A cybersecurity quiz for students and exam preparation — 15 medium-level questions on core security principles.
1. What does 'risk' represent in cybersecurity, combining threat and vulnerability?
💡 'Risk' represents the potential for loss or damage that occurs when a threat successfully exploits a vulnerability.
2. What does 'vulnerability' refer to in cybersecurity?
💡 A 'vulnerability' is a weakness in a system that could potentially be exploited to gain unauthorized access.
3. What does 'least privilege' principle mean in cybersecurity?
💡 The 'least privilege' principle grants users only the minimum access necessary to perform their specific job functions.
4. What is 'risk assessment' in cybersecurity?
💡 Risk assessment is the systematic process of identifying, analyzing, and evaluating potential security risks.
5. What does 'confidentiality' ensure in the CIA triad?
💡 'Confidentiality' ensures that information is only accessible to those who are authorized to view it.
6. What is 'penetration testing'?
💡 Penetration testing is an authorized, simulated cyberattack conducted to evaluate a system's real-world security.
7. What does 'availability' ensure in the CIA triad?
💡 'Availability' ensures that authorized users can reliably access information and resources whenever they need them.
8. What is a 'threat' in cybersecurity terminology?
💡 A 'threat' refers to any potential danger capable of exploiting a vulnerability to cause harm.
9. What is a 'security policy' in an organization?
💡 A security policy is a documented set of rules and practices that govern how an organization manages its security.
10. What does 'CIA triad' stand for in cybersecurity?
💡 The CIA triad stands for Confidentiality, Integrity, and Availability, three core principles of information security.
11. What does 'integrity' ensure in the CIA triad?
💡 'Integrity' ensures that data remains accurate and is only altered through legitimate, authorized actions.
12. What does 'incident response' refer to in cybersecurity?
💡 Incident response is the organized approach used to identify, contain, and manage the aftermath of a security breach.
13. What does 'compliance' mean in a cybersecurity context?
💡 'Compliance' refers to adhering to established laws, regulations, and industry standards related to security and privacy.
14. What is 'disaster recovery planning' in cybersecurity?
💡 Disaster recovery planning prepares strategies and procedures for restoring systems and data after a significant disruption.
15. What is a 'security audit'?
💡 A security audit is a systematic evaluation of an organization's overall information system security posture.