Domain 4: Network Security (20 Questions)

What is the purpose of a firewall?

A. Detect malware

B. Filter traffic between networks

C. Encrypt sensitive information

D. Manage network bandwidth

Answer: B

What type of attack floods a network to make resources unavailable?

A. Man-in-the-middle

B. Phishing

C. Denial of Service (DoS)

D. Replay

Answer: C

Which protocol encrypts data between a browser and server?

A. FTP

B. HTTP

C. HTTPS

D. Telnet

Answer: C

What is the primary function of a VPN?

A. Secure email communications

B. Provide an encrypted remote-access tunnel

C. Monitor network activity

D. Block unauthorized users

Answer: B

What is the goal of network segmentation?

A. Reduce network congestion

B. Isolate sensitive data/systems

C. Increase encryption efficiency

D. Enhance speed

Answer: B

What device connects network segments?

A. Switch

B. Router

C. Firewall

D. Load Balancer

Answer: B

Which protocol resolves domain names to IPs?

A. HTTP

B. DNS

C. SMTP

D. SNMP

Answer: B

What does an IDS do?

A. Block unauthorized traffic

B. Detect/alert suspicious activity

C. Encrypt communications

D. Filter email spam

Answer: B

Which prevents ARP spoofing?

A. Dynamic IP allocation

B. Static ARP tables

C. NAT

D. Gateway reconfiguration

Answer: B

What is a key benefit of a proxy?

A. Hide internal IPs from external users

B. Block malicious traffic at the packet level

C. Encrypt all network traffic

D. Prevent social media access

Answer: A

What is port scanning?

A. Identify open ports on a device

B. Encrypt incoming traffic

C. Test firewall configurations

D. Block unauthorized IPs

Answer: A

What is the purpose of tools like Wireshark?

A. Test software vulnerabilities

B. Analyze/capture network traffic

C. Encrypt data in transit

D. Configure firewalls

Answer: B

Which control allows traffic based on rules?

A. Intrusion Prevention System (IPS)

B. Firewall

C. Network Access Control (NAC)

D. Honeypot

Answer: B

What is a key advantage of a honeypot?

A. Prevent phishing

B. Attract attackers to identify malicious activity

C. Improve encryption

D. Block brute-force attacks

Answer: B

What is the role of DNSSEC?

A. Secure email

B. Prevent DNS spoofing, ensure integrity

C. Encrypt DNS queries

D. Improve bandwidth

Answer: B

Which protocol provides secure file transfer?

A. FTP

B. SFTP

C. Telnet

D. HTTP

Answer: B

What type of attack alters communications?

A. Man-in-the-middle

B. DoS

C. Social engineering

D. Replay

Answer: A

What is the function of NAC?

A. Encrypt sensitive traffic

B. Enforce device security policies

C. Prevent malware

D. Monitor unauthorized logins

Answer: B

Which wireless security protocol is most secure?

A. WEP

B. WPA

C. WPA2

D. WPA3

Answer: D

What is the purpose of VLANs?

A. Increase speed

B. Segment/isolate traffic for security

C. Encrypt all traffic

D. Prevent malware

Answer: B

Patreon Support:

https://www.patreon.com/DecodedPodcast

Domain 3: Access Control Concepts

A. Security guards

B. Biometric authentication

C. Passwords

D. Fire alarms

Answer: C

A. Two or more forms of authentication from different categories

B. The same password used in multiple places

C. Multiple users authenticating simultaneously

D. A combination of encryption methods

Answer: A

A. Discretionary Access Control (DAC)

B. Role-Based Access Control (RBAC)

C. Attribute-Based Access Control (ABAC)

D. Mandatory Access Control (MAC)

Answer: B

A. Attribute-Based Access Control (ABAC)

B. Role-Based Access Control (RBAC)

C. Mandatory Access Control (MAC)

D. Discretionary Access Control (DAC)

Answer: A

A. Discretionary Access Control (DAC)

B. Role-Based Access Control (RBAC)

C. Mandatory Access Control (MAC)

D. Attribute-Based Access Control (ABAC)

Answer: C

A. Giving users only necessary permissions

B. Allowing administrators unlimited access

C. Preventing user account creation

D. Implementing mandatory security clearances

Answer: A

A. Granted only during specific hours

B. Determined by user role

C. Restricted to known locations

D. Granted after authentication expires

Answer: A

A. Firewall

B. Directory Service

C. Proxy Server

D. Load Balancer

Answer: B

A. Brute force

B. Replay attack

C. Session hijacking

D. Phishing

Answer: C

A. Discretionary Access Control (DAC)

B. Mandatory Access Control (MAC)

C. Role-Based Access Control (RBAC)

D. Attribute-Based Access Control (ABAC)

Answer: A

A. Encrypt files

B. Enforce secure password creation/management

C. Monitor login attempts

D. Limit account creation

Answer: B

A. Password

B. Smart card

C. Biometrics

D. PIN

Answer: B

A. Loss of password integrity

B. Violation of encryption standards

C. Increased bandwidth usage

D. Unauthorized access

Answer: D

A. Block malicious traffic

B. Prevent brute force attacks

C. Encrypt sensitive data

D. Monitor login attempts

Answer: B

A. Attribute-Based Access Control (ABAC)

B. Role-Based Access Control (RBAC)

C. Mandatory Access Control (MAC)

D. Discretionary Access Control (DAC)

Answer: A

A. Enhance encryption

B. Verify physical characteristics

C. Monitor network traffic

D. Backup critical data

Answer: B

A. Privilege escalation

B. Time-bound access

C. User provisioning

D. Conditional access

Answer: B

A. Malware

B. Social engineering

C. Phishing

D. Keylogging

Answer: B

A. Multi-factor authentication

B. Password history policies

C. Single sign-on

D. Encryption

Answer: B

A. Block unauthorized users

B. Record access attempts

C. Update user roles

D. Enforce encryption

Answer: B

A. Detect malware

B. Filter traffic between networks

C. Encrypt sensitive information

D. Manage bandwidth

Answer: B

A. Man-in-the-middle

B. Phishing

C. Denial of Service (DoS)

D. Replay

Answer: C

Domain 2: Business Continuity

What is the goal of a Business Continuity Plan (BCP)?

A. Test incident response capabilities

B. Ensure critical business functions continue during a disruption

C. Mitigate cybersecurity vulnerabilities

D. Monitor system performance

Answer: B

Key outcome of a Business Impact Analysis (BIA):

A. Identifying threats

B. Prioritizing critical systems and processes

C. Writing security policies

D. Testing disaster recovery systems

Answer: B

Part of a disaster recovery plan:

A. Incident detection methods

B. Recovery time objectives (RTOs)

C. Employee training manuals

D. Physical security controls

Answer: B

Recovery Point Objective (RPO):

A. Maximum downtime for critical systems

B. Maximum tolerable data loss

C. Time to detect a security incident

D. Frequency of backups

Answer: B

Test simulating a disaster to evaluate response plans:

A. Tabletop exercise

B. Walkthrough drill

C. Full-scale test

D. Functional test

Answer: C

Goal of high availability:

A. Continuous system access

B. Improved system integrity

C. Increased network security

D. Encrypted communication

Answer: A

Backup type copying data changed since the last full backup:

A. Full backup

B. Incremental backup

C. Differential backup

D. Mirror backup

Answer: B

Purpose of redundancy in business continuity:

A. Reduce costs

B. Ensure system reliability

C. Improve encryption

D. Eliminate testing

Answer: B

Alternate site fully operational during a disaster:

A. Hot site

B. Warm site

C. Cold site

D. Shadow site

Answer: A

Difference between disaster recovery and business continuity:

A. Disaster recovery focuses on technology; business continuity on processes.

B. Disaster recovery focuses on processes; business continuity on compliance.

C. Disaster recovery is part of business continuity.

D. They are unrelated.

Answer: C

Purpose of a contingency plan:

A. Steps to respond to unexpected events

B. Methods to eliminate risks

C. Techniques for improving software development

D. Guidelines for encryption protocols

Answer: A

Concept reducing disruption impact by relocating operations:

A. Data recovery

B. Risk mitigation

C. Disaster recovery

D. Continuity of operations

Answer: D

Tool estimating disruption probability and impact:

A. Penetration test

B. Business Impact Analysis (BIA)

C. Security assessment

D. Threat model

Answer: B

Tabletop exercise:

A. Simulated, non-physical test of plans

B. Full activation of business continuity protocols

C. Automated system backup

D. Incident monitoring solution

Answer: A

Ensures data recovery after a disaster:

A. Firewalls

B. Backups

C. Multi-factor authentication

D. Encryption

Answer: B

Document outlining roles during an incident:

A. Business Impact Analysis

B. Disaster Recovery Plan

C. Incident Response Plan

D. Access Control Policy

Answer: C

Difference between RTO and RPO:

A. RTO = downtime; RPO = data loss tolerance.

B. RTO = business processes; RPO = system availability.

C. RTO = mitigation; RPO = recovery.

D. They are identical.

Answer: A

System ensuring uninterrupted power during disasters:

A. UPS (Uninterruptible Power Supply)

B. Load balancer

C. Firewall

D. Proxy server

Answer: A

Purpose of a warm site:

A. Immediate failover

B. Partial functionality with setup required

C. Basic physical location without equipment

D. Duplicates live systems for seamless recovery

Answer: B

Process evaluating disaster recovery plan effectiveness:

A. Penetration testing

B. Backup monitoring

C. Plan testing and exercises

D. Incident response

Answer: C

Domain 1: Security Principles

1. Which part of the CIA triad ensures data is accessible when needed?

A. Confidentiality

B. Integrity

C. Availability

D. Authentication

Answer: C. Availability

2. What is the main purpose of confidentiality in information security?

A. To ensure data is free from errors

B. To ensure only authorized parties can access data

C. To ensure data is accessible when needed

D. To enforce accountability

Answer: B. To ensure only authorized parties can access data

3. Which security principle ensures data has not been altered during transmission?

A. Integrity

B. Confidentiality

C. Availability

D. Accountability

Answer: A. Integrity

4. Which of the following is considered a preventive control?

A. Firewall

B. Audit log

C. Incident response plan

D. Backup

Answer: A. Firewall

5. What does the principle of least privilege entail?

A. Users should have the maximum access possible.

B. Users should only have access necessary for their role.

C. All access should be denied by default.

D. Users should share accounts.

Answer: B. Users should only have access necessary for their role.

6. A policy requiring two people to approve a critical action is an example of:

A. Separation of duties

B. Job rotation

C. Least privilege

D. Defense in depth

Answer: A. Separation of duties

7. Encryption is primarily used to achieve:

A. Availability

B. Confidentiality

C. Integrity

D. Accountability

Answer: B. Confidentiality

8. Which of the following describes a threat?

A. A weakness in a system

B. A potential danger to a system

C. A measure taken to reduce risk

D. A way to detect vulnerabilities

Answer: B. A potential danger to a system

9. What is a vulnerability?

A. A measure to counteract a threat

B. A weakness in a system that can be exploited

C. A probability of a threat occurring

D. A risk to the system

Answer: B. A weakness in a system that can be exploited

10. What type of risk cannot be fully eliminated but must be accepted?

A. Avoidable risk

B. Residual risk

C. Inherent risk

D. Mitigated risk

Answer: B. Residual risk

11. Which of the following is an example of a physical control?

A. Firewall rules

B. Biometric scanners

C. Encryption algorithms

D. Password policies

Answer: B. Biometric scanners

12. What is an example of a deterrent control?

A. Security guards

B. Data backup

C. Antivirus software

D. Incident response

Answer: A. Security guards

13. What is the purpose of defense in depth?

A. To focus all efforts on a single strong control

B. To layer multiple security measures

C. To ensure faster access to data

D. To eliminate risks completely

Answer: B. To layer multiple security measures

14. Social engineering attacks primarily target:

A. Software vulnerabilities

B. Network protocols

C. Human behavior

D. Encryption mechanisms

Answer: C. Human behavior

15. Which of the following is an example of social engineering?

A. Sending a phishing email

B. Exploiting a software bug

C. Performing a man-in-the-middle attack

D. Cracking a password hash

Answer: A. Sending a phishing email

16. What is the primary goal of risk assessment?

A. To eliminate all risks

B. To identify and prioritize risks

C. To design security controls

D. To monitor security incidents

Answer: B. To identify and prioritize risks

17. Which type of attack involves overwhelming a network with traffic?

A. Phishing

B. Ransomware

C. Denial of Service (DoS)

D. Keylogging

Answer: C. Denial of Service (DoS)

18. What is the primary purpose of policies in cybersecurity?

A. To replace technical controls

B. To provide guidelines and expectations

C. To replace monitoring systems

D. To enforce compliance

Answer: B. To provide guidelines and expectations

19. A brute-force attack targets:

A. The user’s personal details

B. Guessing passwords systematically

C. Exploiting a software vulnerability

D. Social manipulation

Answer: B. Guessing passwords systematically

20. What type of malware encrypts files and demands payment for their release?

A. Spyware

B. Ransomware

C. Worm

D. Trojan

Answer: B. Ransomware

Explore the critical aspects of cybersecurity risk management, including how to identify, assess, mitigate, and monitor cyber threats effectively. This episode highlights the importance of a holistic, organization-wide approach to managing risks, with a focus on frameworks like the NIST Cybersecurity Framework as a guide. Discover the value of continuous monitoring and adaptation to stay ahead of evolving threats and regulations. We compare a detailed breakdown of the risk management process with a concise overview of its essential elements, offering actionable insights for organizations of all sizes.

YouTube transcripts delve into ethical hacking and penetration testing. One transcript outlines the phases of a penetration test, including reconnaissance, scanning, gaining access, maintaining access, and clearing tracks. Another transcript emphasizes the skills and certifications required for ethical hacking, such as operating system knowledge and proficiency in programming languages. Several segments cover specific hacking tools and techniques, including keyloggers, SQL injection, and VPNs. Finally, some transcripts discuss various types of security audits (black box, white box, gray box) and explore the use of Kali Linux for penetration testing.

Join us as we delve into the world of cybersecurity incidents, exploring real-world case studies that highlight the evolving threat landscape. In this episode, we'll examine some of the most significant cyber attacks, including the infamous WannaCry ransomware attack. We'll discuss how WannaCry exploited a vulnerability in Windows, impacting over 230,000 computers across 150 countries, and disrupting operations in hospitals, government agencies, and businesses. We'll also explore the broader implications of ransomware, a type of malicious software that locks a victim's data and demands a ransom.

This podcast episode explains the Zero Trust security framework, emphasizing its core principle of "never trust, always verify." The episode details how Zero Trust works by continuously authenticating users and devices, minimizing damage from breaches through segmentation and least privilege access, and leveraging automation and AI for threat detection. It highlights the framework's importance in addressing modern cybersecurity challenges like ransomware and supply chain attacks, while also providing a practical, phased implementation approach. Finally, the podcast stresses that Zero Trust is not merely a trend but a crucial element for effective cybersecurity in today's environment.

This OWASP document details a structured approach to application threat modeling. It outlines a four-step process: scoping the work, identifying threats (using methods like STRIDE), determining countermeasures and mitigation strategies, and assessing the completed work. The process emphasizes understanding the application from an attacker's perspective to proactively address security risks. Examples and templates are provided to guide users through each step, resulting in a comprehensive threat model document for the application. The document also explains how threat modeling complements code reviews.

This podcast will discuss the evolving landscape of cloud security. Wiz's article details numerous risks, threats, and challenges associated with cloud environments, offering mitigation strategies for issues like data breaches and insecure configurations. The CSA excerpt highlights the 2024 Thales Cloud Security Study, emphasizing the increasing complexity of multi-cloud environments, the rise in cloud-targeted attacks, and the importance of proactive security measures, particularly improved encryption practices and stronger IAM. The Fortinet-sponsored report excerpt focuses on the challenges and trends of hybrid and multi-cloud adoption in 2025, stressing the need for unified security platforms to address the skills gap and improve threat detection in complex environments. All three sources converge on the critical need for robust security measures to protect data and infrastructure in increasingly dynamic cloud environments.