Cyber Security Quiz Questions

Reviewed by Godwin Iheuwa
Godwin Iheuwa, MS (Computer Science) |
Database Administrator
Review Board Member
Godwin Iheuwa, a Database Administrator at MTN Nigeria, holds an MS in Computer Science, specializing in Agile Methodologies and Database Administration from the University of Bedfordshire and a Bachelor's in Computer Science from the University of Port Harcourt. His proficiency in SQL Server Integration Services (SSIS) and SQL Server Management Studio contributes to his expertise in database management.
 , MS (Computer Science)
By PremierGaou
P
PremierGaou
Community Contributor
Quizzes Created: 3 | Total Attempts: 57,063
| Attempts: 35,288
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/20 Questions

    Which of the following describes asymmetric key encryption?

    • Consists of a private signing key and a public verification key
    • The sender and receiver must securely share a key.
    • Cannot be used for non-repudiation purposes
    • Cannot be used for sender authentication
Please wait...
About This Quiz

Think you know about cyber security? Are you ready to take these Cyber Security Quiz Questions? There are many questions in this quiz related to cyber security to help assess your knowledge of different types of cyberattacks. If you think you know all about the right protocols, systems, & actions to be taken then take this quiz and try to answer all the questions correctly here. Played it. Best of luck!

Cyber Security Quiz Questions - Quiz

Quiz Preview

  • 2. 

    What of the following is a DoS attack?

    • Listening in on network traffic to identify the MAC address of a computer

    • Continually bombarding a targeted network with fake requests.

    • Injecting bogus networking re-configuration commands

    • Forcing computers to drop their connections and reconnect with the attacker’s access point

    Correct Answer
    A. Continually bombarding a targeted network with fake requests.
    Explanation
    Continually bombarding a targeted network with fake requests is a form of Denial of Service (DoS) attack. In this type of attack, the attacker overwhelms the network or system with a large volume of fake requests, consuming its resources and causing it to become slow or unresponsive to legitimate users. This hinders the network's ability to handle genuine traffic, resulting in a denial of service to legitimate users.

    Rate this question:

  • 3. 

    Which of the following describes monitoring software installed without your consent?

    • Malware

    • Adware

    • Spyware

    • Ransomware

    Correct Answer
    A. Spyware
    Explanation
    Spyware is a type of monitoring software that is installed on a device without the user's consent or knowledge. It secretly gathers information about the user's activities, such as browsing habits, keystrokes, and personal data, and sends it to a third party without the user's permission. Unlike malware, adware, and ransomware, which may cause harm or disrupt the device, spyware primarily focuses on collecting information covertly.

    Rate this question:

  • 4. 

    Which of the following offers the strongest wireless signal encryption?

    • WEP

    • WAP

    • WIPS

    • WPA

    Correct Answer
    A. WPA
    Explanation
    WPA (Wi-Fi Protected Access) offers the strongest wireless signal encryption among the given options. WPA is a security protocol that provides improved encryption and authentication compared to its predecessor, WEP (Wired Equivalent Privacy). WPA uses a stronger encryption algorithm called TKIP (Temporal Key Integrity Protocol) and provides better protection against unauthorized access and attacks. WAP (Wireless Application Protocol) is a different technology used for accessing internet services on mobile devices, while WIPS (Wireless Intrusion Prevention System) is a security solution that detects and prevents unauthorized access to wireless networks.

    Rate this question:

  • 5. 

    Which of the remote is a secure remote access protocol?

    • SSH

    • FTP

    • Telnet

    • SMTP

    Correct Answer
    A. SSH
    Explanation
    Of the choices, only SSH and Telnet are remote access protocols. SSH is encrypted while Telnet is not.

    Rate this question:

  • 6. 

    An event signaling an IDS to produce an alarm when no attack has taken place would be classified as which of the following?

    • False Positive

    • False Negative

    • True Negative

    • True Positive

    Correct Answer
    A. False Positive
    Explanation
    A false positive is when an event is incorrectly identified as an attack by an IDS (Intrusion Detection System) when in fact no attack has taken place. This can occur due to misconfiguration, false alarms, or the IDS misinterpreting normal behavior as malicious activity. In this scenario, the IDS produces an alarm, indicating a potential attack, even though there is none. This can lead to wasted resources and time investigating non-existent threats.

    Rate this question:

  • 7. 

    Which of the following attacks requires a carrier file to self-replicate?

    • Trojan

    • Virus

    • Worm

    • Spam

    Correct Answer
    A. Worm
    Explanation
    A worm is a type of malware that replicates itself in order to spread to other computers. Unlike viruses, worms do not need a carrier file to infect a system. Instead, worms exploit vulnerabilities in network protocols to spread automatically from one computer to another. This self-replicating behavior distinguishes worms from other types of malware, such as trojans, which rely on user actions to propagate, and viruses, which typically require a host file to attach themselves to.

    Rate this question:

  • 8. 

    Which of the following is a test that gives little to no information about the system to the penetration tester?

    • Grey Box

    • White Box

    • Blue Box

    • Black Box

    Correct Answer
    A. Black Box
    Explanation
    Black Box testing is a type of testing where the tester has no prior knowledge about the system being tested. The tester is not provided with any information about the internal workings or architecture of the system. This type of testing simulates an attacker with no insider knowledge, allowing them to approach the system as an external entity. Therefore, Black Box testing provides little to no information about the system to the penetration tester.

    Rate this question:

  • 9. 

    Someone who is posing as an IT tech requests information about your computer configuration.  What kind of attack is this?

    • Insider threat

    • Phishing

    • Social engineering

    • Whaling

    Correct Answer
    A. Social engineering
    Explanation
    This is an example of social engineering because the attacker is manipulating and deceiving the victim by posing as an IT tech to gain access to their computer configuration information. Social engineering involves exploiting human psychology and trust to trick individuals into revealing sensitive information or performing actions that they normally wouldn't. In this case, the attacker is using their knowledge of IT to appear legitimate and convince the victim to disclose information that could potentially be used for malicious purposes.

    Rate this question:

  • 10. 

    A network site that appears to have valuable information but is isolated and monitored is what kind of security measure?

    • Pseudo-network

    • Honeypot

    • Virtual Network

    • Canary Trap

    Correct Answer
    A. Honeypot
    Explanation
    A honeypot is a security measure that involves creating a network site that appears to contain valuable information, but is actually isolated and monitored. The purpose of a honeypot is to attract potential attackers and gather information about their techniques and tactics. By luring attackers into the honeypot, organizations can gain valuable insights into their methods and enhance their overall security measures.

    Rate this question:

  • 11. 

    What information do you need to set up a wireless access point?

    • SSID

    • MAC address

    • IP address

    • ARP

    Correct Answer
    A. SSID
    Explanation
    To set up a wireless access point, you need the SSID (Service Set Identifier). The SSID is the name that identifies the wireless network, allowing devices to connect to it. By configuring the SSID, you can specify the network's name and make it visible to devices in range. This way, users can select and connect to the correct wireless network. The SSID is an essential piece of information required for setting up a wireless access point.

    Rate this question:

  • 12. 

    Which of the following is a password hashing algorithm?

    • AES

    • MD4

    • PGP

    • 3DES

    Correct Answer
    A. MD4
    Explanation
    MD4 is a password hashing algorithm. It is a widely used cryptographic hash function that produces a 128-bit hash value. It is designed to be fast and efficient, making it suitable for password hashing. However, MD4 is considered to be insecure and vulnerable to various attacks, so it is not recommended for use in modern systems. AES, PGP, and 3DES are encryption algorithms, not password hashing algorithms.

    Rate this question:

  • 13. 

    What are two types of network layer firewalls?

    • Stateful and stateless

    • Dynamic and static

    • Anomaly and signature

    • Mandatory and discretionary

    Correct Answer
    A. Stateful and stateless
    Explanation
    Stateful and stateless are two types of network layer firewalls. Stateful firewalls keep track of the state of network connections and only allow incoming traffic that is part of an established connection. They examine the context of the traffic and make decisions based on the connection's state. On the other hand, stateless firewalls do not keep track of the connection state and make decisions based on individual packets. They examine the packet's header information, such as source and destination IP addresses, and apply filtering rules accordingly. Both types of firewalls are used to protect networks from unauthorized access and malicious activities.

    Rate this question:

  • 14. 

    Which of the following is NOT a password-cracking software tool?

    • HoneyMonkey

    • Cain and Abel

    • John the Ripper

    • Hashcat

    Correct Answer
    A. HoneyMonkey
    Explanation
    HoneyMonkey is a Microsoft research honeypot. The others are tools used to crack passwords. Hashcat is specifically for password hashes, while Cain and Abel are designed for password recovery.

    Rate this question:

  • 15. 

    Which of the following is NOT a DoS attack?

    • Server Spoofing

    • PIng Broadcast

    • Ping of Death

    • Smurf

    Correct Answer
    A. Server Spoofing
    Explanation
    Server spoofing is not a DoS attack because it involves impersonating a server to gain unauthorized access or deceive users, rather than overwhelming a server or network to cause a denial of service. DoS attacks, on the other hand, aim to disrupt the availability of a service by flooding it with excessive traffic or exploiting vulnerabilities.

    Rate this question:

  • 16. 

    Which of the following is the security standard for WPA2?

    • 802.11ad

    • 802.11i

    • 802.11n

    • 802.11a

    Correct Answer
    A. 802.11i
    Explanation
    802.11i is the correct answer because it is the security standard for WPA2. WPA2 (Wi-Fi Protected Access 2) is a security protocol that provides encryption and authentication for wireless networks. It is based on the IEEE 802.11i standard, which specifies the implementation of advanced encryption algorithms such as AES (Advanced Encryption Standard) and CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol). WPA2 is considered more secure than its predecessor, WPA, and is widely used to protect Wi-Fi networks from unauthorized access.

    Rate this question:

  • 17. 

    What are two types of intrusion prevention systems?

    • Passive and active

    • Anomaly and signature

    • Host and network

    • Internal and external

    Correct Answer
    A. Host and network
    Explanation
    An IPS can be installed on the host computer or on the network server.

    Rate this question:

  • 18. 

    Which of the following uses asymmetric key encryption?

    • AES

    • PGP

    • 3DES

    • RC5

    Correct Answer
    A. PGP
    Explanation
    PGP (Pretty Good Privacy) uses asymmetric key encryption. Asymmetric encryption involves the use of a pair of keys, a public key and a private key. The public key is used to encrypt data, while the private key is used to decrypt it. PGP utilizes this encryption method to secure communication and data transfer. It is commonly used for email encryption and digital signatures. AES (Advanced Encryption Standard), 3DES (Triple Data Encryption Standard), and RC5 are symmetric key encryption algorithms, which use the same key for both encryption and decryption.

    Rate this question:

  • 19. 

    Which of the following is NOT a type of virus?

    • Tunneling

    • Boot sector

    • Macro

    • Wrapper

    Correct Answer
    A. Wrapper
    Explanation
    The given options are Tunneling, Boot sector, Macro, and Wrapper. Tunneling, Boot sector, and Macro are all types of viruses that infect computer systems. However, a Wrapper is not a type of virus. A wrapper is a term used to describe a piece of code that is used to encapsulate or wrap around another program or component to provide additional functionality or to simplify the usage of the underlying code. It is not inherently malicious like a virus.

    Rate this question:

  • 20. 

    What are two types of role-based access control lists?

    • Object and permission

    • Filesystem and networking

    • Dynamic and static

    • Mandatory and discretionary

    Correct Answer
    A. Mandatory and discretionary
    Explanation
    Mandatory and discretionary are two types of role-based access control lists. Mandatory access control (MAC) is a security model where access decisions are based on the classification level of the information and the security clearance of the user. Discretionary access control (DAC) is a security model where access decisions are based on the discretion of the owner of the resource. These two types of access control lists provide different levels of control and security in managing access to resources.

    Rate this question:

Godwin Iheuwa |MS (Computer Science) |
Database Administrator
Godwin Iheuwa, a Database Administrator at MTN Nigeria, holds an MS in Computer Science, specializing in Agile Methodologies and Database Administration from the University of Bedfordshire and a Bachelor's in Computer Science from the University of Port Harcourt. His proficiency in SQL Server Integration Services (SSIS) and SQL Server Management Studio contributes to his expertise in database management.

Quiz Review Timeline (Updated): Mar 26, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 26, 2024
    Quiz Edited by
    ProProfs Editorial Team

    Expert Reviewed by
    Godwin Iheuwa
  • Jan 13, 2014
    Quiz Created by
    PremierGaou
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.