Sample Questions and Answers
What is “clickjacking”?
A) A malicious technique where an attacker tricks a user into clicking on an invisible link that leads to a malicious action
B) A technique used by cybercriminals to steal login credentials
C) A method of encrypting data before transmission
D) A type of malware that spreads through infected emails
Answer: A) A malicious technique where an attacker tricks a user into clicking on an invisible link that leads to a malicious action
Explanation: Clickjacking involves placing a malicious link or button underneath an invisible frame, causing users to unknowingly click on it, triggering an unintended action such as downloading malware or giving up sensitive information.
What does “pharming” refer to in cybersecurity?
A) An attack that redirects users from legitimate websites to fraudulent ones
B) A method used by hackers to steal sensitive personal information via email
C) A form of malware that encrypts files and demands a ransom
D) A technique to secure communications by encrypting data packets
Answer: A) An attack that redirects users from legitimate websites to fraudulent ones
Explanation: Pharming is a type of cyberattack that redirects users from a legitimate website to a fake one designed to steal personal or financial information.
What is “phishing”?
A) A legitimate marketing technique used to gather customer feedback
B) A type of malware that spreads through email attachments
C) A method of tricking individuals into revealing sensitive information by pretending to be a trusted entity
D) A way of securing data through encryption
Answer: C) A method of tricking individuals into revealing sensitive information by pretending to be a trusted entity
Explanation: Phishing is a form of social engineering in which attackers impersonate legitimate organizations or individuals to steal sensitive data such as usernames, passwords, or financial details.
What is the purpose of a “VPN” (Virtual Private Network)?
A) To monitor internet activity and report it to authorities
B) To encrypt internet traffic and mask a user’s IP address to provide privacy and security
C) To back up data to a remote server
D) To detect and block malware on the network
Answer: B) To encrypt internet traffic and mask a user’s IP address to provide privacy and security
Explanation: A VPN encrypts internet traffic, allowing users to access the internet securely and anonymously, hiding their real IP address and making their online activities private.
Which of the following is the primary function of “antivirus software”?
A) To back up important system files
B) To monitor internet traffic for malicious activity
C) To detect and remove malware from a system
D) To prevent unauthorized access to a network
Answer: C) To detect and remove malware from a system
Explanation: Antivirus software is designed to detect, prevent, and remove malware such as viruses, worms, and trojans from a computer or network.
What is the “Dark Web”?
A) A secure network used for online banking and financial transactions
B) A hidden part of the internet that requires special software to access and is often used for illicit activities
C) A legitimate platform for online shopping
D) A search engine that indexes illegal content
Answer: B) A hidden part of the internet that requires special software to access and is often used for illicit activities
Explanation: The Dark Web is a portion of the internet that is not indexed by traditional search engines and requires special software (like Tor) to access. It is often used for illegal activities, such as selling illicit goods.
What is “spoofing” in the context of cybersecurity?
A) A type of malware designed to gather login credentials
B) Falsifying the origin of data or communication to deceive the recipient
C) A technique used to encrypt internet traffic
D) A process for securely backing up system data
Answer: B) Falsifying the origin of data or communication to deceive the recipient
Explanation: Spoofing refers to the act of falsifying the origin of communication or data, often in an attempt to deceive the recipient into revealing sensitive information or taking an action.
Which of the following best describes a “man-in-the-middle” (MITM) attack?
A) An attacker intercepts and potentially alters the communication between two parties without their knowledge
B) An attacker floods a network with traffic to make it unavailable
C) An attacker disguises their identity to steal login credentials
D) An attacker plants malware that targets critical infrastructure
Answer: A) An attacker intercepts and potentially alters the communication between two parties without their knowledge
Explanation: A MITM attack occurs when an attacker secretly intercepts and possibly alters communication between two parties, such as a user and a website.
What is the role of a “security patch”?
A) To block unauthorized access to a system
B) To fix vulnerabilities or weaknesses in software or a system
C) To detect and prevent malware infections
D) To monitor network traffic for suspicious activity
Answer: B) To fix vulnerabilities or weaknesses in software or a system
Explanation: A security patch is a software update designed to fix vulnerabilities or weaknesses that could be exploited by attackers.
What is “cryptocurrency”?
A) A digital currency that relies on encryption to secure transactions and control the creation of new units
B) A method for securing online transactions
C) A system used to detect online fraud
D) A type of malware used to steal financial information
Answer: A) A digital currency that relies on encryption to secure transactions and control the creation of new units
Explanation: Cryptocurrency is a type of digital or virtual currency that uses cryptography to secure transactions and control the creation of new units. Bitcoin is one of the most well-known cryptocurrencies.
What is “data encryption”?
A) The process of converting readable data into an unreadable format to prevent unauthorized access
B) A technique for compressing data to save storage space
C) The process of recovering lost data from a backup
D) A method of backing up data to a cloud service
Answer: A) The process of converting readable data into an unreadable format to prevent unauthorized access
Explanation: Data encryption transforms readable data into an unreadable format using a cryptographic algorithm to prevent unauthorized access, ensuring data security.
What does “SQL injection” involve?
A) An attack that exploits vulnerabilities in a website’s database to execute malicious SQL queries
B) An attack that involves flooding a database with excessive requests
C) An attack that hijacks login credentials to access a system’s database
D) A method of backing up data from a database to prevent loss
Answer: A) An attack that exploits vulnerabilities in a website’s database to execute malicious SQL queries
Explanation: SQL injection occurs when attackers insert malicious SQL code into input fields on a website, allowing them to manipulate or extract data from the website’s database.
What is “ransomware”?
A) Malware that encrypts files or locks the system and demands payment for decryption or unlocking
B) A type of malware that steals sensitive data from a system
C) A software designed to monitor and prevent unauthorized access
D) A tool used to enhance network security
Answer: A) Malware that encrypts files or locks the system and demands payment for decryption or unlocking
Explanation: Ransomware is a type of malware that encrypts the victim’s files or locks their system, demanding a ransom to release the files or restore access.
What is the purpose of “two-factor authentication” (2FA)?
A) To create stronger passwords
B) To enhance security by requiring two forms of verification before granting access
C) To monitor system logs for suspicious activity
D) To back up data securely in the cloud
Answer: B) To enhance security by requiring two forms of verification before granting access
Explanation: Two-factor authentication (2FA) adds an extra layer of security by requiring two forms of identification, such as a password and a verification code sent to the user’s phone.
What does “cyberstalking” involve?
A) The unauthorized access of online accounts to steal personal information
B) The use of digital means to harass, threaten, or intimidate another individual
C) The process of tracking the location of mobile devices
D) A method of spreading malware through social media platforms
Answer: B) The use of digital means to harass, threaten, or intimidate another individual
Explanation: Cyberstalking involves using electronic communications to repeatedly harass or threaten someone, often causing emotional distress.
What is the “Internet of Things” (IoT)?
A) A system that uses the internet to perform hacking attacks on network devices
B) A network of interconnected devices that communicate and exchange data over the internet
C) A method of securing internet traffic using encryption
D) A platform used to monitor network traffic for cyberattacks
Answer: B) A network of interconnected devices that communicate and exchange data over the internet
Explanation: The Internet of Things (IoT) refers to the network of physical devices, vehicles, appliances, and other items that are connected to the internet and can exchange data.
What is the purpose of “digital forensics”?
A) To encrypt digital data for protection
B) To collect, analyze, and preserve digital evidence for legal purposes
C) To prevent unauthorized access to digital devices
D) To monitor social media activity for signs of cyberbullying
Answer: B) To collect, analyze, and preserve digital evidence for legal purposes
Explanation: Digital forensics involves investigating digital devices to recover and analyze data that can be used as evidence in legal cases, such as in criminal investigations.
What is “botnet”?
A) A network of computers or devices that are infected with malware and controlled by a cybercriminal
B) A technique for recovering lost data from a server
C) A system for monitoring network traffic for security breaches
D) A tool for encrypting internet traffic to protect user privacy
Answer: A) A network of computers or devices that are infected with malware and controlled by a cybercriminal
Explanation: A botnet is a network of infected devices that are controlled remotely by an attacker, often used to perform malicious activities such as launching DDoS attacks or sending spam.
What is “data breach”?
A) The process of encrypting data to prevent unauthorized access
B) An incident where unauthorized individuals gain access to sensitive or confidential data
C) The recovery of lost data from a backup
D) A system designed to prevent malware from entering a network
Answer: B) An incident where unauthorized individuals gain access to sensitive or confidential data
Explanation: A data breach occurs when unauthorized individuals access sensitive or private data, often leading to identity theft, fraud, or the exposure of classified information.
What is the role of a “firewall”?
A) To encrypt internet traffic
B) To monitor network traffic for signs of malware
C) To filter and block unauthorized access to a network
D) To back up sensitive data from a system
Answer: C) To filter and block unauthorized access to a network
Explanation: A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on security rules, preventing unauthorized access to the network.
What does “data encryption” primarily prevent?
A) The unauthorized access to sensitive data
B) The loss of data due to system failure
C) Unauthorized deletion of files
D) Slow system performance
Answer: A) The unauthorized access to sensitive data
Explanation: Data encryption converts data into a secure format that prevents unauthorized access. Only those with the decryption key can convert the data back into its original form.
What is the main goal of “ethical hacking”?
A) To exploit system vulnerabilities for financial gain
B) To improve system security by identifying and fixing vulnerabilities
C) To steal sensitive information for investigation purposes
D) To create malware that can be used by authorities
Answer: B) To improve system security by identifying and fixing vulnerabilities
Explanation: Ethical hacking, also known as white-hat hacking, involves testing systems for vulnerabilities to help organizations strengthen their security measures before malicious hackers can exploit them.
What is a “zero-day attack”?
A) A cyberattack that targets outdated software with known vulnerabilities
B) A cyberattack that uses previously unknown vulnerabilities in software before a fix is released
C) A form of malware that spreads rapidly over a network
D) A type of attack that focuses on stealing cryptocurrency
Answer: B) A cyberattack that uses previously unknown vulnerabilities in software before a fix is released
Explanation: A zero-day attack takes advantage of vulnerabilities that are unknown to the software vendor, making it difficult to defend against since no patch is available at the time of the attack.
What is “steganography”?
A) A technique used to hide data in plain sight, often within images or audio files
B) A type of malware used to spy on user activity
C) A method used for encrypting sensitive data
D) A tool for detecting malicious software
Answer: A) A technique used to hide data in plain sight, often within images or audio files
Explanation: Steganography involves embedding secret data into other, seemingly innocuous files, like images or audio, in a way that makes the data hidden from plain view.
Which of the following is the best defense against “social engineering” attacks?
A) Using strong passwords
B) Implementing multi-factor authentication
C) Educating employees to recognize suspicious behavior and deceptive tactics
D) Installing antivirus software
Answer: C) Educating employees to recognize suspicious behavior and deceptive tactics
Explanation: Social engineering attacks rely on manipulating people to disclose sensitive information or take harmful actions. Educating individuals on recognizing these tactics is crucial for defense.
Which of the following best describes the term “pharming”?
A) A method of stealing login credentials through deceptive emails
B) An attack that redirects a legitimate website’s traffic to a fraudulent website
C) A technique used to detect and block malicious network traffic
D) A form of malware that encrypts a system’s files
Answer: B) An attack that redirects a legitimate website’s traffic to a fraudulent website
Explanation: Pharming involves redirecting a website’s traffic to a malicious site that appears identical to the legitimate one, in order to steal user credentials or perform other fraudulent activities.
What is the primary function of a “firewall”?
A) To encrypt sensitive data in transmission
B) To monitor and control network traffic based on security rules
C) To recover deleted files
D) To identify and remove viruses from a system
Answer: B) To monitor and control network traffic based on security rules
Explanation: A firewall is a security device that monitors and filters network traffic to prevent unauthorized access to a network or system.
Which of the following is a key feature of “public key infrastructure” (PKI)?
A) It allows for secure communication between untrusted parties using encryption
B) It monitors network activity for suspicious behavior
C) It prevents unauthorized access by blocking external devices
D) It helps backup data for recovery in case of system failure
Answer: A) It allows for secure communication between untrusted parties using encryption
Explanation: Public Key Infrastructure (PKI) is a framework for managing digital keys and certificates, enabling secure communication and authentication between untrusted parties through encryption.
What does “ransomware” do?
A) It infects a system and then demands payment to restore access to files or data
B) It scans for vulnerabilities in a system and exploits them
C) It encrypts internet traffic for privacy protection
D) It is a type of anti-virus software that removes malware
Answer: A) It infects a system and then demands payment to restore access to files or data
Explanation: Ransomware encrypts files or locks access to a system, and the attacker demands payment (usually in cryptocurrency) for the decryption key or to restore access.
What is “multi-factor authentication” (MFA)?
A) A method to back up data on multiple devices
B) A process that requires multiple pieces of evidence to verify a user’s identity
C) A type of firewall used to secure internet connections
D) A method for encrypting email communication
Answer: B) A process that requires multiple pieces of evidence to verify a user’s identity
Explanation: Multi-factor authentication (MFA) requires two or more verification methods (such as a password and a one-time code sent to a mobile device) to ensure the security of a user’s identity.
Which of the following is a characteristic of “malware”?
A) It is designed to improve system performance
B) It is used to monitor and manage network traffic
C) It is malicious software designed to harm, exploit, or gain unauthorized access to a system
D) It is a legitimate tool used to test network security
Answer: C) It is malicious software designed to harm, exploit, or gain unauthorized access to a system
Explanation: Malware is software intentionally designed to disrupt or damage a system, steal sensitive data, or exploit vulnerabilities.
What is “social engineering” in the context of cybersecurity?
A) A method of encrypting files to prevent unauthorized access
B) A technique used to manipulate individuals into revealing sensitive information or performing actions that compromise security
C) A process for analyzing network traffic to identify vulnerabilities
D) A form of malware that steals user credentials
Answer: B) A technique used to manipulate individuals into revealing sensitive information or performing actions that compromise security
Explanation: Social engineering exploits human psychology and manipulates individuals to gain unauthorized access to information or systems, often through deception or trust-building tactics.
Which of the following is a “denial-of-service” (DoS) attack?
A) An attack that involves monitoring network traffic for signs of fraud
B) An attack that floods a server with excessive traffic, making it unavailable to legitimate users
C) A form of malware that steals personal information from devices
D) An attack that encrypts files and demands payment to decrypt them
Answer: B) An attack that floods a server with excessive traffic, making it unavailable to legitimate users
Explanation: A DoS attack aims to make a system, service, or network unavailable to its intended users by overwhelming it with traffic.
What is a “botnet”?
A) A collection of compromised devices controlled by an attacker to launch coordinated cyberattacks
B) A secure network used for sensitive financial transactions
C) A device used to monitor and protect against unauthorized access
D) A software tool designed to identify vulnerabilities in a network
Answer: A) A collection of compromised devices controlled by an attacker to launch coordinated cyberattacks
Explanation: A botnet is a network of infected computers or devices that can be remotely controlled by a hacker to perform malicious activities, such as launching DDoS attacks or sending spam emails.
What is the role of a “public key” in encryption?
A) It is used to decrypt data encrypted with a private key
B) It is used to verify the identity of the user
C) It is used to encrypt data before transmission
D) It is used to store sensitive information securely
Answer: C) It is used to encrypt data before transmission
Explanation: In asymmetric encryption, the public key is used to encrypt data, and only the corresponding private key can decrypt it, ensuring that only the intended recipient can access the data.
Reviews
There are no reviews yet.