1. Which of the following best describes the concept of

"phishing" in the context of cybersecurity?

a) A technique used to gain unauthorized access to a

system through exploiting technological vulnerabilities.

b) A method of spreading malware by using social

engineering techniques via email or messaging.

c) The process of encrypting data to protect it from

unauthorized access.

d) A form of hacking that targets specific individuals or

organizations for financial gain.

Answer: b) A method of spreading malware by using social

engineering techniques via email or messaging.

Rationale: Phishing is a form of cyber attack where the

attacker disguises themselves as a trusted entity to trick

individuals into revealing sensitive information or

spreading malware through deceptive emails or messages.

2. Which of the following best describes the purpose of

multi-factor authentication (MFA)?

a) To ensure data is protected from unauthorized access

during transmission.

b) To verify the identity of users by requiring multiple

forms of authentication.

c) To secure physical access to sensitive areas in an

organization.

d) To encrypt data at rest to prevent unauthorized access.