Text preview & study summary

Cybersecurity Terminology

A free sample of 5 questions from this quiz, shown in full with answer choices and explanations. No interactivity — everything is visible on this page for study and review.

Want to test your knowledge? Launch the Interactive Exam Simulator

Question 1

What does "MFA" stand for?

Answer choices

  • A. Managed Firewall Architecture

  • B. Multi-Factor Authentication (Correct)

  • C. Malware Filter Application

  • D. Monitored File Access

Explanation

Multi-Factor Authentication (MFA) requires users to provide two or more verification factors: something you know (password), something you have (token/phone), and something you are (biometric). MFA significantly reduces the risk of account compromise because stealing just a password is not enough to gain access.

Question 2

Which of the following are components of defense-in-depth (layered security)? (Select ALL that apply)

Answer choices

  • A. Firewalls (Correct)

  • B. Using only one very strong password for all systems

  • C. Intrusion Detection/Prevention Systems (IDS/IPS) (Correct)

  • D. Employee security awareness training (Correct)

  • E. Encrypting data at rest and in transit (Correct)

Explanation

Defense-in-depth uses multiple overlapping layers of security controls so that if one fails, others remain. Firewalls, IDS/IPS, security awareness training, and encryption are all valid layers. Using one password for all systems violates password best practices, and relying solely on AV is a single-layer approach — the opposite of defense-in-depth.

Question 3

What is the difference between symmetric and asymmetric encryption?

Answer choices

  • A. Symmetric uses the same key for encryption and decryption; asymmetric uses a key pair (public and private) (Correct)

  • B. Symmetric encryption is stronger; asymmetric is weaker

  • C. Symmetric is used only for passwords; asymmetric is used for files

  • D. Symmetric uses hardware; asymmetric uses software

Explanation

Symmetric encryption (e.g., AES) uses a single shared key for both encrypting and decrypting. It is fast but requires securely exchanging the key. Asymmetric encryption (e.g., RSA) uses a public key to encrypt and a private key to decrypt. HTTPS uses asymmetric encryption to establish a session, then switches to symmetric encryption for performance.

Question 4

Which of the following are types of malware? (Select ALL that apply)

Answer choices

  • A. Virus (Correct)

  • B. Firewall

  • C. Trojan Horse (Correct)

  • D. Worm (Correct)

  • E. VPN

Explanation

Virus (attaches to legitimate files), Trojan Horse (disguises itself as legitimate software), Worm (self-replicating, spreads across networks), and Spyware (secretly monitors user activity) are all types of malware. A firewall is a security control, and a VPN is a privacy/security tool — neither is malware.

Question 5

What is the purpose of a SIEM (Security Information and Event Management) system?

Answer choices

  • A. To encrypt all network communications automatically

  • B. To collect, aggregate, correlate, and analyze security log data from across an environment in real time to detect threats (Correct)

  • C. To manage and rotate user passwords across the organization

  • D. To perform automatic vulnerability patching on endpoints

Explanation

A SIEM (e.g., Splunk, Microsoft Sentinel, IBM QRadar) ingests logs from firewalls, servers, endpoints, and applications, correlates events across multiple sources, and generates alerts when suspicious patterns are detected. It is the cornerstone of most SOC (Security Operations Center) monitoring programs.