Cybersecurity Concepts Quiz

Questions and Answers

What is social engineering?

Manipulating people to force mistakes and compromise security (correct)

Acquiring multiple computers to access a website

Using trial and error to hack an account

A method to bring down websites by overwhelming the web server

How do criminals conduct a Brute Force Attack?

By trying various passwords against a specific username (correct)

By injecting malicious code into a website

By overwhelming web servers with traffic

By manipulating people to reveal their passwords

How can the threat of a Brute Force Attack be reduced?

By allowing unlimited login attempts

By locking an account after one unsuccessful password attempt

By using complex passwords for all users (correct)

By ensuring all users have simple passwords

What does a 'packet sniffer' do?

Intercepts and reads network traffic to gather sensitive data

Why do criminals use social engineering tactics?

To manipulate individuals into giving confidential information

How does a DDoS attack aim to bring down a website?

By overwhelming the web server with excessive traffic

What is the main goal of Scareware?

To claim the user has a virus and sell fake antivirus software

Which type of malware demands payment to unlock a computer that has been made useless?

Ransomware

What best describes Rootkits?

Tools that allow criminals to access a computer at an administrator level

How does Phishing typically attempt to obtain sensitive user information?

Through direct electronic communications like emails or phone calls

'Social Engineering' in network attacks refers to:

Exploiting human behavior to compromise network security

What is the main purpose of a standard computer virus?

To replicate themselves in other programs/files

'Denial of Service Attacks (DoS)' aim to:

Overwhelm a system with traffic, making it inaccessible

Which type of virus aims to simply replicate itself without necessarily damaging data?

Worm Virus

What is the primary aim of a Trojan virus?

To cause harm while appearing harmless

Which type of attack involves overwhelming a system with excessive traffic, rendering it unable to respond to legitimate requests?

Denial of Service

What is the primary goal of malware?

To harm a computer or user

In the context of cybersecurity, which is considered a 'weak point' according to the text?

'Weak' passwords

What is the purpose of penetration testing?

To simulate network attacks and identify weaknesses

Which of the following is NOT a method to prevent threats to a computer system?

Network Forensics

What is the main function of network forensics?

To monitor network traffic and analyze data packets

Which of the following best defines a 'Network Policy'?

Set of rules and procedures for network users

What type of attacks might be simulated during penetration testing?

Denial of Service attacks, SQL injections, Brute Force Attacks

Which method can be used to identify shortcomings in a network according to the text?

Network Forensics

What is one common rule that might be included in an ‘Acceptable Use Policy’?

Locking computers if the user leaves their desk

Which of the following is a common aspect of a ‘Backup Policy’?

The location of backup storage (offsite)

In a ‘Disaster Recovery Policy’, what is one rule typically related to the media on which backups are stored?

The location of the backups in a company's servers

How does Anti-Virus software ensure system security?

It finds and destroys viruses or quarantines them.

Which of the following is NOT typically a part of an ‘Acceptable Use Policy’?

Installing any software without restrictions

What is one critical aspect of a ‘Backup Policy’ that organizations need to consider?

The time and frequency of backing up data