Scribd
Upload
53 views6 pages

Arjun Quiz

The document contains 20 multiple choice questions about cybersecurity topics such as malware, ethical hacking, penetration testing, and cyber attacks. It tests knowledge on common security terms and concepts including malware types, security principles like CIA and least privilege, hacking tools like Nmap and Reaver, and vulnerabilities like Heartbleed, session hijacking, and CSRF. The questions cover a wide range of fundamental cybersecurity subjects.

Uploaded by

Arjun Aju
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
53 views6 pages

Arjun Quiz

The document contains 20 multiple choice questions about cybersecurity topics such as malware, ethical hacking, penetration testing, and cyber attacks. It tests knowledge on common security terms and concepts including malware types, security principles like CIA and least privilege, hacking tools like Nmap and Reaver, and vulnerabilities like Heartbleed, session hijacking, and CSRF. The questions cover a wide range of fundamental cybersecurity subjects.

Uploaded by

Arjun Aju
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

1.

What is a common term for software designed to infiltrate a computer system without
the owner's informed consent?

a) Adware

b) Freeware

c) Malware

d) Software

Answer: c) Malware

2. Which of the following is NOT a type of malware?

a) Virus

b) Worm

c) Phishing

d) Trojan

Answer: c) Phishing

3. In ethical hacking, what does the term "white hat" refer to?

a) Hackers who work for criminal organizations

b) Hackers who identify vulnerabilities to exploit them for personal gain

c) Hackers who identify vulnerabilities to help organizations fix them

d) Hackers who only attack government organizations

Answer: c) Hackers who identify vulnerabilities to help organizations fix them

4. Which attack involves overwhelming a system or network by flooding it with traffic?

a) Phishing

b) DDoS (Distributed Denial of Service)

c) Cross-site scripting (XSS)


d) SQL Injection

Answer: b) DDoS (Distributed Denial of Service)

5. Which of the following is NOT a method used in social engineering attacks?

a) Baiting

b) Quid pro quo

c) SQL injection

d) Pretexting

Answer: c) SQL injection

6. In cybersecurity, what does "CIA" stand for?

a) Central Intelligence Agency

b) Confidentiality, Integrity, Authentication

c) Confidentiality, Integrity, Availability

d) Central Information Assurance

Answer: c) Confidentiality, Integrity, Availability

7. What tool is used for wireless network cracking and is known to exploit the WPS
vulnerability?

a) AirSnort

b) Wireshark

c) Reaver

d) Burp Suite

Answer: c) Reaver
8. What kind of malware typically disguises itself as legitimate software and may be
used by hackers to gain unauthorized access?

a) Ransomware

b) Adware

c) Spyware

d) Trojan Horse

Answer: d) Trojan Horse

9. Which tool is primarily used for OS fingerprinting?

a) Metasploit

b) Nmap

c) Burp Suite

d) Hydra

Answer: b) Nmap

10. Which of the following terms describes an attack where an unauthorized user
attempts to gain access to a user's session?

a) Man-in-the-middle

b) Session hijacking

c) Directory traversal

d) CSRF (Cross-Site Request Forgery)

Answer: b) Session hijacking

11. What is the primary purpose of a Rainbow Table attack?

a) Intercepting and modifying traffic between two parties

b) Cracking password hashes by comparing them against a precomputed table


c) Sending large volumes of traffic to a target to render it inaccessible

d) Exploiting a vulnerable web application using color-coded payloads

Answer: b) Cracking password hashes by comparing them against a precomputed table

12. Which cybersecurity principle suggests that a user should have the minimum levels
of access required to perform their roles?

a) Least Privilege

b) Defense in Depth

c) Segregation of Duties

d) Risk Diversification

Answer: a) Least Privilege

13. Which protocol is vulnerable to "Heartbleed" bug?

a) HTTP

b) DNS

c) SSL/TLS

d) FTP

Answer: c) SSL/TLS

14. What does the “S” in HTTPS stand for?

a) Secure

b) Socket

c) Session

d) Server

Answer: a) Secure
15. Which of these is NOT a type of penetration testing?

a) Black Box

b) Grey Box

c) Red Box

d) White Box

Answer: c) Red Box

16. Which of the following is a wireless attack that involves setting up a rogue WiFi
access point and mimicking a legitimate one to capture data from unsuspecting users?

a) Deauthentication Attack

b) Evil Twin Attack

c) Karma Attack

d) Fragmentation Attack

Answer: b) Evil Twin Attack

17. In the context of a web application, which of the following best describes "Directory
Traversal"?

a) Redirecting a user to a different website without their consent.

b) Brute forcing directories to find hidden resources.

c) Navigating up and down a web directory to access restricted files.

d) Analyzing the structure of a website's database.

Answer: c) Navigating up and down a web directory to access restricted files.

18. Which HTTP status code indicates that a resource is forbidden and the server will
not display details, even if authentication exists?

a) 401 Unauthorized

b) 400 Bad Request


c) 500 Internal Server Error

d) 403 Forbidden

Answer: d) 403 Forbidden

19. Which of the following is NOT typically a component of a penetration testing


methodology?

a) Reporting

b) Attack

c) Reconnaissance

d) Purchasing

Answer: d) Purchasing

20. Cross-Site Request Forgery (CSRF) primarily targets which of the following?

a) Server-side applications

b) The client's browser

c) Network infrastructure

d) DNS servers

Answer: b) The client's browser

You might also like