Cybersecurity Basics and Threats MCQ for Professionals
Questions: 30
Questions
-
1. What is the primary goal of cybersecurity?
- a) To ensure that systems and data are protected from unauthorized access and attacks
- b) To make systems faster and more efficient
- c) To improve the performance of websites
- d) To protect only sensitive financial data
-
2. Which of the following is an example of a social engineering attack?
- a) Phishing
- b) Man-in-the-middle attack
- c) Denial-of-Service (DoS) attack
- d) SQL injection
-
3. What does the term "malware" refer to?
- a) Software designed to protect against cyberattacks
- b) Software used for data backup
- c) Malicious software intended to cause harm or unauthorized access
- d) Software used for network optimization
-
4. Which of the following is a common type of malware that encrypts files and demands payment for decryption?
- a) Trojan horse
- b) Worm
- c) Ransomware
- d) Spyware
-
5. What does the term "phishing" refer to in cybersecurity?
- a) A technique used to track online activities
- b) A form of attack where fraudulent emails or websites deceive users into providing sensitive information
- c) A type of virus that replicates itself
- d) An encrypted communication method used for secure transactions
-
6. Which of the following is an example of a brute-force attack?
- a) Guessing passwords through automated software until the correct one is found
- b) Exploiting a vulnerability in a website
- c) Using social engineering to gather personal information
- d) Intercepting network traffic to steal data
-
7. What is a firewall primarily used for?
- a) To enhance the user interface of a website
- b) To protect a computer network by controlling incoming and outgoing traffic
- c) To make websites load faster
- d) To clean up viruses from infected files
-
8. Which of the following best describes a Denial-of-Service (DoS) attack?
- a) A threat to steal financial information
- b) An attempt to make a service unavailable by overwhelming it with excessive traffic
- c) A method of exploiting system vulnerabilities
- d) A technique for bypassing authentication mechanisms
-
9. What is the purpose of encryption in cybersecurity?
- a) To prevent unauthorized access to data by transforming it into unreadable content
- b) To speed up the transmission of sensitive data
- c) To prevent users from accessing certain files
- d) To improve the aesthetic appeal of data
-
10. Which of the following is a vulnerability in a system that can be exploited by attackers?
- a) Patch
- b) Software bug or flaw
- c) Encryption key
- d) Secure password
-
11. What is the purpose of a VPN (Virtual Private Network)?
- a) To increase the speed of internet browsing
- b) To allow secure communication over a public network by encrypting data
- c) To block access to specific websites
- d) To improve Wi-Fi signal strength
-
12. Which of the following is an example of a passive cybersecurity defense?
- a) Encryption
- b) Firewall
- c) Intrusion detection system (IDS)
- d) Security awareness training
-
13. What does the term "data breach" refer to?
- a) The practice of backing up data to external storage
- b) Unauthorized access or disclosure of sensitive data
- c) The act of hacking into a system without leaving traces
- d) A type of encrypted communication
-
14. Which of the following is a common method of securing communication on the internet?
- a) Using a VPN to encrypt traffic
- b) Installing anti-virus software
- c) Disabling firewalls
- d) Using weak passwords
-
15. What is "cross-site scripting" (XSS)?
- a) An attack that injects malicious scripts into web pages viewed by users
- b) A method for bypassing authentication systems
- c) An attack to steal sensitive data from databases
- d) A denial-of-service attack
-
16. Which of the following is a feature of an effective incident response plan?
- a) Regular updates to address new threats
- b) Ignoring low-level threats
- c) Relying solely on external support
- d) Focusing on prevention only
-
17. What is the purpose of a "zero-day" exploit?
- a) To exploit vulnerabilities in a system before the vendor has released a patch
- b) To encrypt sensitive files
- c) To block access to websites
- d) To prevent unauthorized users from accessing a network
-
18. Which of the following types of malware attempts to exploit a security flaw in a program to execute arbitrary code?
- a) Worm
- b) Trojan horse
- c) Buffer overflow
- d) Rootkit
-
19. What does the term "social engineering" refer to in cybersecurity?
- a) Using technical skills to hack systems
- b) Manipulating individuals into divulging confidential information or performing actions that compromise security
- c) Using firewalls to block attacks
- d) Testing the security of a network
-
20. What does an "IDS" (Intrusion Detection System) do?
- a) Prevents unauthorized access to a network
- b) Detects potential security breaches or attacks in real-time
- c) Manages network traffic
- d) Encrypts sensitive data
-
21. What does the acronym "APT" stand for in cybersecurity?
- a) Advanced Persistent Threat
- b) Advanced Protected Technique
- c) Automated Phishing Tool
- d) Authorized Penetration Test
-
22. Which of the following is NOT a good practice for safeguarding sensitive data?
- a) Using encryption to protect data in transit and at rest
- b) Regularly updating security patches
- c) Storing passwords in plain text
- d) Restricting access to sensitive data based on roles
-
23. What is the function of an "antivirus" program?
- a) To prevent hackers from accessing your device
- b) To detect and remove malicious software
- c) To optimize the performance of a computer
- d) To block unauthorized network traffic
-
24. Which of the following is considered an insider threat?
- a) An attacker who gains unauthorized access from outside the organization
- b) A system glitch that causes a security breach
- c) An employee who intentionally or unintentionally compromises security
- d) A malicious script targeting a website
-
25. What does a "Man-in-the-Middle" (MitM) attack involve?
- a) Intercepting communication between two parties to alter or steal information
- b) Injecting malicious code into a website to steal data
- c) Overloading a network with traffic to cause a denial of service
- d) Phishing for login credentials through email
-
26. What does the term "patch management" refer to in cybersecurity?
- a) The process of updating software to fix vulnerabilities and improve security
- b) The practice of using firewalls to block incoming traffic
- c) Monitoring networks for any signs of unauthorized access
- d) Encrypting sensitive data during transmission
-
27. Which of the following is an example of a physical security measure in cybersecurity?
- a) Using multi-factor authentication
- b) Installing biometric authentication systems
- c) Using encryption to protect stored data
- d) Implementing access control lists (ACLs)
-
28. Which of the following describes a "backdoor" in cybersecurity?
- a) A hidden method of bypassing normal authentication to access a system
- b) A vulnerability that is intentionally left open by the software vendor
- c) A technique used to encrypt data for safe transmission
- d) A tool used for managing firewalls
-
29. What is the purpose of a "honeypot" in cybersecurity?
- a) To monitor network traffic for suspicious activity by simulating a vulnerable system
- b) To encrypt sensitive data in storage
- c) To limit access to specific users only
- d) To block spam and phishing attempts
-
30. What is the main function of a "sandbox" in cybersecurity testing?
- a) To provide a controlled environment for running and analyzing potentially malicious code
- b) To block unauthorized access to a network
- c) To create secure passwords for all users
- d) To encrypt traffic between systems
Ready to put your knowledge to the test? Take this exam and evaluate your understanding of the subject.
Start Exam