Question 1
What is phishing primarily designed to do?
Question 2
Which of the following attacks exploits human behavior rather than technical vulnerabilities?
Question 3
What is the principle of least privilege?
Question 4
Which flags should protect a session cookie?
Question 5
Which well-known framework is used for exploiting vulnerabilities?
Question 6
What type of attack involves tricking users into revealing sensitive information?
Question 7
What is the main goal of encryption?
Question 8
In Google Cloud, what is the preferred way to grant a VM access to other GCP services securely without managing long-lived keys?
Question 9
What is the primary function of asymmetric encryption?
Question 10
In Microsoft Active Directory, which attack techniques specifically target Kerberos authentication?
Question 11
Threat management is a process that is used by cybersecurity professionals to prevent cyberattacks, detect cyberthreats and respond to security incidents. Many modern threat management systems use frameworks that provide comprehensive guidance to improve information security and cybersecurity risk management for private sector organizations. Which Framework is plublished by the NIST and consists of guides, standards, best practices and five core functions, namely to identify, protect, detect, respond and recover?
Question 12
In AWS IAM, which practices reduce the risk of privilege escalation?
Question 13
Which practices together best illustrate a defense in depth approach for a web application?
Question 14
What is encryption at rest?
Question 15
What are effective controls for reducing the impact of ransomware in enterprise environments?
Question 16
Which Azure service helps detect and respond to security threats across hybrid environments?
Question 17
Which algorithms use the EAPOL handshake?
Question 18
Which of the following is a common method used by attackers to exploit weak or default credentials?
Question 19
A difference between QUIC and transport protocols such as TCP and UDP is that it has stream multiplexing built-in on the transport layer. This allows having multiple, concurrent, independent data streams that don't affect each other. MsQuic is shipped in-box in the Windows kernel in the form of the msquic.sys driver, to support built-in HTTP and SMB features. MsQuic is made generally available with the release of which Windows Server version?
Question 20
Which AWS service detects suspicious activity using machine learning?