Introduction to Cyber Security Quiz

Questions and Answers

What is the primary function of SIEM systems?

• Blocking harmful internet traffic
• Encrypting sensitive data
• Detecting and responding to security incidents (correct)
• Managing user access control

Which cybersecurity measure focuses on fixing vulnerabilities in software and systems?

• Regular Security Auditing
• Intrusion Detection Systems
• Patch Management (correct)
• User Authentication Protocols

What does CAPTCHA help accomplish in online security?

• Preventing unauthorized access
• Differentiating between humans and automated bots (correct)
• Encrypting user credentials
• Blocking potential malware from user inputs

What type of cyber attack is characterized by overwhelming a system to render it unavailable?

DDoS (Distributed Denial of Service) (B)

What is the main role of encryption in cybersecurity?

Protecting data confidentiality (B)

Which protocol is specifically designed for sending and receiving emails?

SMTP (Simple Mail Transfer Protocol) (D)

What is the main role of a firewall in a network?

Block unauthorized access (D)

Which type of malware allows hackers to gain administrative control over infected systems?

RATs (B)

Which network topology connects all devices in a linear form?

Bus (D)

Under which section of the IT Act is stealing digital assets classified as a cybercrime?

Section 65 (B)

What protocol is typically used for browsing the web?

HTTP (A)

In the TCP/IP model, which layer handles logical addressing with IP addresses?

Network Layer (C)

What is the function of DHCP?

Assign dynamic IP addresses to devices on a network (B)

What is the primary purpose of the OSI model?

Standardize network protocols (A)

Which layer of the OSI model is responsible for logical addressing and routing?

Network Layer (D)

The authentication to be affected by the use of asymmetric cryptography and hash function is known as:

Digital signature (D)

What is the purpose of ARP (Address Resolution Protocol)?

Translate IP addresses to MAC addresses (C)

Which protocol operates at the Transport Layer and provides reliable, connection-oriented communication?

TCP (Transmission Control Protocol) (A)

What is the purpose of DNS (Domain Name System)?

Translate domain names to IP addresses (C)

Which of these is a technique that is used to verify a message’s integrity?

Message Digest (C)

What is the primary way a virus scanner works?

By comparing files against a list of known virus profiles (D)

Which key is primarily used to establish secure communication in asymmetric encryption?

Public key (A)

What is the main function of a hash function in cryptography?

Ensuring data integrity (A)

Which section of the Indian IT Act addresses unauthorized access to computers?

Section 66 (B)

Which encryption algorithm is widely employed for securing data over the internet?

AES (A)

What cybercrime does Section 66 of the Indian IT Act primarily pertain to?

Unauthorized system access (A)

What role does a nonce serve in cryptographic systems?

Preventing replay attacks (D)

Which type of attack involves systematically trying every possible key until the correct one is found?

Brute-force attack (B)

What preventive measure can firewalls use to counteract virus attacks effectively?

Shut down all unneeded ports (D)

What is the penalty for intentionally destroying or altering required computer source code?

Imprisonment up to 3 years or fine up to 2 lakhs or both (A)

Which detection method is commonly used by most Intrusion Detection System (IDS) software?

Anomaly detection (D)

Which protocol is used for delivering data packets without guaranteeing delivery?

UDP (B)

What is the primary function of cryptography?

Securing communication by converting data into a secret code (D)

What is the main purpose of a cryptographic hash function?

Data integrity verification (C)

What does authentication primarily provide in a system?

To assure the identity of user on a remote system (B)

Which cryptographic technique involves using a single key for both encryption and decryption?

Symmetric encryption (D)

What section of the IT Act, 2008 deals with using spy cameras to capture private parts of a person?

Section 67 (C)

What is the updated version of the IT Act, 2000?

IT Act, 2008 (B)

What is the primary goal of cybersecurity?

Protecting against unauthorized access and attacks (C)

Which of the following is an example of a strong password?

H@rdT0Gu3ss (C)

What is the purpose of a firewall in cybersecurity?

Block unauthorized access and control traffic (A)

What does antivirus software primarily do?

Detect and remove malicious software (A)

Which cybersecurity concept involves providing the least amount of privilege necessary to perform a job function?

Least Privilege (D)

What is the purpose of biometric authentication in cybersecurity?

Authenticating users based on unique physical characteristics (D)

What does the term 'phishing' refer to in the context of cybersecurity?

Social engineering attacks using deceptive emails or messages (C)

Child pornography is an offence under section ________.

67 B (D)

What is the purpose of a VPN (Virtual Private Network) in cybersecurity?

Providing a secure, encrypted connection over the internet (B)

What is the primary function of SIEM (Security Information and Event Management) systems?

Detecting and responding to security incidents (D)

What does the acronym IDS stand for in the context of cybersecurity?

Intrusion Detection System (A)

Which cybersecurity principle involves isolating different parts of a network to contain potential security incidents?

Network Segmentation (C)

A key logger is what type of malware?

Spyware (D)

The Information Technology Act 2000 is an Act of the Indian Parliament notified on

17th October 2000 (C)

What is the key difference between symmetric and asymmetric encryption?

Symmetric uses one key, and asymmetric uses two keys. (C)

Authentication is _________

To assure the identity of user on a remote system (B)

This is the concept for guiding information security policy within a corporation, firm, or organisation. What exactly is “this” in this context?

CIA Triad (B)

What is the purpose of a digital signature in cryptography?

Authenticate the sender of a message (D)

In public-key cryptography, which key is used for encryption?

Public key (D)

Which device operates at the Data Link Layer and filters traffic based on MAC addresses?

Switch (B)

Flashcards

OSI Model Purpose

Standardizes network protocols, ensuring different hardware and software can communicate.

Network Layer Function

Handles logical addressing (like IP addresses) and routing of data packets.

Digital Signature Purpose

Verifies a message's integrity and sender's identity using asymmetric cryptography and hash functions.

ARP Function

Translates IP addresses to MAC addresses (physical hardware addresses).

TCP Protocol Role

Reliable, connection-based transport layer protocol.

DNS Function

Translates human-readable domain names (like www.example.com) to IP addresses.

Subnet Mask's Role

Identifies the network portion of an IP address.

Virus Scanner Technique

Compares files against a database of known viruses.

What protocol is used for email?

SMTP (Simple Mail Transfer Protocol) is responsible for sending and receiving emails.

Firewall's function

A firewall's main purpose is to block unauthorized access to a computer network.

What does a RAT do?

A Remote Access Trojan (RAT) allows hackers to control an infected system, giving them administrative privileges.

Bus topology

In a bus topology, all devices are connected in a single linear sequence.

IT Act offense

Stealing digital assets or information is considered a cybercrime under Section 65 of the IT Act.

Default web browsing protocol

HTTP (Hypertext Transfer Protocol) is the standard protocol used for browsing websites.

HTTPS encryption

AES (Advanced Encryption Standard) is a common cryptographic algorithm used for secure communication over the internet, like in HTTPS.

Data Integrity

The assurance that data remains unchanged and accurate, ensuring it hasn't been tampered with.

Cryptographic Hash Function

A mathematical function that transforms data into a fixed-length 'fingerprint' (hash). Any change to the original data results in a different hash.

Symmetric Encryption

A cryptographic method using a single key for both encrypting and decrypting data.

Authentication

Verifying the true identity of a user accessing a system, ensuring they are who they claim to be.

CIA Triad

A core information security concept involving Confidentiality, Integrity, and Availability. It guides security policy within organizations.

Public-key Cryptography

A method using two keys: a public key for encryption and a private key for decryption.

Digital Signature

A cryptographic technique verifying both the sender's identity and the message's integrity.

UDP (User Datagram Protocol)

A connectionless protocol used for sending data packets without guaranteeing delivery or order.

SIEM System Function

A SIEM (Security Information and Event Management) system collects and analyzes security data from various sources, detecting and responding to security incidents in real-time.

Patch Management

Patch management involves regularly updating software and systems to fix known vulnerabilities and security flaws.

CAPTCHA Purpose

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a security measure that differentiates humans from automated bots, preventing automated attacks like spam.

DDoS Attack

A Distributed Denial of Service (DDoS) attack overwhelms a system or network with a massive amount of traffic, making it unavailable to genuine users.

Encryption's Role

Encryption converts data into an unreadable format, protecting its confidentiality by ensuring only authorized individuals with the decryption key can access it.

Public Key

A cryptographic key used for encrypting data. Anyone can have access to the public key, but only the corresponding private key can decrypt the data.

Hash Function Purpose

A mathematical function that converts data of any size into a unique fixed-length string, called a hash, ensuring data integrity.

Section 66 of the Indian IT Act

This section of the Act addresses offenses related to illegally hacking into a computer system, including unauthorized access and data theft.

AES Algorithm

A powerful symmetric-key encryption algorithm widely used for securing data transmission over the internet. It uses a single key for both encryption and decryption.

Nonce Purpose

A unique, randomly generated value used in cryptography to prevent replay attacks by ensuring that a message cannot be reused.

Brute-Force Attack

A cryptographic attack method that tries every possible combination of a key to decrypt encrypted data. This can take a very long time.

Symmetric vs. Asymmetric Encryption

Symmetric encryption uses a single key for both encryption and decryption, while asymmetric encryption uses two keys: a public key for encryption and a private key for decryption.

IT Act, 2008

This is the updated version of the Indian IT Act, 2000. It includes amendments and changes to address emerging technologies and cybercrime threats.

Cybersecurity Goal

The key objective of cybersecurity is to protect data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Strong Password

It should be difficult to guess, containing a mix of uppercase and lowercase letters, numbers, and symbols.

Firewall's Role

A firewall acts like a gatekeeper, inspecting incoming and outgoing network traffic, blocking unauthorized access and controlling communication.

Antivirus Software's Purpose

This software scans and detects malicious software like viruses, worms, and Trojans, preventing them from infecting your system.

Child Pornography Offense

Under Section 67 of the IT Act, possessing, distributing, or creating child pornography is a serious offense.

Least Privilege

This cybersecurity principle focuses on granting only the necessary permissions to users to perform their assigned tasks, reducing potential security risks.

Biometric Authentication

This technique verifies user identity based on unique biological characteristics like fingerprints, facial recognition, or iris scans.

Phishing

A social engineering technique used to trick users into revealing sensitive information like login credentials, passwords, or financial details by impersonating trustworthy sources.

VPN (Virtual Private Network)

A VPN creates a secure encrypted connection between your device and a server on the internet, protecting your online activities and data from eavesdroppers.

Study Notes

Introduction to Cyber Security - Multiple Choice Questions

• OSI Model Purpose: Standardize network protocols
• OSI Layer for Logical Addressing: Network Layer
• Authentication Method: Digital signature (using asymmetric cryptography and hash functions)
• ARP Purpose: Translates IP addresses to MAC addresses
• Reliable Transport Layer Protocol: TCP (Transmission Control Protocol)
• DNS Purpose: Translates domain names to IP addresses
• Data Integrity Verification Technique: Message Digest
• MAC Address Filtering Device: Switch
• Subnet Mask Purpose: Identifies the network portion of an IP address
• Virus Scanner Method: Comparing files against a list of known virus profiles
• Email Protocol: SMTP (Simple Mail Transfer Protocol)
• Firewall Primary Function: Blocking unauthorized access
• Malware Type for Administrative Control: RATS
• Network Topology for Linear Sequence: Bus
• Cybercrime Section for Digital Asset Theft: Section 65
• Default Web Browsing Protocol: HTTP
• Logical Addressing Layer (TCP/IP): Network Layer
• Common Cryptographic Algorithm for Secure Communication (HTTPS): RSA
• Dynamic Host Configuration Protocol Purpose: Assigning dynamic IP addresses to devices
• Application-Layer Filtering Device: Firewall
• Unauthorized Data Destruction/Alteration Penalty: Imprisonment up to 3 years or fine up to 2 lakhs or both
• Cryptographic Hash Function Purpose: Data integrity verification
• Authentication Purpose: To assure user identity on a remote system
• Single Key Encryption/Decryption Technique: Symmetric encryption
• Purpose of Nonce in Cryptographic Protocols: Preventing replay attacks
• Cryptographic Attack by Trying All Possible Key Combinations: Brute-force attack
• Firewall Protection Against Viruses: Shut down all unneeded ports
• Cybercrime Act Year: 2000
• Biometric Authentication Purpose: Authenticating users based on unique physical characteristics
• Phishing Definition: Social engineering attacks using deceptive emails or messages
• VPN Purpose: Providing a secure, encrypted connection over the internet
• SIEM System Function: Detecting and responding to security incidents
• Cybersecurity Measure for Vulnerability Updates: Patch Management
• Purpose of CAPTCHA: Differentiating between humans and automated bots
• Attack Involving Flooding a System with Traffic: DDoS (Distributed Denial of Service)
• Encryption Purpose: Protecting data confidentiality
• IDS Acronym: Intrusion Detection System
• Network Isolation Principle: Network Segmentation