a combination of characters that provides security and access to a system or account. It is effective when it contains at least one digit and does not match a natural language word, as this makes it harder for others to guess or hack. Using a password that includes numbers and avoids common words helps to enhance security and protect personal information.

8. 1. This is a document that states in writing how a company plans to protect the company's physical and IT assets.

Data Encryption Standard

Security policy

Public key certificate

Access control list

Copyright

A security policy is a document that outlines the measures and procedures a company will implement to safeguard its physical and IT assets. It serves as a roadmap for protecting sensitive information, preventing unauthorized access, and mitigating potential risks or threats. A security policy typically includes guidelines for password management, data encryption, network security, employee training, and incident response. By having a well-defined security policy, a company can ensure the confidentiality, integrity, and availability of its assets, reducing the likelihood of security breaches or unauthorized access.

Explanation

A security policy is a document that outlines the measures and procedures a company will implement to safeguard its physical and IT assets. It serves as a roadmap for protecting sensitive information, preventing unauthorized access, and mitigating potential risks or threats. A security policy typically includes guidelines for password management, data encryption, network security, employee training, and incident response. By having a well-defined security policy, a company can ensure the confidentiality, integrity, and availability of its assets, reducing the likelihood of security breaches or unauthorized access.

9. In computer security, this describes a non-technical kind of intrusion that relies heavily on human interaction. It often involves tricking people into breaking their own security procedures.

Cyberterrorism

Debugging

Hijacking

Nonrepudiation

Social engineering

Social engineering refers to a type of intrusion in computer security that relies on manipulating and deceiving individuals rather than exploiting technical vulnerabilities. This technique involves tricking people into compromising their own security by convincing them to divulge sensitive information, perform unauthorized actions, or bypass security measures. It often involves psychological manipulation, such as impersonation, phishing emails, or phone scams, to gain unauthorized access to systems or sensitive data.

Explanation

Social engineering refers to a type of intrusion in computer security that relies on manipulating and deceiving individuals rather than exploiting technical vulnerabilities. This technique involves tricking people into compromising their own security by convincing them to divulge sensitive information, perform unauthorized actions, or bypass security measures. It often involves psychological manipulation, such as impersonation, phishing emails, or phone scams, to gain unauthorized access to systems or sensitive data.

10. This is an agreement a company may ask an employee to sign that specifies what is considered to be appropriate (or inappropriate) use of e-mail or Web browsing

Rsa

Aup

Set

Vpn

Pki

An AUP (Acceptable Use Policy) is an agreement that a company may ask an employee to sign. It outlines the guidelines and rules for using email or web browsing within the company. It specifies what is considered appropriate or inappropriate use of these communication tools. The AUP helps to ensure that employees understand the company's expectations and use these tools responsibly and professionally.

Explanation

An AUP (Acceptable Use Policy) is an agreement that a company may ask an employee to sign. It outlines the guidelines and rules for using email or web browsing within the company. It specifies what is considered appropriate or inappropriate use of these communication tools. The AUP helps to ensure that employees understand the company's expectations and use these tools responsibly and professionally.