Q121
Q121 A smart home hub is sending large amounts of data to an unknown external server. What is the immediate security action?
Restart the device
Block the server and investigate
Ignore the issue
Update the device firmware
Q122
Q122 During an audit, it is discovered that several IoT devices on the network are using outdated protocols. What is the recommended solution?
Disable the devices
Implement encryption
Upgrade to secure protocols
Ignore the issue
Q123
Q123 What is a zero-day vulnerability?
A known vulnerability with a patch
A vulnerability found in an old system
A vulnerability exploited before a patch is available
An encrypted system flaw
Q124
Q124 What is the primary risk associated with deepfake technology?
Decreased bandwidth
Improved system performance
Misinformation and identity theft
Data encryption
Q125
Q125 Which of the following best describes a supply chain attack?
An attack targeting physical goods
An attack targeting software updates or vendor components
A social engineering attack
An attack that targets cloud services
Q126
Q126 Which tool can be used to detect emerging malware that uses encryption to hide its activities?
Nmap
Wireshark
Yara
netstat
Q127
Q127 In Python, how can you implement machine learning to detect anomalies in network traffic as a countermeasure for emerging threats?
Using random.randint()
Using a machine learning library like Scikit-learn
Using the math module
Using os.system()
Q128
Q128 A company’s network traffic shows signs of command-and-control (C2) communication with an external server. What is the immediate action?
Reboot the system
Block communication with the server
Delete all logs
Update the firewall
Q129
Q129 During an investigation, it is discovered that an organization’s critical systems were compromised through a sophisticated phishing attack. What should be done next?
Erase all emails
Change all passwords
Conduct a full forensic investigation and assess damage
Ignore the issue
Q130
Q130 Which regulation focuses on protecting the personal data of EU citizens?
HIPAA
PCI-DSS
GDPR
ISO 27001
Q131
Q131 What is the primary focus of compliance in cybersecurity?
Enhancing user experience
Ensuring systems operate within legal frameworks
Improving software efficiency
Increasing system speed
Q132
Q132 Which of the following is a key requirement of HIPAA for organizations handling health information?
Data anonymization
Two-factor authentication
Encryption of health records
Blockchain implementation
Q133
Q133 In Python, which library would you use to handle sensitive data in a way that complies with data protection regulations (e.g., GDPR)?
os
sys
cryptography
random
Q134
Q134 Which SQL command can be used to ensure that personal data is anonymized to comply with privacy regulations?
SELECT
UPDATE
DELETE
INSERT
Q135
Q135 A company discovers that it has stored unencrypted personal data in violation of privacy laws. What is the first step it should take?
Delete the data
Encrypt the data
Ignore the issue
Move the data to a new location
Q136
Q136 During an audit, it is found that an organization is not in compliance with GDPR requirements. What should the organization do first?
Notify all customers
Close the business
Address the non-compliant areas
Switch to another regulation
Q137
Q137 What is the primary goal of security awareness training?
To improve system performance
To reduce cybersecurity risks
To increase bandwidth
To update software
Q138
Q138 Which of the following is a common topic covered in security awareness training?
Password management
System optimization
Social media marketing
Hardware upgrades
Q139
Q139 Why is phishing considered one of the top threats covered in security awareness training?
It is easy to detect
It is hard to execute
It targets human behavior
It requires sophisticated tools
Q140
Q140 Which command-line tool can be used to display file permissions in Linux, as part of security training on access control?
ls -l
cd
pwd
mkdir
Q141
Q141 Which command can be used to create a strong password in Linux, as demonstrated in security awareness training?
passwd
mkdir
ls
cd
Q142
Q142 An employee clicked on a suspicious link in an email. What is the immediate next step they should take?
Disconnect from the network
Restart the computer
Ignore the issue
Delete the email
Q143
Q143 During a security audit, it was found that employees are not following password policies. What is the recommended solution?
Force password resets
Ignore the issue
Remove all accounts
Lock down all systems
Q144
Q144 What is the main goal of penetration testing?
To identify system performance issues
To find vulnerabilities in systems
To improve application speed
To recover deleted files
Q145
Q145 Which type of penetration test focuses on exploiting web application vulnerabilities like SQL injection and cross-site scripting (XSS)?
Network penetration testing
Web application penetration testing
Social engineering
Physical penetration testing
Q146
Q146 What is the main ethical consideration for a penetration tester when performing a security test?
Disclosing vulnerabilities to the client
Reporting vulnerabilities to the public
Exploiting vulnerabilities for profit
Ignoring vulnerabilities
Q147
Q147 Which tool is commonly used to automate vulnerability scanning during penetration testing?
Nmap
Metasploit
Wireshark
Nessus
Q148
Q148 In Python, which library would you use to perform network scanning as part of penetration testing?
os
scapy
math
random
Q149
Q149 A penetration test reveals that the organization's web server is vulnerable to SQL injection. What is the recommended immediate action?
Change the server hardware
Disable the database
Sanitize user inputs
Increase server bandwidth
Q150
Q150 During a penetration test, the tester gains unauthorized access to a system using default credentials. What should be done next?
Erase all data
Report the finding to the client
Access additional systems
Ignore the issue
