Page : 1/10
1. Which of the following encryption methods is used to secure data in transit and is based on a system where each party involved has a pair of cryptographic keys consisting of a public key and a private key?
2. What is the primary purpose of a Public Key Infrastructure (PKI)?
3. Which statement best describes the role of Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols?
4. What is the primary function of a Trusted Platform Module (TPM) in a computing device?
5. What is the main purpose of implementing a Sandboxing technique in software development?
Page : 2/10
6. What principle is primarily enforced by the Clark-Wilson model?
7. What does a Public Key Infrastructure (PKI) primarily support?
8. In cryptography, what is the main purpose of using a nonce?
9. What is the primary function of a Security Information and Event Management (SIEM) system?
10. Which of the following best describes the purpose of Security Assertion Markup Language (SAML)?
Page : 3/10
11. Which of the following security models is specifically designed to prevent conflict of interest when accessing data?
12. What is the primary security concern addressed by implementing an air gap in a network?
13. Which of the following best describes the purpose of a hardware security module (HSM)?
14. In the context of secure architecture, what is the main goal of a demilitarized zone (DMZ)?
15. What principle is enforced by the use of mandatory access control (MAC) models?
Page : 4/10
16. Which security model is primarily focused on ensuring that access controls are implemented correctly to keep data confidential?
17. What is the primary difference between symmetric and asymmetric encryption?
18. Which mechanism is commonly used in operating systems to segregate the memory space used by different applications?
19. What is the primary function of a digital signature?
20. What is the main purpose of employing a WAF (Web Application Firewall)?
Page : 5/10
21. In the context of secure software development, what is the primary goal of threat modeling?
22. Which of the following best describes the concept of "defense in depth"?
23. Which of the following encryption algorithms is considered asymmetric?
24. Which security model is primarily concerned with ensuring that actions are taken in a series of steps that maintain a secure state?
25. What is the primary purpose of using hardware security modules (HSMs) in a network infrastructure?
Page : 6/10
26. What is the main goal of employing steganography in cybersecurity?
27. Which of the following best describes the concept of a "root of trust"?
28. What is the primary function of the Trusted Platform Module (TPM) in computer security?
29. In secure software development, what is the significance of input validation?
30. What role does an intrusion detection system (IDS) play in a security architecture?
Page : 7/10
31. Which of the following best describes the main goal of Mandatory Access Control (MAC)?
32. What is the main difference between hashing and encryption?
33. Which principle of secure design emphasizes the need for a system to continue operating correctly even when components fail?
34. Which of the following best describes a Zero Trust architecture?
35. What is the primary purpose of a Data Loss Prevention (DLP) system?
Page : 8/10
36. Which of the following scenarios is an example of a Man-in-the-Middle (MitM) attack?
37. What is the function of a Certificate Authority (CA) in a Public Key Infrastructure (PKI)?
38. What security mechanism can be used to detect unauthorized changes to software and data?
39. Which of the following security capabilities is most directly associated with preventing eavesdropping on network communications?
40. What is the primary security concern addressed by input validation in software applications?
Page : 9/10
41. Which concept is essential for ensuring that a system can enforce and verify a security policy on data it processes?
42. What does the concept of "Fail Secure" entail in security systems?
43. Which of the following is a primary security concern with virtualization technology?
44. What role does "Separation of Duties" play in information security?
45. Which type of access control model is based on the classification of data and clearance levels of users?
Page : 10/10
46. Which of the following is a characteristic of the Biba integrity model?
47. What is a primary security concern that can be mitigated by using secure coding practices?
48. What is the primary purpose of employing containerization in application deployment?
49. In the context of Public Key Infrastructure (PKI), what role does a Certificate Authority (CA) play?
50. Which of the following best describes the concept of "data at rest" encryption?