Cybersecurity Concepts Quiz

Questions and Answers

What is social engineering?

• Manipulating people to force mistakes and compromise security (correct)
• Acquiring multiple computers to access a website
• Using trial and error to hack an account
• A method to bring down websites by overwhelming the web server

How do criminals conduct a Brute Force Attack?

• By trying various passwords against a specific username (correct)
• By injecting malicious code into a website
• By overwhelming web servers with traffic
• By manipulating people to reveal their passwords

How can the threat of a Brute Force Attack be reduced?

• By allowing unlimited login attempts
• By locking an account after one unsuccessful password attempt
• By using complex passwords for all users (correct)
• By ensuring all users have simple passwords

What does a 'packet sniffer' do?

Intercepts and reads network traffic to gather sensitive data (A)

Why do criminals use social engineering tactics?

To manipulate individuals into giving confidential information (D)

How does a DDoS attack aim to bring down a website?

By overwhelming the web server with excessive traffic (B)

What is the main goal of Scareware?

To claim the user has a virus and sell fake antivirus software (A)

Which type of malware demands payment to unlock a computer that has been made useless?

Ransomware (B)

What best describes Rootkits?

Tools that allow criminals to access a computer at an administrator level (D)

How does Phishing typically attempt to obtain sensitive user information?

Through direct electronic communications like emails or phone calls (C)

'Social Engineering' in network attacks refers to:

Exploiting human behavior to compromise network security (B)

What is the main purpose of a standard computer virus?

To replicate themselves in other programs/files (C)

'Denial of Service Attacks (DoS)' aim to:

Overwhelm a system with traffic, making it inaccessible (A)

Which type of virus aims to simply replicate itself without necessarily damaging data?

Worm Virus (D)

What is the primary aim of a Trojan virus?

To cause harm while appearing harmless (B)

Which type of attack involves overwhelming a system with excessive traffic, rendering it unable to respond to legitimate requests?

Denial of Service (B)

What is the primary goal of malware?

To harm a computer or user (C)

In the context of cybersecurity, which is considered a 'weak point' according to the text?

'Weak' passwords (B)

What is the purpose of penetration testing?

To simulate network attacks and identify weaknesses (C)

Which of the following is NOT a method to prevent threats to a computer system?

Network Forensics (B)

What is the main function of network forensics?

To monitor network traffic and analyze data packets (A)

Which of the following best defines a 'Network Policy'?

Set of rules and procedures for network users (D)

What type of attacks might be simulated during penetration testing?

Denial of Service attacks, SQL injections, Brute Force Attacks (D)

Which method can be used to identify shortcomings in a network according to the text?

Network Forensics (D)

What is one common rule that might be included in an ‘Acceptable Use Policy’?

Locking computers if the user leaves their desk (C)

Which of the following is a common aspect of a ‘Backup Policy’?

The location of backup storage (offsite) (B)

In a ‘Disaster Recovery Policy’, what is one rule typically related to the media on which backups are stored?

The location of the backups in a company's servers (D)

How does Anti-Virus software ensure system security?

It finds and destroys viruses or quarantines them. (A)

Which of the following is NOT typically a part of an ‘Acceptable Use Policy’?

Installing any software without restrictions (B)

What is one critical aspect of a ‘Backup Policy’ that organizations need to consider?

The time and frequency of backing up data (C)

Flashcards are hidden until you start studying