ThatQuiz Test Library Take this test now
Cybersecurity - Exam
Contributed by: Porter
  • 1. What does a firewall do in cybersecurity?
A) Takes photographs
B) Measures temperature
C) Records music
D) Monitors and controls incoming and outgoing network traffic
  • 2. What is two-factor authentication in cybersecurity?
A) Using two different keyboards
B) Writing two passwords
C) Verification method using two factors: something you know and something you have
D) Typing really fast
  • 3. What is ransomware in cybersecurity?
A) Malware that encrypts files and demands payment for decryption
B) Software for word processing
C) Software for data backup
D) Software for photo editing
  • 4. What is a good password practice for cybersecurity?
A) Sharing passwords with friends
B) Writing passwords on sticky notes
C) Reusing the same password
D) Using strong, unique passwords for each account
  • 5. Why is regular software patching important for cybersecurity?
A) To fix security vulnerabilities and bugs
B) To change desktop backgrounds
C) To enhance video streaming quality
D) To organize files
  • 6. What is the purpose of SSL certificates in cybersecurity?
A) Secure online communication by encrypting data transmitted between a website and a user
B) Sorting documents alphabetically
C) Repairing electronic devices
D) Creating music playlists
  • 7. What is a vulnerability assessment in cybersecurity?
A) Finding job opportunities
B) Planning vacations
C) Analyzing weather patterns
D) Process of identifying security weaknesses in a system
  • 8. What is a zero-day vulnerability?
A) Technical support available 24/7
B) Security flaw that is unknown to the software vendor
C) Software that has zero bugs
D) Countdown to launch new products
  • 9. Which term is synonymous with computer security?
A) Biometric security
B) Cybersecurity
C) Physical security
D) Network security
  • 10. What does computer security primarily aim to protect against?
A) Network speed optimization
B) User interface design flaws
C) Unauthorized information disclosure, theft, or damage
D) Hardware upgrades and software updates
  • 11. What is an exploitable vulnerability?
A) A vulnerability that cannot be discovered
B) A vulnerability that enhances security
C) A vulnerability without any known exploits
D) A vulnerability with at least one working attack or exploit
  • 12. Who is most likely to be affected by untargeted cyberattacks?
A) Only large corporations
B) Government agencies only
C) Cybersecurity experts exclusively
D) Normal internet users
  • 13. Which type of MITM attack involves hijacking routing protocols?
A) Message spoofing
B) DNS spoofing
C) IP address spoofing
D) WiFi SSID spoofing
  • 14. When did multi-vector polymorphic attacks first surface?
A) 2017
B) 1999
C) 2020
D) 2005
  • 15. Which of the following is NOT a common method used in phishing attacks?
A) Text message
B) Phone call
C) Instant messaging
D) Email spoofing
  • 16. What type of phishing attack uses personal or organization-specific details to appear trustworthy?
A) Generic phishing
B) Horizontal escalation
C) Spear-phishing
D) Vertical escalation
  • 17. What is often used as a starting point in privilege escalation attacks?
A) Sending ransomware to large networks
B) Social engineering techniques, often phishing
C) Direct hacking of system hardware
D) Exploiting side-channel vulnerabilities
  • 18. Which of the following is NOT a form of side-channel attack?
A) Phishing via text message
B) Leveraging hardware implementation faults
C) Exploiting electromagnetic radiation from devices
D) Analyzing residual effects on RAM cells
  • 19. Which type of privilege escalation involves gaining access to higher-level accounts?
A) Phishing
B) Spear-phishing
C) Vertical escalation
D) Horizontal escalation
  • 20. What is an example of tampering involving a physical attack?
A) Distributed denial-of-service attacks.
B) Evil Maid attacks.
C) Cross-site scripting attacks.
D) SQL injection attacks.
  • 21. What percentage of cyber security incidents involved internal actors according to the Verizon Data Breach Investigations Report 2020?
A) 10%
B) 30%
C) 50%
D) 70%
  • 22. Which step in managing information security culture involves setting clear targets and assembling a skilled team?
A) Post-evaluation
B) Pre-evaluation
C) Strategic planning
D) Operative planning
  • 23. How many sections does the UK government's National Cyber Security Centre divide secure cyber design principles into?
A) Three sections.
B) Ten sections.
C) Seven sections.
D) Five sections.
  • 24. What should be the severity of any successful attack on a secure system?
A) Minimal severity.
B) Maximum impact to test defenses.
C) Severe enough to cause major disruptions.
D) Unlimited access for attackers.
  • 25. Which of the following is a preventive measure in computer security?
A) Word processing applications.
B) Graphic design software.
C) Data analysis tools.
D) Firewalls.
  • 26. Which encryption standard is commonly used on USB dongles to enhance security?
A) Data Encryption Standard (DES)
B) Advanced Encryption Standard (AES)
C) Triple DES
D) RSA
  • 27. What do Trusted Platform Modules (TPMs) integrate into devices to enhance security?
A) Intrusion detection systems
B) Mobile-enabled access
C) Drive locks
D) Cryptographic capabilities
  • 28. What is considered the most common hardware threat facing computer networks according to Network World?
A) Infected USB dongles connected inside a firewall
B) Trusted Platform Modules
C) Drive locks
D) Mobile-enabled access devices
  • 29. Which technology allows for hardware-based sandboxing of components in computers?
A) IOMMUs
B) TPMs
C) Drive locks
D) USB dongles
  • 30. Which feature of mobile phones enhances security by providing biometric validation?
A) Thumbprint readers
B) IOMMUs
C) Drive locks
D) TPMs
  • 31. Which certification is popular for secure operating systems?
A) ISO 9001
B) Common Criteria (CC)
C) Lean Manufacturing
D) Six Sigma
  • 32. Which security model uses a list of permissions associated with an object?
A) Mandatory access control (MAC)
B) Role-based access control (RBAC)
C) Access control lists (ACLs)
D) Capability-based security
  • 33. What can capability-based security be implemented at?
A) The network level
B) The hardware level
C) The language level
D) The user interface level
  • 34. Which open-source project is associated with capability-based security?
A) Python
B) Java
C) C++
D) The E language
  • 35. Who coined the term 'cyber hygiene'?
A) Steve Jobs
B) Bill Gates
C) Tim Berners-Lee
D) Vint Cerf
  • 36. Which company pushed out security fixes over the air in 2016?
A) ICV
B) FedEx
C) Tesla
D) UPS
  • 37. In the 2015 test, how far away were hackers able to remotely carjack a vehicle?
A) 5 miles away
B) 20 miles away
C) 15 miles away
D) 10 miles away
  • 38. What is a widely known digitally secure telecommunication device?
A) A landline telephone.
B) A smartwatch.
C) An analog radio.
D) The SIM (Subscriber Identity Module) card.
  • 39. Which organization does the FBI work with to form a multi-agency task force?
A) Federal Communications Commission
B) National White Collar Crime Center (NW3C)
C) Department of Homeland Security
D) Cybersecurity and Infrastructure Security Agency
  • 40. What percentage of security incidents is estimated to involve human error?
A) About 70%
B) More than 90%
C) Less than 50%
D) Exactly 100%
  • 41. What technology allows customers to perform online secure transactions using hand-held card readers?
A) Two-factor authentication via SMS
B) Virtual private networks (VPNs)
C) Chip Authentication Program
D) Biometric authentication systems
  • 42. Who created the first internet computer worm in 1988?
A) John McAfee
B) Kevin Mitnick
C) Robert Tappan Morris
D) Adrian Lamo
  • 43. Who organized the foundational session in computer security at the Spring Joint Computer Conference in April 1967?
A) Willis Ware
B) Markus Hess
C) Ray Tomlinson
D) Bob Thomas
  • 44. What percentage of organizations did not increase security training in 2015?
A) 75%
B) 80%
C) 62%
D) 50%
  • 45. Which website was breached by The Impact Team in July 2015?
A) LinkedIn
B) Facebook
C) Twitter
D) Ashley Madison
  • 46. Which vehicle system was used as an attack vector in simple security risks?
A) A malicious compact disc
B) Bluetooth communication
C) Airbag deployment
D) Cruise control system
  • 47. Which Ukrainian hacker was involved in the Target Corporation breach?
A) Rescator
B) Guccifer
C) Lazarus Group
D) NotPetya
  • 48. Which city in Mexico received the first e-Drivers' licenses using a smart card platform?
A) Guadalajara
B) Monterrey
C) Mexico City
D) Puebla
  • 49. Which agency monitors cyber threats in India?
A) CERT-In
B) Indian Computer Emergency Response Team
C) Ministry of Electronics and Information Technology
D) National Cyber Security Agency
  • 50. What was the name of one of the earliest computer worms created by Bob Thomas?
A) Morris worm
B) Reaper
C) Creeper
D) Blaster
  • 51. Which organization investigated 79 hacking incidents at energy companies in 2014?
A) The Computer Emergency Readiness Team
B) The Federal Bureau of Investigation (FBI)
C) The National Security Agency (NSA)
D) The Central Intelligence Agency (CIA)
  • 52. On what date did the US FDA release its recommendations for maintaining security in Internet-connected medical devices?
A) 15 November 2015
B) 1 January 2017
C) 28 December 2016
D) 30 June 2018
  • 53. When was the National Cyber Security Policy 2013 introduced in India?
A) 1999
B) 2008
C) 2020
D) 2013
  • 54. What was the response of Target and Home Depot to warnings about breaches?
A) They upgraded their security software
B) They immediately fixed all vulnerabilities
C) They shut down their systems temporarily
D) Warnings were ignored
  • 55. Who was an early example of a state-sponsored hacker?
A) Clifford Stoll
B) An internet activist
C) Markus Hess
D) A Ukrainian power grid operator
  • 56. Who is believed to have perpetrated the Office of Personnel Management hack?
A) Chinese hackers
B) Iranian hackers
C) Russian hackers
D) North Korean hackers
  • 57. What method did hackers use to gain access to Rome Laboratory's systems?
A) Brute force attacks
B) Phishing emails
C) SQL injection
D) Trojan horses
  • 58. What book recounts Markus Hess's hacking activities for the KGB?
A) Ghost in the Wires
B) The Cuckoo's Egg
C) Data and Goliath
D) Cybersecurity and Cyberwar: What Everyone Needs to Know
  • 59. Which attack involved spear-phising, destruction of files, and denial-of-service?
A) A ransomware attack on healthcare facilities
B) An attack on a social media platform
C) The 2015 Ukraine power grid hack
D) A bank data breach in 2021
  • 60. What technology is used by FedEx and UPS for tracking shipments?
A) RFID (Radio Frequency Identification)
B) Barcodes
C) GPS
D) Bluetooth
  • 61. Which type of equipment has been successfully attacked in hospitals?
A) Medical training simulators
B) In-hospital diagnostic equipment
C) Hospital cafeteria systems
D) Patient transport vehicles
  • 62. Which company started offering commercial access control systems and computer security software products in the late 1970s?
A) IBM
B) Netscape
C) Apple
D) Microsoft
  • 63. When was the United States Cyber Command created?
A) 2008
B) 2015
C) 2009
D) 2010
  • 64. What is cyber attribution?
A) Finding who perpetrated a cyberattack.
B) Detecting and eliminating malware.
C) Logging user activity on a network.
D) Encrypting data for secure transmission.
  • 65. What is the first key component of a computer security incident response plan?
A) Preparation
B) Detection and analysis
C) Containment, eradication and recovery
D) Post incident activity
  • 66. Who provided documents exposing NSA global surveillance in 2013?
A) Mark Zuckerberg
B) Julian Assange
C) Chelsea Manning
D) Edward Snowden
  • 67. Which Canadian organization is responsible for mitigating threats to Canada's critical infrastructure?
A) European Network and Information Security Agency (ENISA)
B) Forum of Incident Response and Security Teams (FIRST)
C) Council of Europe
D) Canadian Cyber Incident Response Centre (CCIRC)
  • 68. What is digital hygiene analogous to?
A) Dietary habits
B) Personal hygiene
C) Sleep patterns
D) Physical fitness
  • 69. What is one of the main pillars of Canada's cyber security strategy?
A) Coordinating global CSIRTs.
B) Managing European network security.
C) Regulating international data protection laws.
D) Securing government systems.
  • 70. Which type of devices are becoming more common targets for cyberattacks due to their increasing number?
A) Desktop computers
B) Healthcare providers' networks
C) Smartphones and tablets
D) Home automation devices like the Nest thermostat
  • 71. Who wrote the Reaper program to destroy the Creeper worm?
A) Willis Ware
B) Markus Hess
C) Ray Tomlinson
D) Bob Thomas
  • 72. In what year did over a hundred intrusions occur at the Rome Laboratory?
A) 2000
B) 2010
C) 1994
D) 1988
  • 73. In what decade did computer security begin to expand beyond academia due to increased connectivity?
A) 2000s
B) 1990s
C) 1980s
D) 1970s
  • 74. What percentage of organizations reported a 'problematic shortage' of cybersecurity skills in 2016?
A) 35%
B) 46%
C) 28%
D) 50%
  • 75. What is one example of a large corporation that experienced a data breach involving clients' credit card details?
A) Home Depot
B) Sony Pictures
C) Nest
D) HBGary Federal
  • 76. What action did Avid Life Media CEO Noel Biderman take after the Ashley Madison breach?
A) He resigned
B) He increased security measures
C) He denied any wrongdoing
D) He took legal action against The Impact Team
  • 77. Which organization is part of the National Cyber Security Division of the United States Department of Homeland Security?
A) NRC
B) CERT/CC
C) US-CERT
D) NEI
  • 78. How many credit cards were stolen from Target Corporation in 2013?
A) 10 million
B) 60 million
C) Roughly 40 million
D) 25 million
  • 79. What technology are long-distance bus companies switching to?
A) Barter systems
B) Paper tickets
C) E-ticketing transactions
D) Manual ticket sales
  • 80. What was the primary target of the Stuxnet attack in 2010?
A) Israeli government networks
B) U.S. military systems
C) Iran's nuclear centrifuges
D) European power grids
  • 81. Which company was affected by a credit card details breach in early 2007?
A) TJX
B) Target Corporation
C) Office of Personnel Management
D) Home Depot
  • 82. Which technology enables shopping mall kiosks to issue on-the-spot credit cards?
A) Contactless payment systems
B) Blockchain-based transactions
C) Instant Issuance technology
D) QR code scanning
  • 83. Which coalition did Public Safety Canada partner with to launch the Cyber Security Cooperation Program?
A) Canadian Cyber Incident Response Centre (CCIRC)
B) STOP.THINK.CONNECT
C) European Network and Information Security Agency (ENISA)
D) Council of Europe
  • 84. Which of the following is NOT a method used in access authorization?
A) Port scanning.
B) Biometric systems.
C) Passwords.
D) Smart cards.
  • 85. What is a consequence of a simple power outage at an airport?
A) It improves airport efficiency
B) It can cause worldwide repercussions
C) It only affects the local area
D) It has no significant impact
Created with That Quiz — where a math practice test is always one click away.