Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
CTAINASL_Week 1
| Question | Answer |
|---|---|
| True or False: Confidentiality mainly protects sensitive information from unauthorized access or disclosure. | True |
| True or False: Integrity focuses on making sure data remains accessible whenever users need it. | False. Integrity ensures that data remains unchanged and uncorrupted during storage, transmission, or processing. Availability is the concept that focuses on accessibility and usability when needed. |
| True or False: Availability means systems, networks, and data must be usable and accessible when required. | True |
| True or False: Authentication is the process of granting access permissions after a user logs in. | False. Authentication verifies the identity of an individual or system. Authorization is the process of granting or denying access rights and permissions. |
| True or False: Authorization can only happen after a user or system has been authenticated. | True |
| True or False: Risk assessment is only performed after a security incident has already occurred. | False. Risk assessment is the process of identifying, assessing, and prioritizing possible risks and vulnerabilities before they cause serious impact. |
| True or False: A threat is any possible danger or hazard that can exploit a vulnerability and harm systems, data, or operations. | True |
| True or False: A vulnerability is the attacker who performs malicious activity against a system. | False. A vulnerability is a weakness or flaw in systems, networks, or processes that can be exploited by threats. |
| True or False: Malware refers only to computer viruses and does not include ransomware, spyware, worms, or Trojans. | False. Malware includes viruses, worms, ransomware, spyware, Trojans, and other malicious software or code. |
| True or False: A firewall controls incoming and outgoing network traffic based on predetermined security rules. | True |
| True or False: Encryption removes data from a system so attackers cannot recover it. | False. Encryption converts data into a coded form to prevent unauthorized access or interception during storage or transmission. |
| True or False: An Intrusion Detection System monitors network or system activities to detect possible security breaches or unauthorized access attempts. | True |
| True or False: An IDS primarily prevents every attack before it reaches the network. | False. An IDS detects and alerts administrators or triggers automated responses when suspicious activity is identified. Prevention is not its main definition. |
| True or False: Patching is the process of applying software updates or fixes to address known vulnerabilities. | True |
| True or False: Social engineering depends mainly on breaking encryption algorithms. | False. Social engineering manipulates people using psychological tactics to reveal information, perform actions, or bypass security controls. |
| True or False: Phishing is a type of social engineering where attackers impersonate trusted entities to trick users into giving sensitive information. | True |
| True or False: Phishing usually involves deceptive emails or websites pretending to be legitimate organizations. | True |
| True or False: Protecting sensitive information is one reason security is important in the digital age. | True |
| True or False: Privacy is no longer a major concern because digital systems make information easier to access. | False. Privacy has become a significant concern in the digital age because large amounts of personal and sensitive information are stored and transmitted electronically. |
| True or False: Cyber threats such as malware, ransomware, phishing, and hacking have become more sophisticated and common. | True |
| True or False: Business continuity is unrelated to cybersecurity because security breaches only affect technical teams. | False. Security breaches can cause operational downtime, financial losses, reputational damage, and loss of customer trust. |
| True or False: Critical infrastructure such as power grids, transportation networks, and healthcare systems must be protected because they increasingly rely on interconnected digital systems. | True |
| True or False: Trust and confidence in a digital ecosystem can be supported by prioritizing security measures. | True |
| True or False: Intellectual property is considered less valuable in the digital age because it can be copied easily. | False. Intellectual property remains a valuable asset for individuals and organizations and must be protected. |
| True or False: Basic security terminology provides a shared language for discussing and implementing security practices. | True |
| True or False: The threat environment includes cyber threats, physical threats, and internal threats. | True |
| True or False: Threat motivations are limited to financial gain only. | False. Threat motivations may include financial gain, political motivations, espionage, and other objectives. |
| True or False: Threats can cause financial losses, reputational damage, and operational disruption to organizations. | True |
| True or False: Emerging threats in the digital landscape include IoT vulnerabilities and nation-state attacks. | True |
| True or False: Risk management and mitigation strategies are important because they help organizations address the threat environment. | True |
| True or False: Security controls and countermeasures are used to reduce risks created by threats. | True |
| True or False: Incident response planning only matters after all systems have permanently failed. | False. Incident response planning helps organizations mitigate and recover from security incidents. |
| True or False: Employee awareness and training can help prevent and reduce the impact of threats. | True |
| True or False: Addressing the threat environment requires only the IT department and does not involve collaboration. | False. Addressing the threat environment requires collaborative efforts such as information sharing and public private partnerships. |
| True or False: Industry standards and best practices help organizations manage and mitigate threats. | True |
| True or False: Continuous monitoring and adaptation are necessary because the threat landscape continues to evolve. | True |
| True or False: Confidentiality, integrity, and availability are separate ideas, but together they support the protection of information systems. | True |
| True or False: If data is encrypted but no longer accessible to authorized users when needed, availability may still be violated. | True |
| True or False: If an attacker changes stored records without permission, the main security principle affected is integrity. | True |
| True or False: If a legitimate user cannot access a required system during business hours, the issue is primarily confidentiality. | False. The issue is primarily availability because the system is not accessible or usable when needed. |
| True or False: If a user enters a correct password, the system has performed authorization. | False. Entering and verifying a correct password is authentication. Authorization determines what the authenticated user is allowed to access. |
| True or False: A weak password policy can be considered a vulnerability because it may be exploited by threats. | True |
| True or False: A deceptive website pretending to be a bank and asking for login credentials is an example of phishing. | True |
| True or False: Applying patches can improve security because it addresses known weaknesses in software or systems. | True |
| True or False: A firewall and encryption have the same purpose because both convert data into unreadable code. | False. Encryption converts data into coded form. A firewall monitors and controls network traffic based on security rules. |
| True or False: A threat becomes more dangerous when it can exploit an existing vulnerability. | True |
Created by:
MamurMD