Foundations of Cybersecurity Quiz

Questions and Answers

PDF Questions PDF Answers

What is the main purpose of penetration testing?

To develop encryption algorithms

To install security patches

To simulate cyber attacks (correct)

To secure physical premises

What type of malware is designed to encrypt files and demand a ransom for decryption?

Trojan

Worm

Spyware

Ransomware (correct)

What is the primary goal of a Distributed Denial of Service (DDoS) attack?

Network disruption (correct)

System compromise

Data destruction

Data theft

What does the term 'zero-day exploit' refer to in cybersecurity?

A vulnerability that is unknown to software vendors

What is the purpose of a Virtual Private Network (VPN) in cybersecurity?

To provide secure remote access

What does the acronym CIA stand for in the context of cybersecurity?

Confidentiality, Integrity, Availability

What is the primary purpose of a firewall in cybersecurity?

To filter network traffic

Which encryption protocol is commonly used to secure web traffic?

SSL/TLS

What is the term for a software vulnerability that allows attackers to gain unauthorized access?

Exploit

What does the term 'phishing' refer to in cybersecurity?

Sending malicious emails

Study Notes

Cybersecurity Fundamentals

• CIA stands for Confidentiality, Integrity, and Availability in the context of cybersecurity.

Cyber Attacks

• Phishing, Malware, and DOS are common types of cyber attacks.
• HIPAA is not a type of cyber attack.

Firewalls

• The primary purpose of a firewall is to filter network traffic.

Encryption

• SSL/TLS is a commonly used encryption protocol to secure web traffic.

Vulnerabilities

• A software vulnerability that allows attackers to gain unauthorized access is called an exploit.
• Bug, backdoor, and Trojan are not examples of exploits.

Authentication

• Two-factor authentication is an example of using a fingerprint scan in addition to a username and password.

Phishing

• Phishing refers to sending malicious emails to trick users into revealing sensitive information.

Social Engineering

• SQL Injection is not an example of social engineering.
• Tailgating, baiting, and pretexting are examples of social engineering.

Cybersecurity Principles

• Confidentiality ensures that data is only accessible to authorized parties.
• Availability ensures that systems are operational and accessible when needed.

Penetration Testing

• The purpose of penetration testing is to simulate cyber attacks.

Malware

• Ransomware is a type of malware designed to encrypt files and demand a ransom for decryption.

Email Security

• PGP is a protocol commonly used for secure email communication.

DDoS Attacks

• The primary goal of a DDoS attack is to disrupt networks.

Zero-Day Exploits

• A zero-day exploit refers to a vulnerability that is unknown to software vendors.

CVE System

• The MITRE organization develops the Common Vulnerabilities and Exposures (CVE) system.

Cryptography

• Hashing is a cryptographic technique used to verify the integrity and authenticity of digital messages.

VPNs

• The purpose of a VPN is to provide secure remote access.

Password Security

• A strong password is an example of "CorrectHorseBatteryStaple".

Software Updates

• A patch is a software update that fixes security vulnerabilities.

Cybersecurity Principles

• Availability ensures that systems are operational and accessible when needed.
• Confidentiality ensures that data is only accessible to authorized parties.

Description

Test your knowledge of the basics of cybersecurity with this quiz, covering topics such as CIA triad, types of cyber attacks, and security measures. Learn and assess your understanding of the fundamental concepts of cybersecurity. Good luck!