Top 20 Cyber Security Quiz Questions

A __ is to try every possible key on a piece of ciphertext until an intelligible translation into plaintext is obtained.

Select one:
a. mode of operation
b. hash function
c. cryptanalysis
d. brute-force attack

__ is a function that removes specific identifying information from query results, such as last name and telephone number, but creates some sort of unique identifier so that analysts can detect connections between queries.

Select one:
a. Anonymization
b. Data transformation
c. Immutable audit
d. Selective revelation

The most vulnerable part of an IoT is the __ .

Select one:
a. smart objects/embedded systems
b. fog/edge network
c. core network
d. data center/cloud

An area of a facility that has no security interest is classified as _.

Select one:
a. unrestricted
b. controlled
c. limited
d. exclusion

The _ module performs end-to-end encryption and obtains session keys on behalf of users.

Select one:
a. PKM
b. RCM
c. SSM
d. CCM

_ is an organization that produces data to be made available for controlled release, either within the organization or to external users.

Select one:
a. Client
b. Data owner
c. User
d. Server

__ is intended to permit others to perform, show, quote, copy, and otherwise distribute portions of the work for certain purposes.

Select one:
a. Reverse engineering
b. Personal privacy
c. Fair use
d. Encryption research

The ideal solution to the threat of malware is __.

Select one:
a. identification
b. removal
c. detection
d. prevention

_ is a document that describes the application level protocol for exchanging data between intrusion detection entities.

Select one:
a. RFC 4767
b. RFC 4766
c. RFC 4765
d. RFC 4764

_ scan critical system files, directories, and services to ensure they have not been changed without proper authorization.

Select one:
a. Intrusion prevention systems
b. System integrity verification tools
c. Log analysis tools
d. Network and host intrusion detection systems

__ is the identification of data that exceed a particular baseline value.

Select one:
a. Anomaly detection
b. Real-time analysis
c. Thresholding
d. All of the above

__ refers to setting a maximum number with respect to roles.

Select one:
a. Cardinality
b. Prerequisite
c. Exclusive
d. Hierarchy

__ systems should not run automatic updates because they may possibly introduce instability.

Select one:
a. Configuration controlled
b. Policy controlled
c. Change controlled
d. Process controlled

Subject attributes, object attributes and environment attributes are the three types of attributes in the __ model.

Select one:
a. DSD
d. SSD

A restricted area within close proximity of a security interest has a classification of __.

Select one:
a. exclusion
b. controlled
c. limited
d. unrestricted

A __ is any action that compromises the security of information owned by an organization.

Select one:
a. security mechanism
b. security attack
c. security policy
d. security service

__ specification indicates the impact on the organization should the particular threat in question actually eventuate.

Select one:
a. Risk
b. Consequence
c. Threat
d. Likelihood

_ is a tool used to automatically identify potentially vulnerable programs.

Select one:
a. Slamming
b. Sledding
c. Fuzzing
d. All the above

__ is an organization that receives the encrypted data from a data owner and makes them available for distribution to clients.

Select one:
a. User
b. Client
c. Data owner
d. Server

Identification and authentication is part of the _ class of security controls.

Select one:
a. technical
b. operational
c. management
d. none of the above


  1. d
  2. a
  3. a
  4. a
  5. c
  6. b
  7. c
  8. d
  9. a
  10. b
  11. c
  12. a
  13. c
  14. c
  15. c
  16. b
  17. b
  18. c
  19. d
  20. a