Cybersecurity

Cybersecurity - Exam

1. What does a firewall do in cybersecurity?

A) Takes photographs
B) Measures temperature
C) Records music
D) Monitors and controls incoming and outgoing network traffic

2. What is two-factor authentication in cybersecurity?

A) Typing really fast
B) Verification method using two factors: something you know and something you have
C) Writing two passwords
D) Using two different keyboards

3. What is ransomware in cybersecurity?

A) Software for photo editing
B) Software for data backup
C) Malware that encrypts files and demands payment for decryption
D) Software for word processing

4. What is a good password practice for cybersecurity?

A) Using strong, unique passwords for each account
B) Reusing the same password
C) Writing passwords on sticky notes
D) Sharing passwords with friends

5. Why is regular software patching important for cybersecurity?

A) To organize files
B) To change desktop backgrounds
C) To enhance video streaming quality
D) To fix security vulnerabilities and bugs

6. What is the purpose of SSL certificates in cybersecurity?

A) Creating music playlists
B) Repairing electronic devices
C) Secure online communication by encrypting data transmitted between a website and a user
D) Sorting documents alphabetically

7. What is a vulnerability assessment in cybersecurity?

A) Finding job opportunities
B) Process of identifying security weaknesses in a system
C) Planning vacations
D) Analyzing weather patterns

8. What is a zero-day vulnerability?

A) Security flaw that is unknown to the software vendor
B) Software that has zero bugs
C) Technical support available 24/7
D) Countdown to launch new products

9. Which term is synonymous with computer security?

A) Cybersecurity
B) Biometric security
C) Physical security
D) Network security

10. What does computer security primarily aim to protect against?

A) Hardware upgrades and software updates
B) User interface design flaws
C) Unauthorized information disclosure, theft, or damage
D) Network speed optimization

11. What is an exploitable vulnerability?

A) A vulnerability that enhances security
B) A vulnerability with at least one working attack or exploit
C) A vulnerability that cannot be discovered
D) A vulnerability without any known exploits

12. Who is most likely to be affected by untargeted cyberattacks?

A) Normal internet users
B) Only large corporations
C) Government agencies only
D) Cybersecurity experts exclusively

13. Which type of MITM attack involves hijacking routing protocols?

A) IP address spoofing
B) WiFi SSID spoofing
C) Message spoofing
D) DNS spoofing

14. When did multi-vector polymorphic attacks first surface?

A) 1999
B) 2017
C) 2005
D) 2020

15. Which of the following is NOT a common method used in phishing attacks?

A) Email spoofing
B) Phone call
C) Instant messaging
D) Text message

16. What type of phishing attack uses personal or organization-specific details to appear trustworthy?

A) Generic phishing
B) Vertical escalation
C) Spear-phishing
D) Horizontal escalation

17. What is often used as a starting point in privilege escalation attacks?

A) Direct hacking of system hardware
B) Exploiting side-channel vulnerabilities
C) Sending ransomware to large networks
D) Social engineering techniques, often phishing

18. Which of the following is NOT a form of side-channel attack?

A) Phishing via text message
B) Exploiting electromagnetic radiation from devices
C) Analyzing residual effects on RAM cells
D) Leveraging hardware implementation faults

19. Which type of privilege escalation involves gaining access to higher-level accounts?

A) Horizontal escalation
B) Spear-phishing
C) Vertical escalation
D) Phishing

20. What is an example of tampering involving a physical attack?

A) Evil Maid attacks.
B) Cross-site scripting attacks.
C) Distributed denial-of-service attacks.
D) SQL injection attacks.

21. What percentage of cyber security incidents involved internal actors according to the Verizon Data Breach Investigations Report 2020?

A) 10%
B) 30%
C) 70%
D) 50%

22. Which step in managing information security culture involves setting clear targets and assembling a skilled team?

A) Pre-evaluation
B) Strategic planning
C) Operative planning
D) Post-evaluation

23. How many sections does the UK government's National Cyber Security Centre divide secure cyber design principles into?

A) Five sections.
B) Seven sections.
C) Three sections.
D) Ten sections.

24. What should be the severity of any successful attack on a secure system?

A) Minimal severity.
B) Severe enough to cause major disruptions.
C) Maximum impact to test defenses.
D) Unlimited access for attackers.

25. Which of the following is a preventive measure in computer security?

A) Word processing applications.
B) Data analysis tools.
C) Graphic design software.
D) Firewalls.

26. Which encryption standard is commonly used on USB dongles to enhance security?

A) RSA
B) Advanced Encryption Standard (AES)
C) Data Encryption Standard (DES)
D) Triple DES

27. What do Trusted Platform Modules (TPMs) integrate into devices to enhance security?

A) Cryptographic capabilities
B) Mobile-enabled access
C) Drive locks
D) Intrusion detection systems

28. What is considered the most common hardware threat facing computer networks according to Network World?

A) Trusted Platform Modules
B) Infected USB dongles connected inside a firewall
C) Mobile-enabled access devices
D) Drive locks

29. Which technology allows for hardware-based sandboxing of components in computers?

A) Drive locks
B) USB dongles
C) IOMMUs
D) TPMs

30. Which feature of mobile phones enhances security by providing biometric validation?

A) Drive locks
B) TPMs
C) IOMMUs
D) Thumbprint readers

31. Which certification is popular for secure operating systems?

A) Common Criteria (CC)
B) ISO 9001
C) Lean Manufacturing
D) Six Sigma

32. Which security model uses a list of permissions associated with an object?

A) Capability-based security
B) Mandatory access control (MAC)
C) Access control lists (ACLs)
D) Role-based access control (RBAC)

33. What can capability-based security be implemented at?

A) The language level
B) The user interface level
C) The hardware level
D) The network level

34. Which open-source project is associated with capability-based security?

A) C++
B) Python
C) The E language
D) Java

35. What percentage of security incidents is estimated to involve human error?

A) About 70%
B) Less than 50%
C) Exactly 100%
D) More than 90%

36. What is digital hygiene analogous to?

A) Sleep patterns
B) Physical fitness
C) Personal hygiene
D) Dietary habits

37. Who coined the term 'cyber hygiene'?

A) Bill Gates
B) Steve Jobs
C) Tim Berners-Lee
D) Vint Cerf

38. What technology allows customers to perform online secure transactions using hand-held card readers?

A) Virtual private networks (VPNs)
B) Biometric authentication systems
C) Chip Authentication Program
D) Two-factor authentication via SMS

39. Which technology enables shopping mall kiosks to issue on-the-spot credit cards?

A) QR code scanning
B) Blockchain-based transactions
C) Contactless payment systems
D) Instant Issuance technology

40. Which organization investigated 79 hacking incidents at energy companies in 2014?

A) The Central Intelligence Agency (CIA)
B) The Computer Emergency Readiness Team
C) The Federal Bureau of Investigation (FBI)
D) The National Security Agency (NSA)

41. What is a consequence of a simple power outage at an airport?

A) It only affects the local area
B) It has no significant impact
C) It improves airport efficiency
D) It can cause worldwide repercussions

42. What technology are long-distance bus companies switching to?

A) E-ticketing transactions
B) Barter systems
C) Manual ticket sales
D) Paper tickets

43. What percentage of organizations did not increase security training in 2015?

A) 75%
B) 80%
C) 62%
D) 50%

44. Which type of devices are becoming more common targets for cyberattacks due to their increasing number?

A) Desktop computers
B) Home automation devices like the Nest thermostat
C) Healthcare providers' networks
D) Smartphones and tablets

45. What is one example of a large corporation that experienced a data breach involving clients' credit card details?

A) Sony Pictures
B) Nest
C) HBGary Federal
D) Home Depot

46. Which vehicle system was used as an attack vector in simple security risks?

A) A malicious compact disc
B) Cruise control system
C) Bluetooth communication
D) Airbag deployment

47. In the 2015 test, how far away were hackers able to remotely carjack a vehicle?

A) 10 miles away
B) 15 miles away
C) 20 miles away
D) 5 miles away

48. Which company pushed out security fixes over the air in 2016?

A) FedEx
B) ICV
C) UPS
D) Tesla

49. What technology is used by FedEx and UPS for tracking shipments?

A) GPS
B) Barcodes
C) RFID (Radio Frequency Identification)
D) Bluetooth

50. Which city in Mexico received the first e-Drivers' licenses using a smart card platform?

A) Mexico City
B) Puebla
C) Monterrey
D) Guadalajara

51. On what date did the US FDA release its recommendations for maintaining security in Internet-connected medical devices?

A) 28 December 2016
B) 15 November 2015
C) 1 January 2017
D) 30 June 2018

52. Which type of equipment has been successfully attacked in hospitals?

A) Medical training simulators
B) Hospital cafeteria systems
C) In-hospital diagnostic equipment
D) Patient transport vehicles

53. What is a widely known digitally secure telecommunication device?

A) The SIM (Subscriber Identity Module) card.
B) An analog radio.
C) A landline telephone.
D) A smartwatch.

54. Who was an early example of a state-sponsored hacker?

A) Markus Hess
B) Clifford Stoll
C) A Ukrainian power grid operator
D) An internet activist

55. What book recounts Markus Hess's hacking activities for the KGB?

A) Cybersecurity and Cyberwar: What Everyone Needs to Know
B) Ghost in the Wires
C) The Cuckoo's Egg
D) Data and Goliath

56. Which attack involved spear-phising, destruction of files, and denial-of-service?

A) An attack on a social media platform
B) A ransomware attack on healthcare facilities
C) A bank data breach in 2021
D) The 2015 Ukraine power grid hack

57. What is the first key component of a computer security incident response plan?

A) Preparation
B) Detection and analysis
C) Containment, eradication and recovery
D) Post incident activity

58. Who created the first internet computer worm in 1988?

A) John McAfee
B) Robert Tappan Morris
C) Kevin Mitnick
D) Adrian Lamo

59. In what year did over a hundred intrusions occur at the Rome Laboratory?

A) 2010
B) 1988
C) 2000
D) 1994

60. What method did hackers use to gain access to Rome Laboratory's systems?

A) Phishing emails
B) Trojan horses
C) Brute force attacks
D) SQL injection

61. Which company was affected by a credit card details breach in early 2007?

A) Home Depot
B) TJX
C) Target Corporation
D) Office of Personnel Management

62. What was the primary target of the Stuxnet attack in 2010?

A) Israeli government networks
B) U.S. military systems
C) Iran's nuclear centrifuges
D) European power grids

63. Who provided documents exposing NSA global surveillance in 2013?

A) Mark Zuckerberg
B) Edward Snowden
C) Chelsea Manning
D) Julian Assange

64. Which Ukrainian hacker was involved in the Target Corporation breach?

A) Rescator
B) Lazarus Group
C) Guccifer
D) NotPetya

65. How many credit cards were stolen from Target Corporation in 2013?

A) 25 million
B) 60 million
C) Roughly 40 million
D) 10 million

66. What was the response of Target and Home Depot to warnings about breaches?

A) They shut down their systems temporarily
B) Warnings were ignored
C) They immediately fixed all vulnerabilities
D) They upgraded their security software

67. Who is believed to have perpetrated the Office of Personnel Management hack?

A) Russian hackers
B) Iranian hackers
C) Chinese hackers
D) North Korean hackers

68. Which website was breached by The Impact Team in July 2015?

A) LinkedIn
B) Ashley Madison
C) Facebook
D) Twitter

69. What action did Avid Life Media CEO Noel Biderman take after the Ashley Madison breach?

A) He increased security measures
B) He took legal action against The Impact Team
C) He resigned
D) He denied any wrongdoing

70. What is one of the main pillars of Canada's cyber security strategy?

A) Coordinating global CSIRTs.
B) Managing European network security.
C) Regulating international data protection laws.
D) Securing government systems.

71. Which Canadian organization is responsible for mitigating threats to Canada's critical infrastructure?

A) Forum of Incident Response and Security Teams (FIRST)
B) European Network and Information Security Agency (ENISA)
C) Canadian Cyber Incident Response Centre (CCIRC)
D) Council of Europe

72. Which coalition did Public Safety Canada partner with to launch the Cyber Security Cooperation Program?

A) STOP.THINK.CONNECT
B) European Network and Information Security Agency (ENISA)
C) Canadian Cyber Incident Response Centre (CCIRC)
D) Council of Europe

73. Which agency monitors cyber threats in India?

A) Ministry of Electronics and Information Technology
B) Indian Computer Emergency Response Team
C) CERT-In
D) National Cyber Security Agency

74. When was the National Cyber Security Policy 2013 introduced in India?

A) 2008
B) 2020
C) 1999
D) 2013

75. Which organization does the FBI work with to form a multi-agency task force?

A) National White Collar Crime Center (NW3C)
B) Federal Communications Commission
C) Department of Homeland Security
D) Cybersecurity and Infrastructure Security Agency

76. Which organization is part of the National Cyber Security Division of the United States Department of Homeland Security?

A) NRC
B) US-CERT
C) CERT/CC
D) NEI

77. When was the United States Cyber Command created?

A) 2009
B) 2010
C) 2008
D) 2015

78. What percentage of organizations reported a 'problematic shortage' of cybersecurity skills in 2016?

A) 35%
B) 28%
C) 50%
D) 46%

79. Which of the following is NOT a method used in access authorization?

A) Passwords.
B) Biometric systems.
C) Port scanning.
D) Smart cards.

80. What is cyber attribution?

A) Finding who perpetrated a cyberattack.
B) Logging user activity on a network.
C) Detecting and eliminating malware.
D) Encrypting data for secure transmission.

81. In what decade did computer security begin to expand beyond academia due to increased connectivity?

A) 2000s
B) 1970s
C) 1990s
D) 1980s

82. Who organized the foundational session in computer security at the Spring Joint Computer Conference in April 1967?

A) Bob Thomas
B) Ray Tomlinson
C) Willis Ware
D) Markus Hess

83. What was the name of one of the earliest computer worms created by Bob Thomas?

A) Morris worm
B) Creeper
C) Reaper
D) Blaster

84. Who wrote the Reaper program to destroy the Creeper worm?

A) Bob Thomas
B) Markus Hess
C) Ray Tomlinson
D) Willis Ware

85. Which company started offering commercial access control systems and computer security software products in the late 1970s?

A) Apple
B) Microsoft
C) Netscape
D) IBM

Created with That Quiz — where a math practice test is always one click away.