What is the primary function of a firewall?
a) To encrypt communication between systems
b) To monitor network traffic for suspicious activities
c) To block unauthorized access to a network
d) To manage user authentication
Which of the following is a type of firewall?
a) Proxy Firewall
b) Antivirus
c) Intrusion Prevention System (IPS)
d) Spam Filter
What is the primary function of antivirus software?
a) To monitor network traffic
b) To detect and remove malicious software
c) To block unauthorized network access
d) To encrypt communication between systems
Which of the following best defines an Intrusion Detection System (IDS)?
a) A tool that detects and removes malware
b) A system that analyzes network traffic for suspicious activities
c) A firewall used to block incoming threats
d) A tool to backup data in case of a cyberattack
What is the difference between a “stateless” and a “stateful” firewall?
a) A stateless firewall can filter traffic based on the state of the connection, while a stateful firewall cannot
b) A stateful firewall tracks the state of active connections, while a stateless firewall does not
c) A stateless firewall is more secure than a stateful firewall
d) A stateful firewall is typically used in home networks, while a stateless firewall is used in businesses
Which of the following is an example of a network-based Intrusion Detection System (NIDS)?
a) Snort
b) Norton Antivirus
c) McAfee Total Protection
d) Wireshark
Which of the following is NOT a feature of a firewall?
a) Filtering network traffic
b) Logging suspicious activity
c) Detecting malware
d) Blocking unauthorized access
Which type of firewall inspects the contents of the network packets to enforce security policies?
a) Application Layer Firewall
b) Proxy Firewall
c) Stateful Inspection Firewall
d) Network Layer Firewall
Which of the following is a limitation of traditional signature-based antivirus software?
a) It can detect new, unknown malware
b) It relies on known patterns to detect malware
c) It cannot remove viruses from the system
d) It only works on Linux-based systems
What is the role of a Proxy Firewall?
a) To mask the source of a connection and filter traffic between the client and server
b) To only block incoming traffic
c) To detect malware in real-time
d) To monitor user behavior on the network
Which of the following best describes a heuristic-based antivirus?
a) It detects malware by checking for known signatures
b) It uses algorithms to detect suspicious behavior or unknown threats
c) It prevents unauthorized access to a network
d) It filters network traffic based on source and destination
What does an Intrusion Prevention System (IPS) do?
a) Blocks malicious traffic before it reaches the network
b) Monitors network traffic for suspicious activity only
c) Creates security policies for the firewall
d) Manages user credentials and permissions
Which of the following is a key feature of a next-generation firewall (NGFW)?
a) Basic packet filtering
b) Built-in Intrusion Detection and Prevention capabilities
c) Simple logging and reporting
d) Limited network traffic inspection
Which of the following does an antivirus software use to detect known threats?
a) Encryption
b) Heuristics
c) Digital certificates
d) Signatures
What is the main function of a Content Filtering Firewall?
a) To prevent unauthorized access to the network
b) To scan emails for spam
c) To block malicious URLs and monitor content traffic
d) To filter passwords during user login
Which of the following actions can an Intrusion Detection System (IDS) take when it detects malicious activity?
a) Block the traffic
b) Log the activity and alert administrators
c) Remove malware from the system
d) Encrypt the suspicious traffic
What is a “sandbox” in the context of an antivirus or intrusion detection system?
a) A secure environment used to analyze suspicious files or activities
b) A firewall used to block network attacks
c) A type of malware used to infiltrate systems
d) A device that stores and retrieves data
Which of the following is NOT typically a function of an Intrusion Prevention System (IPS)?
a) Detecting and blocking known attacks
b) Allowing traffic from untrusted sources
c) Preventing access to specific websites
d) Logging traffic for future analysis
What is the main purpose of packet filtering in firewalls?
a) To encrypt the data packets for secure transmission
b) To allow or block traffic based on predefined rules
c) To monitor the traffic for malicious intent
d) To prevent unauthorized physical access to the system
Which of the following is a potential risk associated with using firewalls and antivirus software?
a) Preventing unauthorized access to systems
b) Slowing down network performance due to filtering
c) Monitoring and controlling employee behavior
d) Storing large amounts of network traffic logs
What is the primary distinction between a “blacklist” and “whitelist” in firewall configurations?
a) A blacklist allows everything except for listed items, while a whitelist blocks everything except listed items
b) A whitelist blocks everything except listed items, while a blacklist allows everything except for listed items
c) A blacklist encrypts traffic while a whitelist monitors it
d) There is no difference between the two
Which of the following is a common technique used by antivirus programs to detect new malware?
a) Signature-based detection
b) Social engineering
c) Brute-force attacks
d) Traffic encryption
Which type of firewall can prevent traffic based on application-level protocols like HTTP or FTP?
a) Proxy Firewall
b) Stateful Inspection Firewall
c) Network Layer Firewall
d) Circuit-Level Gateway
What is the term for the process of analyzing data or traffic to detect malicious or abnormal activities?
a) Packet Sniffing
b) Traffic Filtering
c) Traffic Analysis
d) Intrusion Detection
Which of the following types of antivirus software detects and removes malware by comparing file signatures?
a) Heuristic-based antivirus
b) Cloud-based antivirus
c) Signature-based antivirus
d) Behavior-based antivirus
What is the role of “stateful inspection” in a firewall?
a) To inspect the entire payload of network packets
b) To track the state of active connections and allow only authorized traffic
c) To block incoming traffic from untrusted sources
d) To encrypt traffic to prevent unauthorized access
Which of the following is true about “deep packet inspection” (DPI) in firewalls?
a) It can only inspect the headers of packets
b) It analyzes the content of packets for threats
c) It prevents malware from reaching the network
d) It only tracks network traffic without analyzing it
What does an Intrusion Prevention System (IPS) do when it detects an attack?
a) Logs the attack for later review
b) Blocks the malicious traffic in real-time
c) Sends a notification to the firewall only
d) Sends malware to a sandbox for analysis
What is the main purpose of a “firewall rule” in a network security system?
a) To prevent attackers from accessing encrypted data
b) To specify what traffic is allowed or blocked based on security policies
c) To monitor the health of a system
d) To encrypt network traffic for secure transmission
