Hello, Guest Login

Advanced ~5 min

Cyber Security Advanced 2

This intermediate assessment builds on core cybersecurity knowledge and explores more advanced topics such as attack vectors, encryption, access control, vulnerability management, and incident response. Intended for learners with foundational experience, the test emphasizes practical understanding of how cyber threats operate and how security controls are applied in real-world systems.

Progress: 0/30

Advanced � ~5 min

Q1. What is a zero-day exploit?

Select one answer � 1 pt

Known patch evasion Phishing campaign Brute force attempt Attack on undisclosed vulnerability

Q2. What does AES stand for in cryptography?

Select one answer � 1 pt

Asymmetric Encryption System Authenticated Encryption Scheme Algorithmic Encryption Service Advanced Encryption Standard

Q3. Which attack involves injecting malicious code into a website?

Select one answer � 1 pt

Man-in-the-Middle Buffer Overflow Cross-Site Scripting (XSS) SQL Injection

Q4. What is a man-in-the-middle (MITM) attack?

Select one answer � 1 pt

Intercepting and altering communications Flooding with traffic Guessing passwords Encrypting data

Q5. What is the purpose of a digital certificate?

Select one answer � 1 pt

Block malware Verify identity and enable encryption Store passwords Monitor traffic

Q6. Which protocol is used for secure email transmission?

Select one answer � 1 pt

FTP S/MIME HTTP SMTP

Q7. What is SQL injection?

Select one answer � 1 pt

Auditing logs Injecting malicious SQL code Backing up data Encrypting database

Q8. What does PKI stand for?

Select one answer � 1 pt

Protected Knowledge Index Public Key Infrastructure Private Key Integration Password Key Interface

Q9. Which is an example of a rootkit?

Select one answer � 1 pt

Encryption tool Antivirus scanner Firewall rule Software that conceals malware

Q10. What is cross-site request forgery (CSRF)?

Select one answer � 1 pt

Unauthorized actions on authenticated sites Injecting scripts Stealing cookies Denying service

Q11. In a penetration testing scenario, what is the primary goal of the reconnaissance phase?

Select one answer � 1 pt

Deploying payloads Exploiting vulnerabilities Erasing logs Gathering target information

Q12. Which hashing algorithm is considered secure for passwords?

Select one answer � 1 pt

CRC32 bcrypt MD5 SHA-1

Q13. What is ARP poisoning?

Select one answer � 1 pt

Authenticating users Spoofing ARP responses Encrypting packets Filtering traffic

Q14. What does GDPR regulate?

Select one answer � 1 pt

Data protection and privacy Software licensing Hardware standards Network protocols

Q15. During a penetration test, which tool is commonly used for network scanning and service enumeration?

Select one answer � 1 pt

John the Ripper Nmap Burp Suite Wireshark

Q16. What is multi-factor authentication (MFA)?

Select one answer � 1 pt

Biometric only Username alone Single password Multiple forms of verification

Q17. What is a buffer overflow attack?

Select one answer � 1 pt

Overwriting adjacent memory Flooding inputs Encrypting buffers Auditing code

Q18. In a penetration testing engagement, what does the term 'pivoting' refer to?

Select one answer � 1 pt

Using a compromised host to attack others Initial foothold establishment Vulnerability scanning Report generation

Q19. What is OAuth used for?

Select one answer � 1 pt

Data encryption Delegated authorization Password hashing Network segmentation

Q20. What does IDS stand for?

Select one answer � 1 pt

Intrusion Detection System Internet Domain Service Identity Directory Server Incident Data Storage

Q21. Which is a characteristic of asymmetric encryption?

Select one answer � 1 pt

Public and private key pair Single shared key Hashing only Compression

Q22. What is a supply chain attack?

Select one answer � 1 pt

Direct brute force Phishing employees Compromising vendors to access targets Internal sabotage

Q23. In a penetration testing scenario, how would you exploit a web application vulnerable to command injection?

Select one answer � 1 pt

Sniffing network traffic Injecting OS commands via input fields Guessing admin credentials Social engineering users

Q24. Which tool is used for penetration testing?

Select one answer � 1 pt

Notepad Excel Calculator Metasploit

Q25. What is zero trust architecture?

Select one answer � 1 pt

Block external access only Verify explicitly, never trust Use single sign-on Trust all internal traffic

Q26. What is a cryptographic nonce?

Select one answer � 1 pt

Number used once to prevent replays Private key Certificate authority Hash function

Q27. During a red team penetration test, what technique involves masquerading as an insider to gain physical access?

Select one answer � 1 pt

Tailgating or piggybacking Wireless deauthentication SQL mapping Dumpster diving

Q28. What is forensic analysis in cybersecurity?

Select one answer � 1 pt

Encrypting data Collecting and analyzing evidence Preventing attacks Monitoring traffic

Q29. What does HIPAA protect?

Select one answer � 1 pt

Government secrets Intellectual property Financial data Protected health information

Q30. Which is an advanced persistent threat (APT)?

Select one answer � 1 pt

One-time phishing Long-term sophisticated intrusion Brute force attempt Simple virus

Cancel