IASEC1

1. The quality or state of being secure that is to be free from danger.

A) Information security
B) Cybersecurity
C) Information assurance
D) Security

2. A construction block in DIKW pyramid that has been "cleaned of errors and further processed so that it is easier to measure, visualize, and analyze for a specific purpose.

A) Data
B) Wisdom
C) Knowledge
D) Information

3. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.

A) Information Security
B) Data Security
C) Information Assurance
D) Cybersecurity

4. To safeguard the person or group of people who have been granted access to the organization and its operations is known as

A) Operations security
B) Physical security
C) Personal security
D) Communication security

5. A web browser pop-up appears on your personal computer offering an "anti-spyware product" What's your best course of action?

A) Click on the link and provide your personal information
B) Click on the link in the ad to learn more about the company its products before you provide.
C) Close the window. If want spyware protection software, better to get it from a provider with extensive review and download on a reputed site such as download.com.
D) Click on the link and provide your credit card information as the more protection prompted to install the better.

6. Peter is working at a real estate business this summer. He's using the company's computer system to enter client addresses. Marzan is working at what level of the DIKW hierarchy?

A) Data
B) Information
C) Wisdom
D) Knowledge

7. These attackers intend to do damage to your system or try to obtain the information from tha system which can be used to attain financial gain.

A) hackers
B) Intruders
C) Virus
D) Malware

8. The highest level of the DIKW Pyramid is _______

A) Wisdom
B) Data
C) Knowledge
D) Information

9. _______ is a group of people working together to achieve the same goal or objectives.

A) Enterprise
B) Company
C) Industry
D) Organization

10. is the information you have learned, while wisdom is the ability to use that knowledge in a profound way.

A) Data
B) Knowledge
C) Wisdom
D) Information

11. The ________ hierarchy, connects data, information, knowledge, and wisdom in four layers

A) DIKW
B) GIGO
C) Sequential access
D) IPO

12. _________ are the news who is only interested in penetrating into your system. They do not cause any harm to your system they only get satisfied by getting access to your system.

A) Hacker
B) Virus
C) Malware
D) Trojan horse

13. Mary is analyzing the sales report figures as a new sales manager to determine the top three salespeople for the year. Mary is working at what level of the DIKW hierarchy

A) Knowledge
B) Data
C) Information
D) Wisdom

14. __________ is the protection of assets from harm.

A) Information security
B) Data security
C) Cybersecurity
D) Security

15. When data is compiled or used to better understand or do anything, it is referred to as ___________

A) Knowledge
B) Wisdom
C) Data
D) Information

16. Assets within the organization includes: machine, facilities, data, information and __________

A) Security
B) People
C) Knowledge
D) Wisdom

17. We turn data into information providing _________ into it.

A) Context
B) Security
C) Knowledge
D) Wisdom

18. Information is __________ when it is free of faults or mistakes and provides the value that the end-user expects.

A) true
B) Reliable
C) Confidential
D) accurate

19. ________ is the quality or state of being exposed to the possibility of being attackod or harmed, either physically or emotionally.

A) vulnerability
B) confidentiality
C) availability
D) integrity

20. The securing of computer systems and data against harm, theft, and unauthorized access is

known as ________

A) vulnerability
B) Computer Security
C) Data security
D) Information security

21. ________ is a concept that allows you to recognize patterns and the elements that drive them. Ultimately, it allows future events to be predicted.

A) Knowledge
B) Information
C) Wisdom
D) Data

22. Information must be available for use by those who have been granted access to it, which is a feature of IΑ.

A) Authenticity
B) Integrity
C) Availability
D) Integrity

23. __________ is knowledge applied in action.

A) Knowledge
B) Data
C) Wisdom
D) Information

24. _________ defines and applies a collection of policies, standards, methodologies, services, and mechanism to maintain mission integrity with respect to people, process, technology, information and supporting infrastructure.

A) Information Assurance
B) Information security
C) Security
D) Information and Information System

25. __________, means to safeguard network components, connections, and data.

A) security
B) availability
C) network security
D) confidentiality

26. An _________ is where an unauthorized individual gains access to confidential or private information.

A) Modification
B) interruption
C) Fabrication
D) interception

27. Unintentional tampering, such as human errors or data loss as a result of a system failure, must also he protected by effective integrity countermeasures.

A) True
B) False

28. __________ is defined set of measures that ensure the availability, integrity. authenticity, secrecy, and nonrepudiation of information and information systems,

A) information
B) computer security
C) Information assurance
D) information security

29. Hardware failures, unanticipated software downtime, and network bandwidth challenges are just a few of the most common non-malicious threats to availability.

A) False
B) True

30. What does multi-factor authentication (MFA) require?

A) A single security question
B) Multiple verification methods, such as biometrics or one-time codes
C) A firewall
D) Only a password

31. What is the primary goal of information security?

A) Prevent unauthorized system access
B) Protect data confidentiality, integrity, and availability
C) Ensure system functionality
D) Improve network speed

32. What is a common method used to assess risks within an organization?

A) Risk assessment framework
B) Random employee surveys
C) Firewall configuration
D) Ignoring security incidents

33. What does "CIA Triad" stand for in cybersecurity?

A) Confidentiality, Integrity, Availability
B) Cyber Intelligence Agency
C) Computer Infrastructure Analysis
D) Cryptographic Integration Algorithms

34. What does a Disaster Recovery Plan (DRP) focus on?

A) Restoring IT systems and data after a disruption
B) Employee satisfaction surveys
C) Maintaining customer engagement
D) Increasing revenue

35. What is the role of a risk mitigation plan?

A) Prevent all security threats permanently
B) Help organizations reduce the impact of security risks
C) Allow employees unrestricted access to data
D) Ignore vulnerabilities in the system

36. Which security attack involves an attacker intercepting communication between two parties?

A) Ransomware
B) DDoS Attack
C) SQL Injection
D) Man-in-the-Middle attack

37. What is the Zero Trust security model?

A) Disable all security features
B) Provide unrestricted access to databases
C) Always verify and authenticate before granting accessB. Always verify and authenticate before granting access
D) Trust all internal users automatically

38. What is the purpose of an Intrusion Detection System (IDS)?

A) Prevent unauthorized access
B) Speed up network traffic
C) Detect potential security breaches
D) Encrypt sensitive data

39. Which type of malware locks user files and demands payment for access?

A) Spyware
B) Trojan Horse
C) Ransomware
D) Worm

40. Which security principle restricts users to only the permissions necessary for their roles?

A) Open access
B) Denial-of-service
C) Multi-factor authentication
D) Least privilege

41. How can a company ensure its Business Continuity Plan remains effective?

A) Ignore it until an emergency occurs
B) Delay testing procedures
C) Reduce security measures
D) Regularly review and update the plan

42. Which type of malware encrypts files and demands payment for their release?

A) Worm
B) Trojan Horse
C) Spyware
D) Ransomware

43. What is the first step in developing a Business Continuity Plan?

A) Purchasing cybersecurity software
B) Expanding business operations
C) Hiring more employees
D) Conducting a business impact analysis (BIA)

44. Which strategy helps businesses remain operational during a natural disaster?

A) Using only local backups
B) Ignoring customer inquiries
C) Relocating all servers off-site or to the cloud
D) Relying on social media advertising

45. What is the main goal of a Business Continuity Plan (BCP)?

A) Ensure business operations continue during disruptions
B) Reduce hiring costs
C) Increase company profits
D) Improve advertising strategies

46. What is the main purpose of cybersecurity?

A) Increase internet speed
B) Minimize hardware costs
C) Protect digital systems from unauthorized access and threats
D) Improve software speed

47. What is the main purpose of cybersecurity?

A) Minimize hardware costs
B) Protect digital systems from unauthorized access and threats
C) Increase internet speed
D) Improve software speed

48. What is the term for an individual inside an organization who intentionally leaks sensitive information or causes security breaches?

A) System administrator
B) Insider threat
C) External hacker
D) Firewall bypasser

49. What is the main purpose of penetration testing in cybersecurity?

A) To slow down network connections
B) To identify weaknesses by simulating cyberattacks
C) To crash an organization's system
D) To delete unnecessary files

50. Which security measure helps prevent brute-force attacks on passwords?

A) Disabling firewalls
B) Allowing unlimited retries
C) Limiting login attempts
D) Using simple passwords

51. What type of cyberattack uses fake emails to trick users into revealing sensitive information?

A) Phishing
B) Malware
C) Denial-of-Service(DoS)
D) SQL Injection

52. Which event would require a company to activate its Business Continuity Plan?

A) Annual employee training
B) Office relocation
C) Cyberattack, natural disaster, or major equipment failure
D) Routine software updates

53. Why is business impact analysis (BIA) critical in business continuity planning?

A) It prevents all operational failures
B) It eliminates all business risks
C) It helps organizations understand the potential consequences of disruptions
D) It focuses only on marketing strategies

54. What is a common method used in phishing attacks?

A) Exploiting software vulnerabilities
B) Blocking all incoming network traffic
C) Encrypting all system files
D) Sending deceptive emails to trick users

55. Who is responsible for executing a Business Continuity Plan during an emergency?

A) External consultants
B) The designated business continuity team and stakeholders
C) Only the CEO
D) Random employees

56. What is social engineering in cybersecurity?

A) Strengthening security with encryption
B) Hacking servers using malware
C) Manipulating individuals to reveal confidential information
D) Conducting network vulnerability tests

57. Which cybersecurity principle helps reduce risk by restricting system access based on user roles?

A) Firewal Bypass
B) No Authentication
C) Least Privilege
D) Open Access

58. Which type of attack floods a network or system to overload resources?

A) SQL Injection
B) Denial-of-Service (DoS)
C) Phishing
D) Man-in-the-middle

59. Which security principle ensures data remains unchanged during transit or storage?

A) Confidentiality
B) Authentication
C) Integrity
D) Availability

60. What is the primary function of a Virtual Private Network (VPN)?

A) Improve internet speed
B) Encrypt internet connections for secure browsing
C) Block ads
D) Prevent phishing attacks

61. What is the main difference between risk and vulnerability?

A) Risk refers to potential threats, while vulnerability is a weakness that can be exploited
B) Vulnerability deals with financial losses, while risk only affects IT systems
C) Risk and vulnerability mean the same thing
D) Risk is always external, while vulnerability is always internal

62. How can organizations reduce human-related security vulnerabilities?

A) Rely only on antivirus software
B) Provide regular cybersecurity awareness training
C) Ignore employee cybersecurity habits
D) Avoid using passwords

63. Which security principle requires users to only have the necessary access to perform their tasks?

A) Network segmentation
B) Open Access
C) Network segmentation
D) Multi-factor authentication

64. What is the primary role of antivirus software?

A) Monitor online activity
B) Detect and remove malware
C) Speed up internet browsing
D) Speed up internet browsing

65. What is a common defense against brute-force attacks?

A) Disabling firewalls
B) Keeping software outdated
C) Weak passwords
D) Limiting login attempts

66. Which factor increases an organization's security risk?

A) Outdated software and weak passwords
B) Regular employee cybersecurity training
C) Strong authentication measures
D) Encrypted data storage

67. What does HTTPS in a web address indicate?

A) A secure, encrypted data transmission
B) A government-authorized website
C) A faster connection speed
D) A local network connection

68. What is the purpose of a firewall in network security?

A) Detect viruses
B) Enhance internet speed
C) Block unauthorized access
D) Encrypt data files

69. What does multi-factor authentication (MFA) require?

A) A firewall setup
B) Only a username
C) Password only
D) Multiple authentication factors, such as biometrics and codes

70. Which cybersecurity practice involves testing a system for vulnerabilities before an attack occurs?

A) Ethical hacking
B) Social Engineering
C) Phishing
D) Malware analysis

71. How can users protect against cyber threats?

A) Click on unknown email links
B) Disable antivirus protection
C) Use strong passwords and update software regularly
D) Ignore security updates

72. Which essential component should a Business Continuity Plan include?

A) Marketing strategies
B) Disaster recovery procedures
C) Daily employee schedules
D) Company logo designs

73. What is the main function of a firewall?

A) Detect hardware failures
B) Create backup copies of data
C) Prevent unauthorized access to a network
D) Enhance browsing speed

74. What is the best way to mitigate security vulnerabilities?

A) Ignore small risks
B) Perform regular security updates and patches
C) Use simple and easy-to-guess passwords
D) Avoid monitoring user activities

Created with That Quiz — a math test site for students of all grade levels.