Q1. Which attack involves an attacker secretly listening to a communication line to intercept private data?
A) Spoofing
B) Sniffing (or Eavesdropping)
C) Phishing
D) Spamming
E) DDoS
Answer: B
Q2. A "Logic Bomb" is a type of malicious code that:
A) Explodes the hardware.
B) Executes only when specific conditions are met (e.g., a specific date/time or event).
C) Replicates itself like a worm.
D) Locks files like ransomware.
E) Records keystrokes.
Answer: B
Q3. Which of the following is considered a "Biometric" authentication method?
A) Password
B) Smart Card
C) Retina Scan
D) PIN
E) Token
Answer: C
Q4. "Zero-Day Attack" exploits:
A) Old viruses.
B) Vulnerabilities that are unknown to the software vendor (0 days to fix it).
C) Weak passwords.
D) Firewalls.
E) Hardware failure.
Answer: B
Q5. "Salting" passwords helps defend against:
A) Brute Force Attacks.
B) Rainbow Table Attacks (Pre-computed hash attacks).
C) Phishing.
D) Keyloggers.
E) DDoS.
Answer: B (Adding random data makes pre-computed hashes useless).
Q6. Which specific type of Phishing targets high-profile executives (CEOs/CFOs)?
A) Spear Phishing
B) Whaling
C) Vishing
D) Smishing
E) Farming
Answer: B
Q7. "Botnet" computers are often called:
A) Zombies
B) Ghosts
C) Spiders
D) Clients
E) Hosts
Answer: A
Q8. Which security protocol replaced SSL (Secure Sockets Layer)?
A) SSH
B) TLS (Transport Layer Security)
C) PGP
D) IPsec
E) HTTPS
Answer: B
Q9. "SQL Injection" targets:
A) The Operating System.
B) The Database (via web input fields).
C) The Network.
D) The Firewall.
E) The CPU.
Answer: B
Q10. A "Honeypot" is used to:
A) Attract and trap attackers to study their behavior (Decoy system).
B) Store passwords.
C) Encrypt data.
D) Block viruses.
E) Speed up the network.
Answer: A
Q11. "Penetration Testing" (Pen Testing) is also known as:
A) Black Hat Hacking.
B) Ethical Hacking.
C) Cracking.
D) Scripting.
E) Social Engineering.
Answer: B
Q12. "Symmetric Encryption" uses:
A) Two keys (Public/Private).
B) One key (Shared Secret Key) for both encryption and decryption.
C) No keys.
D) Three keys.
E) Biometrics.
Answer: B
Q13. "Asymmetric Encryption" (Public Key Cryptography) uses:
A) One key.
B) A pair of keys (Public to encrypt, Private to decrypt).
C) A password only.
D) A token.
E) A hash.
Answer: B
Q14. "Rootkit" malware is dangerous because:
A) It spreads fast.
B) It hides deep in the OS (Kernel level) and maintains persistent administrator access while remaining undetected.
C) It deletes files.
D) It shows ads.
E) It is a virus.
Answer: B
Q15. "Man-in-the-Middle" (MitM) attack involves:
A) An attacker intercepting and possibly altering communication between two parties who believe they are talking directly.
B) Blocking the middle of the network.
C) Stealing the server.
D) A virus in the CPU.
E) Phishing.
Answer: A
Q16. "Cross-Site Scripting" (XSS) is a vulnerability found in:
A) Web Applications (Injecting malicious scripts into trusted websites).
B) Databases.
C) Firewalls.
D) Operating Systems.
E) Hardware.
Answer: A
Q17. "Ransomware" payments are usually demanded in:
A) Cash.
B) Credit Card.
C) Cryptocurrency (Bitcoin/Monero) for anonymity.
D) Check.
E) Gold.
Answer: C
Q18. "CIA Triad" stands for:
A) Confidentiality, Integrity, Availability
B) Control, Intelligence, Access
C) Cyber, Internet, Access
D) Central, Internal, Area
E) Computer, Information, Application
Answer: A
Q19. "Spyware" example:
A) Keylogger
B) Firewall
C) Antivirus
D) Notepad
E) Calculator
Answer: A
Q20. "DDoS" stands for:
A) Direct Denial of Service
B) Distributed Denial of Service
C) Digital Data of Service
D) Distributed Data on Server
E) Direct Data on System
Answer: B
Q21. "Vishing" is:
A) Voice Phishing (via Phone calls).
B) Video Phishing.
C) Virtual Phishing.
D) Visual Phishing.
E) Viral Phishing.
Answer: A
Q22. "Smishing" is:
A) SMS Phishing (via Text messages).
B) Small Phishing.
C) Smart Phishing.
D) Social Phishing.
E) Simple Phishing.
Answer: A
Q23. "Non-Repudiation" ensures that:
A) The sender cannot deny sending the message.
B) The message is encrypted.
C) The receiver can delete the message.
D) The message is fast.
E) No one can read it.
Answer: A
Q24. "Digital Signature" provides:
A) Authentication and Integrity (Proof of origin and that message wasn't changed).
B) Confidentiality only.
C) Compression.
D) Virus protection.
E) Faster Speed.
Answer: A
Q25. "Hash Function" is:
A) A one-way function that converts data into a fixed-size string (digest).
B) Two-way encryption.
C) A virus.
D) A password manager.
E) A firewall.
Answer: A
Q26. Which algorithm is a Hashing Algorithm?
A) AES
B) RSA
C) SHA-256 (Secure Hash Algorithm)
D) DES
E) 3DES
Answer: C
Q27. Which algorithm is a Symmetric Encryption Algorithm?
A) RSA
B) AES (Advanced Encryption Standard)
C) SHA
D) MD5
E) Diffie-Hellman
Answer: B
Q28. "Social Engineering" relies on:
A) Human error/manipulation.
B) Software bugs.
C) Hardware failure.
D) Network speed.
E) Weak encryption.
Answer: A
Q29. "Tailgating" (Piggybacking) is:
A) Following an authorized person into a secure area.
B) Hacking Wi-Fi.
C) Driving a car.
D) Stealing passwords.
E) Creating a backdoor.
Answer: A
Q30. "Dumpster Diving" involves:
A) Searching trash for sensitive information.
B) Deleting files.
C) Formatting drives.
D) Cleaning computers.
E) Hacking emails.
Answer: A
Q31. "Two-Factor Authentication" (2FA) typically requires:
A) Something you know (Password) + Something you have (Phone/Token).
B) Two passwords.
C) Two users.
D) Two computers.
E) Two emails.
Answer: A
Q32. "Brute Force Attack" consists of:
A) Trying all possible combinations of passwords.
B) Physical damage.
C) Stealing the server.
D) Sending viruses.
E) Social engineering.
Answer: A
Q33. "Dictionary Attack" uses:
A) A list of common words/passwords to guess the key.
B) A real dictionary.
C) Random characters.
D) Social skills.
E) Biometrics.
Answer: A
Q34. "WannaCry" was a:
A) Ransomware attack.
B) Spyware.
C) Adware.
D) Trojan.
E) Hardware bug.
Answer: A
Q35. "Stuxnet" was famous for:
A) Targeting SCADA systems (Industrial control systems/Nuclear centrifuges).
B) Stealing credit cards.
C) Hacking Facebook.
D) Crashing Windows.
E) Deleting photos.
Answer: A (First cyber weapon).
Q36. "VPN" protects data by:
A) Tunneling and Encryption.
B) Compressing it.
C) Deleting logs.
D) Blocking ads.
E) Increasing speed.
Answer: A
Q37. "Air Gap" security measure means:
A) Physically isolating a computer from unsecured networks (no internet connection).
B) Cooling with air.
C) Using Wi-Fi.
D) Cloud storage.
E) Wireless charging.
Answer: A
Q38. "Buffer Overflow" occurs when:
A) A program writes more data to a block of memory than it can hold, overwriting adjacent memory.
B) The hard drive is full.
C) The internet is slow.
D) The printer is jammed.
E) The CPU overheats.
Answer: A
Q39. "Clickjacking" involves:
A) Tricking a user into clicking on something different from what they perceive (transparent layers).
B) Stealing a mouse.
C) Hacking a keyboard.
D) Blocking clicks.
E) Making clicks louder.
Answer: A
Q40. "Cyber Espionage" is:
A) Spying on governments/companies for secrets.
B) Stealing money.
C) Bullying online.
D) Playing games.
E) Selling hardware.
Answer: A
Q41. "GDPR" is a regulation for:
A) Data Privacy and Protection (EU).
B) Internet Speed.
C) Copyright.
D) Hardware standards.
E) AI development.
Answer: A
Q42. "White Hat Hacker" is:
A) Ethical Hacker.
B) Malicious Hacker.
C) Government Hacker.
D) Novice Hacker.
E) Anonymous Hacker.
Answer: A
Q43. "Black Hat Hacker" is:
A) Malicious/Criminal Hacker.
B) Ethical Hacker.
C) Security Consultant.
D) Student.
E) Teacher.
Answer: A
Q44. "Grey Hat Hacker" acts:
A) Without permission but often without malicious intent (mix of both).
B) Legally.
C) For the government.
D) As a teacher.
E) As a virus.
Answer: A
Q45. "Script Kiddie" refers to:
A) Unskilled attackers using tools written by others.
B) Expert programmers.
C) Kids learning code.
D) Virus writers.
E) Security pros.
Answer: A
Q46. "Firewall" types include:
A) Packet Filtering, Stateful Inspection, Proxy.
B) Virus, Worm.
C) LAN, WAN.
D) RAM, ROM.
E) Input, Output.
Answer: A
Q47. "IDS" stands for:
A) Intrusion Detection System
B) Internet Data System
C) Internal Defense System
D) Input Data Security
E) Integrated Drive System
Answer: A
Q48. "IPS" stands for:
A) Intrusion Prevention System
B) Internet Protocol Security
C) Internal Prevention System
D) Information Protection System
E) Integrated Power System
Answer: A
Q49. "Patch Management" is crucial for:
A) Fixing vulnerabilities and bugs in software.
B) Designing logos.
C) Managing cables.
D) Buying hardware.
E) Hiring staff.
Answer: A
Q50. "Least Privilege" principle states:
A) Users should have the minimum levels of access necessary to perform their job functions.
B) Everyone is Admin.
C) No one has access.
D) Guests have full access.
E) Access is random.
Answer: A
Q51. "Session Hijacking" involves:
A) Stealing a valid session ID/Cookie to impersonate a user.
B) Stealing a laptop.
C) Closing a session.
D) Crashing a session.
E) Recording a session.
Answer: A
Q52. "Sandbox" is used for:
A) Isolating and testing suspicious programs safely.
B) Playing games.
C) Storing files.
D) Cleaning viruses.
E) Locking PC.
Answer: A
Q53. "Typosquatting" (URL Hijacking) relies on:
A) Users making typing errors when entering a URL (e.g., goggle.com instead of google.com).
B) Hacking DNS.
C) Stealing keyboards.
D) Blocking URLs.
E) Slow internet.
Answer: A
Q54. "Shoulder Surfing" is:
A) Looking at someone's screen/keyboard to steal passwords.
B) A water sport.
C) Hacking Wi-Fi.
D) Scanning networks.
E) Physical attack.
Answer: A
Q55. "Bluejacking" sends:
A) Unsolicited messages via Bluetooth.
B) Viruses via Wi-Fi.
C) Emails.
D) SMS.
E) Blue screens.
Answer: A
Q56. "Bluesnarfing" steals:
A) Data from a device via Bluetooth.
B) Blue cables.
C) Wi-Fi passwords.
D) SIM cards.
E) Batteries.
Answer: A
Q57. "War Driving" involves:
A) Searching for Wi-Fi networks from a moving vehicle.
B) Racing cars.
C) Military training.
D) Hacking cars.
E) GPS tracking.
Answer: A
Q58. "Cryptojacking" uses victim's CPU to:
A) Mine Cryptocurrency.
B) Encrypt files.
C) Play games.
D) Send emails.
E) Hack banks.
Answer: A
Q59. "Polymorphic Virus":
A) Changes its signature code each time it replicates to evade antivirus.
B) Stays the same.
C) Deletes itself.
D) Attacks phones.
E) Is a hardware bug.
Answer: A
Q60. "Steganography" hides data within:
A) Other files (e.g., text inside an image).
B) Folders.
C) Passwords.
D) Trash bin.
E) Cloud.
Answer: A
0 Comments
Post a Comment