Cyber Security : Secure – Cybersecurity Awareness Curriculum MCQ–22264 Set1

This is a set of Cyber Security : Secuware – Cybersecurity Awareness MCQs. Please NOTE that all questions and answers are based on our research and self-study.

01.) In an laaS model, who is primarily responsible for securing the virtual machines?

A.) Cloud service provider
B.) End user
C.) Internet service provider
D.) Hardware manufacturer

02.) Which of the following is an effective method for protecting against phishing attacks?

A.) lgnoring suspicious emails
B.) Implementing email filtering and anti-phishing tools
C.) Using weak passwords
D.) Disabling email encryption

03.) Your web application requires users to log in. What is the simplest method to enhance security for user authentication?

A.) Allow users to use weak passwords
B.) Enforce a minimum password length and complexity
C.) Disable password resets
D.) Use a single fixed password for all users

04.) What is a common security issue in thick client applications?

A.) Poor user interface
B.) Local data storage vulnerabilities
C.) Lack of cloud integration
D.) Slow network speeds

05.) Which activity is crucial during the design phase of the DLC to enhance security?

A.) Conducting code reviews
B.) Implementing user training
C.) Performing threat modeling
D.) Running penetration tests

06.) Which type of testing involves examining the structure and logic of an application’s source code to identify vulnerabilities?

A.) Black Box Testing
B.) White Box Testing
C.) Grey Box Testing
D.) Red Team Testing

07.) Which of the following is NOT a type of scan you can perform with Nessus?

A.) Denial-of-Service (DoS) attack
B.) Credentialed scan
C.) Web application scan
D.) Network scan

08.) You are setting up a virtualized environment using a Type 1 hypervisor for a data center. What is the primary advantage of using a Type 1 hypervisor in this scenario?

A.) It runs on top of an existing operating system
B.) It provides better performance and security since it runs directly on the hardware
C.) lt is easier to install on a desktop computer
D.) It is less expensive than a Type 2 hypervisor

09.) What is the primary function of antivirus software?

A.) To encrypt data
B.) To detect and remove malware
C.) To monitor network traffic
D.) To manage user permissions

10.) What is a security benefit of using virtualization?

A.) Improved graphical performance
B.) Easier management of hardware resources
C.) Isolation of applications and services in separate virtual machines
D.) Faster data processing

11.) How does a polymorphic virus evade detection by traditional antivirus software?

A.) By hiding in the system’s boot sector
B.) By frequently changing its code signature
C.) By encrypting its payload
D.) By replicating itself across multiple files

12.) You are developing a web application where users can upload their profile pictures. What is the best practice to prevent a malicious user from uploading a file that could compromise your server?

A.) Allow any file type to be uploaded since we are implementing authentication and authorization mechanisms
B.) Store the files directly on the web server without any validation
C.) Disable the upload feature entirely
D.) Restrict file types to specific extensions and scan files for malware

13.) Which protocol is commonly used to secure data transmission between a mobile app and its backend server?

A.) HTTP
B.) FTP
C.) SMTP
D.) HTTPS

14.) Which practice is essential for controlling access to cloud storage objects?

A.) Implementing access control lists (ACLs)
B.) Using public URLs for all objects
C.) Disabling logging
D.) Using default security settings

15.) What is the primary purpose of SQL injection in the context of web application security?

A.) To inject malicious code into a server
B.) To gain unauthorized access to a database
C.) To intercept network traffic
D.) To encrypt sensitive data

Must Read:
cyber security cyber security cyber security cyber security

cyber security cyber security cyber security cyber security mcq

Leave a Reply

Your email address will not be published. Required fields are marked *