IASEC1

1. The quality or state of being secure that is to be free from danger.

A) Cybersecurity
B) Information assurance
C) Security
D) Information security

2. A construction block in DIKW pyramid that has been "cleaned of errors and further processed so that it is easier to measure, visualize, and analyze for a specific purpose.

A) Knowledge
B) Data
C) Information
D) Wisdom

3. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.

A) Information Assurance
B) Cybersecurity
C) Information Security
D) Data Security

4. To safeguard the person or group of people who have been granted access to the organization and its operations is known as

A) Personal security
B) Physical security
C) Communication security
D) Operations security

5. A web browser pop-up appears on your personal computer offering an "anti-spyware product" What's your best course of action?

A) Click on the link and provide your credit card information as the more protection prompted to install the better.
B) Click on the link in the ad to learn more about the company its products before you provide.
C) Close the window. If want spyware protection software, better to get it from a provider with extensive review and download on a reputed site such as download.com.
D) Click on the link and provide your personal information

6. Peter is working at a real estate business this summer. He's using the company's computer system to enter client addresses. Marzan is working at what level of the DIKW hierarchy?

A) Knowledge
B) Wisdom
C) Data
D) Information

7. These attackers intend to do damage to your system or try to obtain the information from tha system which can be used to attain financial gain.

A) Virus
B) Intruders
C) Malware
D) hackers

8. The highest level of the DIKW Pyramid is _______

A) Wisdom
B) Data
C) Knowledge
D) Information

9. _______ is a group of people working together to achieve the same goal or objectives.

A) Company
B) Organization
C) Industry
D) Enterprise

10. is the information you have learned, while wisdom is the ability to use that knowledge in a profound way.

A) Wisdom
B) Data
C) Knowledge
D) Information

11. The ________ hierarchy, connects data, information, knowledge, and wisdom in four layers

A) GIGO
B) Sequential access
C) IPO
D) DIKW

12. _________ are the news who is only interested in penetrating into your system. They do not cause any harm to your system they only get satisfied by getting access to your system.

A) Malware
B) Trojan horse
C) Virus
D) Hacker

13. Mary is analyzing the sales report figures as a new sales manager to determine the top three salespeople for the year. Mary is working at what level of the DIKW hierarchy

A) Information
B) Data
C) Knowledge
D) Wisdom

14. __________ is the protection of assets from harm.

A) Security
B) Cybersecurity
C) Data security
D) Information security

15. When data is compiled or used to better understand or do anything, it is referred to as ___________

A) Data
B) Information
C) Knowledge
D) Wisdom

16. Assets within the organization includes: machine, facilities, data, information and __________

A) Knowledge
B) Security
C) People
D) Wisdom

17. We turn data into information providing _________ into it.

A) Wisdom
B) Security
C) Context
D) Knowledge

18. Information is __________ when it is free of faults or mistakes and provides the value that the end-user expects.

A) Confidential
B) true
C) accurate
D) Reliable

19. ________ is the quality or state of being exposed to the possibility of being attackod or harmed, either physically or emotionally.

A) availability
B) confidentiality
C) vulnerability
D) integrity

20. The securing of computer systems and data against harm, theft, and unauthorized access is

known as ________

A) Computer Security
B) Information security
C) Data security
D) vulnerability

21. ________ is a concept that allows you to recognize patterns and the elements that drive them. Ultimately, it allows future events to be predicted.

A) Wisdom
B) Knowledge
C) Data
D) Information

22. Information must be available for use by those who have been granted access to it, which is a feature of IΑ.

A) Authenticity
B) Integrity
C) Integrity
D) Availability

23. __________ is knowledge applied in action.

A) Wisdom
B) Data
C) Information
D) Knowledge

24. _________ defines and applies a collection of policies, standards, methodologies, services, and mechanism to maintain mission integrity with respect to people, process, technology, information and supporting infrastructure.

A) Information Assurance
B) Security
C) Information and Information System
D) Information security

25. __________, means to safeguard network components, connections, and data.

A) confidentiality
B) network security
C) availability
D) security

26. An _________ is where an unauthorized individual gains access to confidential or private information.

A) interruption
B) Fabrication
C) Modification
D) interception

27. Unintentional tampering, such as human errors or data loss as a result of a system failure, must also he protected by effective integrity countermeasures.

A) True
B) False

28. __________ is defined set of measures that ensure the availability, integrity. authenticity, secrecy, and nonrepudiation of information and information systems,

A) information security
B) computer security
C) information
D) Information assurance

29. Hardware failures, unanticipated software downtime, and network bandwidth challenges are just a few of the most common non-malicious threats to availability.

A) True
B) False

30. What does multi-factor authentication (MFA) require?

A) Multiple verification methods, such as biometrics or one-time codes
B) A firewall
C) A single security question
D) Only a password

31. What is the primary goal of information security?

A) Prevent unauthorized system access
B) Improve network speed
C) Protect data confidentiality, integrity, and availability
D) Ensure system functionality

32. What is a common method used to assess risks within an organization?

A) Ignoring security incidents
B) Random employee surveys
C) Risk assessment framework
D) Firewall configuration

33. What does "CIA Triad" stand for in cybersecurity?

A) Cyber Intelligence Agency
B) Confidentiality, Integrity, Availability
C) Computer Infrastructure Analysis
D) Cryptographic Integration Algorithms

34. What does a Disaster Recovery Plan (DRP) focus on?

A) Restoring IT systems and data after a disruption
B) Increasing revenue
C) Maintaining customer engagement
D) Employee satisfaction surveys

35. What is the role of a risk mitigation plan?

A) Help organizations reduce the impact of security risks
B) Ignore vulnerabilities in the system
C) Allow employees unrestricted access to data
D) Prevent all security threats permanently

36. Which security attack involves an attacker intercepting communication between two parties?

A) SQL Injection
B) Man-in-the-Middle attack
C) Ransomware
D) DDoS Attack

37. What is the Zero Trust security model?

A) Provide unrestricted access to databases
B) Disable all security features
C) Trust all internal users automatically
D) Always verify and authenticate before granting accessB. Always verify and authenticate before granting access

38. What is the purpose of an Intrusion Detection System (IDS)?

A) Speed up network traffic
B) Prevent unauthorized access
C) Encrypt sensitive data
D) Detect potential security breaches

39. Which type of malware locks user files and demands payment for access?

A) Spyware
B) Ransomware
C) Worm
D) Trojan Horse

40. Which security principle restricts users to only the permissions necessary for their roles?

A) Denial-of-service
B) Least privilege
C) Open access
D) Multi-factor authentication

41. How can a company ensure its Business Continuity Plan remains effective?

A) Reduce security measures
B) Ignore it until an emergency occurs
C) Regularly review and update the plan
D) Delay testing procedures

42. Which type of malware encrypts files and demands payment for their release?

A) Ransomware
B) Spyware
C) Trojan Horse
D) Worm

43. What is the first step in developing a Business Continuity Plan?

A) Hiring more employees
B) Conducting a business impact analysis (BIA)
C) Purchasing cybersecurity software
D) Expanding business operations

44. Which strategy helps businesses remain operational during a natural disaster?

A) Ignoring customer inquiries
B) Relying on social media advertising
C) Using only local backups
D) Relocating all servers off-site or to the cloud

45. What is the main goal of a Business Continuity Plan (BCP)?

A) Ensure business operations continue during disruptions
B) Improve advertising strategies
C) Increase company profits
D) Reduce hiring costs

46. What is the main purpose of cybersecurity?

A) Increase internet speed
B) Minimize hardware costs
C) Improve software speed
D) Protect digital systems from unauthorized access and threats

47. What is the main purpose of cybersecurity?

A) Increase internet speed
B) Improve software speed
C) Protect digital systems from unauthorized access and threats
D) Minimize hardware costs

48. What is the term for an individual inside an organization who intentionally leaks sensitive information or causes security breaches?

A) External hacker
B) Firewall bypasser
C) System administrator
D) Insider threat

49. What is the main purpose of penetration testing in cybersecurity?

A) To identify weaknesses by simulating cyberattacks
B) To crash an organization's system
C) To delete unnecessary files
D) To slow down network connections

50. Which security measure helps prevent brute-force attacks on passwords?

A) Allowing unlimited retries
B) Using simple passwords
C) Limiting login attempts
D) Disabling firewalls

51. What type of cyberattack uses fake emails to trick users into revealing sensitive information?

A) SQL Injection
B) Denial-of-Service(DoS)
C) Phishing
D) Malware

52. Which event would require a company to activate its Business Continuity Plan?

A) Routine software updates
B) Cyberattack, natural disaster, or major equipment failure
C) Office relocation
D) Annual employee training

53. Why is business impact analysis (BIA) critical in business continuity planning?

A) It prevents all operational failures
B) It helps organizations understand the potential consequences of disruptions
C) It focuses only on marketing strategies
D) It eliminates all business risks

54. What is a common method used in phishing attacks?

A) Encrypting all system files
B) Blocking all incoming network traffic
C) Sending deceptive emails to trick users
D) Exploiting software vulnerabilities

55. Who is responsible for executing a Business Continuity Plan during an emergency?

A) Only the CEO
B) External consultants
C) Random employees
D) The designated business continuity team and stakeholders

56. What is social engineering in cybersecurity?

A) Conducting network vulnerability tests
B) Strengthening security with encryption
C) Manipulating individuals to reveal confidential information
D) Hacking servers using malware

57. Which cybersecurity principle helps reduce risk by restricting system access based on user roles?

A) Least Privilege
B) No Authentication
C) Open Access
D) Firewal Bypass

58. Which type of attack floods a network or system to overload resources?

A) SQL Injection
B) Man-in-the-middle
C) Denial-of-Service (DoS)
D) Phishing

59. Which security principle ensures data remains unchanged during transit or storage?

A) Confidentiality
B) Availability
C) Integrity
D) Authentication

60. What is the primary function of a Virtual Private Network (VPN)?

A) Encrypt internet connections for secure browsing
B) Prevent phishing attacks
C) Improve internet speed
D) Block ads

61. What is the main difference between risk and vulnerability?

A) Risk is always external, while vulnerability is always internal
B) Risk refers to potential threats, while vulnerability is a weakness that can be exploited
C) Risk and vulnerability mean the same thing
D) Vulnerability deals with financial losses, while risk only affects IT systems

62. How can organizations reduce human-related security vulnerabilities?

A) Avoid using passwords
B) Provide regular cybersecurity awareness training
C) Rely only on antivirus software
D) Ignore employee cybersecurity habits

63. Which security principle requires users to only have the necessary access to perform their tasks?

A) Multi-factor authentication
B) Network segmentation
C) Network segmentation
D) Open Access

64. What is the primary role of antivirus software?

A) Monitor online activity
B) Speed up internet browsing
C) Speed up internet browsing
D) Detect and remove malware

65. What is a common defense against brute-force attacks?

A) Keeping software outdated
B) Weak passwords
C) Limiting login attempts
D) Disabling firewalls

66. Which factor increases an organization's security risk?

A) Outdated software and weak passwords
B) Encrypted data storage
C) Regular employee cybersecurity training
D) Strong authentication measures

67. What does HTTPS in a web address indicate?

A) A government-authorized website
B) A faster connection speed
C) A secure, encrypted data transmission
D) A local network connection

68. What is the purpose of a firewall in network security?

A) Enhance internet speed
B) Block unauthorized access
C) Encrypt data files
D) Detect viruses

69. What does multi-factor authentication (MFA) require?

A) Multiple authentication factors, such as biometrics and codes
B) Password only
C) A firewall setup
D) Only a username

70. Which cybersecurity practice involves testing a system for vulnerabilities before an attack occurs?

A) Social Engineering
B) Phishing
C) Malware analysis
D) Ethical hacking

71. How can users protect against cyber threats?

A) Disable antivirus protection
B) Ignore security updates
C) Click on unknown email links
D) Use strong passwords and update software regularly

72. Which essential component should a Business Continuity Plan include?

A) Disaster recovery procedures
B) Daily employee schedules
C) Company logo designs
D) Marketing strategies

73. What is the main function of a firewall?

A) Prevent unauthorized access to a network
B) Create backup copies of data
C) Enhance browsing speed
D) Detect hardware failures

74. What is the best way to mitigate security vulnerabilities?

A) Perform regular security updates and patches
B) Avoid monitoring user activities
C) Ignore small risks
D) Use simple and easy-to-guess passwords

Created with That Quiz — a math test site for students of all grade levels.