Cybersecurity Basics Quiz

Questions and Answers

Which of the following is the primary function of encryption in cybersecurity?

Rendering data indecipherable to unauthorized individuals. (correct)

Preventing unauthorized access to a network by filtering incoming traffic.

Detecting and removing malicious software from a computer system.

Creating a secure backup of data to prevent loss in the event of a system failure.

What is the defining characteristic of a botnet in the context of cybersecurity threats?

A virtual network that provides secure and private communication between authorized users.

A decentralized network of compromised computers used to perform coordinated attacks. (correct)

A software application that monitors network traffic and detects suspicious activity.

A self-replicating malware that spreads rapidly through a network, causing widespread damage.

In cybersecurity, what is the main goal of performing a penetration test on a system?

To ensure compliance with regulatory requirements and industry standards.

To create backup copies and test recovery procedures.

To evaluate and strengthen the security defenses of a system by simulating attacks. (correct)

To optimize system performance and identify areas for improvement.

What is the primary risk associated with a Trojan horse program in cybersecurity?

Infecting a system while appearing as legitimate software. (A)

Which of the following statements best describes the function of a Virtual Private Network (VPN)?

It creates a secure, encrypted connection over a public network, protecting user privacy and data transmission. (A)

Flashcards

Encryption

A process that makes data unreadable to unauthorized users.

Botnet

A network of infected computers controlled by an attacker.

Trojan horse

A type of malware disguised as legitimate software.

CAPTCHA

A tool used to verify that a user is human.

Phishing site

A fake website designed to steal user information.

VPN

Stands for Virtual Private Network, used for secure internet connections.

Strong Password Example

A strong password is difficult to guess and combines letters, numbers, and symbols.

Firewall Purpose

The primary purpose of a firewall is to block unauthorized access to a network.

Denial of Service (DoS) Attack

An attack that overwhelms a system with excessive traffic to disrupt services.

Phishing

An attempt to steal sensitive information by pretending to be a trustworthy entity.

Two-Factor Authentication (2FA)

Provides an additional layer of security by requiring two forms of verification.

Ransomware Goal

The main goal is to encrypt files and demand payment for decryption.

Intrusion Detection System (IDS)

Detects and alerts on potential security breaches in a network.

Study Notes

Acronyms and Definitions

• VPN stands for Virtual Private Network

Password Security

• Strong passwords include unique characters and a mix of upper and lower case letters, numbers, and symbols (e.g., P@ssw0rd!2025) Avoid simple passwords like "password123" or "123456" and common words or names.

Firewall Function

• Firewalls primarily block unauthorized access to a network.

Denial-of-Service Attacks

• Denial-of-Service (DoS) attacks overwhelm a system with traffic, making it unavailable.

Social Engineering

• Phishing emails are a common social engineering tactic to steal sensitive information.

HTTPS Protocol

• HTTPS (HyperText Transfer Protocol Secure) is a secure version of HTTP for transferring data over the internet.

Malware Types

• Ransomware is a type of malware that encrypts files and demands payment for decryption.

Authentication Methods

• Two-factor authentication (2FA) adds a layer of security by requiring two forms of verification besides username and password.

Phishing Definition

• Phishing is an attempt to steal sensitive information, often through deceptive emails or websites.

Ransomware Goals

• Ransomware's primary goal is to encrypt files and extort payment for their release.

Brute-Force Attacks

• Brute-force attacks involve systematically trying various password combinations to gain unauthorized access.

Digital Certificates

• Digital certificates verify the identity of websites or users, ensuring secure communication.

Zero-Day Vulnerabilities

• Zero-day vulnerabilities are exploits that affect software before the vendor knows about them, thus needing urgent fixes.

Intrusion Detection Systems (IDS)

• Intrusion Detection Systems (IDS) detect potential security breaches and alert the system administrators.

Honeypots

• Honeypots are designed to attract and trap attackers, preventing them from targeting more important systems.

Antivirus Software

• Antivirus software is designed to detect, remove, and prevent harmful malware from computers.

Unauthorized Access

• Hacking is unauthorized access to a computer system.

Encryption Purpose

• Encryption renders data unreadable to unauthorized users.

Botnets

• Botnets are networks of infected computers under attacker control, used for malicious activities.

Penetration Testing

• Penetration testing evaluates the security of a system by simulating real-world attacks.

Trojan Horses

• Trojan horses are malicious software disguised as legitimate software.

Security Patches

• Security patches fix software vulnerabilities preventing exploits resulting in system compromises.

Man-in-the-Middle Attacks

• Man-in-the-Middle attacks occur when a malicious entity intercepts communication between two parties.

VPN Purpose

• VPNs encrypt internet traffic, protecting user privacy and security.

Spyware

• Spyware is software covertly collecting user information.

CAPTCHAs

• CAPTCHAs (Completely Automated Public Turing test to tell Computers and Humans Apart) are used to verify human users.

SQL Injection

• SQL injection exploits database vulnerabilities.

Security Audits

• Security audits evaluate the effectiveness of security measures.

Phishing Sites

• Phishing sites are fake websites designed to trick users into revealing sensitive data.

Data Backups

• Backups create copies of data for recovery in case of data loss.

Description

Test your knowledge on essential cybersecurity concepts such as VPNs, password security, and firewalls. This quiz covers various topics including malware types and social engineering tactics. Assess your understanding of crucial security measures and protocols.