Security MCQ Questions Answers

1. Ups devices typically run up to ____ va.

2. ________ a site means to take extraordinary measures to reduce a system's vulnerability.

3. ________ is the process of obscuring an attackers source ip address.

4. Use the field properties pane to create an index for ____.

5. Microsoft access can best be described as ____ software.

6. You can get comprehensive help at any time by pressing [____] in an office app.

7. ________ are the data that is deemed most important in the operation of a business.

8. Normal processing procedures for operations personnel involve procedures for ________.

9. Ensuring end users get prompt attention to their problems is __________.

10. Your organization's __________ sets the tone for how you approach related activities.

11. A computer that is controlled by a hacker or other computer criminal is referred to as a ____.

12. _____ is the process by which each end of the data flow proves that they are who they say they are.

13. Forensics and incident response are examples of ___________ controls

14. Backup and physical security are ________ against computer security threats.

15. As an is user, you have a right to a secure computing environment. this means that ________.

16. As a physical security measure, _____.

17. Access control is an application of risk ________.

18. A password ________ a user.

19. A password ______ is a service that stores all of your account information securely.

20. A mechanism that limits access to computer systems and network resources is ________,

21. A digital id is purchased from ____.

22. A digital certificate verifies ______.

23. A digital certificate usually contains all of the following except ____.

24. A ___________ gives priorities to the functions an organization needs to keep going.

25. _______, a privacy issue, relates to the responsibility of controlling who is able to use data.

26. ________ is an authentication credential that is generally longer and more complex than a password.

27. For a connection that changes from HTTP to HTTPS, what flaw arises if you do not change the session identifier?

28. What threat arises from not flagging HTTP cookies with tokens as secure?

29. For an indirect reference, what happens if there's no list of limited values authorized for a user in the direct reference?

30. For the every link or form which invoke state changing functions with an unpredictable token for each user what attack can be prevented?

31. Attack that exploits the trust that a site has in a user's browser

32. What flaw arises from session tokens having poor randomness across a range of values?

33. An IP Address is the Internet equivalent of

34. What flaw can lead to exposure of resources or functionality to unintended actor?

35. An attack technique that forces a user's session credential or session ID to an explicit value.

36. We can allow client side scripts to execute in the browsers for needed operations.

37. What is a cookie

38. Network permissions should be established so that users can accomplish their tasks, but cannot access any system resources that are not necessary so that

39. What is phishing?

40. What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

41. Which threat can be prevented by having unique usernames generated with a high degree of entropy?

42. For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

43. What flaw can lead to exposure of resources or functionality to unintended actors?

44. What is the attack technique used to exploit web sites by altering backend database queries through inputting manipulated queries?

45. For an an indirect reference, what happens if there’s no list of limited values authorized for a user in the direct reference?

46. Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites.