Question 1: What is a common method used by attackers to gain unauthorized access to

a system or network?
A) Phishing
B) Software patching
C) Encryption
D) Firewall configuration

Answer: A) Phishing
Explanation: Phishing is a common social engineering technique used by attackers to trick
individuals into divulging sensitive information such as usernames, passwords, or financial
data. Attackers often masquerade as trustworthy entities through emails, instant messages, or
fake websites to deceive users into clicking on malicious links or providing confidential
information.

Question 2: Which of the following best describes the principle of least privilege in
cybersecurity?
A) Providing users with the maximum level of access rights to enhance productivity.
B) Granting access to resources based on a user's job role or function to minimize potential
damage from security breaches.
C) Allowing unrestricted access to all network resources to simplify administration.
D) Using multiple layers of security controls to protect sensitive information.

Answer: B) Granting access to resources based on a user's job role or function to

minimize potential damage from security breaches.
Explanation: The principle of least privilege states that users should be granted the minimum
level of access rights or permissions required to perform their job duties. By limiting user
access to only what is necessary, organizations can reduce the risk of unauthorized access,
data breaches, and the potential impact of insider threats.

Question 3: Which of the following encryption algorithms is commonly used for

securing internet communication, including web browsing and email?
A) AES (Advanced Encryption Standard)
B) RSA (Rivest-Shamir-Adleman)
C) MD5 (Message Digest Algorithm 5)
D) SSL/TLS (Secure Sockets Layer/Transport Layer Security)
Answer: D) SSL/TLS (Secure Sockets Layer/Transport Layer Security)
Explanation: SSL/TLS is a cryptographic protocol used to secure internet communication by
encrypting data transmitted between a web browser and a server. It is commonly employed to
provide secure connections for activities such as online banking, e-commerce transactions,
and email communication.

Question 4: What is the primary purpose of a firewall in a network security

infrastructure?
A) To encrypt data transmitted over the network.
B) To prevent unauthorized access to or from a private network.
C) To authenticate users accessing network resources.
D) To detect and remove malware from network devices.

Answer: B) To prevent unauthorized access to or from a private network.

Explanation: Firewalls are network security devices designed to monitor and control
incoming and outgoing traffic based on predetermined security rules. They act as a barrier
between a trusted internal network and untrusted external networks, such as the internet, to
block unauthorized access attempts and protect against various cyber threats.