Information Security Session # 08

Welcome to your Information Security Session # 08

Name

What does CWE stand for?

A) Common Weakness Enumeration

B) Common Web Enumeration

C) Critical Weakness Evaluation

D) Common Website Errors

None

When was the first OWASP Top 10 document released?

A) 2001

B) 2003

C) 2005

D) 2010

None

Where can you find the Information Security Policies?

A) Company website

B) Under the folder named ISO27001 Framework

C) In the HR department

o D) On social media

None

Which of the following is a factor in the OWASP Top 10?

A) Weak Passwords

B) Broken Access Control

C) Poor Network Design

D) Insecure Hardware

None

What should you do if you observe a suspected security incident?

A) Ignore it

B) Describe it and report immediately

C) Discuss it with your friends

D) Wait for someone else to report it

None

Which factor contributes to the success of a security system?

A) Strong technology only

B) Weak user training

C) Engagement of all users in security practices

D) Ignoring known vulnerabilities

None

Cryptographic Failures can lead to:

A) Improved performance

B) Sensitive data exposure

C) Enhanced user experience

D) Increased storage capacity

None

Which email address should incidents be reported to?

A) security@101digital.io

B) incident_report@101digital.io

C) security_incident@101digital.io

D) support@101digital.io

None

What is the purpose of a CVE?

A) To categorize weaknesses in software

B) To identify and track publicly known vulnerabilities

C) To manage network configurations

D) To create encryption standards

None

10.

What does Insecure Design refer to?

A) Flaws in application architecture

B) Incorrect user input

C) Outdated software

D) Lack of hardware security

None

11.

Which of the following best describes the term “confidentiality” in Information Security?

A) Ensuring data is accurate and reliable

B) Ensuring that only authorized users can access information

C) Ensuring data is available when needed

D) Ensuring data is properly archived

None

12.

To prevent Injection attacks, you should:

A) Allow all user inputs

B) Perform input validation checks

C) Display detailed error messages

D) Combine data with commands

None

13.

Which of the following is a method to prevent Security Misconfiguration?

A) Using default passwords

B) Removing unused features

C) Ignoring software updates

D) Enabling all services

None

14.

What does OWASP stand for?

A) Open Web Application Security Project

B) Online Web Application Security Program

C) Open Website Application Security Project

D) Online Website Application Security Program

None

15.

What is a common cause of Security Misconfiguration?

A) Strong password policies

B) Regular software updates

C) Leaving default accounts active

D) Comprehensive error handling

None

16.

Which is a recommended practice to avoid Cryptographic Failures?

A) Use plain text for storage

B) Disable encryption

C) Encrypt sensitive data at rest

D) Use outdated cryptographic algorithms

None

17.

How often is the OWASP Top 10 updated?

A) Every year

B) Every few years

C) Monthly

D) It is never updated

None

18.

Which of the following is a method to prevent Broken Access Control?

A) Use of default passwords

B) Logging access control failures

C) Open directory listings

D) Ignoring session management

None

19.

What is a common issue related to Broken Access Control?

A) Insecure Design

B) Unauthorized access

C) SQL Injection

D) Data Loss

None

20.

How can Insecure Design be mitigated?

A) Use outdated components

B) Implement threat modeling

C) Ignore security evaluations

D) Reduce testing efforts

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!

Information Security Session # 08

Information Security Session # 08

Cybrone Solutions