Cyber security MCQs

31. Which of the following is an example of a multi-factor authentication (MFA) method?
A) Password and security question
B) Password and biometric authentication
C) Security token and biometric authentication
D) Password and fingerprint

32. What is the term for the process of intentionally misleading hackers or attackers in order to protect an organization’s assets?
A) Honeypot
B) Firewall
C) Encryption
D) IDS

33. Which type of cybersecurity attack involves hackers intercepting and modifying communication between two parties in order to steal data or execute a malicious action?
A) Man-in-the-middle attack
B) Ransomware attack
C) DDoS attack
D) Phishing attack

34. Which of the following is an example of a vulnerability scanning tool?
A) Nessus
B) Snort
C) Metasploit
D) Wireshark

35. Which type of cybersecurity attack involves hackers gaining access to a system by sending an email or message that appears to be from a legitimate source and tricks the recipient into taking a specific action?
A) Phishing attack
B) DDoS attack
C) Man-in-the-middle attack
D) Ransomware attack

36. What is the term for the process of granting or denying access to an organization’s resources based on the identity and permissions of the user or device?
A) Identity and access management
B) Network security
C) Vulnerability management
D) Penetration testing

37. Which of the following is NOT an example of a cyber incident response team role?
A) Recovery specialist
B) Forensic analyst
C) Communications coordinator
D) Sales representative

38. Which type of cybersecurity attack involves hackers encrypting an organization’s data and demanding payment in exchange for the decryption key?
A) Ransomware attack
B) Phishing attack
C) DDoS attack
D) Man-in-the-middle attack

39. Which of the following is a protocol used to transfer files over the internet securely?
A) FTPS
B) HTTPS
C) SMTP
D) SSH

40. Which type of cybersecurity attack involves hackers flooding a system or network with traffic in order to make it unavailable to users?
A) DDoS attack
B) Ransomware attack
C) Phishing attack
D) SQL injection attack