GOOGLE CYBERSECURITY EXAM
QUESTIONS WITH ALL CORRECT
ANSWERS GRADED A+
People are the biggest threat to security - Answer-The human factor poses the greatest
risk to security
Cyber Threat Framework (CTF) - Answer-A common language for describing and
communicating information about cyber threat activity
ISO/IEC 27001 - Answer-A standard that enables organizations to manage the security
of assets
Security controls - Answer-Safeguards designed to reduce specific security risks
Encryption - Answer-The process of converting data from a readable format to an
encoded format
Authentication - Answer-The process of verifying someone's identity
Biometrics - Answer-Exploiting biometric data for fraudulent purposes
Authorization - Answer-Granting access to specific resources within a system
CIA triad - Answer-A model that considers confidentiality, integrity, and availability of
assets
Open Web Applications Security Project (OWASP) - Answer-An organization that aims
to minimize attack surface area and vulnerabilities
Principle of least privilege - Answer-Granting the least amount of access required to
perform tasks
Defense in depth - Answer-Implementing multiple security controls to protect against
threats
Separation of duties - Answer-Assigning different responsibilities to different individuals
to prevent fraudulent activity
Keep security simple - Answer-Avoid unnecessarily complicated security measures
, Fix security issues correctly - Answer-Identify and address root causes of security
issues
Security Audit - Answer-A review of an organization's security controls, policies, and
procedures
External - Answer-An audit conducted by a team of people outside the organization
Internal - Answer-An audit conducted by a team of people within the organization
Log - Answer-A record of events that occur within an organization's systems and
networks
Firewall logs - Answer-A record of attempted or established connections for incoming
and outgoing network traffic
Server logs - Answer-A record of events related to services such as websites, emails, or
file shares
Network logs - Answer-A record of all computers and devices that enter and leave the
network
Security Information and Event Management (SIEM) - Answer-An application that
collects and analyzes logs to monitor critical activities in an organization
Self-hosted SIEM - Answer-A SIEM tool that organizations install, operate, and maintain
using their own physical infrastructure
Cloud-hosted SIEM - Answer-A SIEM tool maintained and managed by the SIEM
provider, accessible through the internet
Hybrid SIEM - Answer-A SIEM tool that combines the benefits of both self-hosted and
cloud-hosted solutions
Splunk - Answer-A data analysis platform that provides a self-hosted SIEM solution
Splunk Cloud - Answer-A cloud-hosted SIEM solution provided by Splunk
Chronicle - Answer-A cloud-native tool for log retention, analysis, and search
Suricata - Answer-Open-source network analysis and threat detection software
Incident response - Answer-An organization's quick attempt to identify, contain, and
recover from a security breach
QUESTIONS WITH ALL CORRECT
ANSWERS GRADED A+
People are the biggest threat to security - Answer-The human factor poses the greatest
risk to security
Cyber Threat Framework (CTF) - Answer-A common language for describing and
communicating information about cyber threat activity
ISO/IEC 27001 - Answer-A standard that enables organizations to manage the security
of assets
Security controls - Answer-Safeguards designed to reduce specific security risks
Encryption - Answer-The process of converting data from a readable format to an
encoded format
Authentication - Answer-The process of verifying someone's identity
Biometrics - Answer-Exploiting biometric data for fraudulent purposes
Authorization - Answer-Granting access to specific resources within a system
CIA triad - Answer-A model that considers confidentiality, integrity, and availability of
assets
Open Web Applications Security Project (OWASP) - Answer-An organization that aims
to minimize attack surface area and vulnerabilities
Principle of least privilege - Answer-Granting the least amount of access required to
perform tasks
Defense in depth - Answer-Implementing multiple security controls to protect against
threats
Separation of duties - Answer-Assigning different responsibilities to different individuals
to prevent fraudulent activity
Keep security simple - Answer-Avoid unnecessarily complicated security measures
, Fix security issues correctly - Answer-Identify and address root causes of security
issues
Security Audit - Answer-A review of an organization's security controls, policies, and
procedures
External - Answer-An audit conducted by a team of people outside the organization
Internal - Answer-An audit conducted by a team of people within the organization
Log - Answer-A record of events that occur within an organization's systems and
networks
Firewall logs - Answer-A record of attempted or established connections for incoming
and outgoing network traffic
Server logs - Answer-A record of events related to services such as websites, emails, or
file shares
Network logs - Answer-A record of all computers and devices that enter and leave the
network
Security Information and Event Management (SIEM) - Answer-An application that
collects and analyzes logs to monitor critical activities in an organization
Self-hosted SIEM - Answer-A SIEM tool that organizations install, operate, and maintain
using their own physical infrastructure
Cloud-hosted SIEM - Answer-A SIEM tool maintained and managed by the SIEM
provider, accessible through the internet
Hybrid SIEM - Answer-A SIEM tool that combines the benefits of both self-hosted and
cloud-hosted solutions
Splunk - Answer-A data analysis platform that provides a self-hosted SIEM solution
Splunk Cloud - Answer-A cloud-hosted SIEM solution provided by Splunk
Chronicle - Answer-A cloud-native tool for log retention, analysis, and search
Suricata - Answer-Open-source network analysis and threat detection software
Incident response - Answer-An organization's quick attempt to identify, contain, and
recover from a security breach
