1. . Security Monitoring is the process of:
(A) Continuously observing systems, networks, and applications for security threats
(B) Deleting old files
(C) Increasing CPU speed
(D) Compressing logs
2. . Security Auditing involves:
(A) Encrypting files automatically
(B) Reviewing and evaluating security policies, controls, and activities
(C) Deleting unnecessary accounts
(D) Compressing backups
3. . A Security Information and Event Management (SIEM) system is used to:
(A) Encrypt files
(B) Collect, analyze, and correlate security event data
(C) Compress logs
(D) Increase system speed
4. . Intrusion Detection System (IDS) helps to:
(A) Detect unauthorized access or suspicious activity in a network
(B) Delete malware automatically
(C) Compress files
(D) Increase bandwidth
5. . Intrusion Prevention System (IPS) differs from IDS in that it:
(A) Can block or prevent attacks in real time
(B) Only logs events
(C) Compresses data
(D) Encrypts files automatically
6. . Log management is important because:
(A) Deletes old files
(B) It helps in detecting security incidents and auditing activities
(C) Speeds up system performance
(D) Compresses data automatically
7. . Security audits help organizations to:
(A) Delete old accounts
(B) Ensure compliance with policies, standards, and regulations
(C) Increase network speed
(D) Compress logs
8. . Continuous monitoring in cybersecurity aims to:
(A) Delete unnecessary logs
(B) Encrypt all files automatically
(C) Detect threats and vulnerabilities in real time
(D) Compress data
9. . Anomalous activity in monitoring is:
(A) Normal CPU usage
(B) Behavior that deviates from normal patterns
(C) Regular file backup
(D) Compressed log files
10. . Security baselines are used to:
(A) Increase network speed
(B) Delete unnecessary files
(C) Encrypt data
(D) Establish normal operating parameters for systems and networks
11. . Auditing trails or logs are essential for:
(A) Encrypting files
(B) Investigating incidents and ensuring accountability
(C) Compressing backups
(D) Increasing CPU performance
12. . Network monitoring tools help to:
(A) Track traffic patterns and detect suspicious activities
(B) Delete files
(C) Compress logs
(D) Encrypt all data automatically
13. . File integrity monitoring ensures:
(A) Faster backups
(B) That critical files are not altered, deleted, or tampered with
(C) Compressed files
(D) Increased CPU performance
14. . Vulnerability scanning is part of security monitoring to:
(A) Encrypt files automatically
(B) Delete malware
(C) Compress logs
(D) Identify security weaknesses before they are exploited
15. . Security auditing can be:
(A) Only during system updates
(B) Only by the IT department
(C) Only automatic
(D) Internal (by employees) or external (by third parties)
16. . Compliance audits check for:
(A) Adherence to laws, regulations, and organizational policies
(B) CPU performance
(C) File compression
(D) Network speed
17. . Real-time alerts in monitoring systems help to:
(A) Compress logs
(B) Delete old files
(C) Notify administrators immediately about suspicious or malicious activity
(D) Increase internet speed
18. . Security Key Performance Indicators (KPIs) are used to:
(A) Measure effectiveness of security controls and monitoring
(B) Compress logs
(C) Delete old accounts
(D) Encrypt all files
19. . Event correlation in monitoring helps to:
(A) Compress logs
(B) Delete unnecessary files
(C) Increase CPU performance
(D) Identify patterns across multiple logs to detect complex attacks
20. . The main goal of security monitoring and auditing is to:
(A) Delete unnecessary accounts
(B) Compress data
(C) Detect threats, ensure compliance, and improve overall security posture
(D) Increase system speed only