Information Security Session # 08

Welcome to your Information Security Session # 08

Name

Cryptographic Failures can lead to:

A) Improved performance

B) Sensitive data exposure

C) Enhanced user experience

D) Increased storage capacity

None

Which email address should incidents be reported to?

A) security@101digital.io

B) incident_report@101digital.io

C) security_incident@101digital.io

D) support@101digital.io

None

What is a common cause of Security Misconfiguration?

A) Strong password policies

B) Regular software updates

C) Leaving default accounts active

D) Comprehensive error handling

None

To prevent Injection attacks, you should:

A) Allow all user inputs

B) Perform input validation checks

C) Display detailed error messages

D) Combine data with commands

None

What is the purpose of a CVE?

A) To categorize weaknesses in software

B) To identify and track publicly known vulnerabilities

C) To manage network configurations

D) To create encryption standards

None

What is a common issue related to Broken Access Control?

A) Insecure Design

B) Unauthorized access

C) SQL Injection

D) Data Loss

None

Which of the following is a method to prevent Broken Access Control?

A) Use of default passwords

B) Logging access control failures

C) Open directory listings

D) Ignoring session management

None

Which of the following best describes the term “confidentiality” in Information Security?

A) Ensuring data is accurate and reliable

B) Ensuring that only authorized users can access information

C) Ensuring data is available when needed

D) Ensuring data is properly archived

None

Who is responsible for security within an organization?

A) Only IT staff

B) Management only

C) Everyone

D) Security team only

None

10.

What is a key principle of Information Security?

A) Increasing complexity

B) Minimizing documentation

C) Preserving confidentiality, integrity, and availability

D) Reducing user awareness

None

11.

According to the "90/10" rule, what percentage of security relies on security devices/controls?

A) 50%

B) 10%

C) 90%

D) 75%

None

12.

Which of the following is a factor in the OWASP Top 10?

A) Weak Passwords

B) Broken Access Control

C) Poor Network Design

D) Insecure Hardware

None

13.

Which is a recommended practice to avoid Cryptographic Failures?

A) Use plain text for storage

B) Disable encryption

C) Encrypt sensitive data at rest

D) Use outdated cryptographic algorithms

None

14.

Which factor contributes to the success of a security system?

A) Strong technology only

B) Weak user training

C) Engagement of all users in security practices

D) Ignoring known vulnerabilities

None

15.

What should you do if you observe a suspected security incident?

A) Ignore it

B) Describe it and report immediately

C) Discuss it with your friends

D) Wait for someone else to report it

None

16.

How can Insecure Design be mitigated?

A) Use outdated components

B) Implement threat modeling

C) Ignore security evaluations

D) Reduce testing efforts

None

17.

When was the first OWASP Top 10 document released?

A) 2001

B) 2003

C) 2005

D) 2010

None

18.

What does Insecure Design refer to?

A) Flaws in application architecture

B) Incorrect user input

C) Outdated software

D) Lack of hardware security

None

19.

What does OWASP stand for?

A) Open Web Application Security Project

B) Online Web Application Security Program

C) Open Website Application Security Project

D) Online Website Application Security Program

None

20.

How often is the OWASP Top 10 updated?

A) Every year

B) Every few years

C) Monthly

D) It is never updated

None

Thank you for the Quiz, Kindly check your email for the result.
Good Luck!

Information Security Session # 08

Information Security Session # 08

Cybrone Solutions