Question 1:
Which security model enforces “no read up, no write down” rules?
A. Biba Model
B. Bell-LaPadula Model
C. Clark-Wilson Model
D. Brewer-Nash Model

Correct Answer: B
Explanation:
Bell-LaPadula is focused on confidentiality and prevents reading higher-classified information and writing to lower levels.

---

Question 2:
Which layer of the OSI model handles routing?
A. Data Link
B. Transport
C. Network
D. Session

Correct Answer: C
Explanation:
The Network layer (Layer 3) is responsible for routing, addressing, and delivering packets.

---

Question 3:
Which of the following is an example of two-factor authentication?
A. Password and PIN
B. Smartcard and password
C. Username and password
D. Retina scan and fingerprint

Correct Answer: B
Explanation:
Two-factor authentication combines something you have (smartcard) with something you know (password).

---

Question 4:
The primary goal of business continuity planning (BCP) is:
A. Protect company assets
B. Ensure personnel safety
C. Ensure that critical business functions continue
D. Reduce insurance premiums

Correct Answer: C
Explanation:
BCP focuses on maintaining and recovering critical business operations during and after a disruption.

---

Question 5:
Which encryption algorithm is symmetric?
A. RSA
B. ECC
C. DES
D. DSA

Correct Answer: C
Explanation:
DES (Data Encryption Standard) is a symmetric key algorithm, meaning it uses the same key for encryption and decryption.

---

Question 6:
What type of attack tries all possible key combinations?
A. Dictionary attack
B. Birthday attack
C. Brute-force attack
D. Rainbow attack

Correct Answer: C
Explanation:
Brute-force attacks attempt every possible combination until the correct one is found.

---

Question 7:
Which principle ensures that data is protected from unauthorized changes?
A. Confidentiality
B. Integrity
C. Availability
D. Non-repudiation

Correct Answer: B
Explanation:
Integrity ensures that information remains accurate and unaltered.

---

Question 8:
Who owns the data in an organization?
A. Data custodian
B. Data processor
C. Data owner
D. Data administrator

Correct Answer: C
Explanation:
The data owner is responsible for determining data classification and access authorization.

---

Question 9:
What is the primary goal of information security?
A. Prevent data theft
B. Maintain confidentiality, integrity, and availability
C. Protect against all threats
D. Implement technical controls

Correct Answer: B
Explanation:
Information security is focused on maintaining CIA: Confidentiality, Integrity, and Availability.

---

Question 10:
Which protocol uses TCP port 443?
A. HTTP
B. HTTPS
C. FTP
D. SSH

Correct Answer: B
Explanation:
HTTPS (secure HTTP) uses TCP port 443 for secure web communication.

Question 11:
Which of the following is a physical control?
A. Firewall
B. Access control list
C. Security guard
D. Antivirus software

Correct Answer: C
Explanation:
A security guard is a physical control that prevents unauthorized physical access.

---

Question 12:
Which backup method copies only data that changed since the last full backup?
A. Incremental backup
B. Differential backup
C. Full backup
D. Snapshots

Correct Answer: A
Explanation:
Incremental backups store only the data changed since the last full or incremental backup.

---

Question 13:
What type of malware is disguised as legitimate software?
A. Worm
B. Trojan horse
C. Rootkit
D. Ransomware

Correct Answer: B
Explanation:
A Trojan horse appears to be legitimate but secretly carries malicious code.

---

Question 14:
Which device separates network segments?
A. Switch
B. Router
C. Firewall
D. Hub

Correct Answer: B
Explanation:
A router connects different network segments and routes traffic between them.

---

Question 15:
Which document outlines how an organization will recover from a disaster?
A. SLA
B. MOU
C. DRP
D. NDA

Correct Answer: C
Explanation:
A Disaster Recovery Plan (DRP) details steps for recovering IT systems after a disruption.

---

Question 16:
Who is responsible for enforcing access controls in an organization?
A. Data owner
B. Security auditor
C. Data custodian
D. System administrator

Correct Answer: C
Explanation:
Data custodians implement and maintain controls decided by the data owner.

---

Question 17:
Which of the following best describes a threat?
A. A weakness in a system
B. An external factor that exploits vulnerabilities
C. The potential loss value
D. An implemented safeguard

Correct Answer: B
Explanation:
A threat is a potential danger that exploits vulnerabilities to cause harm.

---

Question 18:
Which access control model is based on security labels?
A. DAC
B. MAC
C. RBAC
D. ABAC

Correct Answer: B
Explanation:
Mandatory Access Control (MAC) assigns access rights based on system-enforced security labels.

---

Question 19:
Which law governs financial reporting in the United States?
A. HIPAA
B. FISMA
C. GLBA
D. SOX

Correct Answer: D
Explanation:
SOX (Sarbanes-Oxley Act) focuses on improving financial disclosures and preventing accounting fraud.

---

Question 20:
What is the most secure form of authentication?
A. Password
B. Biometrics
C. Token
D. PIN

Correct Answer: B
Explanation:
Biometrics (like fingerprints or iris scans) are generally harder to forge than other forms of authentication.

---

Question 21:
Which control type is a firewall considered?
A. Preventive
B. Detective
C. Corrective
D. Compensating

Correct Answer: A
Explanation:
A firewall acts as a preventive control by stopping unauthorized access.

---

Question 22:
Which attack floods a network with requests to cause a denial of service?
A. Phishing
B. DDoS
C. SQL Injection
D. Man-in-the-Middle

Correct Answer: B
Explanation:
A Distributed Denial of Service (DDoS) attack overwhelms systems to deny legitimate access.

---

Question 23:
Which symmetric encryption standard replaced DES?
A. 3DES
B. AES
C. RSA
D. ECC

Correct Answer: B
Explanation:
AES (Advanced Encryption Standard) replaced DES as a more secure symmetric encryption method.

---

Question 24:
Which security principle means giving users only the access needed to perform their jobs?
A. Need to know
B. Defense in depth
C. Least privilege
D. Mandatory vacation

Correct Answer: C
Explanation:
Least privilege grants users the minimum access required for their duties.

---

Question 25:
Which organization creates guidelines for U.S. federal government information systems?
A. NIST
B. ISO
C. IEEE
D. IETF

Correct Answer: A
Explanation:
The National Institute of Standards and Technology (NIST) develops security standards for federal systems.

---

Question 26:
Which form of malware replicates itself to spread?
A. Worm
B. Trojan horse
C. Rootkit
D. Logic bomb

Correct Answer: A
Explanation:
Worms are self-replicating malware that spread across systems without user action.

---

Question 27:
Which law protects consumers’ personal financial information?
A. HIPAA
B. GLBA
C. FISMA
D. SOX

Correct Answer: B
Explanation:
The Gramm-Leach-Bliley Act (GLBA) focuses on securing consumer financial data.

---

Question 28:
What is an SLA?
A. Service-Level Agreement
B. Security-Level Assessment
C. Secure Logon Authentication
D. Static Layered Architecture

Correct Answer: A
Explanation:
An SLA defines expected service performance and obligations between a provider and a customer.

---

Question 29:
Which of the following is a detective control?
A. CCTV camera
B. Door lock
C. Firewall
D. Encryption

Correct Answer: A
Explanation:
CCTV cameras detect and record incidents for later analysis.

---

Question 30:
What does the “A” in CIA triad stand for?
A. Authentication
B. Availability
C. Authorization
D. Accountability

Correct Answer: B
Explanation:
The CIA triad includes Availability, ensuring timely and reliable access to systems and data.

---

Question 31:
What ensures a sender cannot deny sending a message?
A. Authentication
B. Authorization
C. Integrity
D. Non-repudiation

Correct Answer: D
Explanation:
Non-repudiation prevents denial of message origination using mechanisms like digital signatures.

---

Question 32:
What is the first phase of the SDLC (Software Development Life Cycle)?
A. Design
B. Implementation
C. Initiation
D. Disposal

Correct Answer: C
Explanation:
Initiation involves defining project scope, objectives, and identifying high-level risks.

---

Question 33:
What process ensures systems are built securely from the beginning?
A. Patch management
B. Security governance
C. Secure coding
D. DevOps

Correct Answer: C
Explanation:
Secure coding practices aim to reduce vulnerabilities during software development.

---

Question 34:
Which type of test simulates an attack on a system?
A. Vulnerability assessment
B. Penetration test
C. Risk assessment
D. Business Impact Analysis

Correct Answer: B
Explanation:
Penetration testing actively exploits vulnerabilities to assess security.

---

Question 35:
What is steganography used for?
A. Encrypting data
B. Hiding data within other files
C. Integrity checking
D. Breaking encryption

Correct Answer: B
Explanation:
Steganography conceals data within other non-suspicious files, like images.

---

Question 36:
What is a logical separation of networks called?
A. VLAN
B. VPN
C. IDS
D. IPS

Correct Answer: A
Explanation:
VLANs logically segment networks at the switch level to separate traffic.

---

Question 37:
Which attack relies on human manipulation?
A. SQL injection
B. Man-in-the-middle
C. Social engineering
D. Brute-force attack

Correct Answer: C
Explanation:
Social engineering manipulates people into breaking security procedures.

---

Question 38:
Which hashing algorithm is considered weak today?
A. SHA-256
B. SHA-1
C. AES
D. RSA

Correct Answer: B
Explanation:
SHA-1 is no longer considered secure due to proven collision vulnerabilities.

---

Question 39:
Which policy defines acceptable use of IT systems?
A. Privacy policy
B. AUP
C. Security policy
D. Data retention policy

Correct Answer: B
Explanation:
An Acceptable Use Policy (AUP) defines allowed and prohibited activities for system users.

---

Question 40:
What is the BEST way to ensure accountability in system access?
A. Firewalls
B. Encryption
C. Auditing and logging
D. Passwords

Correct Answer: C
Explanation:
Audit logs and monitoring ensure users are held accountable for their actions.

---

Question 41:
Which type of encryption uses two keys (public and private)?
A. Symmetric encryption
B. Asymmetric encryption
C. Steganography
D. VPN

Correct Answer: B
Explanation:
Asymmetric encryption uses paired keys: one public, one private.

---

Question 42:
Which process reduces the risk of insider threats?
A. Firewall
B. Separation of duties
C. Antivirus
D. VPN

Correct Answer: B
Explanation:
Separation of duties divides critical tasks among different individuals to prevent fraud or errors.

---

Question 43:
What is it called when data is protected while it is being transmitted?
A. Data at rest
B. Data in use
C. Data in motion
D. Data warehousing

Correct Answer: C
Explanation:
Data in motion refers to data being transmitted across networks and is protected with encryption.

---

Question 44:
What attack tricks users into revealing confidential information?
A. Phishing
B. Malware
C. Spoofing
D. SQL Injection

Correct Answer: A
Explanation:
Phishing uses fake communications to trick users into revealing sensitive information.

---

Question 45:
What control type is a biometric authentication system?
A. Physical
B. Technical
C. Administrative
D. Detective

Correct Answer: B
Explanation:
Biometric authentication is a technical (logical) control.

---

Question 46:
Which standard defines wireless LAN security?
A. IEEE 802.3
B. IEEE 802.11
C. IEEE 802.15
D. IEEE 802.5

Correct Answer: B
Explanation:
IEEE 802.11 defines wireless LAN standards, including Wi-Fi.

---

Question 47:
What term describes granting access based on attributes (e.g., location, device)?
A. RBAC
B. ABAC
C. DAC
D. MAC

Correct Answer: B
Explanation:
Attribute-Based Access Control (ABAC) makes access decisions based on user, resource, and environmental attributes.

---

Question 48:
What ensures that a system continues to operate during a failure?
A. Redundancy
B. Contingency planning
C. Failover
D. Integrity

Correct Answer: A
Explanation:
Redundancy provides backup components to ensure continuity during failure.

---

Question 49:
What is the FIRST step in risk management?
A. Risk mitigation
B. Risk acceptance
C. Risk identification
D. Risk transfer

Correct Answer: C
Explanation:
Risk management starts by identifying potential risks to assets.

---

Question 50:
Which protocol secures email communication?
A. HTTPS
B. IPSec
C. S/MIME
D. SSH

Correct Answer: C
Explanation:
S/MIME (Secure/Multipurpose Internet Mail Extensions) secures email with encryption and digital signatures.

Question 51:
Which of the following is an example of multi-factor authentication?
A. Password and username
B. Password and fingerprint
C. PIN and password
D. Password and security question

Correct Answer: B
Explanation:
Multi-factor authentication uses two different factors — something you know (password) and something you are (fingerprint).

---

Question 52:
Which type of policy covers how an organization responds to security incidents?
A. Security policy
B. Incident response policy
C. Disaster recovery policy
D. Privacy policy

Correct Answer: B
Explanation:
An incident response policy outlines procedures for detecting, responding to, and recovering from security incidents.

---

Question 53:
In risk management, what is residual risk?
A. Risk avoided entirely
B. Risk transferred to another party
C. Risk remaining after controls are applied
D. Risk mitigated by insurance

Correct Answer: C
Explanation:
Residual risk is the leftover risk after controls are implemented.

---

Question 54:
Which standard is focused on IT service management?
A. ISO 27001
B. ISO 31000
C. ISO 22301
D. ISO 20000

Correct Answer: D
Explanation:
ISO 20000 focuses on IT service management best practices.

---

Question 55:
Which type of malware records a user’s keystrokes?
A. Worm
B. Trojan
C. Keylogger
D. Ransomware

Correct Answer: C
Explanation:
Keyloggers capture keystrokes to steal sensitive information like passwords.

---

Question 56:
Which layer of the OSI model encrypts data?
A. Data Link
B. Network
C. Presentation
D. Session

Correct Answer: C
Explanation:
The Presentation layer handles encryption and decryption of data for secure communication.

---

Question 57:
Which is a characteristic of a public key infrastructure (PKI)?
A. Symmetric keys
B. Digital certificates
C. Hashing algorithms
D. VPN tunnels

Correct Answer: B
Explanation:
PKI uses digital certificates for identity validation and secure key exchange.

---

Question 58:
In which phase of incident response is the root cause identified?
A. Preparation
B. Containment
C. Eradication
D. Lessons learned

Correct Answer: C
Explanation:
During eradication, the root cause is identified and removed to prevent recurrence.

---

Question 59:
Which of the following best defines tokenization?
A. Scrambling data using encryption
B. Storing data in a backup archive
C. Replacing sensitive data with a non-sensitive equivalent
D. Hiding data using steganography

Correct Answer: C
Explanation:
Tokenization replaces sensitive data with unique identification symbols (tokens).

---

Question 60:
Which type of firewall inspects traffic at multiple OSI layers?
A. Packet-filtering firewall
B. Circuit-level gateway
C. Application-layer firewall
D. Stateful inspection firewall

Correct Answer: D
Explanation:
Stateful firewalls inspect traffic at various OSI layers and track active connections.

---

Question 61:
Which of the following attacks exploits the trust between two systems?
A. Man-in-the-middle attack
B. Spoofing attack
C. Replay attack
D. Trust exploitation attack

Correct Answer: D
Explanation:
Trust exploitation attacks take advantage of trusted relationships between systems.

---

Question 62:
What is the primary purpose of a honeypot?
A. Prevent attacks
B. Detect and analyze attacks
C. Encrypt traffic
D. Improve network speed

Correct Answer: B
Explanation:
Honeypots attract attackers and help organizations study attack techniques.

---

Question 63:
What mechanism ensures message integrity and authenticity?
A. Encryption
B. Hashing
C. Digital signature
D. VPN

Correct Answer: C
Explanation:
Digital signatures ensure that a message is authentic and unaltered.

---

Question 64:
Which risk response strategy involves sharing risk with another party?
A. Avoidance
B. Transference
C. Mitigation
D. Acceptance

Correct Answer: B
Explanation:
Transference involves shifting risk (e.g., buying insurance).

---

Question 65:
What type of lock requires a key and a card to open?
A. Cipher lock
B. Biometrics
C. Multifactor lock
D. Proximity lock

Correct Answer: C
Explanation:
A multifactor lock requires two forms of credentials.

---

Question 66:
What is the purpose of sandboxing?
A. Encrypt communication
B. Isolate programs to prevent malicious activity
C. Hide sensitive data
D. Facilitate system backups

Correct Answer: B
Explanation:
Sandboxing isolates applications to prevent them from affecting other parts of the system.

---

Question 67:
Which security model addresses integrity through well-formed transactions and separation of duties?
A. Bell-LaPadula
B. Biba
C. Clark-Wilson
D. Brewer-Nash

Correct Answer: C
Explanation:
The Clark-Wilson model emphasizes integrity using separation of duties and transaction procedures.

---

Question 68:
Which of the following is an example of a detective security control?
A. Intrusion Detection System (IDS)
B. Firewall
C. Antivirus
D. Biometric scanner

Correct Answer: A
Explanation:
An IDS monitors and detects potential security breaches.

---

Question 69:
Which element defines “how long” a system can be down before significant impact?
A. MTTF
B. RPO
C. RTO
D. SLA

Correct Answer: C
Explanation:
Recovery Time Objective (RTO) defines the maximum acceptable downtime after a disruption.

---

Question 70:
Which of the following terms describes the ability to prove the origin of data?
A. Confidentiality
B. Authentication
C. Integrity
D. Non-repudiation

Correct Answer: D
Explanation:
Non-repudiation ensures that the sender cannot deny sending a message.

---

Question 71:
What is the main purpose of RAID 5?
A. Improve speed
B. Provide fault tolerance
C. Encrypt data
D. Secure data from hackers

Correct Answer: B
Explanation:
RAID 5 uses striping with parity to provide fault tolerance.

---

Question 72:
Which regulation is primarily concerned with healthcare information?
A. HIPAA
B. SOX
C. GLBA
D. PCI DSS

Correct Answer: A
Explanation:
HIPAA focuses on protecting healthcare-related information.

---

Question 73:
Which attack intercepts communication between two systems?
A. SQL Injection
B. Man-in-the-Middle
C. Brute-force
D. Buffer overflow

Correct Answer: B
Explanation:
Man-in-the-Middle attacks intercept communication to steal or alter information.

---

Question 74:
What is a primary benefit of single sign-on (SSO)?
A. Decreases authentication failures
B. Increases password strength
C. Reduces password fatigue
D. Provides multifactor authentication

Correct Answer: C
Explanation:
SSO reduces the need to remember multiple passwords, minimizing user fatigue.

---

Question 75:
What defines a vulnerability?
A. The probability of an attack
B. A weakness that can be exploited
C. The impact of a threat
D. The value of an asset

Correct Answer: B
Explanation:
A vulnerability is a weakness that can be exploited by a threat.

---

Question 76:
Which authentication method uses tickets?
A. LDAP
B. SAML
C. Kerberos
D. OAuth

Correct Answer: C
Explanation:
Kerberos uses tickets for secure authentication.

---

Question 77:
Which backup type copies all selected files whether changed or not?
A. Incremental
B. Differential
C. Full
D. Snapshot

Correct Answer: C
Explanation:
A full backup copies all selected data.

---

Question 78:
Which term describes evidence that is legally acceptable in court?
A. Direct evidence
B. Circumstantial evidence
C. Best evidence
D. Real evidence

Correct Answer: C
Explanation:
Best evidence refers to the original or most reliable form of evidence.

---

Question 79:
What kind of risk analysis assigns numeric values?
A. Quantitative
B. Qualitative
C. Subjective
D. Comparative

Correct Answer: A
Explanation:
Quantitative risk analysis uses numeric data to measure risks.

---

Question 80:
What defines the maximum amount of data loss acceptable during a disaster?
A. RPO
B. RTO
C. MTD
D. BIA

Correct Answer: A
Explanation:
Recovery Point Objective (RPO) defines how much data loss is acceptable.

---

Question 81:
Which control type is an employee background check?
A. Technical
B. Physical
C. Detective
D. Administrative

Correct Answer: D
Explanation:
Background checks are an administrative control to mitigate insider threats.

---

Question 82:
What does GDPR protect?
A. U.S. healthcare data
B. Global banking information
C. European citizens’ personal data
D. Government secrets

Correct Answer: C
Explanation:
The General Data Protection Regulation (GDPR) protects the personal data of EU citizens.

---

Question 83:
Which form of backup offers the quickest recovery time?
A. Incremental
B. Differential
C. Full
D. Snapshot

Correct Answer: C
Explanation:
Full backups allow the fastest recovery because all data is already copied.

---

Question 84:
What is the process of ensuring changes to IT systems are performed properly?
A. Vulnerability management
B. Incident response
C. Change management
D. Configuration management

Correct Answer: C
Explanation:
Change management controls IT changes to minimize risks.

---

Question 85:
What is the primary risk of allowing users to install software?
A. Increased software cost
B. Loss of productivity
C. Introduction of malware
D. Breach of SLA

Correct Answer: C
Explanation:
Allowing users to install unauthorized software increases malware risks.

---

Question 86:
Which type of test measures the effectiveness of controls without active exploitation?
A. Penetration test
B. Vulnerability scan
C. Red teaming
D. Bug bounty

Correct Answer: B
Explanation:
Vulnerability scans identify weaknesses without exploiting them.

---

Question 87:
What is a buffer overflow?
A. Overwriting memory beyond intended limits
B. Intercepting communications
C. Exploiting a web server
D. Encrypting a database

Correct Answer: A
Explanation:
Buffer overflows happen when programs write more data to a buffer than it can hold.

---

Question 88:
Which method uses a mathematical algorithm to verify data integrity?
A. Encryption
B. Steganography
C. Hashing
D. Tunneling

Correct Answer: C
Explanation:
Hashing algorithms verify the integrity of data.

---

Question 89:
Which type of test involves security personnel with no prior knowledge?
A. Gray-box testing
B. White-box testing
C. Black-box testing
D. Regression testing

Correct Answer: C
Explanation:
Black-box testers simulate external attackers with no system knowledge.

---

Question 90:
Which framework focuses on cybersecurity risk management?
A. ISO 9001
B. NIST CSF
C. ITIL
D. COBIT

Correct Answer: B
Explanation:
The NIST Cybersecurity Framework (CSF) helps organizations manage cybersecurity risks.

---

Question 91:
Which regulation enforces security on credit card data?
A. HIPAA
B. PCI DSS
C. GDPR
D. FISMA

Correct Answer: B
Explanation:
PCI DSS governs security for payment card information.

---

Question 92:
What is a key benefit of cloud computing?
A. Increased complexity
B. Elasticity and scalability
C. Slower access
D. Lower availability

Correct Answer: B
Explanation:
Cloud services allow fast scalability based on demand.

---

Question 93:
What is used to uniquely identify a digital certificate?
A. Private key
B. Public key
C. Serial number
D. Fingerprint

Correct Answer: C
Explanation:
A digital certificate’s serial number uniquely identifies it.

---

Question 94:
Which of the following best defines “separation of duties”?
A. Prevents one person from having total control
B. Segments the network
C. Hides data from unauthorized users
D. Encrypts communications

Correct Answer: A
Explanation:
Separation of duties ensures no single individual has full control over a critical process.

---

Question 95:
What technique involves evaluating the likelihood and impact of risks?
A. Risk transference
B. Risk assessment
C. Risk mitigation
D. Risk exploitation

Correct Answer: B
Explanation:
Risk assessments determine the probability and impact of threats.

---

Question 96:
Which of the following uses public key cryptography?
A. AES
B. 3DES
C. RSA
D. SHA-2

Correct Answer: C
Explanation:
RSA is an asymmetric encryption algorithm using public/private key pairs.

---

Question 97:
Which network security device detects and blocks attacks in real-time?
A. IDS
B. Firewall
C. IPS
D. VPN

Correct Answer: C
Explanation:
An Intrusion Prevention System (IPS) actively blocks detected threats.

---

Question 98:
What is a supply chain attack?
A. Attack on source code
B. Attack through vendors or third parties
C. Attack on employees
D. Attack on the internal network

Correct Answer: B
Explanation:
Supply chain attacks compromise systems through trusted vendors or third parties.

---

Question 99:
Which type of cryptography ensures confidentiality and integrity?
A. Hashing
B. Symmetric encryption
C. Asymmetric encryption
D. Digital signatures

Correct Answer: C
Explanation:
Asymmetric encryption ensures both confidentiality and integrity via key pairs.

---

Question 100:
Which framework provides cybersecurity best practices for critical infrastructure?
A. PCI DSS
B. ISO 27001
C. NIST CSF
D. HIPAA

Correct Answer: C
Explanation:
NIST Cybersecurity Framework provides best practices for protecting critical infrastructure.

Question 101:
What is the main goal of access control?
A. Ensure availability
B. Prevent unauthorized access
C. Encrypt data
D. Create backup copies

Correct Answer: B
Explanation:
Access control ensures that only authorized individuals can access resources.

---

Question 102:
Which security principle is based on giving users the minimum level of access they need?
A. Need to know
B. Least privilege
C. Segregation of duties
D. Defense in depth

Correct Answer: B
Explanation:
Least privilege limits access rights for users to only what is necessary for their work.

---

Question 103:
Which term describes the hiding of data within another file?
A. Encryption
B. Steganography
C. Hashing
D. Tokenization

Correct Answer: B
Explanation:
Steganography conceals data within other non-secret files like images or audio.

---

Question 104:
What does a digital certificate primarily verify?
A. Data encryption
B. The integrity of software
C. The identity of an entity
D. The performance of a network

Correct Answer: C
Explanation:
Digital certificates validate the identity of a person, device, or service.

---

Question 105:
What is the first step in risk management?
A. Mitigate risks
B. Identify assets
C. Identify threats
D. Assess vulnerabilities

Correct Answer: B
Explanation:
Risk management begins with identifying assets.

---

Question 106:
Which is an example of physical access control?
A. Password
B. Firewall
C. Security guard
D. Antivirus

Correct Answer: C
Explanation:
A security guard controls physical access to a facility.

---

Question 107:
What does an SLA define?
A. The encryption method used
B. Service expectations between provider and client
C. Security audit procedures
D. Backup schedules

Correct Answer: B
Explanation:
A Service Level Agreement (SLA) defines expectations of service between a provider and client.

---

Question 108:
Which of the following attacks uses social interaction?
A. SQL Injection
B. Phishing
C. Man-in-the-middle
D. Buffer overflow

Correct Answer: B
Explanation:
Phishing involves tricking users into giving sensitive information.

---

Question 109:
What is the goal of business continuity planning (BCP)?
A. Ensure quick recovery after a disruption
B. Eliminate all risks
C. Maximize profits
D. Prevent cyberattacks

Correct Answer: A
Explanation:
BCP ensures continued operation or quick recovery after disruptions.

---

Question 110:
Which term best describes the duplication of critical components to ensure availability?
A. Replication
B. Redundancy
C. Clustering
D. Mirroring

Correct Answer: B
Explanation:
Redundancy duplicates critical components for reliability.

---

Question 111:
What is an example of an administrative control?
A. Fire extinguisher
B. Password policy
C. Antivirus software
D. Firewall

Correct Answer: B
Explanation:
Password policies are administrative (management) controls.

---

Question 112:
Which encryption type uses two keys?
A. Symmetric
B. Asymmetric
C. Block cipher
D. Stream cipher

Correct Answer: B
Explanation:
Asymmetric encryption uses a public and a private key.

---

Question 113:
What does multifactor authentication require?
A. Two passwords
B. Password and username
C. Two or more types of authentication factors
D. Retinal scan only

Correct Answer: C
Explanation:
MFA uses multiple authentication factors like something you know, have, or are.

---

Question 114:
Which framework focuses on improving an organization’s cybersecurity practices?
A. COBIT
B. ISO 27001
C. NIST Cybersecurity Framework
D. SOX

Correct Answer: C
Explanation:
The NIST CSF helps organizations manage and reduce cybersecurity risks.

---

Question 115:
What is an example of a logical access control?
A. Firewall
B. Lock and key
C. Security guard
D. Biometrics scanner

Correct Answer: A
Explanation:
A firewall is a logical control regulating digital access.

---

Question 116:
What is the purpose of hashing?
A. Encrypt data
B. Protect against malware
C. Verify data integrity
D. Increase network speed

Correct Answer: C
Explanation:
Hashing ensures data hasn’t been tampered with.

---

Question 117:
Which backup method captures all changes made since the last full backup?
A. Full backup
B. Incremental backup
C. Differential backup
D. Snapshot backup

Correct Answer: C
Explanation:
Differential backups record changes since the last full backup.

---

Question 118:
What is the best mitigation for SQL Injection?
A. Antivirus software
B. Input validation
C. Intrusion Detection System
D. Encryption

Correct Answer: B
Explanation:
Input validation ensures user inputs are safe and properly formatted.

---

Question 119:
What is the definition of a vulnerability?
A. A potential threat
B. An unpatched weakness
C. An encrypted system
D. A disaster recovery plan

Correct Answer: B
Explanation:
Vulnerabilities are weaknesses that can be exploited by threats.

---

Question 120:
What is the primary goal of incident response?
A. Punish attackers
B. Recover systems and limit damage
C. Alert the media
D. Increase marketing

Correct Answer: B
Explanation:
Incident response focuses on containing damage and recovering quickly.

Question 121:
Which of the following is an example of a technical control?
A. Background checks
B. Firewalls
C. Security policies
D. Awareness training

Correct Answer: B
Explanation:
Technical controls like firewalls protect systems electronically.

---

Question 122:
Which law regulates how organizations handle personal financial information?
A. HIPAA
B. GLBA
C. SOX
D. FISMA

Correct Answer: B
Explanation:
The Gramm-Leach-Bliley Act (GLBA) governs the protection of private financial information.

---

Question 123:
What is the main purpose of penetration testing?
A. Patch vulnerabilities
B. Identify exploitable vulnerabilities
C. Monitor network traffic
D. Block phishing attempts

Correct Answer: B
Explanation:
Penetration testing simulates attacks to find vulnerabilities.

---

Question 124:
What does the term “CIA Triad” refer to?
A. Confidentiality, Integrity, Availability
B. Cryptography, Identity, Access
C. Certification, Inspection, Accreditation
D. Control, Investigation, Authentication

Correct Answer: A
Explanation:
CIA stands for Confidentiality, Integrity, and Availability.

---

Question 125:
Which attack involves intercepting communication between two parties?
A. Denial of Service
B. Brute Force
C. Man-in-the-middle
D. Phishing

Correct Answer: C
Explanation:
A Man-in-the-middle attack intercepts and possibly alters communication.

---

Question 126:
What is the key benefit of network segmentation?
A. Reduced power consumption
B. Improved performance
C. Limited spread of attacks
D. Increased encryption

Correct Answer: C
Explanation:
Segmentation limits an attack’s ability to spread.

---

Question 127:
Which cloud service model offers hardware resources over the Internet?
A. SaaS
B. PaaS
C. IaaS
D. XaaS

Correct Answer: C
Explanation:
Infrastructure as a Service (IaaS) delivers hardware resources over the cloud.

---

Question 128:
Which technique ensures that data cannot be read if intercepted?
A. Steganography
B. Encryption
C. Hashing
D. Data masking

Correct Answer: B
Explanation:
Encryption secures data from unauthorized reading.

---

Question 129:
Which of the following is a preventive control?
A. Fire alarm
B. Antivirus software
C. Security audit
D. Incident report

Correct Answer: B
Explanation:
Antivirus software prevents infections before they occur.

---

Question 130:
What is the primary risk of single sign-on (SSO)?
A. Easier to manage accounts
B. Increased password complexity
C. Single point of failure
D. Reduces downtime

Correct Answer: C
Explanation:
If SSO is compromised, all systems accessed through it may be at risk.

---

Question 131:
What does the term “zero-day vulnerability” mean?
A. It is fully patched.
B. It has just been discovered and has no fix yet.
C. It was created during development.
D. It is scheduled for repair.

Correct Answer: B
Explanation:
Zero-day vulnerabilities are newly discovered and not yet patched.

---

Question 132:
What is the best first step when creating a disaster recovery plan (DRP)?
A. Hire a consultant
B. Conduct a business impact analysis
C. Set recovery time objectives
D. Purchase backup equipment

Correct Answer: B
Explanation:
A business impact analysis (BIA) identifies critical business functions and impacts of downtime.

---

Question 133:
What is social engineering?
A. A software attack
B. A network intrusion
C. A psychological attack against people
D. A password cracking tool

Correct Answer: C
Explanation:
Social engineering manipulates people to gain confidential information.

---

Question 134:
Which is an example of two-factor authentication?
A. Password and PIN
B. Password and fingerprint
C. Username and password
D. Smart card and PIN

Correct Answer: B
Explanation:
Two different types: something you know (password) and something you are (fingerprint).

---

Question 135:
What type of malware demands payment to restore access to data?
A. Virus
B. Worm
C. Trojan
D. Ransomware

Correct Answer: D
Explanation:
Ransomware encrypts data and demands payment to unlock it.

---

Question 136:
What is a botnet?
A. Network backup system
B. Group of infected computers controlled remotely
C. Anti-malware solution
D. Password cracking tool

Correct Answer: B
Explanation:
Botnets are networks of compromised computers controlled by an attacker.

---

Question 137:
Which protocol secures web communications?
A. HTTP
B. FTP
C. HTTPS
D. SMTP

Correct Answer: C
Explanation:
HTTPS encrypts communication over the web using SSL/TLS.

---

Question 138:
Which of the following best describes phishing?
A. Stealing credentials using fake websites or emails
B. Guessing passwords manually
C. Exploiting software bugs
D. Disrupting network services

Correct Answer: A
Explanation:
Phishing deceives users into providing sensitive information.

---

Question 139:
Which layer of the OSI model deals with encryption?
A. Physical
B. Data Link
C. Presentation
D. Application

Correct Answer: C
Explanation:
The Presentation layer handles encryption and decryption.

---

Question 140:
What is the first step in forensic investigation?
A. Analyzing logs
B. Seizing evidence
C. Preserving the scene
D. Creating a chain of custody

Correct Answer: C
Explanation:
Preserving the scene ensures that evidence is not tampered with.

Question 141:
What is the main goal of encryption?
A. Authenticate users
B. Protect data confidentiality
C. Increase bandwidth
D. Backup files

Correct Answer: B
Explanation:
Encryption ensures that data remains confidential even if intercepted.

---

Question 142:
What is the purpose of a demilitarized zone (DMZ) in network architecture?
A. To block internal traffic
B. To protect external-facing servers
C. To increase Wi-Fi signal
D. To encrypt all internal communications

Correct Answer: B
Explanation:
A DMZ isolates and protects servers accessible from the Internet.

---

Question 143:
What does the concept of defense in depth involve?
A. Using a single strong firewall
B. Layering multiple security controls
C. Relying only on encryption
D. Avoiding user training

Correct Answer: B
Explanation:
Defense in depth uses multiple layers of defense to protect assets.

---

Question 144:
What does tokenization do?
A. Encrypt passwords
B. Replace sensitive data with non-sensitive equivalents
C. Backup systems
D. Destroy old data

Correct Answer: B
Explanation:
Tokenization replaces sensitive data with unique identifiers (tokens).

---

Question 145:
Which standard defines information security management systems (ISMS)?
A. NIST 800-53
B. PCI-DSS
C. ISO 27001
D. HIPAA

Correct Answer: C
Explanation:
ISO 27001 sets standards for establishing, implementing, and maintaining ISMS.

---

Question 146:
What is the most critical element for ensuring the success of a security awareness program?
A. Advanced technology
B. Executive management support
C. Expensive training materials
D. Longer training sessions

Correct Answer: B
Explanation:
Support from top leadership is vital for program success.

---

Question 147:
What type of control is a security policy?
A. Physical control
B. Technical control
C. Administrative control
D. Detective control

Correct Answer: C
Explanation:
Policies are administrative controls guiding behavior and expectations.

---

Question 148:
Which security model focuses on data confidentiality and controlled access?
A. Bell-LaPadula Model
B. Biba Model
C. Clark-Wilson Model
D. Brewer-Nash Model

Correct Answer: A
Explanation:
The Bell-LaPadula model enforces confidentiality through access controls.

---

Question 149:
What does a vulnerability scanner do?
A. Encrypt communications
B. Block all suspicious traffic
C. Identify weaknesses in systems
D. Create security policies

Correct Answer: C
Explanation:
Vulnerability scanners detect and report system weaknesses.

---

Question 150:
Which type of backup backs up only files that have changed since the last backup of any kind?
A. Full backup
B. Incremental backup
C. Differential backup
D. Snapshot backup

Correct Answer: B
Explanation:
Incremental backups only capture changes made since the last backup.

---

Question 151:
What is the purpose of an IDS (Intrusion Detection System)?
A. Block malicious traffic
B. Detect unauthorized activities
C. Backup critical data
D. Increase system performance

Correct Answer: B
Explanation:
An IDS monitors and alerts on suspicious activities.

---

Question 152:
Which attack is characterized by overwhelming a system with traffic?
A. Phishing
B. Man-in-the-middle
C. DDoS
D. SQL Injection

Correct Answer: C
Explanation:
Distributed Denial of Service (DDoS) attacks flood a system to cause failure.

---

Question 153:
Which term describes the maximum tolerable downtime for a system?
A. RPO
B. MTD
C. SLA
D. BIA

Correct Answer: B
Explanation:
Maximum Tolerable Downtime (MTD) defines how long a system can be offline without major damage.

---

Question 154:
Which law focuses on the protection of healthcare data in the U.S.?
A. GLBA
B. HIPAA
C. FISMA
D. SOX

Correct Answer: B
Explanation:
HIPAA regulates the protection of personal health information (PHI).

---

Question 155:
Which authentication factor is something you do?
A. Signature dynamics
B. Password
C. Badge
D. Fingerprint

Correct Answer: A
Explanation:
Behavioral biometrics (like signature dynamics) are “something you do.”

---

Question 156:
Which model ensures data integrity by preventing unauthorized modification?
A. Bell-LaPadula
B. Clark-Wilson
C. Brewer-Nash
D. Chinese Wall

Correct Answer: B
Explanation:
The Clark-Wilson model enforces data integrity through well-formed transaction rules.

---

Question 157:
What is the term for recording every action on a system for later analysis?
A. Encryption
B. Auditing
C. Hashing
D. Filtering

Correct Answer: B
Explanation:
Auditing tracks and logs user/system actions for security reviews.

---

Question 158:
Which control type is a biometric access system?
A. Detective control
B. Corrective control
C. Physical control
D. Logical control

Correct Answer: D
Explanation:
Biometrics are logical (technical) controls authenticating users based on physical characteristics.

---

Question 159:
Which attack tricks users into downloading malicious software?
A. Watering hole attack
B. DNS poisoning
C. Phishing
D. Trojan horse

Correct Answer: D
Explanation:
Trojan horses disguise malicious software as legitimate.

---

Question 160:
What does RPO (Recovery Point Objective) define?
A. Maximum outage time
B. Maximum data loss tolerable
C. Backup schedule
D. Incident report time

Correct Answer: B
Explanation:
RPO defines how much data loss is acceptable during a recovery.

Question 161:
Which of the following is an example of a detective control?
A. Intrusion detection system
B. Antivirus software
C. Security policy
D. Firewalls

Correct Answer: A
Explanation:
An intrusion detection system (IDS) detects and alerts on security breaches.

---

Question 162:
What is the main purpose of the principle of least privilege?
A. Ensure users have the minimum access they need to perform their job
B. Maximize the access users have to systems
C. Reduce the risk of malware infections
D. Improve user training

Correct Answer: A
Explanation:
Least privilege limits user access to only what is necessary for job functions.

---

Question 163:
Which of the following describes a “watering hole” attack?
A. Targeting a specific individual with malware
B. Exploiting a vulnerability in a website visited by many targets
C. Overloading a system with traffic
D. Sending fake emails to steal credentials

Correct Answer: B
Explanation:
In a watering hole attack, attackers compromise a website frequently visited by the target.

---

Question 164:
Which of the following is NOT an example of a physical control?
A. Video surveillance
B. Locking doors
C. Firewall
D. Badge access system

Correct Answer: C
Explanation:
A firewall is a logical control, not a physical one.

---

Question 165:
What type of backup captures only the data that has changed since the last full or incremental backup?
A. Full backup
B. Incremental backup
C. Differential backup
D. Snapshot backup

Correct Answer: C
Explanation:
Differential backups capture all changes since the last full backup.

---

Question 166:
Which of the following is a characteristic of symmetric encryption?
A. It uses two keys: public and private
B. It uses one key for both encryption and decryption
C. It is slower than asymmetric encryption
D. It requires digital certificates

Correct Answer: B
Explanation:
Symmetric encryption uses the same key for both encryption and decryption.

---

Question 167:
What is the role of a proxy server in network security?
A. Provide backup services
B. Act as a buffer between users and the internet
C. Encrypt sensitive data
D. Monitor incoming network traffic

Correct Answer: B
Explanation:
A proxy server hides the user’s IP address and controls access to websites.

---

Question 168:
What is the primary focus of risk analysis?
A. Define assets and their value
B. Assess and mitigate potential threats and vulnerabilities
C. Create security policies
D. Backup critical systems

Correct Answer: B
Explanation:
Risk analysis focuses on identifying and addressing potential threats and vulnerabilities.

---

Question 169:
Which of the following is an example of a control that is part of the recovery phase?
A. Security awareness training
B. Data backup and restoration
C. Password policy enforcement
D. Vulnerability scanning

Correct Answer: B
Explanation:
Data backup and restoration is part of the recovery phase in incident response.

---

Question 170:
Which of the following is true regarding public key infrastructure (PKI)?
A. PKI requires both private and public keys for encryption
B. PKI is a process for managing passwords
C. PKI uses symmetric encryption only
D. PKI is used only for digital signatures

Correct Answer: A
Explanation:
PKI uses a combination of public and private keys for encryption and secure communications.

---

Question 171:
What is the main purpose of a disaster recovery plan (DRP)?
A. Prevent future incidents
B. Recover data and systems after an incident
C. Ensure compliance with regulations
D. Monitor network traffic

Correct Answer: B
Explanation:
A DRP outlines procedures for recovering systems and data after a disaster.

---

Question 172:
Which of the following is an example of an administrative control?
A. Encryption
B. User training
C. Firewalls
D. Biometric scanning

Correct Answer: B
Explanation:
User training is an administrative control aimed at educating employees on security best practices.

---

Question 173:
What is a hash function commonly used for?
A. Encrypt data
B. Store passwords
C. Authenticate users
D. Provide digital signatures

Correct Answer: B
Explanation:
Hash functions are used to store passwords securely, making them unreadable.

---

Question 174:
Which of the following is NOT a goal of an Information Security Management System (ISMS)?
A. Continuous improvement of security measures
B. Establishment of security policies
C. Certification of staff competence
D. Protection of information assets

Correct Answer: C
Explanation:
An ISMS focuses on the security of information, not on certifying staff competence.

---

Question 175:
What is the main purpose of a vulnerability assessment?
A. Encrypt data
B. Identify security weaknesses
C. Provide security patches
D. Create security policies

Correct Answer: B
Explanation:
A vulnerability assessment identifies and evaluates security weaknesses.

---

Question 176:
What does an SSL/TLS certificate ensure?
A. Data is compressed
B. Data integrity and encryption during transmission
C. Data is stored in a database
D. Data is protected with a firewall

Correct Answer: B
Explanation:
SSL/TLS certificates encrypt data during transmission to ensure its integrity and privacy.

---

Question 177:
What is an example of an application-level control?
A. Antivirus software
B. Encryption
C. Firewall
D. Web application firewall

Correct Answer: D
Explanation:
A web application firewall (WAF) monitors and filters traffic to web applications.

---

Question 178:
Which of the following is the purpose of a security policy?
A. To enforce legal compliance
B. To detect security threats
C. To describe acceptable use of resources
D. To monitor network traffic

Correct Answer: C
Explanation:
Security policies set guidelines for the acceptable use of organizational resources.

---

Question 179:
Which of the following best describes a “phishing” attack?
A. An attack that uses encrypted email to obtain sensitive data
B. An attack that involves redirecting users to a fake website to steal credentials
C. An attack that floods a system with excessive traffic
D. An attack that exploits a software vulnerability

Correct Answer: B
Explanation:
Phishing deceives users into providing sensitive information via fake websites or emails.

---

Question 180:
Which of the following is the primary focus of a business continuity plan (BCP)?
A. Ensuring data confidentiality
B. Maintaining business operations in the event of a disaster
C. Securing organizational assets
D. Implementing strong access controls

Correct Answer: B
Explanation:
A BCP ensures that business operations continue during and after a disaster.

Question 181:
Which of the following is an example of a logical control?
A. Physical access control systems
B. Firewalls
C. Security guard patrols
D. Backup generators

Correct Answer: B
Explanation:
Firewalls are logical controls that monitor and filter traffic based on defined rules.

---

Question 182:
What does the term “defense in depth” refer to?
A. Using a single strong security control
B. The strategy of layering multiple security controls to protect assets
C. A process for detecting intruders
D. The use of encryption for all data

Correct Answer: B
Explanation:
Defense in depth involves using multiple layers of security to protect against different types of threats.

---

Question 183:
Which of the following security models emphasizes the need for separation of duties?
A. Bell-LaPadula Model
B. Biba Model
C. Clark-Wilson Model
D. Brewer-Nash Model

Correct Answer: C
Explanation:
The Clark-Wilson model focuses on enforcing well-formed transaction rules and separation of duties.

---

Question 184:
Which of the following is an example of an effective preventative control?
A. Intrusion detection system
B. Antivirus software
C. Video surveillance
D. Incident response plan

Correct Answer: B
Explanation:
Antivirus software prevents malware from executing on a system.

---

Question 185:
Which of the following is an example of a physical control?
A. Access control list
B. Encryption
C. Security guard
D. Intrusion detection system

Correct Answer: C
Explanation:
Security guards are physical controls that prevent unauthorized physical access to a facility.

---

Question 186:
What is the purpose of a vulnerability management program?
A. Detect and patch vulnerabilities before they are exploited
B. Encrypt sensitive data
C. Prevent unauthorized access to systems
D. Monitor and log user activity

Correct Answer: A
Explanation:
A vulnerability management program identifies, evaluates, and remediates vulnerabilities to prevent exploitation.

---

Question 187:
What is the primary purpose of a public key in PKI (Public Key Infrastructure)?
A. Encrypt data
B. Verify signatures
C. Decrypt data
D. Authenticate users

Correct Answer: A
Explanation:
The public key is used for encrypting data, while the private key is used for decryption.

---

Question 188:
What is a zero-day vulnerability?
A. A vulnerability that has been patched
B. A vulnerability that is discovered and exploited on the same day
C. A vulnerability that is known but not yet exploited
D. A vulnerability that is easily fixed

Correct Answer: B
Explanation:
A zero-day vulnerability is discovered and exploited before a patch is available.

---

Question 189:
Which of the following is the main objective of security training and awareness programs?
A. To ensure compliance with regulations
B. To detect and respond to security incidents
C. To educate employees on security best practices and policies
D. To prevent data breaches through encryption

Correct Answer: C
Explanation:
Security training and awareness programs aim to educate employees on secure practices and company policies.

---

Question 190:
What is the purpose of an access control list (ACL)?
A. To track the number of access attempts
B. To restrict or allow access to resources based on permissions
C. To monitor network traffic
D. To detect unauthorized access attempts

Correct Answer: B
Explanation:
An ACL defines rules for granting or denying access to network resources.

---

Question 191:
Which of the following is an example of a denial of service (DoS) attack?
A. Phishing
B. SQL Injection
C. Buffer Overflow
D. Ping of Death

Correct Answer: D
Explanation:
A Ping of Death is a DoS attack that sends oversized ICMP packets to crash systems.

---

Question 192:
Which type of firewall operates at the application layer?
A. Packet-filtering firewall
B. Stateful inspection firewall
C. Proxy firewall
D. Circuit-level gateway

Correct Answer: C
Explanation:
Proxy firewalls work at the application layer and can filter traffic based on application data.

---

Question 193:
What is a business impact analysis (BIA)?
A. A procedure for identifying critical business processes and their impact during a disaster
B. A report on financial performance
C. A system for detecting unauthorized access
D. A list of business rules

Correct Answer: A
Explanation:
A BIA identifies the potential impact of disruptions to business operations and the resources needed for recovery.

---

Question 194:
Which type of encryption uses a single key for both encryption and decryption?
A. Asymmetric encryption
B. Hashing
C. Symmetric encryption
D. Digital signatures

Correct Answer: C
Explanation:
Symmetric encryption uses the same key for both encrypting and decrypting data.

---

Question 195:
What is the first step in incident response?
A. Eradication of the threat
B. Containment of the threat
C. Identification of the incident
D. Recovery of systems

Correct Answer: C
Explanation:
The first step in incident response is identifying and confirming that an incident has occurred.

---

Question 196:
Which of the following is a key characteristic of a VPN (Virtual Private Network)?
A. Provides authentication
B. Prevents all types of attacks
C. Encrypts data over a public network
D. Ensures data integrity during transmission

Correct Answer: C
Explanation:
A VPN encrypts data to ensure secure communication over a public network.

---

Question 197:
Which of the following defines the term “phishing”?
A. An attack that exploits vulnerabilities in a software program
B. A type of social engineering attack aimed at stealing credentials
C. An attack that sends fake traffic to a website
D. A technique to obtain unauthorized access to a network

Correct Answer: B
Explanation:
Phishing is a social engineering attack that tricks individuals into divulging sensitive information.

---

Question 198:
Which of the following is the primary purpose of multi-factor authentication (MFA)?
A. To increase password complexity
B. To combine multiple methods of authentication for stronger security
C. To track user access logs
D. To limit access to specific systems

Correct Answer: B
Explanation:
MFA combines multiple authentication methods (e.g., password, biometrics) to increase security.

---

Question 199:
Which of the following is a security best practice for handling sensitive data?
A. Store sensitive data in plaintext to simplify access
B. Share sensitive data via email without encryption
C. Encrypt sensitive data both at rest and in transit
D. Grant all users access to sensitive data for convenience

Correct Answer: C
Explanation:
Sensitive data should always be encrypted both when stored and when transmitted to ensure its confidentiality.

---

Question 200:
Which of the following would be an example of a corrective control?
A. Firewalls
B. Backup systems
C. Antivirus software
D. Incident response

Correct Answer: D
Explanation:
Incident response is a corrective control that addresses security breaches after they occur.

Question 201:
Which of the following is the primary objective of a business continuity plan (BCP)?
A. To ensure that business operations can continue during and after a disaster
B. To train employees in security awareness
C. To prevent security breaches
D. To detect and respond to threats

Correct Answer: A
Explanation:
A BCP is designed to ensure that critical business operations can continue during and after a disaster.

---

Question 202:
Which of the following is a typical characteristic of an insider threat?
A. The threat originates from external attackers
B. The threat is typically caused by employees or trusted individuals
C. The threat always involves data encryption
D. The threat is always associated with physical theft of hardware

Correct Answer: B
Explanation:
Insider threats come from trusted individuals, such as employees or contractors, who misuse their access to organizational assets.

---

Question 203:
Which of the following is the primary goal of encryption?
A. To ensure that data is compressed
B. To protect data from unauthorized access
C. To improve network performance
D. To detect network intrusions

Correct Answer: B
Explanation:
Encryption protects data by converting it into a format that can only be read by authorized parties.

---

Question 204:
What is the purpose of the Bell-LaPadula model in access control?
A. To ensure data integrity
B. To prevent unauthorized access and protect data confidentiality
C. To manage user authentication
D. To monitor security events in real time

Correct Answer: B
Explanation:
The Bell-LaPadula model focuses on data confidentiality by enforcing mandatory access control.

---

Question 205:
Which of the following is an example of an identity management system?
A. Intrusion detection system
B. Single sign-on (SSO)
C. Antivirus software
D. Virtual private network (VPN)

Correct Answer: B
Explanation:
Single sign-on (SSO) is an identity management system that allows users to authenticate once and gain access to multiple systems.

---

Question 206:
What is the first step in risk management?
A. Risk transfer
B. Risk assessment
C. Risk mitigation
D. Risk acceptance

Correct Answer: B
Explanation:
The first step in risk management is to assess the risks to determine their impact and likelihood.

---

Question 207:
Which of the following is a preventive control?
A. Firewalls
B. Intrusion detection systems
C. Incident response plans
D. Backup systems

Correct Answer: A
Explanation:
Firewalls are preventive controls that block unauthorized network traffic from entering a system.

---

Question 208:
What does a digital signature provide in a public key infrastructure (PKI) system?
A. Encryption of messages
B. Verification of the sender’s identity and data integrity
C. Data storage
D. Access to cryptographic keys

Correct Answer: B
Explanation:
A digital signature ensures data integrity and verifies the sender’s identity using the sender’s private key.

---

Question 209:
What is the primary focus of the Biba security model?
A. Confidentiality
B. Integrity
C. Availability
D. Accountability

Correct Answer: B
Explanation:
The Biba model focuses on maintaining the integrity of data by preventing unauthorized modification.

---

Question 210:
Which of the following is a key feature of multi-factor authentication (MFA)?
A. It requires at least two different types of authentication methods
B. It uses only a password to authenticate users
C. It eliminates the need for user credentials
D. It is used only for administrative access

Correct Answer: A
Explanation:
MFA requires two or more different types of authentication methods, such as a password and a fingerprint.

---

Question 211:
Which of the following is NOT a principle of information security?
A. Confidentiality
B. Integrity
C. Availability
D. Accuracy

Correct Answer: D
Explanation:
The three core principles of information security are confidentiality, integrity, and availability (CIA).

---

Question 212:
What is the purpose of an intrusion detection system (IDS)?
A. To prevent security incidents
B. To monitor network traffic for suspicious activity
C. To encrypt sensitive data
D. To authenticate users

Correct Answer: B
Explanation:
An IDS monitors network traffic for potential threats and suspicious activity.

---

Question 213:
Which of the following best describes an asymmetric encryption system?
A. It uses the same key for both encryption and decryption
B. It uses two keys: one for encryption and another for decryption
C. It relies solely on password-based authentication
D. It uses a symmetric key for both encryption and decryption

Correct Answer: B
Explanation:
Asymmetric encryption uses a pair of keys: a public key for encryption and a private key for decryption.

---

Question 214:
What does the concept of “separation of duties” aim to achieve in security?
A. To prevent a single person from having complete control over a critical process
B. To ensure that all employees have equal access to critical resources
C. To reduce the workload of system administrators
D. To ensure that all systems are encrypted

Correct Answer: A
Explanation:
Separation of duties aims to ensure that no single individual has enough control to misuse a critical process or system.

---

Question 215:
Which of the following is an example of a compensating control?
A. Regular backups of critical systems
B. Firewalls and intrusion prevention systems
C. User training and awareness programs
D. A biometric access control system

Correct Answer: A
Explanation:
Compensating controls are used to provide an alternative when primary controls are not feasible. Regular backups serve as a compensating control for data loss.

---

Question 216:
What is the purpose of a data loss prevention (DLP) system?
A. To prevent unauthorized access to systems
B. To detect and prevent data breaches or leaks
C. To monitor network performance
D. To provide encryption for sensitive data

Correct Answer: B
Explanation:
A DLP system prevents sensitive data from being leaked or accessed by unauthorized individuals.

---

Question 217:
Which of the following is true about a firewall in network security?
A. It allows all inbound traffic
B. It only monitors outgoing traffic
C. It filters traffic based on predefined security rules
D. It encrypts all traffic entering the network

Correct Answer: C
Explanation:
A firewall filters traffic based on predefined rules to control access to the network.

---

Question 218:
Which of the following is the primary purpose of risk mitigation?
A. To transfer risk to another party
B. To reduce the likelihood and impact of risks
C. To accept all identified risks
D. To eliminate all potential risks

Correct Answer: B
Explanation:
Risk mitigation involves implementing measures to reduce the likelihood and impact of identified risks.

---

Question 219:
Which of the following is an example of a detective control?
A. Encryption
B. Intrusion detection system
C. Antivirus software
D. Security awareness training

Correct Answer: B
Explanation:
An IDS is a detective control that detects and alerts administrators to security breaches.

---

Question 220:
Which of the following is an example of a corrective control?
A. Backup systems
B. Antivirus software
C. Firewalls
D. Incident response procedures

Correct Answer: D
Explanation:
Incident response procedures are corrective controls that address security incidents once they have occurred.