Cybersecurity

Cybersecurity - Exam

1. What does a firewall do in cybersecurity?

A) Takes photographs
B) Records music
C) Measures temperature
D) Monitors and controls incoming and outgoing network traffic

2. What is two-factor authentication in cybersecurity?

A) Using two different keyboards
B) Writing two passwords
C) Verification method using two factors: something you know and something you have
D) Typing really fast

3. What is ransomware in cybersecurity?

A) Software for word processing
B) Software for data backup
C) Software for photo editing
D) Malware that encrypts files and demands payment for decryption

4. What is a good password practice for cybersecurity?

A) Using strong, unique passwords for each account
B) Reusing the same password
C) Sharing passwords with friends
D) Writing passwords on sticky notes

5. Why is regular software patching important for cybersecurity?

A) To organize files
B) To change desktop backgrounds
C) To enhance video streaming quality
D) To fix security vulnerabilities and bugs

6. What is the purpose of SSL certificates in cybersecurity?

A) Repairing electronic devices
B) Secure online communication by encrypting data transmitted between a website and a user
C) Creating music playlists
D) Sorting documents alphabetically

7. What is a vulnerability assessment in cybersecurity?

A) Process of identifying security weaknesses in a system
B) Planning vacations
C) Analyzing weather patterns
D) Finding job opportunities

8. What is a zero-day vulnerability?

A) Security flaw that is unknown to the software vendor
B) Countdown to launch new products
C) Technical support available 24/7
D) Software that has zero bugs

9. Which term is synonymous with computer security?

A) Cybersecurity
B) Biometric security
C) Network security
D) Physical security

10. What does computer security primarily aim to protect against?

A) Unauthorized information disclosure, theft, or damage
B) User interface design flaws
C) Network speed optimization
D) Hardware upgrades and software updates

11. What is an exploitable vulnerability?

A) A vulnerability without any known exploits
B) A vulnerability that enhances security
C) A vulnerability with at least one working attack or exploit
D) A vulnerability that cannot be discovered

12. Who is most likely to be affected by untargeted cyberattacks?

A) Only large corporations
B) Normal internet users
C) Government agencies only
D) Cybersecurity experts exclusively

13. Which type of MITM attack involves hijacking routing protocols?

A) Message spoofing
B) WiFi SSID spoofing
C) DNS spoofing
D) IP address spoofing

14. When did multi-vector polymorphic attacks first surface?

A) 2020
B) 2017
C) 2005
D) 1999

15. Which of the following is NOT a common method used in phishing attacks?

A) Phone call
B) Text message
C) Instant messaging
D) Email spoofing

16. What type of phishing attack uses personal or organization-specific details to appear trustworthy?

A) Generic phishing
B) Spear-phishing
C) Horizontal escalation
D) Vertical escalation

17. What is often used as a starting point in privilege escalation attacks?

A) Sending ransomware to large networks
B) Direct hacking of system hardware
C) Social engineering techniques, often phishing
D) Exploiting side-channel vulnerabilities

18. Which of the following is NOT a form of side-channel attack?

A) Exploiting electromagnetic radiation from devices
B) Analyzing residual effects on RAM cells
C) Leveraging hardware implementation faults
D) Phishing via text message

19. Which type of privilege escalation involves gaining access to higher-level accounts?

A) Spear-phishing
B) Vertical escalation
C) Horizontal escalation
D) Phishing

20. What is an example of tampering involving a physical attack?

A) Cross-site scripting attacks.
B) Evil Maid attacks.
C) SQL injection attacks.
D) Distributed denial-of-service attacks.

21. What percentage of cyber security incidents involved internal actors according to the Verizon Data Breach Investigations Report 2020?

A) 50%
B) 30%
C) 70%
D) 10%

22. Which step in managing information security culture involves setting clear targets and assembling a skilled team?

A) Operative planning
B) Pre-evaluation
C) Post-evaluation
D) Strategic planning

23. How many sections does the UK government's National Cyber Security Centre divide secure cyber design principles into?

A) Seven sections.
B) Ten sections.
C) Three sections.
D) Five sections.

24. What should be the severity of any successful attack on a secure system?

A) Severe enough to cause major disruptions.
B) Maximum impact to test defenses.
C) Minimal severity.
D) Unlimited access for attackers.

25. Which of the following is a preventive measure in computer security?

A) Data analysis tools.
B) Word processing applications.
C) Graphic design software.
D) Firewalls.

26. Which encryption standard is commonly used on USB dongles to enhance security?

A) Data Encryption Standard (DES)
B) Advanced Encryption Standard (AES)
C) Triple DES
D) RSA

27. What do Trusted Platform Modules (TPMs) integrate into devices to enhance security?

A) Mobile-enabled access
B) Cryptographic capabilities
C) Drive locks
D) Intrusion detection systems

28. What is considered the most common hardware threat facing computer networks according to Network World?

A) Infected USB dongles connected inside a firewall
B) Mobile-enabled access devices
C) Trusted Platform Modules
D) Drive locks

29. Which technology allows for hardware-based sandboxing of components in computers?

A) TPMs
B) USB dongles
C) Drive locks
D) IOMMUs

30. Which feature of mobile phones enhances security by providing biometric validation?

A) Thumbprint readers
B) IOMMUs
C) TPMs
D) Drive locks

31. Which certification is popular for secure operating systems?

A) Six Sigma
B) ISO 9001
C) Common Criteria (CC)
D) Lean Manufacturing

32. Which security model uses a list of permissions associated with an object?

A) Capability-based security
B) Access control lists (ACLs)
C) Mandatory access control (MAC)
D) Role-based access control (RBAC)

33. What can capability-based security be implemented at?

A) The network level
B) The language level
C) The hardware level
D) The user interface level

34. Which open-source project is associated with capability-based security?

A) Java
B) C++
C) The E language
D) Python

35. Who coined the term 'cyber hygiene'?

A) Vint Cerf
B) Bill Gates
C) Steve Jobs
D) Tim Berners-Lee

36. Which company pushed out security fixes over the air in 2016?

A) ICV
B) Tesla
C) UPS
D) FedEx

37. In the 2015 test, how far away were hackers able to remotely carjack a vehicle?

A) 10 miles away
B) 15 miles away
C) 20 miles away
D) 5 miles away

38. What is a widely known digitally secure telecommunication device?

A) A smartwatch.
B) The SIM (Subscriber Identity Module) card.
C) An analog radio.
D) A landline telephone.

39. Which organization does the FBI work with to form a multi-agency task force?

A) National White Collar Crime Center (NW3C)
B) Department of Homeland Security
C) Cybersecurity and Infrastructure Security Agency
D) Federal Communications Commission

40. What percentage of security incidents is estimated to involve human error?

A) More than 90%
B) Less than 50%
C) Exactly 100%
D) About 70%

41. What technology allows customers to perform online secure transactions using hand-held card readers?

A) Virtual private networks (VPNs)
B) Biometric authentication systems
C) Chip Authentication Program
D) Two-factor authentication via SMS

42. Who created the first internet computer worm in 1988?

A) Adrian Lamo
B) Kevin Mitnick
C) Robert Tappan Morris
D) John McAfee

43. Who organized the foundational session in computer security at the Spring Joint Computer Conference in April 1967?

A) Willis Ware
B) Markus Hess
C) Bob Thomas
D) Ray Tomlinson

44. What percentage of organizations did not increase security training in 2015?

A) 62%
B) 50%
C) 80%
D) 75%

45. Which website was breached by The Impact Team in July 2015?

A) Ashley Madison
B) Facebook
C) LinkedIn
D) Twitter

46. Which vehicle system was used as an attack vector in simple security risks?

A) Bluetooth communication
B) A malicious compact disc
C) Cruise control system
D) Airbag deployment

47. Which Ukrainian hacker was involved in the Target Corporation breach?

A) Lazarus Group
B) Guccifer
C) NotPetya
D) Rescator

48. Which city in Mexico received the first e-Drivers' licenses using a smart card platform?

A) Guadalajara
B) Puebla
C) Mexico City
D) Monterrey

49. Which agency monitors cyber threats in India?

A) Indian Computer Emergency Response Team
B) Ministry of Electronics and Information Technology
C) CERT-In
D) National Cyber Security Agency

50. What was the name of one of the earliest computer worms created by Bob Thomas?

A) Reaper
B) Morris worm
C) Blaster
D) Creeper

51. Which organization investigated 79 hacking incidents at energy companies in 2014?

A) The Federal Bureau of Investigation (FBI)
B) The Computer Emergency Readiness Team
C) The National Security Agency (NSA)
D) The Central Intelligence Agency (CIA)

52. On what date did the US FDA release its recommendations for maintaining security in Internet-connected medical devices?

A) 1 January 2017
B) 15 November 2015
C) 28 December 2016
D) 30 June 2018

53. When was the National Cyber Security Policy 2013 introduced in India?

A) 2013
B) 2020
C) 1999
D) 2008

54. What was the response of Target and Home Depot to warnings about breaches?

A) They immediately fixed all vulnerabilities
B) They upgraded their security software
C) They shut down their systems temporarily
D) Warnings were ignored

55. Who was an early example of a state-sponsored hacker?

A) Clifford Stoll
B) An internet activist
C) Markus Hess
D) A Ukrainian power grid operator

56. Who is believed to have perpetrated the Office of Personnel Management hack?

A) Russian hackers
B) North Korean hackers
C) Iranian hackers
D) Chinese hackers

57. What method did hackers use to gain access to Rome Laboratory's systems?

A) Phishing emails
B) Brute force attacks
C) SQL injection
D) Trojan horses

58. What book recounts Markus Hess's hacking activities for the KGB?

A) Cybersecurity and Cyberwar: What Everyone Needs to Know
B) Ghost in the Wires
C) The Cuckoo's Egg
D) Data and Goliath

59. Which attack involved spear-phising, destruction of files, and denial-of-service?

A) A bank data breach in 2021
B) An attack on a social media platform
C) The 2015 Ukraine power grid hack
D) A ransomware attack on healthcare facilities

60. What technology is used by FedEx and UPS for tracking shipments?

A) RFID (Radio Frequency Identification)
B) Bluetooth
C) Barcodes
D) GPS

61. Which type of equipment has been successfully attacked in hospitals?

A) Medical training simulators
B) In-hospital diagnostic equipment
C) Patient transport vehicles
D) Hospital cafeteria systems

62. Which company started offering commercial access control systems and computer security software products in the late 1970s?

A) Microsoft
B) Apple
C) IBM
D) Netscape

63. When was the United States Cyber Command created?

A) 2010
B) 2015
C) 2008
D) 2009

64. What is cyber attribution?

A) Encrypting data for secure transmission.
B) Detecting and eliminating malware.
C) Finding who perpetrated a cyberattack.
D) Logging user activity on a network.

65. What is the first key component of a computer security incident response plan?

A) Detection and analysis
B) Preparation
C) Post incident activity
D) Containment, eradication and recovery

66. Who provided documents exposing NSA global surveillance in 2013?

A) Mark Zuckerberg
B) Edward Snowden
C) Julian Assange
D) Chelsea Manning

67. Which Canadian organization is responsible for mitigating threats to Canada's critical infrastructure?

A) Council of Europe
B) Canadian Cyber Incident Response Centre (CCIRC)
C) Forum of Incident Response and Security Teams (FIRST)
D) European Network and Information Security Agency (ENISA)

68. What is digital hygiene analogous to?

A) Dietary habits
B) Personal hygiene
C) Physical fitness
D) Sleep patterns

69. What is one of the main pillars of Canada's cyber security strategy?

A) Securing government systems.
B) Regulating international data protection laws.
C) Managing European network security.
D) Coordinating global CSIRTs.

70. Which type of devices are becoming more common targets for cyberattacks due to their increasing number?

A) Desktop computers
B) Smartphones and tablets
C) Healthcare providers' networks
D) Home automation devices like the Nest thermostat

71. Who wrote the Reaper program to destroy the Creeper worm?

A) Ray Tomlinson
B) Bob Thomas
C) Willis Ware
D) Markus Hess

72. In what year did over a hundred intrusions occur at the Rome Laboratory?

A) 1988
B) 2000
C) 1994
D) 2010

73. In what decade did computer security begin to expand beyond academia due to increased connectivity?

A) 1970s
B) 1990s
C) 1980s
D) 2000s

74. What percentage of organizations reported a 'problematic shortage' of cybersecurity skills in 2016?

A) 50%
B) 28%
C) 46%
D) 35%

75. What is one example of a large corporation that experienced a data breach involving clients' credit card details?

A) HBGary Federal
B) Home Depot
C) Nest
D) Sony Pictures

76. What action did Avid Life Media CEO Noel Biderman take after the Ashley Madison breach?

A) He denied any wrongdoing
B) He resigned
C) He took legal action against The Impact Team
D) He increased security measures

77. Which organization is part of the National Cyber Security Division of the United States Department of Homeland Security?

A) CERT/CC
B) NEI
C) US-CERT
D) NRC

78. How many credit cards were stolen from Target Corporation in 2013?

A) 10 million
B) 60 million
C) Roughly 40 million
D) 25 million

79. What technology are long-distance bus companies switching to?

A) Paper tickets
B) Barter systems
C) Manual ticket sales
D) E-ticketing transactions

80. What was the primary target of the Stuxnet attack in 2010?

A) Israeli government networks
B) Iran's nuclear centrifuges
C) U.S. military systems
D) European power grids

81. Which company was affected by a credit card details breach in early 2007?

A) Office of Personnel Management
B) Home Depot
C) Target Corporation
D) TJX

82. Which technology enables shopping mall kiosks to issue on-the-spot credit cards?

A) Instant Issuance technology
B) Blockchain-based transactions
C) QR code scanning
D) Contactless payment systems

83. Which coalition did Public Safety Canada partner with to launch the Cyber Security Cooperation Program?

A) Canadian Cyber Incident Response Centre (CCIRC)
B) STOP.THINK.CONNECT
C) Council of Europe
D) European Network and Information Security Agency (ENISA)

84. Which of the following is NOT a method used in access authorization?

A) Port scanning.
B) Passwords.
C) Smart cards.
D) Biometric systems.

85. What is a consequence of a simple power outage at an airport?

A) It has no significant impact
B) It improves airport efficiency
C) It only affects the local area
D) It can cause worldwide repercussions

Created with That Quiz — where a math practice test is always one click away.