Cybersecurity risk mitigation methods — Quiz

Cybersecurity risk mitigation methods

1. What is a primary function of a Next-Generation Firewall (NGFW) that a traditional firewall typically lacks? (Choose one answer) a) Stateful inspection and NAT/PAT b) Filtering traffic based on source and destination IP addresses c) Deep Packet Inspection (DPI) and Application Visibility and Control (AVC) d) Basic URI filtering based on text in web addresses

2. A security team wants to create a decoy system that mimics a vulnerable IoT device to gather intelligence on attacker methods. What is this security mechanism called? (Choose one answer) a) A Reverse Proxy b) A Honeypot c) A VPN Gateway d) A SIEM

3. Which technology is primarily used to create a secure, permanent connection between two entire corporate networks over the Internet? (Choose one answer) a) TLS/SSL for a Remote-Access VPN b) IPsec for a Site-to-Site VPN c) A Forward Web Proxy d) A Stateful Firewall

4. What is the key conceptual difference between traditional network segmentation and micro-segmentation? (Choose one answer) a) Network segmentation uses VLANs, while micro-segmentation does not b) Network segmentation is for North-South traffic, while micro-segmentation is for East-West traffic c) Network segmentation is broader and network-centric, while micro-segmentation is granular and workload-centric d) Network segmentation is more secure than micro-segmentation

5. Why is security testing considered an essential part of a compliance audit? (Choose one answer) a) It is a low-cost alternative to hiring auditors b) It provides empirical evidence that security controls are effective and working as required c) It is only used for internal risk assessments, not external audits d) It automatically fixes any vulnerabilities that are found