Cybersecurity MCQ Quiz PDF

Summary

This document is a cybersecurity MCQ quiz containing 33 multiple-choice questions. It covers various aspects of cybersecurity concepts, from fundamental to advanced knowledge. This quiz can be used as a study tool or to test knowledge.

Full Transcript

Here is the complete MCQ quiz with all 33 questions in cybersecurity concepts:

MCQ Quiz: Cybersecurity Concepts

1. Which component in the CIA triad would be most compromised in a Denial of Service
(DoS) attack?

◦ a. Con dentiality
◦ b. Availability
◦ c. Integrity
◦ d. Authentication
2. What is the purpose of a Security Information and Event Management (SIEM) system
in cybersecurity?

◦ a. To encrypt sensitive data
◦ b. To block malware in real time
◦ c. To create a honeypot for threat analysis
◦ d. To centralize logging and provide threat detection through correlation
3. What is the primary advantage of using Public Key Infrastructure (PKI) for digital
communication?

◦ a. Faster data transmission
◦ b. Decentralized trust management
◦ c. Secure key exchange in an untrusted environment
◦ d. Eliminates the need for encryption algorithms
4. In SQL injection attacks, what does the payload '; DROP TABLE users; -- typically
exploit?

◦ a. Privilege escalation
◦ b. Database con guration
◦ c. Poor input sanitization
5. What is the primary role of a rewall in network security?

◦ a. Encrypt sensitive data
◦ b. Detect malware on endpoints
◦ c. Block unauthorized access while allowing authorized communication
◦ d. Perform network packet inspection for all layers
6. Which hashing algorithm is no longer considered secure and is deprecated?

◦ a. HMAC
◦ b. MD5
◦ c. SHA-256
◦ d. AES
7. What type of attack involves an attacker injecting malicious scripts into a website,
which then executes on the victim’s browser?

◦ a. Directory Traversal
◦ b. SQL Injection
◦ c. Command Injection
◦ d. Cross-Site Scripting (XSS)
8. Which cybersecurity principle involves providing access to users only for the data and
systems they need to perform their jobs?
fi
fi
fi
 ◦a. Zero Trust
◦b. Separation of Duties
◦c. Least Privilege
◦d. Defense in Depth
9. What is a common symptom of a ransomware attack?

◦ a. Sudden data deletion
◦ b. Encrypted les with demands for payment
◦ c. Increased CPU usage
◦ d. System reboot without authorization
10. In cryptographic systems, what is a "nonce"?

◦ a. A symmetric encryption algorithm
◦ b. A random number used once for security purposes
◦ c. A public key certi cate
◦ d. A key exchange protocol
11. Which term describes an attack where an unauthorized individual masquerades as a
legitimate user?

◦a. Impersonation
◦b. Phishing
◦c. Spoo ng
◦d. Social Engineering
12. Which authentication method is considered the most secure for web applications?

◦ a. Multi-Factor Authentication (MFA)
◦ b. Token-based
◦ c. Biometric-based
◦ d. Password-based
13. In Transport Layer Security (TLS), what is the primary purpose of the handshake
process?

◦a. Verify server identity and exchange encryption keys
◦b. Improve latency during communication
◦c. Compress transmitted data
◦d. Encrypt data at rest
14. What does the tool "Wireshark" primarily analyze?

◦a. Application logs
◦b. Firewall rules
◦c. Packet data on a network
◦d. Malware behavior
15. Which of the following is not a property of a cryptographic hash function?

◦a. Encryption resistance
◦b. Collision resistance
◦c. Preimage resistance
◦d. Second-preimage resistance
16. In RSA cryptosystem, the security relies primarily on which mathematical problem?

◦ a. Matrix inversion problem
◦ b. Factoring large integers
◦ c. Elliptic curve problem
fi
fi
fi
 ◦ d. Discrete logarithm problem
17. Which of the following algorithms is a symmetric key encryption algorithm?
◦ a. ElGamal
◦ b. AES
◦ c. ECC
◦ d. RSA
18. In Dif e-Hellman key exchange, the private key of a user is:

◦ a. A randomly chosen secret integer
◦ b. A publicly shared prime number
◦ c. A hash of the shared secret
◦ d. The generator value
19. The primary weakness of the One-Time Pad is:

◦ a. It requires a truly random key as long as the message
◦ b. It does not support multiple encryptions
◦ c. It is computationally inef cient
◦ d. It is vulnerable to frequency analysis
20. What is the size of the RSA modulus for a key considered secure as of 2023?

◦ a. 2048 bits
◦ b. 4096 bits
◦ c. 1024 bits
◦ d. 512 bits
21. The purpose of a digital signature is to:

◦ a. Provide non-repudiation and data integrity
◦ b. Ensure data con dentiality
◦ c. Share secret keys securely
◦ d. Generate random numbers
22. What is the key difference between symmetric and asymmetric encryption?

◦ a. Asymmetric encryption is faster than symmetric encryption
◦ b. Symmetric encryption uses the same key for encryption and decryption, while
asymmetric uses different keys
◦ c. Asymmetric encryption is only used for hash functions
◦ d. Symmetric encryption cannot achieve con dentiality
23. In public key infrastructure (PKI), the Certi cate Authority (CA):

◦ a. Encrypts user messages directly
◦ b. Issues and manages digital certi cates
◦ c. Generates users’ private keys
◦ d. Validates encrypted data
24. A monoalphabetic cipher operates by:

◦ a. Encrypting plaintext using XOR operations
◦ b. Substituting each plaintext character with a xed corresponding character
◦ c. Shuf ing the positions of characters in plaintext
◦ d. Using multiple substitution alphabets for encryption
25. A major vulnerability of monoalphabetic ciphers is:

◦ a. The need for large key sizes
fi
fl
fi
fi
fi
fi
fi
fi
 ◦ b. Their reliance on secure key exchange
◦ c. Their susceptibility to frequency analysis
◦ d. The inability to handle numbers
26. The Caesar cipher is an example of:

◦ a. A transposition cipher
◦ b. A stream cipher
◦ c. A polyalphabetic cipher
◦ d. A monoalphabetic substitution cipher
27. Which of the following is a polyalphabetic cipher?

◦ a. Playfair cipher
◦ b. Atbash cipher
◦ c. Vigenère cipher
◦ d. Atbash cipher again (please con rm if this is a typo)
28. In a polyalphabetic cipher, each letter of plaintext:

◦ a. Is transposed to a different position in the ciphertext
◦ b. Maps to multiple ciphertext letters depending on the key
◦ c. Is XORed with a pseudorandom key
◦ d. Maps to a single ciphertext letter using a xed rule
29. Which component makes polyalphabetic ciphers resistant to frequency analysis?

◦ a. Fixed substitution pattern
◦ b. Transposition of letters in plaintext
◦ c. Use of modular arithmetic
◦ d. Use of multiple substitution alphabets
30. Which of the following best describes the Vigenère cipher?

◦ a. It transposes letters in a xed pattern.
◦ b. It XORs plaintext with a random key.
◦ c. It shifts each letter by a xed number of places.
◦ d. It uses multiple Caesar ciphers with a repeating key.
31. In a monoalphabetic cipher, if the key is 26 characters long, how many possible keys
exist?

◦ a. 26^26
◦ b. 26!
◦ c. 26^2
◦ d. 26
32. The key length of a Vigenère cipher determines:

◦ a. The padding mechanism required
◦ b. The strength against frequency analysis
◦ c. The size of the ciphertext
◦ d. The type of plaintext accepted
33. A key challenge in using the Vigenère cipher is:

◦ a. Handling ciphertext collisions
◦ b. Decrypting ciphertext without the plaintext
◦ c. Encrypting numbers and special characters
◦ d. Sharing and securing the key
fi
fi
fi
fi
This comprehensive quiz covers various aspects of cybersecurity, offering a detailed exploration of
foundational and advanced concepts. Feel free to use this as a study tool or a way to test your
knowledge or others' in the eld of cybersecurity!

fi