Selected MCQ

Current Question
Which of these is NOT considered part of a "defense-in-depth" cybersecurity strategy?
  • A. Firewall
  • B. Antivirus
  • C. Segregation of duties
  • D. Tunneling
Correct Answer: D
Explanation:
Tunneling (e.g., VPN tunneling) is a technique, not a security control like a firewall or antivirus.
Related Question 1
Which of these is NOT part of the CIA triad in cybersecurity?
  • A. Confidentiality
  • B. Integrity
  • C. Availability
  • D. Privacy
Correct Answer: D
Explanation:
The CIA triad consists of Confidentiality, Integrity, and Availability; Privacy is a related concept but not one of the three.
Related Question 2
What does 'least privilege' mean in cybersecurity?
  • A. Admins have all privileges
  • B. Users have only the access necessary for their role
  • C. Everyone has the same privileges
  • D. Turn privileges off at night
Correct Answer: B
Explanation:
Least privilege means giving users only the permissions they need, minimizing potential damage.
Related Question 3
What is a common defense against a DDoS attack?
  • A. Multi-factor authentication
  • B. Rate limiting and filtering
  • C. Switching to HTTP from HTTPS
  • D. Enabling auto-merge
Correct Answer: B
Explanation:
Rate limiting or traffic filtering can help mitigate Distributed Denial of Service attacks.
Related Question 4
Which hashing algorithm is considered insecure due to collision vulnerabilities?
  • A. SHA-256
  • B. MD5
  • C. SHA-3
  • D. Blowfish
Correct Answer: B
Explanation:
MD5 is outdated and vulnerable to collisions; SHA-256 and SHA-3 are more secure.
Related Question 5
What does "phishing" typically involve in cybersecurity?
  • A. Sending malware via USB
  • B. Tricking users into giving credentials via fake emails
  • C. Intercepting wireless signals
  • D. Overloading a network
Correct Answer: B
Explanation:
Phishing is an attack in which users are deceived (often via email) into revealing sensitive information.