ThatQuiz Test Library Take this test now
Cybersecurity - Exam
Contributed by: Porter
  • 1. What does a firewall do in cybersecurity?
A) Monitors and controls incoming and outgoing network traffic
B) Takes photographs
C) Measures temperature
D) Records music
  • 2. What is two-factor authentication in cybersecurity?
A) Typing really fast
B) Verification method using two factors: something you know and something you have
C) Using two different keyboards
D) Writing two passwords
  • 3. What is ransomware in cybersecurity?
A) Malware that encrypts files and demands payment for decryption
B) Software for word processing
C) Software for data backup
D) Software for photo editing
  • 4. What is a good password practice for cybersecurity?
A) Using strong, unique passwords for each account
B) Sharing passwords with friends
C) Writing passwords on sticky notes
D) Reusing the same password
  • 5. Why is regular software patching important for cybersecurity?
A) To organize files
B) To fix security vulnerabilities and bugs
C) To enhance video streaming quality
D) To change desktop backgrounds
  • 6. What is the purpose of SSL certificates in cybersecurity?
A) Secure online communication by encrypting data transmitted between a website and a user
B) Creating music playlists
C) Repairing electronic devices
D) Sorting documents alphabetically
  • 7. What is a vulnerability assessment in cybersecurity?
A) Analyzing weather patterns
B) Finding job opportunities
C) Planning vacations
D) Process of identifying security weaknesses in a system
  • 8. What is a zero-day vulnerability?
A) Security flaw that is unknown to the software vendor
B) Countdown to launch new products
C) Software that has zero bugs
D) Technical support available 24/7
  • 9. Which term is synonymous with computer security?
A) Cybersecurity
B) Network security
C) Physical security
D) Biometric security
  • 10. What does computer security primarily aim to protect against?
A) Hardware upgrades and software updates
B) User interface design flaws
C) Unauthorized information disclosure, theft, or damage
D) Network speed optimization
  • 11. What is an exploitable vulnerability?
A) A vulnerability without any known exploits
B) A vulnerability that enhances security
C) A vulnerability with at least one working attack or exploit
D) A vulnerability that cannot be discovered
  • 12. Who is most likely to be affected by untargeted cyberattacks?
A) Normal internet users
B) Cybersecurity experts exclusively
C) Government agencies only
D) Only large corporations
  • 13. Which type of MITM attack involves hijacking routing protocols?
A) WiFi SSID spoofing
B) IP address spoofing
C) Message spoofing
D) DNS spoofing
  • 14. When did multi-vector polymorphic attacks first surface?
A) 2020
B) 2017
C) 1999
D) 2005
  • 15. Which of the following is NOT a common method used in phishing attacks?
A) Email spoofing
B) Text message
C) Instant messaging
D) Phone call
  • 16. What type of phishing attack uses personal or organization-specific details to appear trustworthy?
A) Spear-phishing
B) Vertical escalation
C) Horizontal escalation
D) Generic phishing
  • 17. What is often used as a starting point in privilege escalation attacks?
A) Sending ransomware to large networks
B) Social engineering techniques, often phishing
C) Direct hacking of system hardware
D) Exploiting side-channel vulnerabilities
  • 18. Which of the following is NOT a form of side-channel attack?
A) Leveraging hardware implementation faults
B) Phishing via text message
C) Analyzing residual effects on RAM cells
D) Exploiting electromagnetic radiation from devices
  • 19. Which type of privilege escalation involves gaining access to higher-level accounts?
A) Phishing
B) Vertical escalation
C) Horizontal escalation
D) Spear-phishing
  • 20. What is an example of tampering involving a physical attack?
A) SQL injection attacks.
B) Cross-site scripting attacks.
C) Distributed denial-of-service attacks.
D) Evil Maid attacks.
  • 21. What percentage of cyber security incidents involved internal actors according to the Verizon Data Breach Investigations Report 2020?
A) 30%
B) 70%
C) 50%
D) 10%
  • 22. Which step in managing information security culture involves setting clear targets and assembling a skilled team?
A) Pre-evaluation
B) Operative planning
C) Strategic planning
D) Post-evaluation
  • 23. How many sections does the UK government's National Cyber Security Centre divide secure cyber design principles into?
A) Five sections.
B) Seven sections.
C) Ten sections.
D) Three sections.
  • 24. What should be the severity of any successful attack on a secure system?
A) Maximum impact to test defenses.
B) Unlimited access for attackers.
C) Minimal severity.
D) Severe enough to cause major disruptions.
  • 25. Which of the following is a preventive measure in computer security?
A) Graphic design software.
B) Data analysis tools.
C) Firewalls.
D) Word processing applications.
  • 26. Which encryption standard is commonly used on USB dongles to enhance security?
A) Triple DES
B) Advanced Encryption Standard (AES)
C) RSA
D) Data Encryption Standard (DES)
  • 27. What do Trusted Platform Modules (TPMs) integrate into devices to enhance security?
A) Mobile-enabled access
B) Drive locks
C) Intrusion detection systems
D) Cryptographic capabilities
  • 28. What is considered the most common hardware threat facing computer networks according to Network World?
A) Drive locks
B) Infected USB dongles connected inside a firewall
C) Mobile-enabled access devices
D) Trusted Platform Modules
  • 29. Which technology allows for hardware-based sandboxing of components in computers?
A) Drive locks
B) USB dongles
C) TPMs
D) IOMMUs
  • 30. Which feature of mobile phones enhances security by providing biometric validation?
A) TPMs
B) IOMMUs
C) Drive locks
D) Thumbprint readers
  • 31. Which certification is popular for secure operating systems?
A) ISO 9001
B) Six Sigma
C) Lean Manufacturing
D) Common Criteria (CC)
  • 32. Which security model uses a list of permissions associated with an object?
A) Role-based access control (RBAC)
B) Access control lists (ACLs)
C) Mandatory access control (MAC)
D) Capability-based security
  • 33. What can capability-based security be implemented at?
A) The language level
B) The user interface level
C) The hardware level
D) The network level
  • 34. Which open-source project is associated with capability-based security?
A) The E language
B) Java
C) Python
D) C++
  • 35. What percentage of security incidents is estimated to involve human error?
A) About 70%
B) Exactly 100%
C) More than 90%
D) Less than 50%
  • 36. What is digital hygiene analogous to?
A) Dietary habits
B) Personal hygiene
C) Physical fitness
D) Sleep patterns
  • 37. Who coined the term 'cyber hygiene'?
A) Tim Berners-Lee
B) Steve Jobs
C) Vint Cerf
D) Bill Gates
  • 38. What technology allows customers to perform online secure transactions using hand-held card readers?
A) Virtual private networks (VPNs)
B) Biometric authentication systems
C) Chip Authentication Program
D) Two-factor authentication via SMS
  • 39. Which technology enables shopping mall kiosks to issue on-the-spot credit cards?
A) Instant Issuance technology
B) Blockchain-based transactions
C) Contactless payment systems
D) QR code scanning
  • 40. Which organization investigated 79 hacking incidents at energy companies in 2014?
A) The Computer Emergency Readiness Team
B) The Central Intelligence Agency (CIA)
C) The Federal Bureau of Investigation (FBI)
D) The National Security Agency (NSA)
  • 41. What is a consequence of a simple power outage at an airport?
A) It can cause worldwide repercussions
B) It has no significant impact
C) It improves airport efficiency
D) It only affects the local area
  • 42. What technology are long-distance bus companies switching to?
A) Manual ticket sales
B) E-ticketing transactions
C) Barter systems
D) Paper tickets
  • 43. What percentage of organizations did not increase security training in 2015?
A) 75%
B) 62%
C) 80%
D) 50%
  • 44. Which type of devices are becoming more common targets for cyberattacks due to their increasing number?
A) Smartphones and tablets
B) Desktop computers
C) Healthcare providers' networks
D) Home automation devices like the Nest thermostat
  • 45. What is one example of a large corporation that experienced a data breach involving clients' credit card details?
A) Nest
B) Sony Pictures
C) HBGary Federal
D) Home Depot
  • 46. Which vehicle system was used as an attack vector in simple security risks?
A) Cruise control system
B) Airbag deployment
C) A malicious compact disc
D) Bluetooth communication
  • 47. In the 2015 test, how far away were hackers able to remotely carjack a vehicle?
A) 5 miles away
B) 10 miles away
C) 20 miles away
D) 15 miles away
  • 48. Which company pushed out security fixes over the air in 2016?
A) FedEx
B) Tesla
C) UPS
D) ICV
  • 49. What technology is used by FedEx and UPS for tracking shipments?
A) GPS
B) RFID (Radio Frequency Identification)
C) Bluetooth
D) Barcodes
  • 50. Which city in Mexico received the first e-Drivers' licenses using a smart card platform?
A) Monterrey
B) Guadalajara
C) Mexico City
D) Puebla
  • 51. On what date did the US FDA release its recommendations for maintaining security in Internet-connected medical devices?
A) 1 January 2017
B) 15 November 2015
C) 30 June 2018
D) 28 December 2016
  • 52. Which type of equipment has been successfully attacked in hospitals?
A) Medical training simulators
B) Hospital cafeteria systems
C) In-hospital diagnostic equipment
D) Patient transport vehicles
  • 53. What is a widely known digitally secure telecommunication device?
A) An analog radio.
B) The SIM (Subscriber Identity Module) card.
C) A landline telephone.
D) A smartwatch.
  • 54. Who was an early example of a state-sponsored hacker?
A) Clifford Stoll
B) Markus Hess
C) An internet activist
D) A Ukrainian power grid operator
  • 55. What book recounts Markus Hess's hacking activities for the KGB?
A) The Cuckoo's Egg
B) Ghost in the Wires
C) Cybersecurity and Cyberwar: What Everyone Needs to Know
D) Data and Goliath
  • 56. Which attack involved spear-phising, destruction of files, and denial-of-service?
A) A bank data breach in 2021
B) A ransomware attack on healthcare facilities
C) An attack on a social media platform
D) The 2015 Ukraine power grid hack
  • 57. What is the first key component of a computer security incident response plan?
A) Preparation
B) Detection and analysis
C) Containment, eradication and recovery
D) Post incident activity
  • 58. Who created the first internet computer worm in 1988?
A) John McAfee
B) Robert Tappan Morris
C) Kevin Mitnick
D) Adrian Lamo
  • 59. In what year did over a hundred intrusions occur at the Rome Laboratory?
A) 2000
B) 1994
C) 2010
D) 1988
  • 60. What method did hackers use to gain access to Rome Laboratory's systems?
A) SQL injection
B) Trojan horses
C) Brute force attacks
D) Phishing emails
  • 61. Which company was affected by a credit card details breach in early 2007?
A) TJX
B) Office of Personnel Management
C) Home Depot
D) Target Corporation
  • 62. What was the primary target of the Stuxnet attack in 2010?
A) U.S. military systems
B) European power grids
C) Iran's nuclear centrifuges
D) Israeli government networks
  • 63. Who provided documents exposing NSA global surveillance in 2013?
A) Edward Snowden
B) Julian Assange
C) Mark Zuckerberg
D) Chelsea Manning
  • 64. Which Ukrainian hacker was involved in the Target Corporation breach?
A) NotPetya
B) Rescator
C) Lazarus Group
D) Guccifer
  • 65. How many credit cards were stolen from Target Corporation in 2013?
A) 10 million
B) 60 million
C) Roughly 40 million
D) 25 million
  • 66. What was the response of Target and Home Depot to warnings about breaches?
A) They shut down their systems temporarily
B) They immediately fixed all vulnerabilities
C) They upgraded their security software
D) Warnings were ignored
  • 67. Who is believed to have perpetrated the Office of Personnel Management hack?
A) Chinese hackers
B) North Korean hackers
C) Russian hackers
D) Iranian hackers
  • 68. Which website was breached by The Impact Team in July 2015?
A) Ashley Madison
B) Facebook
C) LinkedIn
D) Twitter
  • 69. What action did Avid Life Media CEO Noel Biderman take after the Ashley Madison breach?
A) He denied any wrongdoing
B) He took legal action against The Impact Team
C) He resigned
D) He increased security measures
  • 70. What is one of the main pillars of Canada's cyber security strategy?
A) Coordinating global CSIRTs.
B) Securing government systems.
C) Managing European network security.
D) Regulating international data protection laws.
  • 71. Which Canadian organization is responsible for mitigating threats to Canada's critical infrastructure?
A) Forum of Incident Response and Security Teams (FIRST)
B) Council of Europe
C) European Network and Information Security Agency (ENISA)
D) Canadian Cyber Incident Response Centre (CCIRC)
  • 72. Which coalition did Public Safety Canada partner with to launch the Cyber Security Cooperation Program?
A) STOP.THINK.CONNECT
B) Canadian Cyber Incident Response Centre (CCIRC)
C) Council of Europe
D) European Network and Information Security Agency (ENISA)
  • 73. Which agency monitors cyber threats in India?
A) Indian Computer Emergency Response Team
B) Ministry of Electronics and Information Technology
C) National Cyber Security Agency
D) CERT-In
  • 74. When was the National Cyber Security Policy 2013 introduced in India?
A) 2013
B) 2020
C) 1999
D) 2008
  • 75. Which organization does the FBI work with to form a multi-agency task force?
A) National White Collar Crime Center (NW3C)
B) Federal Communications Commission
C) Cybersecurity and Infrastructure Security Agency
D) Department of Homeland Security
  • 76. Which organization is part of the National Cyber Security Division of the United States Department of Homeland Security?
A) CERT/CC
B) US-CERT
C) NEI
D) NRC
  • 77. When was the United States Cyber Command created?
A) 2015
B) 2008
C) 2010
D) 2009
  • 78. What percentage of organizations reported a 'problematic shortage' of cybersecurity skills in 2016?
A) 28%
B) 35%
C) 46%
D) 50%
  • 79. Which of the following is NOT a method used in access authorization?
A) Port scanning.
B) Passwords.
C) Smart cards.
D) Biometric systems.
  • 80. What is cyber attribution?
A) Finding who perpetrated a cyberattack.
B) Detecting and eliminating malware.
C) Encrypting data for secure transmission.
D) Logging user activity on a network.
  • 81. In what decade did computer security begin to expand beyond academia due to increased connectivity?
A) 1980s
B) 1970s
C) 1990s
D) 2000s
  • 82. Who organized the foundational session in computer security at the Spring Joint Computer Conference in April 1967?
A) Willis Ware
B) Bob Thomas
C) Markus Hess
D) Ray Tomlinson
  • 83. What was the name of one of the earliest computer worms created by Bob Thomas?
A) Reaper
B) Morris worm
C) Blaster
D) Creeper
  • 84. Who wrote the Reaper program to destroy the Creeper worm?
A) Ray Tomlinson
B) Willis Ware
C) Bob Thomas
D) Markus Hess
  • 85. Which company started offering commercial access control systems and computer security software products in the late 1970s?
A) IBM
B) Microsoft
C) Netscape
D) Apple
Created with That Quiz — where a math practice test is always one click away.