Fun Cyber Security Quiz

1. Which of the following would be the best password?

MySecret

Iw2c^tILV

Abc123

Keyboard

George1234

"Iw2c^tILV" is the best password among the options provided because it follows key principles of creating a strong password:

Complexity: It includes a mix of uppercase letters, lowercase letters, numbers, and special characters, making it difficult for attackers to guess or crack through brute force.

Length: It is sufficiently long, which adds another layer of security. Longer passwords are generally harder to crack.

Unpredictability: The password doesn’t include easily guessable words or patterns, unlike "mySecret," "abc123," "keyboard," or "george1234," which are either common, simple, or related to the user (like a name or a common word), making them more vulnerable to attacks.

Explanation

"Iw2c^tILV" is the best password among the options provided because it follows key principles of creating a strong password:

Complexity: It includes a mix of uppercase letters, lowercase letters, numbers, and special characters, making it difficult for attackers to guess or crack through brute force.

Length: It is sufficiently long, which adds another layer of security. Longer passwords are generally harder to crack.

Unpredictability: The password doesn’t include easily guessable words or patterns, unlike "mySecret," "abc123," "keyboard," or "george1234," which are either common, simple, or related to the user (like a name or a common word), making them more vulnerable to attacks.

2. When receiving an email from an unknown contact that has an attachment, you should:

Open the attachment to view its contents

Delete the email

Forward the email to your co-workers to allow them to open the attachment first

Forward the email to your personal email account so you can open it at home

When you receive an email from an unknown contact that contains an attachment, the safest course of action is to delete the email. Opening attachments from unknown sources is a common way that malware, including viruses, ransomware, and spyware, can be delivered to your computer or network. These malicious attachments can cause significant damage, such as stealing personal information, encrypting files for ransom, or spreading to other systems. Forwarding the email, either to your co-workers or your personal email account, is also dangerous because it can spread potential threats to others. Deleting the email immediately helps protect both you and others from the risks associated with unknown attachments.

Explanation

When you receive an email from an unknown contact that contains an attachment, the safest course of action is to delete the email. Opening attachments from unknown sources is a common way that malware, including viruses, ransomware, and spyware, can be delivered to your computer or network. These malicious attachments can cause significant damage, such as stealing personal information, encrypting files for ransom, or spreading to other systems. Forwarding the email, either to your co-workers or your personal email account, is also dangerous because it can spread potential threats to others. Deleting the email immediately helps protect both you and others from the risks associated with unknown attachments.

3. ____________________ is a special software designed to detect computer viruses and avoid them from the system.

Spyware

Malware

Adware

Antivirus

An antivirus is a specialized software that is specifically designed to detect and prevent computer viruses from infecting a system. It scans files and programs, identifies any potential threats, and takes necessary actions to remove or quarantine them. It provides real-time protection by continuously monitoring the system for any suspicious activities or malware attacks. By regularly updating virus definitions, an antivirus ensures that it can effectively detect and neutralize the latest threats. Therefore, an antivirus is an essential tool for maintaining the security and integrity of a computer system.

Explanation

An antivirus is a specialized software that is specifically designed to detect and prevent computer viruses from infecting a system. It scans files and programs, identifies any potential threats, and takes necessary actions to remove or quarantine them. It provides real-time protection by continuously monitoring the system for any suspicious activities or malware attacks. By regularly updating virus definitions, an antivirus ensures that it can effectively detect and neutralize the latest threats. Therefore, an antivirus is an essential tool for maintaining the security and integrity of a computer system.

4. Which of the following is a proper use of email?

Never email personal information

Send out pricelists for your home-based business products

Forward inspirational and humorous emails to your co-workers to brighten their day

Send an email to all your friends and co-workers to advertise a job opening in your area

Using email to share a job opening is considered a proper and professional use, especially when it could benefit others. It supports networking and career opportunities. In contrast, emailing personal information can pose security risks, forwarding humorous content at work may be inappropriate or distracting, and using email to promote personal business can violate workplace policies or seem unprofessional if not done through proper channels.

Explanation

Using email to share a job opening is considered a proper and professional use, especially when it could benefit others. It supports networking and career opportunities. In contrast, emailing personal information can pose security risks, forwarding humorous content at work may be inappropriate or distracting, and using email to promote personal business can violate workplace policies or seem unprofessional if not done through proper channels.

5. Which of the following is an example of an antivirus program?

Mcafee

Quick heal

Kaspersky

All of the above

All of the options listed, namely McAfee, Quick Heal, and Kaspersky, are examples of antivirus programs. Each of these programs is designed to detect, prevent, and remove malicious software or malware from a computer system. They provide real-time protection, regular system scans, and updates to ensure the security of the system. Therefore, the correct answer is "All of the above."

Explanation

All of the options listed, namely McAfee, Quick Heal, and Kaspersky, are examples of antivirus programs. Each of these programs is designed to detect, prevent, and remove malicious software or malware from a computer system. They provide real-time protection, regular system scans, and updates to ensure the security of the system. Therefore, the correct answer is "All of the above."

6. What is the most common delivery method for viruses?

Email

Instant Message

Internet download

Portable media

Email is the most common delivery method for viruses. Cybercriminals often use email as a vector to distribute malware by attaching infected files or embedding malicious links within the message. These emails can appear to be from trusted sources, making them particularly dangerous. Once the recipient opens the attachment or clicks the link, the virus can be downloaded and executed on their device, potentially leading to data theft, system damage, or further spread of the malware. While instant messaging, internet downloads, and portable media can also be used to deliver viruses, email remains the most prevalent method due to its widespread use and ease of targeting large numbers of users.

Explanation

Email is the most common delivery method for viruses. Cybercriminals often use email as a vector to distribute malware by attaching infected files or embedding malicious links within the message. These emails can appear to be from trusted sources, making them particularly dangerous. Once the recipient opens the attachment or clicks the link, the virus can be downloaded and executed on their device, potentially leading to data theft, system damage, or further spread of the malware. While instant messaging, internet downloads, and portable media can also be used to deliver viruses, email remains the most prevalent method due to its widespread use and ease of targeting large numbers of users.

7. Your sister sends you an e-mail at work with a screen saver she says you would love. What should you do? (Select all that apply)

Download it onto your computer, since it's from a trusted source.

Forward the message to other friends to share it.

Call IT and ask them to help install it for you

Delete the message.

This one has four big risks:
1. Some screen savers contain viruses or other malicious programs, so just in general, it's risky to put unknown or unsolicited programs or software on your computer.
2. Also, in some cases just clicking on a malicious link can infect a computer, so unless you are sure a link is safe, don't click on it.
3. Email addresses can be faked, so just because the email says it is from someone you know, you can't be certain of this without checking.
4. Finally, some websites and links look legitimate, but they're really hoaxes designed to steal your information.

Explanation

This one has four big risks:
1. Some screen savers contain viruses or other malicious programs, so just in general, it's risky to put unknown or unsolicited programs or software on your computer.
2. Also, in some cases just clicking on a malicious link can infect a computer, so unless you are sure a link is safe, don't click on it.
3. Email addresses can be faked, so just because the email says it is from someone you know, you can't be certain of this without checking.
4. Finally, some websites and links look legitimate, but they're really hoaxes designed to steal your information.

8. Instant Messaging is safer than regular email.

True

False

While instant messaging (IM) can offer certain security features, it is not inherently safer than regular email. Both instant messaging and email have their own security risks and vulnerabilities. Instant messaging platforms can be susceptible to phishing attacks, malware, and eavesdropping, especially if the platform doesn't use end-to-end encryption or if users click on malicious links or download files from unknown sources.

Explanation

While instant messaging (IM) can offer certain security features, it is not inherently safer than regular email. Both instant messaging and email have their own security risks and vulnerabilities. Instant messaging platforms can be susceptible to phishing attacks, malware, and eavesdropping, especially if the platform doesn't use end-to-end encryption or if users click on malicious links or download files from unknown sources.

9. Who amongst the following is known for computer virus defense techniques?

Eric Corley

Tim Berners-Lee

Robert Tappan Morris

Fred Cohen

Fred Cohen is known for his work in computer virus defense techniques. He is a computer scientist and is credited with coining the term "computer virus." Cohen conducted groundbreaking research on computer viruses in the 1980s and developed early techniques for detecting and defending against them. His work laid the foundation for modern antivirus software and helped establish the field of computer security.

Explanation

Fred Cohen is known for his work in computer virus defense techniques. He is a computer scientist and is credited with coining the term "computer virus." Cohen conducted groundbreaking research on computer viruses in the 1980s and developed early techniques for detecting and defending against them. His work laid the foundation for modern antivirus software and helped establish the field of computer security.

10. Which of the following is a type of computer threat?

Phishing

Soliciting

Dos Attack

None of the above

A DoS (Denial of Service) attack is a type of computer threat where an attacker overwhelms a target system with a flood of illegitimate requests, rendering it unable to respond to legitimate requests. This can lead to a disruption of services, loss of data, and potential financial or reputational damage. Unlike phishing, which involves tricking individuals into revealing sensitive information, and soliciting, which refers to requesting or seeking something, a DoS attack directly targets the availability and functionality of a computer system. Therefore, the correct answer is Dos Attack.

Explanation

A DoS (Denial of Service) attack is a type of computer threat where an attacker overwhelms a target system with a flood of illegitimate requests, rendering it unable to respond to legitimate requests. This can lead to a disruption of services, loss of data, and potential financial or reputational damage. Unlike phishing, which involves tricking individuals into revealing sensitive information, and soliciting, which refers to requesting or seeking something, a DoS attack directly targets the availability and functionality of a computer system. Therefore, the correct answer is Dos Attack.

11. Who coined the term "Virus"?

Len Adleman

Carl Pomerance

Ron Rivest

John Brunner

Len Adleman is credited with coining the term "Virus." He is an American computer scientist who, along with his colleagues, developed the RSA encryption algorithm. Adleman used the term "Virus" to describe self-replicating computer programs that can infect other programs and disrupt computer systems. His work has been influential in the field of computer security and cryptography.

Explanation

Len Adleman is credited with coining the term "Virus." He is an American computer scientist who, along with his colleagues, developed the RSA encryption algorithm. Adleman used the term "Virus" to describe self-replicating computer programs that can infect other programs and disrupt computer systems. His work has been influential in the field of computer security and cryptography.

12. The mouse on your computer screen starts to move around on its own and click on things on your desktop. What do you do? (Select all that apply)

Call your co-workers over so they can see.

Contact the IT Helpdesk immediately.

Unplug your mouse.

Turn your computer off.

Run anti-virus.

All of the above.

This is definitely suspicious. Immediately report the problem to the IT Help Desk.
Also, since it seems possible that someone is controlling the computer remotely, it is best if you can disconnect the computer from the network until help arrives. If possible, do not turn off the computer.

Explanation

This is definitely suspicious. Immediately report the problem to the IT Help Desk.
Also, since it seems possible that someone is controlling the computer remotely, it is best if you can disconnect the computer from the network until help arrives. If possible, do not turn off the computer.

13. You receive an e-mail with an attachment from "I.T. Security." The e-mail says that your computer has been infected with a virus and you need to open the attachment and follow the directions to get rid of the virus. What should you do? (Select all that apply)

Follow the instructions ASAP to avoid the virus

Open the e-mail attachment to see what it says.

Reply to the sender and say "take me off this list".

Delete the message from the unknown source.

Contact the IT Help Desk and ask about the email.

Attachments can contain viruses and other malicious programs that can infect your computer, so opening or clicking on an unexpected or unknown attachment is very risky.
If you can tell that this is spam, delete the E-mail message. If you are unsure about whether you should open the attachment, contact the IT Help Desk [email protected] for further instructions. As a general rule, don't open, reply to, or forward suspicious e-mails or attachments

Explanation

Attachments can contain viruses and other malicious programs that can infect your computer, so opening or clicking on an unexpected or unknown attachment is very risky.
If you can tell that this is spam, delete the E-mail message. If you are unsure about whether you should open the attachment, contact the IT Help Desk [email protected] for further instructions. As a general rule, don't open, reply to, or forward suspicious e-mails or attachments

Submit

14. Which of the following is a good way to create a password? (Select all that apply)

Your children's or pet's names

Using look-alike substitutions of numbers or symbols

A combination of upper and lowercase letters mixed with numbers and symbols

Using common names or words from the dictionary

Using a password generator

Using letters, numbers, specal characters and recording it on a sticky note attached to your monitor

A secure password is at least eight characters long.
Does not contain your user name, real name, or company name.
Does not contain a complete word.
Is significantly different from previous passwords.
Contains characters from each of the following four categories:
Uppercase letters
Lowercase letters
Numbers
Symbols

Explanation

A secure password is at least eight characters long.
Does not contain your user name, real name, or company name.
Does not contain a complete word.
Is significantly different from previous passwords.
Contains characters from each of the following four categories:
Uppercase letters
Lowercase letters
Numbers
Symbols

Submit

15. Which of the following techniques is most effective in preventing Man-in-the-Middle (MitM) attacks during the initial key exchange process in a TLS handshake?

Using a Pre-Shared Key (PSK) for the initial exchange

Implementing Perfect Forward Secrecy (PFS) with Diffie-Hellman key exchange

Relying on static RSA key exchange

Employing digital certificates signed by a trusted Certificate Authority (CA)

Option B is correct because Perfect Forward Secrecy (PFS) with Diffie-Hellman ensures that each session’s key is unique and not derived from the server's private key, protecting against Man-in-the-Middle (MitM) attacks even if the server’s key is compromised. While digital certificates (Option D) establish trust, they don't prevent MitM during key exchange. Static RSA (Option C) and Pre-Shared Keys (Option A) offer weaker protection compared to PFS.

Explanation

Option B is correct because Perfect Forward Secrecy (PFS) with Diffie-Hellman ensures that each session’s key is unique and not derived from the server's private key, protecting against Man-in-the-Middle (MitM) attacks even if the server’s key is compromised. While digital certificates (Option D) establish trust, they don't prevent MitM during key exchange. Static RSA (Option C) and Pre-Shared Keys (Option A) offer weaker protection compared to PFS.