Home » Cyber Security Quiz » Page 3

When an attacker introduces malicious code into a software system, causing it to behave in unintended ways, this is known as what?

  • Code Injection
  • Exploiting a Vulnerability
  • Malware Injection
  • Software Compromise
Code Injection occurs when an attacker inserts malicious code into a software system, leading to unintended and potentially harmful behavior.
Discuss it

When setting up a home wireless network, which feature allows devices to connect to the network without entering a password, but has potential security risks?

  • MAC Address Filtering
  • WEP (Wired Equivalent Privacy)
  • WPA3
  • WPS (Wi-Fi Protected Setup)
WPS allows easy device connection but poses security risks. Attackers can exploit it. Other methods like WPA3 are more secure for home networks.
Discuss it

Which header is used to define a Content Security Policy for a web application?

  • Content-Security-Policy
  • X-Content-Security-Policy
  • X-Frame-Options
  • X-XSS-Protection
The header used to define a Content Security Policy for a web application is "Content-Security-Policy." It specifies the policy rules for content sources, script execution, and other security directives for the web page.
Discuss it

When using web security assessment tools, what is the primary benefit of dynamic analysis over static analysis?

  • Identifies vulnerabilities in the source code before deployment
  • Identifies vulnerabilities that can be exploited in real-time
  • Provides insights into network infrastructure weaknesses
  • Scans for vulnerabilities without executing the application
Dynamic analysis is beneficial as it identifies vulnerabilities that can be exploited in real-time while the application is running. It helps to discover issues that might not be evident during static analysis, as it simulates real-world usage scenarios and interactions with the application.
Discuss it

Under HIPAA, 'covered entities' include health care providers, health plans, and _______.

  • Business Associates
  • Government Agencies
  • Insurance Companies
  • Pharmaceutical Manufacturers
Under HIPAA (Health Insurance Portability and Accountability Act), 'covered entities' include health care providers, health plans, and Business Associates. Business Associates are individuals or entities that perform functions or activities that involve the use or disclosure of protected health information on behalf of covered entities.
Discuss it

A company hired an ethical hacker to assess its security posture. After the assessment, the hacker provided a detailed report showing several vulnerabilities but did not exploit any. Which type of test did the hacker most likely perform?

  • Penetration Test
  • Red Team Exercise
  • Security Audit
  • Vulnerability Assessment
The hacker likely performed a Vulnerability Assessment, which identifies vulnerabilities without exploiting them. A Penetration Test would involve exploiting vulnerabilities.
Discuss it

In an incident reporting procedure, a _______ is typically designated to coordinate the response and recovery efforts.

  • CEO
  • CISO
  • CSIRT
  • CTO
In an incident reporting procedure, a CSIRT (Computer Security Incident Response Team) is typically designated to coordinate the response and recovery efforts. A CSIRT is a team of experts responsible for the protection against and management of cybersecurity incidents.
Discuss it

Which of the following is a benefit of encrypting an individual file rather than an entire disk?

  • Complete security
  • Enhanced performance
  • Selective protection
  • Simplified management
Encrypting an individual file offers the benefit of selective protection. It allows you to choose specific files or folders to encrypt, offering security where it's needed most without affecting the performance or management of the entire disk. This is especially useful when you only need to protect certain sensitive files rather than an entire disk.
Discuss it

Charlie is developing a web application. He ensures that every form input is validated and sanitized before it's processed. Despite this, an attacker is able to inject a script that steals user session cookies. Which vulnerability in the application did the attacker most likely exploit?

  • Cross-Site Request Forgery (CSRF)
  • Cross-Site Scripting (XSS)
  • Insecure Deserialization
  • SQL Injection
The attacker likely exploited a Cross-Site Scripting (XSS) vulnerability, allowing them to inject malicious scripts into the web application despite input validation and sanitization.
Discuss it

The practice of deliberately leaving vulnerabilities open in a system as a trap to detect and monitor intruders is termed as what?

  • Ethical Hacking
  • Honeypot
  • Penetration Testing
  • Zero-Day Exploitation
A "Honeypot" is a cybersecurity mechanism that intentionally exposes vulnerabilities to lure and monitor potential intruders and threats.
Discuss it