112-12 exam

Which of the following can compromise data integrity? (Choose two)A . Unauthorized modificationsB . Man-in-the-middle attacksC . User authentication failuresD . Distributed denial-of-service attacksView AnswerAnswer: A, B Explanation: Unauthorized modifications and interception during transmission (e.g., man-in-the-middle attacks) jeopardize data integrity.

Which two practices enhance confidentiality in data security?A . Encryption and access controlsB . Firewalls and disaster recovery plansC . Data redundancy and hashingD . Incident response plans and backupsView AnswerAnswer: A Explanation: Encryption protects data privacy, while access controls restrict data access to authorized personnel, enhancing confidentiality.

What is a Trojan horse in the context of malware?A . A type of malware that spreads without user interaction.B . Malware disguised as legitimate software.C . A malicious program that targets network hardware.D . A virus embedded in hardware devices.View AnswerAnswer: B Explanation: Trojan horses appear as legitimate applications...

What is the role of a firewall in data security?A . Encrypt sensitive informationB . Monitor and control incoming and outgoing network trafficC . Authenticate users before granting system accessD . Prevent physical access to serversView AnswerAnswer: B Explanation: Firewalls act as a barrier between trusted and untrusted networks, filtering...

What is the primary difference between a virus and a worm?A . A virus replicates only via user interaction, while a worm spreads automatically.B . A virus targets hardware, while a worm targets networks.C . A virus encrypts data, while a worm deletes files.D . A virus is easier to...

What is the goal of a security policy?A . To enforce organizational structureB . To outline measures for protecting assetsC . To identify potential attackersD . To ensure software usabilityView AnswerAnswer: B Explanation: A security policy defines the rules and measures necessary to protect an organization's information assets and mitigate...

What is the main purpose of disaster recovery plans in data security?A . Prevent phishing attacks.B . Ensure rapid recovery after a security incident.C . Enhance system performance.D . Monitor and log system activity.View AnswerAnswer: B Explanation: Disaster recovery plans outline procedures for restoring systems and data quickly after incidents,...

Which two security measures address both confidentiality and integrity?A . Access control and encryptionB . Multi-factor authentication and redundancyC . Firewall implementation and monitoringD . Backups and disaster recovery plansView AnswerAnswer: A Explanation: Access control limits who can access data, while encryption ensures data remains confidential and unaltered during transmission.

Which type of malware encrypts user data and demands payment for its release?A . SpywareB . RansomwareC . WormsD . AdwareView AnswerAnswer: B Explanation: Ransomware encrypts files and demands payment to restore access, targeting availability and causing disruptions.

An insider threat can compromise which elements of the CIA triad?A . Confidentiality onlyB . Integrity and availability onlyC . Confidentiality, integrity, and availabilityD . None of the aboveView AnswerAnswer: C Explanation: Insider threats can affect all elements of the CIA triad by stealing, altering, or disrupting access to information.