Cyber
Cybersecurity Knowledge Quiz
Test your understanding of cybersecurity concepts with our engaging quiz! This quiz covers various topics such as Intrusion Detection Systems, DDoS attacks, malware, and worms, providing an opportunity to enhance your knowledge and skills.
Whether you're a cybersecurity beginner or seeking to improve your expertise, this quiz is designed to challenge you. Key features include:
- Multiple choice questions
- Detailed explanations for each answer
- A comprehensive overview of cybersecurity threats
From the following setences, mark the one that is true.
Usually an IDS is mounted to perform passive monitoring
A signature-based IDS uses statistical models or machiine learning to characterize usage behaviors
A anomaly-based IDS can be considered as resource intensive
A network-based IDS can be innefective for new variants of malware.
From the following setences, mark the one that is true.
An Host-Based IDS is not intended to be mounted in a single machine
An Host-Based IDS is generally resource intensive.
Tripwire is an example of a Network-based IDS
An Host-Based IDS usually creates a single source of log and alert infomation
From the following setences, mark the one that is true.
An Host-Based IDS usually require complex configurations in the host.
Bro is a Network-Based IDS
An Anomaly-Based IDS can have lower percentages of false alerts when compared with other IDS types
An IDS must be designed as the only security component of a network
From the following setences, mark the one that is true.
The birthday attack intends to find two different hashed for two different messages.
A XSS attack starts by detecting a script injection vulnerability in particular websites
In a malware attack, hackers can use a rootkit to capture keyboard events.
A XSS attack assumes that malicious script will be executed in the victims host connected to a previously attacked website
From the following setences, mark the one that is true.
In a drive-by attack, the attacker needs to eavesdrop communications between a host and a web server.
In a DOS attack, UDP SYN packets can be used to overwhelm a server.
A teadrop attack is a DDOS attack that involves IP spoofing and ICMP packets towards a target
In the spear phishing attack, the attackers need to know more about the targets
From the following setences, mark the one that is true.
A tampering attack consists of intentionally destroying, manipulating or editing data in a defining communication channel
A botnet consists of a set of vulnerable but now yet attacked machines
A zero day vulnerability (or exploit) consists usually of a vulnerability already covered by a security patch.
A ransomware cannot be conveyed by a worm script
From the following setences, mark the one that is true.
In a session hijacking attack, the attacker searches for vulnerable host to infect it with a malware.
In order to protect clients and servers against the playback attacks, an hash algorithm can be used.
A random nonce can be used to ensure authentication between a client and a server
A teardrop attack takes advantage of IP fragments overlapping, causing a DoS
From the following setences, mark the one that is true.
A flashcrowd is a DDoS attack.
Generally in a DoS attack, the attacker uses its own host to generate traffic towards a target
In a DoS attack an amplifier cannot be a reflector
Pattern analysis can be used to distinguish a flashcrowd from a DDoS.
From the following setences, mark the one that is true. Regarding DoS/DDoS
Attackers can use TCP SYN segments as a reflector service
SYN-ACK cookie allow the current stat to be maintained in the server to protect it from false SYN packets
The Shrew makes use of TCP behaviour forcing TCP to timeout at specific rates to deny service.
Usually one client is able to generate enough data to overwhelm a server.
From the following setences, mark the one that is true.Regarding DoS/DDoS
In DDoS, a reflector is a vulnerable machine used to generate traffic towards a specific target.
The defense for a DDoS attack should be implemented closest as possible from the source of the attack packets
In a DDoS, an amplification server usually is a server in the botnet.
The zombies are the hosts of the attackers, where a DDoS attack starts.
From the following setences, mark the one that is true.
Traceback intends to increase the potential damage of a DDoS attack.
Stateless Internet Flow Filter (SIFF) is used to prevent a DDoS attack, and assumes privileged packets that are transported in a best-effort category.
Normal and protected servers cannot be used as amplifiers machines.
A network telescope (darknet) can be used to make backcatter measurements about type/number of DDoS attacks.
From the following setences, mark the one that is true.Regarding DoS/DDoS
In the crossfire attack persistent links, I.e. Links that may be used or not to convoy traffic towards destination.
In DoS, the crossfire attack starts by floding the target server or service.
In the crossfire, bots can be used to potentiate the attack.
In the crossfire attack is directed to transient link, I.e. Links that may be used or not to convey traffic towards destination
From the following setences, mark the one that is true.Regarding Worms
Stuxnet was a worm that intended to attack IoT devices.
The uncontrolled propagation of a worm may result in the worm competing with it self for bandwidth.
A worm is a script that generally needs human intervention to run.
A worm has 3 main stages by this order: attempt to infect new targets, detect new targets and execute code in the victim machine.
From the following setences, mark the one that is true.Regarding Worms
In order to difficult tracing of the "patients zero", zombies can be hacked in the first stage of the worm attack,
The payload of Mirai Worm was used to attack a routing protocol, which resulted in a DDoS attack to many websites,
To better detect worms and their propagation, human intervention is required.
Generally a worm propagation is slow to be undetected by protection systems.
From the following setences, mark the one that is true.
A CRL is a certificate not valid that should be maintained in a CA.
A X.509 authentication service defines a set of KDCs to share the secret key.
A X.509 Certificate can be revoked before its expiration date, and never after that.
The KDC uses a CA as a trust intermediary.
{"name":"Cyber", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"Test your understanding of cybersecurity concepts with our engaging quiz! This quiz covers various topics such as Intrusion Detection Systems, DDoS attacks, malware, and worms, providing an opportunity to enhance your knowledge and skills.Whether you're a cybersecurity beginner or seeking to improve your expertise, this quiz is designed to challenge you. Key features include:Multiple choice questionsDetailed explanations for each answerA comprehensive overview of cybersecurity threats","img":"https://cdn.poll-maker.com/104-5108643/img-piuteikxpndm4p6g1gsujc1z.jpg"}
More Quizzes
Cyber 2
15824
Entering the network
105313
Information assurance 1
10532
Seguridad 7
1059
ITEC MIDTERMS
452225
Security Malware
105116
Cybersecurity Quiz - Who you gonna call
11610
ETHICAL HACKING
1059
CYBERCRIME
502522
Directory and Files Discovery
320
Secure Application Development Quiz
11619
Using Threat Intelligence
520