20 Security Engineering Quiz Questions and Answers

1. What is the primary purpose of a firewall in a network security architecture?
A. To encrypt data traffic
B. To monitor and control incoming and outgoing network traffic based on predetermined security rules
C. To provide user authentication
D. To perform data backups
Answer: B
Explanation: Firewalls act as a barrier between trusted and untrusted networks, filtering traffic to prevent unauthorized access and potential threats.

2. In access control, what does the principle of least privilege entail?
A. Granting users full access to all resources
B. Providing users with only the minimum levels of access necessary to perform their jobs
C. Allowing access based on user seniority
D. Encrypting all access requests
Answer: B
Explanation: The principle of least privilege minimizes the risk of insider threats by ensuring users have only the permissions required for their roles, reducing potential damage from compromised accounts.

3. Which encryption algorithm is commonly used for securing online transactions and is known for its asymmetric nature?
A. AES
B. DES
C. RSA
D. 3DES
Answer: C
Explanation: RSA uses a public key for encryption and a private key for decryption, making it ideal for secure key exchange and digital signatures in transactions.

4. What is a key risk in implementing biometric authentication systems?
A. High cost of hardware
B. False acceptance or rejection rates leading to security breaches
C. Slow processing speed
D. Dependency on internet connectivity
Answer: B
Explanation: Biometric systems can have errors in matching patterns, which might allow unauthorized access (false acceptance) or deny legitimate users (false rejection), compromising security.

5. In risk management, what does the term “asset” refer to?
A. A potential threat
B. A valuable resource that needs protection
C. A security vulnerability
D. An encryption key
Answer: B
Explanation: Assets are the elements of value in an organization, such as data, hardware, or intellectual property, that risk management processes aim to identify and protect.

6. Which protocol is primarily used to secure web communications by encrypting data between a browser and a server?
A. HTTP
B. FTP
C. HTTPS
D. SMTP
Answer: C
Explanation: HTTPS combines HTTP with SSL/TLS encryption, ensuring that data transmitted over the web is protected from eavesdropping and tampering.

7. What is the main advantage of using multi-factor authentication (MFA) over single-factor authentication?
A. It reduces the need for passwords
B. It adds multiple layers of verification, making it harder for attackers to gain access
C. It speeds up the login process
D. It eliminates the use of biometrics
Answer: B
Explanation: MFA requires more than one form of verification (e.g., something you know and something you have), significantly increasing security by mitigating risks from compromised single factors.

8. In secure software development, what does “input validation” aim to prevent?
A. Overloading of server resources
B. Injection attacks like SQL injection by ensuring user inputs are sanitized
C. Network downtime
D. Hardware failures
Answer: B
Explanation: Input validation checks and sanitizes data entered by users to prevent malicious code from being executed, thus protecting against common vulnerabilities.

9. What is the purpose of a security information and event management (SIEM) system?
A. To encrypt all internal communications
B. To collect and analyze log data from various sources to detect and respond to security incidents
C. To perform routine backups
D. To manage user access rights
Answer: B
Explanation: SIEM systems aggregate and correlate security data in real-time, helping organizations identify patterns of suspicious activity and respond proactively.

10. Which type of attack involves an attacker intercepting communication between two parties to eavesdrop or alter data?
A. Phishing
B. Man-in-the-middle
C. DDoS
D. Ransomware
Answer: B
Explanation: In a man-in-the-middle attack, the attacker positions themselves between the sender and receiver, potentially stealing or modifying information without detection.

11. What is the role of a digital certificate in public key infrastructure (PKI)?
A. To encrypt files on a local drive
B. To verify the identity of a user or device and ensure the integrity of public keys
C. To provide physical access control
D. To manage network bandwidth
Answer: B
Explanation: Digital certificates, issued by a trusted certificate authority, bind a public key to an entity, ensuring authenticity and preventing man-in-the-middle attacks.

12. In vulnerability assessment, what is the difference between a vulnerability and an exploit?
A. A vulnerability is a weakness, while an exploit is a method to take advantage of that weakness
B. A vulnerability is a security tool, and an exploit is a type of encryption
C. They are the same thing
D. A vulnerability is a user, and an exploit is a network
Answer: A
Explanation: Vulnerabilities are flaws in systems that can be targeted, whereas exploits are the specific techniques or code used by attackers to leverage those flaws.

13. Which security model ensures that data cannot be accessed by unauthorized users based on their clearance levels?
A. Bell-LaPadula
B. OSI model
C. TCP/IP model
D. Waterfall model
Answer: A
Explanation: The Bell-LaPadula model enforces mandatory access control based on security levels, preventing lower-cleared users from accessing higher-classified information.

14. What does “salting” refer to in password storage?
A. Adding random data to a password before hashing to prevent rainbow table attacks
B. Encrypting the password with a symmetric key
C. Storing passwords in plain text
D. Sharing passwords across systems
Answer: A
Explanation: Salting adds unique random values to passwords before hashing, making it computationally infeasible for attackers to use precomputed tables to crack hashes.

15. In incident response, what is the first step in the NIST framework?
A. Containment
B. Preparation
C. Eradication
D. Recovery
Answer: B
Explanation: The NIST framework begins with preparation, which involves developing plans, training staff, and establishing processes to handle potential security incidents effectively.

16. What is the primary goal of data masking in security engineering?
A. To completely delete sensitive data
B. To obfuscate sensitive data so it can be used for testing or analysis without exposing real information
C. To encrypt data at rest
D. To backup data offsite
Answer: B
Explanation: Data masking replaces sensitive information with fictional but realistic data, protecting privacy while allowing developers or analysts to work with datasets.

17. Which wireless security protocol is considered outdated and insecure due to its use of a pre-shared key?
A. WPA3
B. WPA2
C. WEP
D. EAP
Answer: C
Explanation: WEP (Wired Equivalent Privacy) uses a static key that can be easily cracked, making it vulnerable to attacks, unlike more modern protocols like WPA3.

18. What is the purpose of a security policy in an organization?
A. To define the hardware specifications for security systems
B. To establish rules and procedures for managing and protecting assets
C. To handle daily IT operations
D. To train employees on software usage
Answer: B
Explanation: A security policy provides a framework for decision-making, outlining how security is implemented and maintained to align with organizational goals and compliance.

19. In cryptography, what does “key rotation” involve?
A. Using the same key indefinitely
B. Regularly changing encryption keys to reduce the risk of compromise
C. Sharing keys with external parties
D. Deleting keys after use
Answer: B
Explanation: Key rotation periodically replaces keys to limit the impact of a key being exposed, enhancing overall security in encrypted systems.

20. What is a common method to mitigate risks from social engineering attacks?
A. Installing advanced firewalls
B. Conducting regular employee training and awareness programs
C. Encrypting all emails
D. Increasing network bandwidth
Answer: B
Explanation: Social engineering exploits human psychology, so training employees to recognize and report suspicious activities is a proactive defense measure.