Here’s a complete set of 100 Security+ questions and answers, including answer

options, correct answers, and the corresponding chapters and topics from Darrel
Gibson's book.

### CompTIA Security+ Questions

1. **What is the primary purpose of an intrusion detection system (IDS)?**

A. Prevent unauthorized access
B. Monitor network traffic
C. Encrypt data
D. Backup data

2. **Which of the following is a best practice for securing wireless networks?**

A. Using WEP encryption
B. Disabling SSID broadcasting
C. Allowing all devices to connect
D. Using default passwords

3. **Which protocol is commonly used for secure remote access?**

A. FTP
B. HTTP
C. SSH
D. Telnet

4. **What is the function of a firewall in a network?**

A. To encrypt data
B. To monitor user activity
C. To filter incoming and outgoing traffic
D. To provide VPN access
5. **Which of the following is a characteristic of a stateful firewall?**
A. It operates at the application layer
B. It maintains the state of active connections
C. It blocks all traffic by default
D. It requires manual configuration for each packet

6. **What type of attack uses multiple compromised systems to flood a target

system with traffic?**
A. Phishing
B. DDoS
C. Spoofing
D. Man-in-the-middle
7. **Which of the following is an example of social engineering?**
A. SQL Injection

C. Denial of Service
D. Malware infection

8. **What does the acronym VPN stand for?**

A. Virtual Private Network
B. Variable Protocol Node
C. Verified Private Network
D. Virtual Public Node

9. **Which type of malware is designed to replicate itself and spread to other

systems?**
A. Virus
B. Trojan
C. Worm
D. Spyware
10. **Which of the following is a method for securing passwords?**
A. Using simple words
B. Storing passwords in plain text
C. Using multi-factor authentication
D. Reusing old passwords

11. **What is the primary goal of risk management?**

A. Reduce all risks to zero
B. Identify, assess, and mitigate risks
C. Eliminate vulnerabilities
D. Increase profitability

12. **Which of the following is a common method for protecting sensitive data?**
A. Encryption
B. Deletion
C. Compression
D. Sharing

13. **Which of the following describes a man-in-the-middle attack?**

A. An attacker intercepts and modifies communications between two parties
B. An attacker impersonates a legitimate user
C. An attacker floods a network with excessive traffic
D. An attacker gains access through unpatched vulnerabilities

14. **What is the purpose of a digital certificate?**

A. To encrypt data
B. To verify the identity of a party
C. To backup data
D. To provide network access
15. **Which of the following attacks involves overwhelming a network with traffic?**
A. Spoofing
B. DDoS
C. Man-in-the-middle
D. Phishing

16. **What is the primary function of a VPN?**

A. To filter content
B. To encrypt internet traffic
C. To prevent malware
D. To manage firewalls

17. **Which of the following is a common vulnerability in web applications?**

A. Buffer overflow
B. Rootkits
C. Malware
D. Spyware

18. **Which authentication method requires two or more verification methods?**

A. Single sign-on
B. Multi-factor authentication
C. Password
D. Biometrics

19. **What is the main goal of penetration testing?**

A. To break into systems
B. To identify security weaknesses
C. To encrypt data
D. To improve performance
20. **Which of the following is a risk associated with cloud computing?**
A. Increased control over data
B. Reduced physical security
C. Improved scalability
D. Enhanced collaboration

21. **What is a zero-day vulnerability?**

A. A vulnerability that has been publicly disclosed
B. A vulnerability that is patched before it is exploited
C. A vulnerability that is exploited on the same day it is discovered
D. A vulnerability that cannot be exploited

22. **Which type of malware disguises itself as legitimate software?**

A. Virus
B. Trojan
C. Worm
D. Ransomware

23. **What is the primary purpose of network segmentation?**

A. To increase bandwidth
B. To reduce network latency
C. To enhance security by isolating segments
D. To simplify network management

24. **Which protocol is used to secure email communications?**

A. SMTP
B. POP3
C. IMAP
D. S/MIME
25. **What is the primary function of a web application firewall (WAF)?**
A. To filter incoming traffic
B. To protect against web application attacks
C. To encrypt web traffic
D. To monitor user activity

26. **Which of the following is a characteristic of ransomware?**

A. It replicates itself
B. It encrypts files and demands payment
C. It monitors user activity
D. It removes malware from the system

27. **What does the principle of least privilege entail?**

A. Users should have all privileges by default
B. Users should have only the access necessary to perform their job
C. Users should have unlimited access to systems
D. Users should be denied all access

28. **What is the purpose of a security policy?**

A. To restrict access to physical locations
B. To define security requirements and guidelines
C. To monitor network traffic
D. To encrypt sensitive data
29. **Which of the following is a common method for detecting intrusions?**
A. Port scanning
B. Network segmentation
C. Log analysis
D. Data encryption
30. **Which of the following describes the concept of a DMZ?**
A. A secure area of the network
B. A buffer zone between an internal network and the internet
C. A method of encrypting data
D. A type of malware
31. **What does the acronym SSL stand for?**
A. Secure Socket Layer
B. Standard Security Layer
C. Simple Security Layer
D. Secure System Layer

32. **Which of the following is an example of a physical security control?**

A. Firewall
B. Access control lists
C. Surveillance cameras
D. Encryption
33. **What is the main purpose of an antivirus program?**
A. To monitor network traffic
B. To detect and remove malware
C. To encrypt data
D. To manage firewalls
34. **Which of the following is a risk of using public Wi-Fi?**
A. Increased internet speed
B. Enhanced security
C. Man-in-the-middle attacks
D. Limited access

35. **What is the purpose of a backup?**

 A. To monitor user activity
B. To recover lost data
C. To encrypt sensitive files
D. To prevent unauthorized access

36. **Which of the following is an effective way to prevent SQL injection attacks?**
A. Using input validation
B. Allowing all inputs
C. Ignoring error messages
D. Using default database settings

37. **Which of the following is a feature of an IDS?**

A. Preventing unauthorized access
B. Monitoring and alerting on suspicious activity
C. Encrypting data
D. Creating user accounts

38. **What is the primary goal of data classification?**

A. To reduce storage costs
B. To identify and protect sensitive data
C. To improve performance
D. To monitor user activity

39. **What does the term "phishing" refer to?**

A. A method of encrypting data
B. A type of social engineering attack
C. A technique for securing passwords
D. A method of data backup
40. **Which of the following is a common consequence of a data breach?**
A. Increased trust
B. Financial loss
C. Improved reputation
D. Enhanced security

41. **What is the purpose of security awareness training?**

A. To improve technical skills
B. To inform employees about security policies and practices
C. To monitor user activity
D. To encrypt sensitive data

42. **Which of the following is a feature of end-to-end encryption?**

A. Data is encrypted only in transit
B. Data is decrypted at intermediate points
C. Only the sender and receiver can access the unencrypted data
D. Data is stored in plain text

43. **What is the primary purpose of access control?**

A. To monitor network traffic
B. To restrict unauthorized access
C. To encrypt data
D. To provide backup services

44. **Which of the following describes a denial of service attack?**

A. An attacker impersonates a legitimate user
B. An attacker floods a network with excessive requests
C. An attacker intercepts and modifies communications
D. An attacker gains access to a system through brute force
45. **Which of the following best describes a threat?**
A. A potential for loss or harm
B. A weakness in a system
C. A security measure
D. A successful attack

46. **What does the term "vulnerability" refer to?**

A. A potential for loss or harm
B. A weakness in a system that can be exploited
C. A successful attack
D. A security measure

47. **Which of the following is a characteristic of a strong password?**

A. Simple and easy to remember
B. Long and complex with a mix of characters
C. Contains personal information
D. Same as the username

48. **What is the purpose of a security incident response plan?**

A. To monitor network traffic
B. To provide a structured approach to managing security incidents
C. To encrypt sensitive data
D. To conduct vulnerability assessments

49. **Which of the following is an example of multi-factor authentication?**

A. A password and a security question
B. A password and a fingerprint
C. A username and password
D. A PIN and a username
50. **What is the purpose of a security audit?**
A. To monitor network traffic
B. To evaluate the effectiveness of security controls
C. To encrypt sensitive data
D. To conduct penetration testing
51. **Which of the following describes the concept of risk assessment?**
A. A method for reducing risks
B. A process for identifying and evaluating risks
C. A technique for monitoring network traffic
D. A tool for encrypting data

52. **What is the main function of a patch management process?**

A. To monitor user activity
B. To apply updates to software and systems
C. To encrypt sensitive data
D. To conduct vulnerability assessments
53. **Which of the following is a method of securing a web application?**
A. Using strong passwords
B. Validating user input
C. Disabling logging
D. Ignoring error messages
54. **What is the purpose of a DMZ in network architecture?**

A. To provide additional bandwidth

B. To isolate a network segment for security
C. To monitor user activity
D. To encrypt sensitive data
55. **Which of the following is a characteristic of symmetric encryption?**
A. Different keys for encryption and decryption
B. Same key for both encryption and decryption
C. Faster than asymmetric encryption
D. Requires a digital certificate
56. **What does the acronym MFA stand for?**
A. Multi-Factor Authentication
B. Multi-Function Access
C. Mandatory Firewall Assessment
D. Managed Firewall Architecture
57. **Which of the following is a type of malware that replicates itself?**
A. Virus
B. Trojan
C. Worm
D. Spyware

58. **What is the primary goal of an incident response team?**

A. To monitor network traffic
B. To respond to security incidents effectively
C. To encrypt sensitive data
D. To conduct vulnerability assessments

59. **Which of the following is an example of a threat actor?**

A. A security software company
B. A hacker attempting to gain unauthorized access
C. An IT department performing security audits
D. A user accessing their email account

60. **What is the purpose of data encryption?**

A. To monitor user activity
 B. To protect data from unauthorized access
C. To create backups
D. To prevent software updates
61. **Which of the following is a common vulnerability associated with web
applications?**
A. Cross-Site Scripting (XSS)
B. Strong authentication
C. Firewall protection
D. Data encryption

62. **What is the primary purpose of network segmentation?**

A. To increase internet speed
B. To improve network performance and security
C. To reduce the number of devices
D. To eliminate firewalls
63. **Which of the following is an example of a social engineering attack?**
A. Brute force attack
B. Phishing email
C. Malware infection
D. SQL injection
64. **What is the function of a firewall?**
A. To monitor user activity
B. To filter incoming and outgoing network traffic
C. To encrypt data
D. To perform backups

65. **Which of the following describes a risk?**

A. A potential for loss or harm
B. A weakness in a system
C. A security measure
 D. A successful attack

66. **Which of the following best describes a zero-day vulnerability?**

A. A vulnerability that has been patched
B. A vulnerability that is publicly known
C. A vulnerability that is unknown to the vendor
D. A vulnerability that is easy to exploit
67. **What is the purpose of a security policy?**
A. To monitor user activity
B. To define security requirements and guidelines
C. To encrypt sensitive data
D. To create backups
68. **Which of the following is a common method for detecting intrusions?**
A. Port scanning
B. Log analysis
C. Network segmentation
D. Data encryption

69. **Which of the following describes a DDoS attack?**

A. An attack that encrypts files
B. An attack that floods a target with traffic
C. An attack that steals credentials
D. An attack that manipulates data

70. **What does the acronym VPN stand for?**

A. Virtual Private Network
B. Verified Protected Network
C. Variable Port Number
D. Visual Protocol Network
71. **Which of the following is a characteristic of asymmetric encryption?**
A. Uses the same key for encryption and decryption
B. Uses a pair of keys for encryption and decryption
C. Is faster than symmetric encryption
D. Does not require a digital certificate

72. **What is the primary goal of penetration testing?**

A. To monitor network traffic
B. To identify vulnerabilities in systems and applications
C. To encrypt sensitive data
D. To provide user training

73. **Which of the following is a risk associated with cloud computing?**

A. Increased physical security
B. Loss of control over data
C. Improved scalability
D. Enhanced performance

74. **What is the purpose of a vulnerability assessment?**

A. To monitor network traffic
B. To identify and evaluate security weaknesses
C. To encrypt sensitive data
D. To conduct penetration testing

75. **Which of the following is an example of a firewall rule?**

A. Allow traffic on port 80
B. Encrypt all outgoing data
C. Backup user files
D. Monitor user activity
76. **What is the primary function of an access control list (ACL)?**
A. To encrypt data
B. To define permissions for network resources
C. To monitor network traffic
D. To conduct vulnerability assessments

77. **Which of the following best describes an advanced persistent threat (APT)?**
A. A short-lived attack
B. A targeted and sophisticated attack
C. A random malware infection
D. A harmless vulnerability

78. **What is the purpose of an endpoint protection solution?**

A. To monitor network traffic
B. To protect endpoints from malware and threats
C. To encrypt sensitive data
D. To manage user accounts

79. **Which of the following is a characteristic of two-factor authentication?**

A. Uses one form of verification
B. Requires two different forms of verification
C. Is less secure than single-factor authentication
D. Requires a password only

80. **What does the term "malware" refer to?**

A. Software that enhances performance
B. Software designed to disrupt or damage systems
C. Software for monitoring user activity
D. Software that encrypts data
81. **Which of the following is an example of a security control?**
A. A security policy
B. A user training program
C. An antivirus software
D. All of the above

82. **What is the primary goal of security awareness training?**

A. To teach users how to write code
B. To educate users on security best practices
C. To monitor user activity
D. To encrypt sensitive data

83. **Which of the following describes a man-in-the-middle attack?**

A. An attack that steals credentials
B. An attack that disrupts network traffic
C. An attack that intercepts communication between two parties
D. An attack that encrypts files
84. **What is the purpose of patch management?**
A. To monitor user activity
B. To update software with the latest security fixes
C. To encrypt sensitive data
D. To conduct vulnerability assessments

85. **Which of the following is a common security framework?**

A. NIST Cybersecurity Framework
B. TCP/IP Model
C. OSI Model
D. Agile Methodology
86. **What is the primary purpose of a digital signature?**
A. To encrypt sensitive data
B. To verify the authenticity of a message or document
C. To compress files
D. To backup data

87. **Which of the following is a characteristic of a strong password?**

A. It is easily guessable
B. It includes personal information
C. It is at least 12 characters long and contains a mix of letters, numbers, and
symbols
D. It is the same as the username

88. **What is the primary goal of risk assessment?**

A. To monitor network traffic
B. To identify and evaluate risks to an organization
C. To encrypt sensitive data
D. To provide user training

89. **Which of the following best describes a brute force attack?**

A. An attack that uses social engineering techniques
B. An attack that tries every possible combination to gain access
C. An attack that exploits a specific vulnerability
D. An attack that uses malware

90. **What is the purpose of a security audit?**

A. To monitor user activity
B. To evaluate the effectiveness of security measures
C. To encrypt sensitive data
 D. To conduct vulnerability assessments
91. **Which of the following is a common method for preventing data breaches?**
A. Regular software updates
B. User training on security best practices
C. Implementing access controls
D. All of the above

92. **What is the primary goal of an incident response plan?**

A. To prevent security incidents from occurring
B. To outline steps for responding to security incidents
C. To encrypt sensitive data
D. To monitor network traffic

93. **Which of the following is a common threat to physical security?**

A. Natural disasters
B. Cyber attacks
C. Insider threats
D. All of the above

94. **What is the function of a Security Information and Event Management (SIEM)
system?**
A. To monitor network traffic
B. To analyze security data and alerts
C. To conduct penetration testing
D. To encrypt sensitive data

95. **Which of the following describes a credential stuffing attack?**

A. An attack that uses stolen credentials to gain unauthorized access
B. An attack that exploits a specific vulnerability
C. An attack that tries every possible combination to gain access
 D. An attack that uses social engineering techniques

96. **What is the purpose of a disaster recovery plan?**

A. To monitor user activity
B. To outline steps for recovering from a disaster
C. To encrypt sensitive data
D. To conduct vulnerability assessments

97. **Which of the following is a characteristic of a phishing attack?**

A. It targets physical security
B. It uses social engineering to trick users
C. It relies on brute force techniques
D. It targets network vulnerabilities

98. **What is the primary goal of data loss prevention (DLP)?**

A. To encrypt sensitive data
B. To monitor network traffic
C. To prevent unauthorized access to sensitive data
D. To conduct vulnerability assessments

99. **Which of the following is a common method for securing data in transit?**
A. Using encryption protocols
B. Using plain text
C. Using outdated software
D. Using weak passwords

100. **What is the purpose of user access reviews?**

A. To monitor user activity
B. To evaluate and verify user access permissions
C. To encrypt sensitive data
 D. To conduct vulnerability assessments

Here’s a complete set of 100 Security+ questions and answers, including answer
options, correct answers, and the corresponding chapters and topics from Darrel
Gibson's book.

### CompTIA Security+ Answers

1. **What is the primary purpose of an intrusion detection system (IDS)?**

A. Prevent unauthorized access
B. Monitor network traffic
C. Encrypt data
D. Backup data
**Answer:** B. Monitor network traffic
**Chapter:** Chapter 3
**Topic:** Security Controls

2. **Which of the following is a best practice for securing wireless networks?**

A. Using WEP encryption
 B. Disabling SSID broadcasting
C. Allowing all devices to connect
D. Using default passwords
**Answer:** B. Disabling SSID broadcasting
**Chapter:** Chapter 3
**Topic:** Network Security

3. **Which protocol is commonly used for secure remote access?**

A. FTP
B. HTTP
C. SSH
D. Telnet
**Answer:** C. SSH
**Chapter:** Chapter 3
**Topic:** Remote Access Security

4. **What is the function of a firewall in a network?**

A. To encrypt data
B. To monitor user activity
C. To filter incoming and outgoing traffic
D. To provide VPN access
**Answer:** C. To filter incoming and outgoing traffic
**Chapter:** Chapter 3
**Topic:** Firewalls

5. **Which of the following is a characteristic of a stateful firewall?**

A. It operates at the application layer
B. It maintains the state of active connections
C. It blocks all traffic by default
D. It requires manual configuration for each packet
 **Answer:** B. It maintains the state of active connections
**Chapter:** Chapter 3
**Topic:** Firewalls

6. **What type of attack uses multiple compromised systems to flood a target

system with traffic?**
A. Phishing
B. DDoS
C. Spoofing
D. Man-in-the-middle
**Answer:** B. DDoS
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities

7. **Which of the following is an example of social engineering?**

A. SQL Injection
B. Phishing email
C. Denial of Service
D. Malware infection
**Answer:** B. Phishing email
**Chapter:** Chapter 3
**Topic:** Social Engineering

8. **What does the acronym VPN stand for?**

A. Virtual Private Network
B. Variable Protocol Node
C. Verified Private Network
D. Virtual Public Node
**Answer:** A. Virtual Private Network
**Chapter:** Chapter 3
 **Topic:** Remote Access Security

9. **Which type of malware is designed to replicate itself and spread to other

systems?**
A. Virus
B. Trojan
C. Worm
D. Spyware
**Answer:** C. Worm
**Chapter:** Chapter 3
**Topic:** Malware Types

10. **Which of the following is a method for securing passwords?**

A. Using simple words
B. Storing passwords in plain text
C. Using multi-factor authentication
D. Reusing old passwords
**Answer:** C. Using multi-factor authentication
**Chapter:** Chapter 3
**Topic:** Authentication Security

11. **What is the primary goal of risk management?**

A. Reduce all risks to zero
B. Identify, assess, and mitigate risks
C. Eliminate vulnerabilities
D. Increase profitability
**Answer:** B. Identify, assess, and mitigate risks
**Chapter:** Chapter 3
**Topic:** Risk Management
12. **Which of the following is a common method for protecting sensitive data?**
A. Encryption
B. Deletion
C. Compression
D. Sharing
**Answer:** A. Encryption
**Chapter:** Chapter 3
**Topic:** Data Protection

13. **Which of the following describes a man-in-the-middle attack?**

A. An attacker intercepts and modifies communications between two parties
B. An attacker impersonates a legitimate user
C. An attacker floods a network with excessive traffic
D. An attacker gains access through unpatched vulnerabilities
**Answer:** A. An attacker intercepts and modifies communications between two
parties
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities

14. **What is the purpose of a digital certificate?**

A. To encrypt data
B. To verify the identity of a party
C. To backup data
D. To provide network access
**Answer:** B. To verify the identity of a party
**Chapter:** Chapter 3
**Topic:** Public Key Infrastructure

15. **Which of the following attacks involves overwhelming a network with traffic?**
A. Spoofing
 B. DDoS
C. Man-in-the-middle
D. Phishing
**Answer:** B. DDoS
**Chapter:** Chapter 3
**Topic:** Network Attacks

16. **What is the primary function of a VPN?**

A. To filter content
B. To encrypt internet traffic
C. To prevent malware
D. To manage firewalls
**Answer:** B. To encrypt internet traffic
**Chapter:** Chapter 3
**Topic:** VPN Security

17. **Which of the following is a common vulnerability in web applications?**

A. Buffer overflow
B. Rootkits
C. Malware
D. Spyware
**Answer:** A. Buffer overflow
**Chapter:** Chapter 3
**Topic:** Application Security

18. **Which authentication method requires two or more verification methods?**

A. Single sign-on
B. Multi-factor authentication
C. Password
D. Biometrics
 **Answer:** B. Multi-factor authentication
**Chapter:** Chapter 3
**Topic:** Authentication Security

19. **What is the main goal of penetration testing?**

A. To break into systems
B. To identify security weaknesses
C. To encrypt data
D. To improve performance
**Answer:** B. To identify security weaknesses
**Chapter:** Chapter 3
**Topic:** Security Assessment

20. **Which of the following is a risk associated with cloud computing?**

A. Increased control over data
B. Reduced physical security
C. Improved scalability
D. Enhanced collaboration
**Answer:** B. Reduced physical security
**Chapter:** Chapter 3
**Topic:** Cloud Security

21. **What is a zero-day vulnerability?**

A. A vulnerability that has been publicly disclosed
B. A vulnerability that is patched before it is exploited
C. A vulnerability that is exploited on the same day it is discovered
D. A vulnerability that cannot be exploited
**Answer:** C. A vulnerability that is exploited on the same day it is discovered
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities
22. **Which type of malware disguises itself as legitimate software?**
A. Virus
B. Trojan
C. Worm
D. Ransomware
**Answer:** B. Trojan
**Chapter:** Chapter 3
**Topic:** Malware Types

23. **What is the primary purpose of network segmentation?**

A. To increase bandwidth
B. To reduce network latency
C. To enhance security by isolating segments
D. To simplify network management
**Answer:** C. To enhance security by isolating segments
**Chapter:** Chapter 3
**Topic:** Network Security

24. **Which protocol is used to secure email communications?**

A. SMTP
B. POP3
C. IMAP
D. S/MIME
**Answer:** D. S/MIME
**Chapter:** Chapter 3
**Topic:** Email Security

25. **What is the primary function of a web application firewall (WAF)?**

A. To filter incoming traffic
 B. To protect against web application attacks
C. To encrypt web traffic
D. To monitor user activity
**Answer:** B. To protect against web application attacks
**Chapter:** Chapter 3
**Topic:** Firewalls

26. **Which of the following is a characteristic of ransomware?**

A. It replicates itself
B. It encrypts files and demands payment
C. It monitors user activity
D. It removes malware from the system
**Answer:** B. It encrypts files and demands payment
**Chapter:** Chapter 3
**Topic:** Malware Types

27. **What does the principle of least privilege entail?**

A. Users should have all privileges by default
B. Users should have only the access necessary to perform their job
C. Users should have unlimited access to systems
D. Users should be denied all access
**Answer:** B. Users should have only the access necessary to perform their job
**Chapter:** Chapter 3
**Topic:** Access Control

28. **What is the purpose of a security policy?**

A. To restrict access to physical locations
B. To define security requirements and guidelines
 C. To monitor network traffic
D. To encrypt sensitive data
**Answer:** B. To define security requirements and guidelines
**Chapter:** Chapter 3
**Topic:** Security Policies

29. **Which of the following is a common method for detecting intrusions?**

A. Port scanning
B. Network segmentation
C. Log analysis
D. Data encryption
**Answer:** C. Log analysis
**Chapter:** Chapter 3
**Topic:** Intrusion Detection

30. **Which of the following describes the concept of a DMZ?**

A. A secure area of the network
B. A buffer zone between an internal network and the internet
C. A method of encrypting data
D. A type of malware
**Answer:** B. A buffer zone between an internal network and the internet
**Chapter:** Chapter 3
**Topic:** Network Security

31. **What does the acronym SSL stand for?**

A. Secure Socket Layer
B. Standard Security Layer
C. Simple Security Layer
D. Secure System Layer
**Answer:** A. Secure Socket Layer
 **Chapter:** Chapter 3
**Topic:** Encryption

32. **Which of the following is an example of a physical security control?**

A. Firewall
B. Access control lists
C. Surveillance cameras
D. Encryption
**Answer:** C. Surveillance cameras
**Chapter:** Chapter 3
**Topic:** Physical Security

33. **What is the main purpose of an antivirus program?**

A. To monitor network traffic
B. To detect and remove malware
C. To encrypt data
D. To manage firewalls
**Answer:** B. To detect and remove malware
**Chapter:** Chapter 3
**Topic:** Malware Prevention

34. **Which of the following is a risk of using public Wi-Fi?**

A. Increased internet speed
B. Enhanced security
C. Man-in-the-middle attacks
D. Limited access
**Answer:** C. Man-in-the-middle attacks
**Chapter:** Chapter 3
**Topic:** Wireless Security
35. **What is the purpose of a backup?**
A. To monitor user activity
B. To recover lost data
C. To encrypt sensitive files
D. To prevent unauthorized access
**Answer:** B. To recover lost data
**Chapter:** Chapter 3
**Topic:** Data Backup

36. **Which of the following is an effective way to prevent SQL injection attacks?**
A. Using input validation
B. Allowing all inputs
C. Ignoring error messages
D. Using default database settings
**Answer:** A. Using input validation
**Chapter:** Chapter 3
**Topic:** Application Security

37. **Which of the following is a feature of an IDS?**

A. Preventing unauthorized access
B. Monitoring and alerting on suspicious activity
C. Encrypting data
D. Creating user accounts
**Answer:** B. Monitoring and alerting on suspicious activity
**Chapter:** Chapter 3
**Topic:** Intrusion Detection

38. **What is the primary goal of data classification?**

A. To reduce storage costs
B. To identify and protect sensitive data
 C. To improve performance
D. To monitor user activity
**Answer:** B. To identify and protect sensitive data
**Chapter:** Chapter 3
**Topic:** Data Protection

39. **What does the term "phishing" refer to?**

A. A method of encrypting data
B. A type of social engineering attack
C. A technique for securing passwords
D. A method of data backup
**Answer:** B. A type of social engineering attack
**Chapter:** Chapter 3
**Topic:** Social Engineering

40. **Which of the following is a common consequence of a data breach?**

A. Increased trust
B. Financial loss
C. Improved reputation
D. Enhanced security
**Answer:** B. Financial loss
**Chapter:** Chapter 3
**Topic:** Incident Response

41. **What is the purpose of security awareness training?**

A. To improve technical skills
B. To inform employees about security policies and practices
C. To monitor user activity
D. To encrypt sensitive data
**Answer:** B. To inform employees about security policies and practices
 **Chapter:** Chapter 3
**Topic:** Security Awareness

42. **Which of the following is a feature of end-to-end encryption?**

A. Data is encrypted only in transit
B. Data is decrypted at intermediate points
C. Only the sender and receiver can access the unencrypted data
D. Data is stored in plain text
**Answer:** C. Only the sender and receiver can access the unencrypted data
**Chapter:** Chapter 3
**Topic:** Encryption

43. **What is the primary purpose of access control?**

A. To monitor network traffic
B. To restrict unauthorized access
C. To encrypt data
D. To provide backup services
**Answer:** B. To restrict unauthorized access
**Chapter:** Chapter 3
**Topic:** Access Control

44. **Which of the following describes a denial of service attack?**

A. An attacker impersonates a legitimate user
B. An attacker floods a network with excessive requests
C. An attacker intercepts and modifies communications
D. An attacker gains access to a system through brute force
**Answer:** B. An attacker floods a network with excessive requests
**Chapter:** Chapter 3
**Topic:** Network Attacks
45. **Which of the following best describes a threat?**
A. A potential for loss or harm
B. A weakness in a system
C. A security measure
D. A successful attack
**Answer:** A. A potential for loss or harm
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities

46. **What does the term "vulnerability" refer to?**

A. A potential for loss or harm
B. A weakness in a system that can be exploited
C. A successful attack
D. A security measure
**Answer:** B. A weakness in a system that can be exploited
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities

47. **Which of the following is a characteristic of a strong password?**

A. Simple and easy to remember
B. Long and complex with a mix of characters
C. Contains personal information
D. Same as the username
**Answer:** B. Long and complex with a mix of characters
**Chapter:** Chapter 3
**Topic:** Password Security

48. **What is the purpose of a security incident response plan?**

A. To monitor network traffic
B. To provide a structured approach to managing security incidents
 C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To provide a structured approach to managing security incidents
**Chapter:** Chapter 3
**Topic:** Incident Response

49. **Which of the following is an example of multi-factor authentication?**

A. A password and a security question
B. A password and a fingerprint
C. A username and password
D. A PIN and a username
**Answer:** B. A password and a fingerprint
**Chapter:** Chapter 3
**Topic:** Authentication Security

50. **What is the purpose of a security audit?**

A. To monitor network traffic
B. To evaluate the effectiveness of security controls
C. To encrypt sensitive data
D. To conduct penetration testing
**Answer:** B. To evaluate the effectiveness of security controls
**Chapter:** Chapter 3
**Topic:** Security Assessment

51. **Which of the following describes the concept of risk assessment?**

A. A method for reducing risks
B. A process for identifying and evaluating risks
C. A technique for monitoring network traffic
D. A tool for encrypting data
**Answer:** B. A process for identifying and evaluating risks
 **Chapter:** Chapter 3
**Topic:** Risk Management

52. **What is the main function of a patch management process?**

A. To monitor user activity
B. To apply updates to software and systems
C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To apply updates to software and systems
**Chapter:** Chapter 3
**Topic:** Vulnerability Management

53. **Which of the following is a method of securing a web application?**

A. Using strong passwords
B. Validating user input
C. Disabling logging
D. Ignoring error messages
**Answer:** B. Validating user input
**Chapter:** Chapter 3
**Topic:** Application Security

54. **What is the purpose of a DMZ in network architecture?**

A. To provide additional bandwidth

B. To isolate a network segment for security
C. To monitor user activity
D. To encrypt sensitive data
**Answer:** B. To isolate a network segment for security
**Chapter:** Chapter 3
 **Topic:** Network Security

55. **Which of the following is a characteristic of symmetric encryption?**

A. Different keys for encryption and decryption
B. Same key for both encryption and decryption
C. Faster than asymmetric encryption
D. Requires a digital certificate
**Answer:** B. Same key for both encryption and decryption
**Chapter:** Chapter 3
**Topic:** Encryption

56. **What does the acronym MFA stand for?**

A. Multi-Factor Authentication
B. Multi-Function Access
C. Mandatory Firewall Assessment
D. Managed Firewall Architecture
**Answer:** A. Multi-Factor Authentication
**Chapter:** Chapter 3
**Topic:** Authentication Security

57. **Which of the following is a type of malware that replicates itself?**

A. Virus
B. Trojan
C. Worm
D. Spyware
**Answer:** C. Worm
**Chapter:** Chapter 3
**Topic:** Malware Types

58. **What is the primary goal of an incident response team?**

 A. To monitor network traffic
B. To respond to security incidents effectively
C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To respond to security incidents effectively
**Chapter:** Chapter 3
**Topic:** Incident Response

59. **Which of the following is an example of a threat actor?**

A. A security software company
B. A hacker attempting to gain unauthorized access
C. An IT department performing security audits
D. A user accessing their email account
**Answer:** B. A hacker attempting to gain unauthorized access
**Chapter:** Chapter 3
**Topic:** Threat Actors

60. **What is the purpose of data encryption?**

A. To monitor user activity
B. To protect data from unauthorized access
C. To create backups
D. To prevent software updates
**Answer:** B. To protect data from unauthorized access
**Chapter:** Chapter 3
**Topic:** Data Protection

61. **Which of the following is a common vulnerability associated with web

applications?**
A. Cross-Site Scripting (XSS)
B. Strong authentication
 C. Firewall protection
D. Data encryption
**Answer:** A. Cross-Site Scripting (XSS)
**Chapter:** Chapter 3
**Topic:** Web Application Security

62. **What is the primary purpose of network segmentation?**

A. To increase internet speed
B. To improve network performance and security
C. To reduce the number of devices
D. To eliminate firewalls
**Answer:** B. To improve network performance and security
**Chapter:** Chapter 3
**Topic:** Network Security

63. **Which of the following is an example of a social engineering attack?**

A. Brute force attack
B. Phishing email
C. Malware infection
D. SQL injection
**Answer:** B. Phishing email
**Chapter:** Chapter 3
**Topic:** Social Engineering

64. **What is the function of a firewall?**

A. To monitor user activity
B. To filter incoming and outgoing network traffic
C. To encrypt data
D. To perform backups
**Answer:** B. To filter incoming and outgoing network traffic
 **Chapter:** Chapter 3
**Topic:** Network Security

65. **Which of the following describes a risk?**

A. A potential for loss or harm
B. A weakness in a system
C. A security measure
D. A successful attack
**Answer:** A. A potential for loss or harm
**Chapter:** Chapter 3
**Topic:** Risk Management

66. **Which of the following best describes a zero-day vulnerability?**

A. A vulnerability that has been patched
B. A vulnerability that is publicly known
C. A vulnerability that is unknown to the vendor
D. A vulnerability that is easy to exploit
**Answer:** C. A vulnerability that is unknown to the vendor
**Chapter:** Chapter 3
**Topic:** Vulnerability Management

67. **What is the purpose of a security policy?**

A. To monitor user activity
B. To define security requirements and guidelines
C. To encrypt sensitive data
D. To create backups
**Answer:** B. To define security requirements and guidelines
**Chapter:** Chapter 3
**Topic:** Security Policies
68. **Which of the following is a common method for detecting intrusions?**
A. Port scanning
B. Log analysis
C. Network segmentation
D. Data encryption
**Answer:** B. Log analysis
**Chapter:** Chapter 3
**Topic:** Intrusion Detection

69. **Which of the following describes a DDoS attack?**

A. An attack that encrypts files
B. An attack that floods a target with traffic
C. An attack that steals credentials
D. An attack that manipulates data
**Answer:** B. An attack that floods a target with traffic
**Chapter:** Chapter 3
**Topic:** Network Attacks

70. **What does the acronym VPN stand for?**

A. Virtual Private Network
B. Verified Protected Network
C. Variable Port Number
D. Visual Protocol Network
**Answer:** A. Virtual Private Network
**Chapter:** Chapter 3
**Topic:** Network Security

71. **Which of the following is a characteristic of asymmetric encryption?**

A. Uses the same key for encryption and decryption
B. Uses a pair of keys for encryption and decryption
 C. Is faster than symmetric encryption
D. Does not require a digital certificate
**Answer:** B. Uses a pair of keys for encryption and decryption
**Chapter:** Chapter 3
**Topic:** Encryption

72. **What is the primary goal of penetration testing?**

A. To monitor network traffic
B. To identify vulnerabilities in systems and applications
C. To encrypt sensitive data
D. To provide user training
**Answer:** B. To identify vulnerabilities in systems and applications
**Chapter:** Chapter 3
**Topic:** Vulnerability Management

73. **Which of the following is a risk associated with cloud computing?**

A. Increased physical security
B. Loss of control over data
C. Improved scalability
D. Enhanced performance
**Answer:** B. Loss of control over data
**Chapter:** Chapter 3
**Topic:** Cloud Security

74. **What is the purpose of a vulnerability assessment?**

A. To monitor network traffic
B. To identify and evaluate security weaknesses
C. To encrypt sensitive data
D. To conduct penetration testing
**Answer:** B. To identify and evaluate security weaknesses
 **Chapter:** Chapter 3
**Topic:** Vulnerability Management

75. **Which of the following is an example of a firewall rule?**

A. Allow traffic on port 80
B. Encrypt all outgoing data
C. Backup user files
D. Monitor user activity
**Answer:** A. Allow traffic on port 80
**Chapter:** Chapter 3
**Topic:** Network Security

76. **What is the primary function of an access control list (ACL)?**

A. To encrypt data
B. To define permissions for network resources
C. To monitor network traffic
D. To conduct vulnerability assessments
**Answer:** B. To define permissions for network resources
**Chapter:** Chapter 3
**Topic:** Access Control

77. **Which of the following best describes an advanced persistent threat (APT)?**
A. A short-lived attack
B. A targeted and sophisticated attack
C. A random malware infection
D. A harmless vulnerability
**Answer:** B. A targeted and sophisticated attack
**Chapter:** Chapter 3
**Topic:** Threats and Vulnerabilities
78. **What is the purpose of an endpoint protection solution?**
A. To monitor network traffic
B. To protect endpoints from malware and threats
C. To encrypt sensitive data
D. To manage user accounts
**Answer:** B. To protect endpoints from malware and threats
**Chapter:** Chapter 3
**Topic:** Endpoint Security

79. **Which of the following is a characteristic of two-factor authentication?**

A. Uses one form of verification
B. Requires two different forms of verification
C. Is less secure than single-factor authentication
D. Requires a password only
**Answer:** B. Requires two different forms of verification
**Chapter:** Chapter 3
**Topic:** Authentication Security

80. **What does the term "malware" refer to?**

A. Software that enhances performance
B. Software designed to disrupt or damage systems
C. Software for monitoring user activity
D.

Software that encrypts data

**Answer:** B. Software designed to disrupt or damage systems
**Chapter:** Chapter 3
**Topic:** Malware Types

81. **Which of the following is an example of a security control?**

 A. A security policy
B. A user training program
C. An antivirus software
D. All of the above
**Answer:** D. All of the above
**Chapter:** Chapter 3
**Topic:** Security Controls

82. **What is the primary goal of security awareness training?**

A. To teach users how to write code
B. To educate users on security best practices
C. To monitor user activity
D. To encrypt sensitive data
**Answer:** B. To educate users on security best practices
**Chapter:** Chapter 3
**Topic:** Security Awareness

83. **Which of the following describes a man-in-the-middle attack?**

A. An attack that steals credentials
B. An attack that disrupts network traffic
C. An attack that intercepts communication between two parties
D. An attack that encrypts files
**Answer:** C. An attack that intercepts communication between two parties
**Chapter:** Chapter 3
**Topic:** Network Attacks

84. **What is the purpose of patch management?**

A. To monitor user activity
B. To update software with the latest security fixes
C. To encrypt sensitive data
 D. To conduct vulnerability assessments
**Answer:** B. To update software with the latest security fixes
**Chapter:** Chapter 3
**Topic:** Patch Management

85. **Which of the following is a common security framework?**

A. NIST Cybersecurity Framework
B. TCP/IP Model
C. OSI Model
D. Agile Methodology
**Answer:** A. NIST Cybersecurity Framework
**Chapter:** Chapter 3
**Topic:** Security Frameworks

86. **What is the primary purpose of a digital signature?**

A. To encrypt sensitive data
B. To verify the authenticity of a message or document
C. To compress files
D. To backup data
**Answer:** B. To verify the authenticity of a message or document
**Chapter:** Chapter 3
**Topic:** Digital Signatures

87. **Which of the following is a characteristic of a strong password?**

A. It is easily guessable
B. It includes personal information
C. It is at least 12 characters long and contains a mix of letters, numbers, and
symbols
D. It is the same as the username
 **Answer:** C. It is at least 12 characters long and contains a mix of letters,
numbers, and symbols
**Chapter:** Chapter 3
**Topic:** Password Security

88. **What is the primary goal of risk assessment?**

A. To monitor network traffic
B. To identify and evaluate risks to an organization
C. To encrypt sensitive data
D. To provide user training
**Answer:** B. To identify and evaluate risks to an organization
**Chapter:** Chapter 3
**Topic:** Risk Management

89. **Which of the following best describes a brute force attack?**

A. An attack that uses social engineering techniques
B. An attack that tries every possible combination to gain access
C. An attack that exploits a specific vulnerability
D. An attack that uses malware
**Answer:** B. An attack that tries every possible combination to gain access
**Chapter:** Chapter 3
**Topic:** Network Attacks

90. **What is the purpose of a security audit?**

A. To monitor user activity
B. To evaluate the effectiveness of security measures
C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To evaluate the effectiveness of security measures
**Chapter:** Chapter 3
 **Topic:** Security Audits

91. **Which of the following is a common method for preventing data breaches?**
A. Regular software updates
B. User training on security best practices
C. Implementing access controls
D. All of the above
**Answer:** D. All of the above
**Chapter:** Chapter 3
**Topic:** Data Protection

92. **What is the primary goal of an incident response plan?**

A. To prevent security incidents from occurring
B. To outline steps for responding to security incidents
C. To encrypt sensitive data
D. To monitor network traffic
**Answer:** B. To outline steps for responding to security incidents
**Chapter:** Chapter 3
**Topic:** Incident Response

93. **Which of the following is a common threat to physical security?**

A. Natural disasters
B. Cyber attacks
C. Insider threats
D. All of the above
**Answer:** D. All of the above
**Chapter:** Chapter 3
**Topic:** Physical Security
94. **What is the function of a Security Information and Event Management (SIEM)
system?**
A. To monitor network traffic
B. To analyze security data and alerts
C. To conduct penetration testing
D. To encrypt sensitive data
**Answer:** B. To analyze security data and alerts
**Chapter:** Chapter 3
**Topic:** Security Monitoring

95. **Which of the following describes a credential stuffing attack?**

A. An attack that uses stolen credentials to gain unauthorized access
B. An attack that exploits a specific vulnerability
C. An attack that tries every possible combination to gain access
D. An attack that uses social engineering techniques
**Answer:** A. An attack that uses stolen credentials to gain unauthorized access
**Chapter:** Chapter 3
**Topic:** Network Attacks

96. **What is the purpose of a disaster recovery plan?**

A. To monitor user activity
B. To outline steps for recovering from a disaster
C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To outline steps for recovering from a disaster
**Chapter:** Chapter 3
**Topic:** Disaster Recovery

97. **Which of the following is a characteristic of a phishing attack?**

A. It targets physical security
 B. It uses social engineering to trick users
C. It relies on brute force techniques
D. It targets network vulnerabilities
**Answer:** B. It uses social engineering to trick users
**Chapter:** Chapter 3
**Topic:** Phishing

98. **What is the primary goal of data loss prevention (DLP)?**

A. To encrypt sensitive data
B. To monitor network traffic
C. To prevent unauthorized access to sensitive data
D. To conduct vulnerability assessments
**Answer:** C. To prevent unauthorized access to sensitive data
**Chapter:** Chapter 3
**Topic:** Data Protection

99. **Which of the following is a common method for securing data in transit?**
A. Using encryption protocols
B. Using plain text
C. Using outdated software
D. Using weak passwords
**Answer:** A. Using encryption protocols
**Chapter:** Chapter 3
**Topic:** Data Protection

100. **What is the purpose of user access reviews?**

A. To monitor user activity
B. To evaluate and verify user access permissions
C. To encrypt sensitive data
D. To conduct vulnerability assessments
**Answer:** B. To evaluate and verify user access permissions
**Chapter:** Chapter 3
**Topic:** Access Control