Show:
Cyber Foundations
Cyber Threats & Attacks
Ethical Hacking & Defense
Cyber Policies & People
Data & Access Control
100

What does the acronym IP stand for in networking?

Internet Protocol

100

This type of software is designed to harm or exploit systems.

Malware

100

What is the main goal of ethical hacking?

To find and fix security vulnerabilities

100

This group is often targeted by phishing emails.

Employees or users

100

What is a password manager used for?

To store and manage secure passwords

200

Name one of the OSI model layers.

(Any of the 7: Physical, Data Link, Network, Transport, Session, Presentation, Application)

200

Name a common type of social engineering attack.

Phishing

200

True or False: Ethical hackers need permission before testing systems.

TRUE

200

What is the purpose of security awareness training?

To educate users about threats and safe practices

200

What does DLP stand for?

Data Loss Prevention

300

In a wireless network, this protocol helps secure communication (Hint: WPA3).

Wi-Fi Protected Access 3 (WPA3)

300

This attack involves intercepting data packets in a network.

Packet sniffing or sniffing attack

300

Which tool might an ethical hacker use to scan for open ports?

Nmap

300

What department handles access when an employee leaves the company?

Human Resources or IT Security

300

What’s the difference between authentication and authorization?

Authentication confirms identity; authorization grants access

400

What is the main function of a firewall?

To block unauthorized access while permitting outward communication

400

What does malware stand for, and give one example.

Malicious software; examples: virus, worm, Trojan

400

What is the difference between white hat and black hat hackers?

White hats are ethical/legal; black hats are criminal/illegal

400

What should happen when a user forgets a badge or device?

Report immediately and follow access control procedures

400

Describe an Access Control List (ACL)

A list that specifies which users or systems can access resources

500

Define the Information System Development Life Cycle (SDLC).

A process for planning, creating, testing, and deploying an information system

500

Describe a sniffing attack and how it can be prevented.

A sniffing attack captures network data; use encryption & secure protocols to prevent it

500

What is penetration testing, and why is it useful?

A simulated cyberattack used to test system security and resilience

500

What is the term for documenting how to respond to a data breach?

Incident Response Plan

500

What is the purpose of role-based access control?

To assign access rights based on job roles or responsibilities