1
How does “drop” mode work in an IDS system?
A) When suspicious traffic is detected, it stops the packet and writes to the log
B) It encrypts packets
C) It compresses traffic
D) It reboots the system
A) When suspicious traffic is detected, it stops the packet and writes to the log
What is the purpose of log analysis?
A) It serves the purpose of keeping all users' passwords safe
B) Used to automatically compress large files on the system to detect suspicious activity
C) Check log entries written by systems or services to detect suspicious activity
D) To temporarily or permanently disable all network activity
C) Check log entries written by systems or services to detect suspicious activity
What is a Trojan used for?
A) Only works for compressing and archiving large files
B) Serves to optimize the performance of the entire network
C) This is a special tool designed to update antivirus software by deceiving updates
D) Used to hide and perform malicious functions by deceiving the user
D) Used to hide and perform malicious functions by deceiving the user
How does a Man-in-the-Middle (MitM) attack work?
A) Interfere between communication parties to read or modify data
B) It only deals with stealing users' passwords
C) It is the process of updating the operating system to the latest version
D) It is the process of cleaning a hard disk from unnecessary files
A) Interfere between communication parties to read or modify data
What is the main approach to preventing security threats?
A) By keeping important information always accessible
B) By intentionally violating established security policies
C) By providing free and unrestricted access to information
D) By authenticating and authorizing users
D) By authenticating and authorizing users
Why is the “priority” field used in IDS rules?
A) To show the packet size
B) To encrypt traffic
C) To set the importance level of events
D) To write the user ID
C) To set the importance level of events
What is the first step in the incident response process?
A) The entire system needs to be formatted immediately
B) Event detection and identification
C) Log out a suspicious user
D) All passwords should be automatically updated
B) Event detection and identification
What is the main characteristic of a worm?
A) It only sticks to one file and is never active
B) Always requires user approval to run
C) Stays on only one computer and does not spread across the network and operating without user intervention
D) Self-replicating, spreading across the network, and operating without user intervention
D) Self-replicating, spreading across the network, and operating without user intervention
What is computer exploitation?
A) Update the operating system to the latest without user intervention
B) System user technical support
C) Back up data on your hard drive
D) Unauthorized access to the system using vulnerabilities
D) Unauthorized access to the system using vulnerabilities
What is the main purpose of a DoS/DDoS attack?
A) Obtaining confidential information by encrypting information
B) Permanently delete all users from the system
C) Modifying or deleting important system files
D) Reducing system performance or disabling it
D) Reducing system performance or disabling it
What is the main purpose of creating a new signature in an IDS/IPS system?
A) To increase network speed
B) To recover user passwords
C) To automatically delete log files
D) To detect new attacks and reduce false alerts
D) To detect new attacks and reduce false alerts
What does a VPN (virtual private network) provide?
A) It makes the login password verification process much faster
B) Provides secure remote connections and data transfer through an encrypted tunnel
C) Automatically updates the operating system to the latest version
D) Makes the software interface much simpler for users through an encrypted tunnel
B) Provides secure remote connections and data transfer through an encrypted tunnel
How are public and private keys used?
A) The public key is used to replace and update the private key
B) Encryption is done with the public key, decryption is done with the private key
C) Both of these keys are used only for decryption
D) Both of these keys are used only for encryption and operating without user intervention
B) Encryption is done with the public key, decryption is done with the private key
What are hash functions used for?
A) Create a private key to securely encrypt data
B) Representing data in a concise summary form
C) Authenticate a user to log in to the system
D) Manage and control the entire network activity
B) Representing data in a concise summary form
What should be done to prevent the threat of "Phishing" in information security?
A) Important information should always be kept in an open format
B) It is necessary to limit and should be made anonymous Internet access as much as possible
C) Avoid opening suspicious links and use authentication systems
D) All users in the system should be made anonymous
C) Avoid opening suspicious links and use authentication systems
What is Ransomware?
A) It encrypts user files and demands a payment
B) It automatically updates the system
C) It deletes user logins
D) It increases network speed
A) It encrypts user files and demands a payment
Why is network segmentation important?
A) To consolidate the entire network into a single large chunk for easier management
B) Used to collect all user passwords in one secure place
C) To limit the spread of damage in the event of an attack or error by dividing the network into zones
D) To significantly increase overall internet speed across the entire network between these two types of network firewalls
C) To limit the spread of damage in the event of an attack or error by dividing the network into zones
What is an electronic signature used for?
A) To verify the document author and document integrity
B) To automatically translate text in a document
C) For compressing and archiving large files
D) To keep users' passwords safe and operating without user intervention
To verify the document author and document integrity
What does "spyware" do?
A) Secretly tracks user activity and steals data
B) Automatically sorts all files on the system in alphabetical order
C) Blocks important files and completely restricts access to them
D) It interferes with the user by multiplying unnecessary files
A) Secretly tracks user activity and steals data
What security principle is the MAC model based on?
A) With the principle of always keeping information open
B) With access to information only according to specified permissions
C) With constant monitoring of every user in the system
D) With constant monitoring of every user in the system
B) With access to information only according to specified permissions
What does a "heuristic" approach do in attack detection?
A) It helps to detect new attacks based on anomalies or suspicious behavior, not tied to a strict signature
B) It always expects a complete match to a signature
C) It only works with a timestamp
D) It shuts down the network
A) It helps to detect new attacks based on anomalies or suspicious behavior, not tied to a strict signature
What is the main difference between stateful and stateless firewalls?
A) A stateless firewall is always considered more secure than a stateful one
B) Stateful never blocks packets on the network, only warns
C) Stateful monitors traffic state; stateless only checks individual packets
D) There is no technical difference between these two types of network firewalls
C) Stateful monitors traffic state; stateless only checks individual packets
What function does salt perform?
A) It performs the function of converting the user's password into plain text
B) Increases resistance to dictionary attacks by adding random values to hashes
C) It acts as a closure for all open ports on the network
D) It performs the function of compressing large amounts of data
B) Increases resistance to dictionary attacks by adding random values to hashes
How does restarting the network help against viruses?
A) By creating new and empty files on the system
B) By changing the computer's name on the network
C) By correcting temporary network errors
D) It does not help against viruses
C) By correcting temporary network errors
What is a one-way function?
A) Data recovery method
B) Information management system
C) Irreversible encryption method
D) Network management tool
C) Irreversible encryption method