Update cybersecurity-quiz.md (#4418)

cybersecurity/cybersecurity-quiz.md

@@ -187,7 +187,7 @@ A rainbow table attack is a more efficient and effective way of cracking many ha
 - [x] Mobile Device Management (MDM)
 - [ ] Data Loss Prevention (DLP)
 - [ ] Intrusion Detection and Prevention System (IDPS)
-- [ ] cloud access security broker (CASB)
+- [ ] Cloud Access Security Broker (CASB)
 
 #### Q26. How many keys would be necessary to accomodate 100 users in an asymmetric cryptography system?
 
@@ -203,7 +203,7 @@ A rainbow table attack is a more efficient and effective way of cracking many ha
 - [ ] Federal Information Security Managment Act (FISMA)
 - [x] Payment Card Industry Data Security Standard (PCI-DSS)
 - [ ] General Data Protection Regulation (GDPR)
-- [ ] International Organization for Standardization and Internation Electronical Commission (ISO/IEC 27018)
+- [ ] International Organization for Standardization and International Electrotechnical Commission (ISO/IEC 27018)
 
 **Explanation**: The Payment Card Industry Data Security Standard (`PCI DSS`) is the global card industry security standard that is **required of all entities** that store, process, or transmit cardholder data, including financial institutions, online retailers and service providers.
 
@@ -216,7 +216,7 @@ A rainbow table attack is a more efficient and effective way of cracking many ha
 - [x] common vulnerabilties and exposures
 - [ ] common vulnerability scoring system
 
-**Explaination**: The Common Vulnerabilities and Exposures (`CVE`) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
+**Explanation**: The Common Vulnerabilities and Exposures (`CVE`) system provides a reference-method for publicly known information-security vulnerabilities and exposures.
 
 #### Q29. Which type of application can intercept sensative information such as passwoprds on a network segment?
 
@@ -598,10 +598,10 @@ autopsy is for forensic analysis
 
 #### Q79. You are implementing a cybersecurity program in your organization and want to use the "de facto standard" cybersecurity framework. Which option would you choose?
 
-- [ ] the ISACA Cypersecurity Framework
-- [ ] the COBIT Cypersecurity Framework
-- [ ] the ISC2 Cypersecurity Framework
-- [x] the NIST Cypersecurity Framework
+- [ ] the ISACA Cybersecurity Framework
+- [ ] the COBIT Cybersecurity Framework
+- [ ] the ISC2 Cybersecurity Framework
+- [x] the NIST Cybersecurity Framework
 
 #### Q80. In 2014, 4,278 IP addresses of zombie computers were used to flood a business with over one million packets per minute for about one hour. What is this type of attack called?
 
@@ -782,8 +782,8 @@ What is the next step you should take to best fulfill your responsibilities and
 #### Q102. You are researching probable threats to your company’s internet-facing web applications. Which organization should you reference as an authoritative source for information on web-based attack vectors?
 
 - [ ] EC-Council
-- [ ] ISACAISACA
-- [ ] NISTNIST
+- [ ] ISACA
+- [ ] NIST
 - [x] OWASP
 
 [Explanation:](https://www.imperva.com/learn/application-security/application-security/)
@@ -808,7 +808,7 @@ What is the next step you should take to best fulfill your responsibilities and
 
 - [ ] identifying and valuing assets
 - [ ] analyzing risks by criticality and cost
-- [x] discontiniuing activities that introduce risk
+- [x] discontinuing activities that introduce risk
 - [ ] identifying threats and analyzing vulnerabilities
 
 #### Q106. In response to an alert regarding a possible security incident, you are analyzing the logs for a web application. In the process, you see the following string: `./../../../var/secrets` What type of attack was most likely attempted against the application?
@@ -820,7 +820,7 @@ What is the next step you should take to best fulfill your responsibilities and
 
 #### Q107. Which quadrant should be the focus of risk management?
 
-![Which quadrant should be the focus of risk management?](Q107-risk-quadrant.jpg)
+- ![Which quadrant should be the focus of risk management?](Q107-risk-quadrant.jpg)
 
 - [x] 2
 - [ ] 1
@@ -830,22 +830,22 @@ What is the next step you should take to best fulfill your responsibilities and
 #### Q108. Which option will not actively identify a secuirty incident?
 
 - [ ] Extended Detection and Response (XDR)
-- [x] Cloud Secuiry Posture Management (CSPM)
-- [ ] Secuirty Infromation Event Managment (SEIM)
+- [x] Cloud Security Posture Management (CSPM)
+- [ ] Security Information Event Management (SEIM)
 - [ ] Endpoint Detection and Response (EDR)
 
 #### Q109. A website is asking for a password and also sending an authentication code to your phone. What factors are used in this multi-factor authentication scenario?
 
-- [ ] what you have and what you do
+- [x] what you have and what you do
 - [ ] what you know and what you are
-- [x] what you have and what you know
-- [ ] what you do and what you know
+- [ ] what you have and what you know
+- [x] what you do and what you know
 
 [Explanation:](https://www.investopedia.com/terms/t/twofactor-authentication-2fa.asp)
 
 #### Q110. Which option is a list of publicly dsclosed information security defects?
 
 - [ ] DBIR
-- [x] CVE
+- [ ] CVE
 - [ ] CWE
 - [ ] CERT