Q.1 What is the primary purpose of endpoint security?
To protect only the network infrastructure
To protect individual devices from threats
To monitor social media activity
To optimize system performance
Explanation - Endpoint security focuses on protecting individual devices such as laptops, desktops, and mobile devices from malware, ransomware, and other cyber threats.
Correct answer is: To protect individual devices from threats
Q.2 Which of the following is a common endpoint security solution?
Firewall
Antivirus software
Router
Cloud storage
Explanation - Antivirus software is a key endpoint security tool that helps detect, prevent, and remove malware on individual devices.
Correct answer is: Antivirus software
Q.3 What does EDR stand for in endpoint security?
Endpoint Detection and Response
Electronic Data Retrieval
Encrypted Data Recovery
Enterprise Device Registry
Explanation - EDR solutions monitor endpoints continuously to detect, investigate, and respond to advanced threats in real-time.
Correct answer is: Endpoint Detection and Response
Q.4 Which technique is commonly used to prevent unauthorized access to endpoint devices?
Encryption
Phishing
Port scanning
Botnet deployment
Explanation - Encryption secures data on endpoints, making it inaccessible to unauthorized users even if the device is compromised.
Correct answer is: Encryption
Q.5 Which type of malware is most likely to be prevented by endpoint security software?
Ransomware
Physical hardware failure
Power outage
Natural disaster
Explanation - Endpoint security software is designed to detect and prevent malicious software, including ransomware, from infecting devices.
Correct answer is: Ransomware
Q.6 What is the main difference between antivirus and antimalware software?
Antivirus focuses on known threats, antimalware also targets newer threats
Antivirus runs on servers, antimalware runs on endpoints
Antivirus is free, antimalware is always paid
There is no difference
Explanation - While antivirus mainly detects known virus signatures, modern antimalware solutions include heuristic and behavior-based detection for unknown threats.
Correct answer is: Antivirus focuses on known threats, antimalware also targets newer threats
Q.7 Which of the following is a key feature of modern endpoint security platforms?
Real-time threat detection
Automated physical repairs
Social media monitoring
VPN speed optimization
Explanation - Modern endpoint security platforms offer real-time monitoring and threat detection to protect against fast-evolving malware.
Correct answer is: Real-time threat detection
Q.8 Which protocol helps secure communication between endpoints and servers?
HTTPS
FTP
SMTP
Telnet
Explanation - HTTPS encrypts communication between endpoints and servers, ensuring data is protected from eavesdropping or tampering.
Correct answer is: HTTPS
Q.9 Which endpoint security practice involves restricting software installation to authorized applications?
Application whitelisting
Penetration testing
Port forwarding
Network sniffing
Explanation - Application whitelisting allows only approved applications to run on endpoints, reducing the risk of malware execution.
Correct answer is: Application whitelisting
Q.10 What is a zero-day vulnerability?
A vulnerability unknown to software vendors
A virus that deletes files immediately
A scheduled system backup
An outdated software version
Explanation - Zero-day vulnerabilities are security flaws not yet known to the vendor, making them exploitable by attackers before a patch is released.
Correct answer is: A vulnerability unknown to software vendors
Q.11 Which of the following is a form of endpoint security enforcement?
Device control policies
Cable management
Server virtualization
Screen resolution settings
Explanation - Device control policies restrict the use of external devices such as USB drives, preventing unauthorized data transfer or malware introduction.
Correct answer is: Device control policies
Q.12 Which type of attack specifically targets endpoint devices?
Phishing
DDoS
Man-in-the-middle
Endpoint exploitation
Explanation - Endpoint exploitation attacks target vulnerabilities on individual devices to gain unauthorized access or control.
Correct answer is: Endpoint exploitation
Q.13 Which method is used to detect unusual behavior on endpoints?
Behavioral analytics
Disk defragmentation
IP routing
DNS caching
Explanation - Behavioral analytics monitors patterns of activity to detect anomalies that may indicate malware or insider threats on endpoints.
Correct answer is: Behavioral analytics
Q.14 Which endpoint security feature helps in quick recovery after a malware attack?
System restore points
Screen savers
VPN configuration
Email filters
Explanation - System restore points allow endpoints to revert to a previous, safe state, minimizing damage after malware infection.
Correct answer is: System restore points
Q.15 Which type of endpoint protection uses cloud-based intelligence to detect threats?
Next-generation antivirus (NGAV)
Traditional firewall
Local backup software
Disk encryption
Explanation - NGAV solutions leverage cloud-based threat intelligence and machine learning to detect and prevent emerging threats on endpoints.
Correct answer is: Next-generation antivirus (NGAV)
Q.16 Which endpoint security concept limits the privileges of users to reduce risk?
Least privilege
Full access
Admin rights sharing
Open network policy
Explanation - The principle of least privilege ensures users have only the access necessary for their tasks, reducing potential attack surfaces on endpoints.
Correct answer is: Least privilege
Q.17 What is the main function of a personal firewall on an endpoint?
To block unauthorized network access to the device
To update the operating system automatically
To store backup files
To optimize CPU usage
Explanation - A personal firewall monitors incoming and outgoing network traffic to prevent unauthorized access to the endpoint.
Correct answer is: To block unauthorized network access to the device
Q.18 Which endpoint security measure helps protect against data theft if a device is lost or stolen?
Full disk encryption
Malware scanning
Network monitoring
Software patching
Explanation - Full disk encryption ensures that all data on the device is encrypted, making it inaccessible without proper authentication.
Correct answer is: Full disk encryption
Q.19 Which of the following attacks can bypass traditional antivirus solutions on endpoints?
Fileless malware
Trojan horse
Worms
Ransomware with known signatures
Explanation - Fileless malware operates in memory without leaving traditional files, allowing it to evade signature-based antivirus detection.
Correct answer is: Fileless malware
Q.20 Which practice helps maintain endpoint security over time?
Regular software patching
Increasing screen brightness
Using multiple monitors
Changing wallpaper frequently
Explanation - Regularly applying patches and updates fixes security vulnerabilities, ensuring endpoints remain protected from exploits.
Correct answer is: Regular software patching
Q.21 What is the purpose of endpoint logging and monitoring?
To detect suspicious activities and respond quickly
To improve graphics performance
To reduce disk space usage
To backup multimedia files
Explanation - Endpoint logging records system activities, and monitoring allows security teams to detect anomalies or attacks in real-time.
Correct answer is: To detect suspicious activities and respond quickly
Q.22 Which of the following is a common method attackers use to exploit endpoints?
Phishing emails
Printer calibration
CPU overclocking
Monitor brightness adjustments
Explanation - Attackers use phishing emails to trick users into executing malicious attachments or links, compromising endpoints.
Correct answer is: Phishing emails
Q.23 Which endpoint security strategy involves isolating infected devices to prevent spread?
Quarantine
Firewall blocking
VPN tunneling
Encryption
Explanation - Quarantining isolates infected endpoints or files, preventing malware from spreading to other devices in the network.
Correct answer is: Quarantine
Q.24 Which of the following is a proactive endpoint security approach?
Regular vulnerability scanning
Waiting for attacks to occur
Ignoring software updates
Using outdated antivirus signatures
Explanation - Proactive security involves identifying vulnerabilities before they are exploited, reducing the risk to endpoints.
Correct answer is: Regular vulnerability scanning
Q.25 Which endpoint security tool can prevent unauthorized USB devices from being used?
Device control software
VPN client
Disk defragmenter
Email filter
Explanation - Device control software restricts the use of removable storage devices, mitigating risks of malware introduction or data leakage.
Correct answer is: Device control software