IASEC1

1. The quality or state of being secure that is to be free from danger.

A) Information assurance
B) Information security
C) Cybersecurity
D) Security

2. A construction block in DIKW pyramid that has been "cleaned of errors and further processed so that it is easier to measure, visualize, and analyze for a specific purpose.

A) Knowledge
B) Data
C) Wisdom
D) Information

3. Information Security is basically the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information.

A) Cybersecurity
B) Data Security
C) Information Security
D) Information Assurance

4. To safeguard the person or group of people who have been granted access to the organization and its operations is known as

A) Communication security
B) Physical security
C) Personal security
D) Operations security

5. A web browser pop-up appears on your personal computer offering an "anti-spyware product" What's your best course of action?

A) Click on the link and provide your personal information
B) Close the window. If want spyware protection software, better to get it from a provider with extensive review and download on a reputed site such as download.com.
C) Click on the link in the ad to learn more about the company its products before you provide.
D) Click on the link and provide your credit card information as the more protection prompted to install the better.

6. Peter is working at a real estate business this summer. He's using the company's computer system to enter client addresses. Marzan is working at what level of the DIKW hierarchy?

A) Information
B) Wisdom
C) Data
D) Knowledge

7. These attackers intend to do damage to your system or try to obtain the information from tha system which can be used to attain financial gain.

A) hackers
B) Malware
C) Virus
D) Intruders

8. The highest level of the DIKW Pyramid is _______

A) Wisdom
B) Knowledge
C) Data
D) Information

9. _______ is a group of people working together to achieve the same goal or objectives.

A) Company
B) Organization
C) Enterprise
D) Industry

10. is the information you have learned, while wisdom is the ability to use that knowledge in a profound way.

A) Wisdom
B) Data
C) Information
D) Knowledge

11. The ________ hierarchy, connects data, information, knowledge, and wisdom in four layers

A) Sequential access
B) DIKW
C) IPO
D) GIGO

12. _________ are the news who is only interested in penetrating into your system. They do not cause any harm to your system they only get satisfied by getting access to your system.

A) Malware
B) Hacker
C) Trojan horse
D) Virus

13. Mary is analyzing the sales report figures as a new sales manager to determine the top three salespeople for the year. Mary is working at what level of the DIKW hierarchy

A) Knowledge
B) Information
C) Data
D) Wisdom

14. __________ is the protection of assets from harm.

A) Information security
B) Cybersecurity
C) Data security
D) Security

15. When data is compiled or used to better understand or do anything, it is referred to as ___________

A) Data
B) Knowledge
C) Information
D) Wisdom

16. Assets within the organization includes: machine, facilities, data, information and __________

A) Knowledge
B) People
C) Wisdom
D) Security

17. We turn data into information providing _________ into it.

A) Knowledge
B) Wisdom
C) Security
D) Context

18. Information is __________ when it is free of faults or mistakes and provides the value that the end-user expects.

A) Confidential
B) Reliable
C) accurate
D) true

19. ________ is the quality or state of being exposed to the possibility of being attackod or harmed, either physically or emotionally.

A) confidentiality
B) vulnerability
C) availability
D) integrity

20. The securing of computer systems and data against harm, theft, and unauthorized access is

known as ________

A) Information security
B) Data security
C) Computer Security
D) vulnerability

21. ________ is a concept that allows you to recognize patterns and the elements that drive them. Ultimately, it allows future events to be predicted.

A) Data
B) Knowledge
C) Information
D) Wisdom

22. Information must be available for use by those who have been granted access to it, which is a feature of IΑ.

A) Authenticity
B) Availability
C) Integrity
D) Integrity

23. __________ is knowledge applied in action.

A) Knowledge
B) Wisdom
C) Information
D) Data

24. _________ defines and applies a collection of policies, standards, methodologies, services, and mechanism to maintain mission integrity with respect to people, process, technology, information and supporting infrastructure.

A) Security
B) Information and Information System
C) Information security
D) Information Assurance

25. __________, means to safeguard network components, connections, and data.

A) confidentiality
B) availability
C) network security
D) security

26. An _________ is where an unauthorized individual gains access to confidential or private information.

A) interception
B) Modification
C) interruption
D) Fabrication

27. Unintentional tampering, such as human errors or data loss as a result of a system failure, must also he protected by effective integrity countermeasures.

A) True
B) False

28. __________ is defined set of measures that ensure the availability, integrity. authenticity, secrecy, and nonrepudiation of information and information systems,

A) Information assurance
B) information
C) information security
D) computer security

29. Hardware failures, unanticipated software downtime, and network bandwidth challenges are just a few of the most common non-malicious threats to availability.

A) False
B) True

30. What does multi-factor authentication (MFA) require?

A) A single security question
B) Only a password
C) Multiple verification methods, such as biometrics or one-time codes
D) A firewall

31. What is the primary goal of information security?

A) Protect data confidentiality, integrity, and availability
B) Improve network speed
C) Ensure system functionality
D) Prevent unauthorized system access

32. What is a common method used to assess risks within an organization?

A) Ignoring security incidents
B) Random employee surveys
C) Risk assessment framework
D) Firewall configuration

33. What does "CIA Triad" stand for in cybersecurity?

A) Cryptographic Integration Algorithms
B) Computer Infrastructure Analysis
C) Confidentiality, Integrity, Availability
D) Cyber Intelligence Agency

34. What does a Disaster Recovery Plan (DRP) focus on?

A) Maintaining customer engagement
B) Restoring IT systems and data after a disruption
C) Increasing revenue
D) Employee satisfaction surveys

35. What is the role of a risk mitigation plan?

A) Allow employees unrestricted access to data
B) Prevent all security threats permanently
C) Ignore vulnerabilities in the system
D) Help organizations reduce the impact of security risks

36. Which security attack involves an attacker intercepting communication between two parties?

A) DDoS Attack
B) SQL Injection
C) Man-in-the-Middle attack
D) Ransomware

37. What is the Zero Trust security model?

A) Always verify and authenticate before granting accessB. Always verify and authenticate before granting access
B) Provide unrestricted access to databases
C) Disable all security features
D) Trust all internal users automatically

38. What is the purpose of an Intrusion Detection System (IDS)?

A) Encrypt sensitive data
B) Speed up network traffic
C) Detect potential security breaches
D) Prevent unauthorized access

39. Which type of malware locks user files and demands payment for access?

A) Ransomware
B) Trojan Horse
C) Worm
D) Spyware

40. Which security principle restricts users to only the permissions necessary for their roles?

A) Least privilege
B) Open access
C) Multi-factor authentication
D) Denial-of-service

41. How can a company ensure its Business Continuity Plan remains effective?

A) Delay testing procedures
B) Ignore it until an emergency occurs
C) Reduce security measures
D) Regularly review and update the plan

42. Which type of malware encrypts files and demands payment for their release?

A) Ransomware
B) Worm
C) Trojan Horse
D) Spyware

43. What is the first step in developing a Business Continuity Plan?

A) Expanding business operations
B) Purchasing cybersecurity software
C) Hiring more employees
D) Conducting a business impact analysis (BIA)

44. Which strategy helps businesses remain operational during a natural disaster?

A) Relying on social media advertising
B) Relocating all servers off-site or to the cloud
C) Ignoring customer inquiries
D) Using only local backups

45. What is the main goal of a Business Continuity Plan (BCP)?

A) Ensure business operations continue during disruptions
B) Increase company profits
C) Reduce hiring costs
D) Improve advertising strategies

46. What is the main purpose of cybersecurity?

A) Improve software speed
B) Increase internet speed
C) Minimize hardware costs
D) Protect digital systems from unauthorized access and threats

47. What is the main purpose of cybersecurity?

A) Minimize hardware costs
B) Improve software speed
C) Protect digital systems from unauthorized access and threats
D) Increase internet speed

48. What is the term for an individual inside an organization who intentionally leaks sensitive information or causes security breaches?

A) System administrator
B) Insider threat
C) Firewall bypasser
D) External hacker

49. What is the main purpose of penetration testing in cybersecurity?

A) To identify weaknesses by simulating cyberattacks
B) To slow down network connections
C) To delete unnecessary files
D) To crash an organization's system

50. Which security measure helps prevent brute-force attacks on passwords?

A) Allowing unlimited retries
B) Disabling firewalls
C) Limiting login attempts
D) Using simple passwords

51. What type of cyberattack uses fake emails to trick users into revealing sensitive information?

A) Phishing
B) Malware
C) Denial-of-Service(DoS)
D) SQL Injection

52. Which event would require a company to activate its Business Continuity Plan?

A) Office relocation
B) Cyberattack, natural disaster, or major equipment failure
C) Annual employee training
D) Routine software updates

53. Why is business impact analysis (BIA) critical in business continuity planning?

A) It eliminates all business risks
B) It prevents all operational failures
C) It focuses only on marketing strategies
D) It helps organizations understand the potential consequences of disruptions

54. What is a common method used in phishing attacks?

A) Exploiting software vulnerabilities
B) Blocking all incoming network traffic
C) Sending deceptive emails to trick users
D) Encrypting all system files

55. Who is responsible for executing a Business Continuity Plan during an emergency?

A) The designated business continuity team and stakeholders
B) External consultants
C) Only the CEO
D) Random employees

56. What is social engineering in cybersecurity?

A) Hacking servers using malware
B) Conducting network vulnerability tests
C) Manipulating individuals to reveal confidential information
D) Strengthening security with encryption

57. Which cybersecurity principle helps reduce risk by restricting system access based on user roles?

A) No Authentication
B) Open Access
C) Firewal Bypass
D) Least Privilege

58. Which type of attack floods a network or system to overload resources?

A) Man-in-the-middle
B) SQL Injection
C) Phishing
D) Denial-of-Service (DoS)

59. Which security principle ensures data remains unchanged during transit or storage?

A) Authentication
B) Confidentiality
C) Integrity
D) Availability

60. What is the primary function of a Virtual Private Network (VPN)?

A) Prevent phishing attacks
B) Block ads
C) Improve internet speed
D) Encrypt internet connections for secure browsing

61. What is the main difference between risk and vulnerability?

A) Risk and vulnerability mean the same thing
B) Vulnerability deals with financial losses, while risk only affects IT systems
C) Risk is always external, while vulnerability is always internal
D) Risk refers to potential threats, while vulnerability is a weakness that can be exploited

62. How can organizations reduce human-related security vulnerabilities?

A) Ignore employee cybersecurity habits
B) Rely only on antivirus software
C) Avoid using passwords
D) Provide regular cybersecurity awareness training

63. Which security principle requires users to only have the necessary access to perform their tasks?

A) Open Access
B) Network segmentation
C) Network segmentation
D) Multi-factor authentication

64. What is the primary role of antivirus software?

A) Monitor online activity
B) Detect and remove malware
C) Speed up internet browsing
D) Speed up internet browsing

65. What is a common defense against brute-force attacks?

A) Weak passwords
B) Disabling firewalls
C) Keeping software outdated
D) Limiting login attempts

66. Which factor increases an organization's security risk?

A) Outdated software and weak passwords
B) Strong authentication measures
C) Regular employee cybersecurity training
D) Encrypted data storage

67. What does HTTPS in a web address indicate?

A) A secure, encrypted data transmission
B) A government-authorized website
C) A faster connection speed
D) A local network connection

68. What is the purpose of a firewall in network security?

A) Detect viruses
B) Block unauthorized access
C) Encrypt data files
D) Enhance internet speed

69. What does multi-factor authentication (MFA) require?

A) Multiple authentication factors, such as biometrics and codes
B) A firewall setup
C) Password only
D) Only a username

70. Which cybersecurity practice involves testing a system for vulnerabilities before an attack occurs?

A) Malware analysis
B) Ethical hacking
C) Social Engineering
D) Phishing

71. How can users protect against cyber threats?

A) Use strong passwords and update software regularly
B) Click on unknown email links
C) Ignore security updates
D) Disable antivirus protection

72. Which essential component should a Business Continuity Plan include?

A) Company logo designs
B) Disaster recovery procedures
C) Marketing strategies
D) Daily employee schedules

73. What is the main function of a firewall?

A) Enhance browsing speed
B) Prevent unauthorized access to a network
C) Detect hardware failures
D) Create backup copies of data

74. What is the best way to mitigate security vulnerabilities?

A) Avoid monitoring user activities
B) Ignore small risks
C) Use simple and easy-to-guess passwords
D) Perform regular security updates and patches

Created with That Quiz — a math test site for students of all grade levels.