Text preview & study summary
Cybersecurity Terminology
A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.
Want to test your knowledge? Launch the Interactive Exam Simulator
Question 1
What does "MFA" stand for?
Explanation
Multi-Factor Authentication (MFA) requires users to provide two or more verification factors: something you know (password), something you have (token/phone), and something you are (biometric). MFA significantly reduces the risk of account compromise because stealing just a password is not enough to gain access.
Question 2
Which of the following are components of defense-in-depth (layered security)? (Select ALL that apply)
Explanation
Defense-in-depth uses multiple overlapping layers of security controls so that if one fails, others remain. Firewalls, IDS/IPS, security awareness training, and encryption are all valid layers. Using one password for all systems violates password best practices, and relying solely on AV is a single-layer approach — the opposite of defense-in-depth.
Question 3
What is the difference between symmetric and asymmetric encryption?
Explanation
Symmetric encryption (e.g., AES) uses a single shared key for both encrypting and decrypting. It is fast but requires securely exchanging the key. Asymmetric encryption (e.g., RSA) uses a public key to encrypt and a private key to decrypt. HTTPS uses asymmetric encryption to establish a session, then switches to symmetric encryption for performance.
Question 4
Which of the following are types of malware? (Select ALL that apply)
Explanation
Virus (attaches to legitimate files), Trojan Horse (disguises itself as legitimate software), Worm (self-replicating, spreads across networks), and Spyware (secretly monitors user activity) are all types of malware. A firewall is a security control, and a VPN is a privacy/security tool — neither is malware.
Question 5
What is the purpose of a SIEM (Security Information and Event Management) system?
Explanation
A SIEM (e.g., Splunk, Microsoft Sentinel, IBM QRadar) ingests logs from firewalls, servers, endpoints, and applications, correlates events across multiple sources, and generates alerts when suspicious patterns are detected. It is the cornerstone of most SOC (Security Operations Center) monitoring programs.
