1
Which IEEE standard governs Wireless LAN (WLAN) technologies?
A. IEEE 802.15
B. IEEE 802.3
C. IEEE 802.1X
D. IEEE 802.11
Correct Answer: IEEE 802.11
Explanation:
IEEE 802.11 is the set of standards that define communication for wireless local area networks (WLANs).
2
In the context of wireless security, what is an 'Evil Twin' attack?
A. A bluetooth attack that crashes the device
B. A rogue access point that mimics a legitimate SSID to intercept traffic
C. A virus that replicates itself on mobile devices
D. Two hackers working simultaneously on the same network
Correct Answer: A rogue access point that mimics a legitimate SSID to intercept traffic
Explanation:
An Evil Twin is a rogue AP configured to look exactly like a legitimate hotspot to trick users into connecting to it.
3
Which wireless encryption protocol is considered the weakest and has been deprecated due to severe vulnerabilities?
A. WPA3
B. WPA2
C. WEP
D. WPA-Enterprise
Correct Answer: WEP
Explanation:
Wired Equivalent Privacy (WEP) is an old security algorithm that is easily cracked and no longer considered secure.
4
What is the primary difference between Bluejacking and Bluesnarfing?
A. Bluejacking takes full control of the device, while Bluesnarfing only crashes it
B. Bluejacking sends unsolicited messages, while Bluesnarfing involves stealing data
C. Bluejacking involves stealing data, while Bluesnarfing sends unsolicited messages
D. There is no difference; they are synonyms
Correct Answer: Bluejacking sends unsolicited messages, while Bluesnarfing involves stealing data
Explanation:
Bluejacking is relatively harmless spamming of messages, whereas Bluesnarfing is the unauthorized theft of information from a Bluetooth device.
5
Which Bluetooth attack allows an attacker to take full control of a target device to make calls or send texts?
A. Bluestriking
B. Bluesnarfing
C. Bluebugging
D. Bluejacking
Correct Answer: Bluebugging
Explanation:
Bluebugging goes beyond data theft and allows the attacker to take control of the device's commands.
6
What is the primary function of a SIEM (Security Information and Event Management) system?
A. To act as a firewall for wireless networks
B. To encrypt mobile device hard drives
C. To manage cloud subscriptions
D. To aggregate and analyze log data from various sources to detect security incidents
Correct Answer: To aggregate and analyze log data from various sources to detect security incidents
Explanation:
SIEM solutions collect log data, correlate events, and generate alerts for potential security threats.
7
In a Security Operations Center (SOC), what is the main responsibility of Tier 1 analysts?
A. Triage and initial classification of security alerts
B. Threat hunting
C. Deep forensic analysis
D. Managing the budget of the security team
Correct Answer: Triage and initial classification of security alerts
Explanation:
Tier 1 analysts allow for the initial review of incoming alerts to determine if they are false positives or real incidents requiring escalation.
8
What core component does the Android operating system use as its foundation?
A. Windows NT Kernel
B. Darwin Kernel
C. Linux Kernel
D. Microkernel
Correct Answer: Linux Kernel
Explanation:
Android is built on top of the Linux kernel, which handles low-level hardware interactions and memory management.
9
iOS utilizes a security mechanism that restricts apps from accessing data or processes of other apps. What is this called?
A. Rooting
B. Sandboxing
C. Hypervising
D. Containerization
Correct Answer: Sandboxing
Explanation:
Sandboxing isolates apps so that if one is compromised, it cannot easily affect the system or other apps.
10
The process of removing software restrictions imposed by Apple on iOS devices is known as:
A. Unlocking
B. Jailbreaking
C. Rooting
D. Sideloading
Correct Answer: Jailbreaking
Explanation:
Jailbreaking is the specific term for escalating privileges on iOS to bypass manufacturer restrictions.
11
On Android devices, gaining administrative (superuser) privileges is referred to as:
A. Phishing
B. Rooting
C. Jailbreaking
D. Bootloading
Correct Answer: Rooting
Explanation:
Rooting is the process of attaining root access on Android subsystems.
12
Which mobile security model involves separating personal and corporate data on the same device?
A. CYOD (Choose Your Own Device)
B. Containerization
C. Direct Access
D. BYOD (Bring Your Own Device)
Correct Answer: Containerization
Explanation:
Containerization creates a secure, isolated area on a device for business apps and data, keeping them separate from personal data.
13
What is 'Sideloading' in the context of mobile security?
A. Turning the phone sideways to bypass facial recognition
B. Transferring data to the cloud
C. Installing applications from sources other than the official app store
D. Charging a device via a malicious USB port
Correct Answer: Installing applications from sources other than the official app store
Explanation:
Sideloading bypasses the vetting process of official stores (like Google Play), increasing the risk of installing malware.
14
Which solution allows IT administrators to remotely wipe, lock, and configure mobile devices across an enterprise?
A. IDS (Intrusion Detection System)
B. VPN (Virtual Private Network)
C. WPA2
D. MDM (Mobile Device Management)
Correct Answer: MDM (Mobile Device Management)
Explanation:
MDM software provides centralized control over mobile devices used within an organization.
15
What is the 'Shared Responsibility Model' in cloud computing?
A. The cloud provider is responsible for everything
B. The customer is responsible for everything
C. Security obligations are divided between the cloud provider and the customer
D. Multiple cloud providers share the cost of security
Correct Answer: Security obligations are divided between the cloud provider and the customer
Explanation:
The provider secures the infrastructure (cloud), while the customer secures the data and configurations (in the cloud).
16
Which Cloud Service Model provides the consumer with the capability to provision processing, storage, and networks (e.g., AWS EC2)?
A. SaaS (Software as a Service)
B. IaaS (Infrastructure as a Service)
C. PaaS (Platform as a Service)
D. DaaS (Desktop as a Service)
Correct Answer: IaaS (Infrastructure as a Service)
Explanation:
IaaS offers fundamental computing resources where the consumer deploys and runs arbitrary software.
17
Which Cloud Service Model delivers applications over the internet (e.g., Gmail, Salesforce)?
A. PaaS (Platform as a Service)
B. SaaS (Software as a Service)
C. IaaS (Infrastructure as a Service)
D. FaaS (Function as a Service)
Correct Answer: SaaS (Software as a Service)
Explanation:
SaaS provides fully functional applications managed by the vendor and accessed by users via a web browser or client.
18
Google App Engine and Microsoft Azure App Service are examples of which cloud model?
A. SaaS
B. PaaS
C. Hybrid
D. IaaS
Correct Answer: PaaS
Explanation:
PaaS provides a platform allowing customers to develop, run, and manage applications without building the infrastructure.
19
Which cloud deployment model is exclusively used by a single organization?
A. Community Cloud
B. Public Cloud
C. Hybrid Cloud
D. Private Cloud
Correct Answer: Private Cloud
Explanation:
A Private Cloud is dedicated to the needs of a single organization, offering more control and privacy.
20
What is a major security risk associated with Insecure APIs in cloud computing?
A. They slow down the internet connection
B. They prevent the use of firewalls
C. They can expose sensitive data or allow unauthorized control if not properly authenticated
D. They consume too much electricity
Correct Answer: They can expose sensitive data or allow unauthorized control if not properly authenticated
Explanation:
APIs are the entry points to cloud services; if insecure, they serve as a gateway for attackers to access data or manipulate services.
21
In the context of Wireless security, what is 'War Driving'?
A. Physically driving around to locate and map open or vulnerable wireless networks
B. Driving a tank into a data center
C. Overclocking a CPU to increase speed
D. Using a drone to jam signals
Correct Answer: Physically driving around to locate and map open or vulnerable wireless networks
Explanation:
War Driving involves moving through an area to detect Wi-Fi signals and identify vulnerable access points.
22
Which of the following is a countermeasure against Bluetooth attacks?
A. Keeping Bluetooth in 'Discoverable' mode at all times
B. Broadcasting the device name publicly
C. Setting the device to 'Non-discoverable' or 'Hidden' mode when not pairing
D. Using a PIN of '0000'
Correct Answer: Setting the device to 'Non-discoverable' or 'Hidden' mode when not pairing
Explanation:
Making the device non-discoverable prevents attackers from easily finding and targeting the device via Bluetooth.
23
What is a 'Rogue Access Point'?
A. A firewall rule that blocks traffic
B. An unauthorized wireless access point installed on a secure network
C. A secure router provided by the ISP
D. A software update for Wi-Fi drivers
Correct Answer: An unauthorized wireless access point installed on a secure network
Explanation:
Rogue APs are unauthorized devices attached to a network, often creating a backdoor for attackers.
24
What is the purpose of SSID broadcasting?
A. To announce the presence and name of the wireless network to nearby devices
B. To block unauthorized users
C. To encrypt the data traffic
D. To increase the speed of the internet
Correct Answer: To announce the presence and name of the wireless network to nearby devices
Explanation:
The Service Set Identifier (SSID) is the network name broadcasted so devices can see and connect to it.
25
Which mobile threat involves an attacker intercepting communication between the user and a server?
A. Man-in-the-Middle (MitM) attack
B. Geofencing
C. Screen locking
D. Data resting
Correct Answer: Man-in-the-Middle (MitM) attack
Explanation:
In MitM attacks, the attacker secretly relays and possibly alters the communication between two parties who believe they are communicating directly.
26
What is 'Shadow IT' in the context of Cloud Security?
A. A hacking group targeting clouds
B. Backup data stored in a dark room
C. The use of IT systems and cloud services without explicit approval from the IT department
D. Dark mode interfaces in cloud apps
Correct Answer: The use of IT systems and cloud services without explicit approval from the IT department
Explanation:
Shadow IT creates security blind spots because the IT security team cannot protect or monitor services they don't know exist.
27
Which cloud attack involves an attacker exploiting the shared resources in a virtualized environment to access data from another tenant?
A. Guest-Escape / Hypervisor Jumping
B. DDoS
C. SQL Injection
D. Phishing
Correct Answer: Guest-Escape / Hypervisor Jumping
Explanation:
This attack involves breaking out of a virtual machine (VM) to interact with the hypervisor or other VMs on the same physical host.
28
What is a CASB (Cloud Access Security Broker)?
A. A physical lock for server rooms
B. Software that sits between cloud service users and cloud applications to enforce security policies
C. A type of cloud malware
D. A government agency regulating clouds
Correct Answer: Software that sits between cloud service users and cloud applications to enforce security policies
Explanation:
CASBs provide visibility, compliance, data security, and threat protection for cloud services.
29
Why is 'Multitenancy' a security concern in the cloud?
A. Multiple customers share the same physical resources, creating a risk of data leakage if isolation fails
B. It requires more electricity
C. It makes the internet slower
D. It increases the cost of storage
Correct Answer: Multiple customers share the same physical resources, creating a risk of data leakage if isolation fails
Explanation:
In multitenancy, a failure in logical separation could allow one tenant to view another tenant's data.
30
Which of the following is a critical step when testing security in the cloud (Penetration Testing)?
A. Ignoring the Service Level Agreement
B. Obtaining permission from the Cloud Service Provider (CSP) before testing
C. Launching an attack without warning
D. Testing only on weekends
Correct Answer: Obtaining permission from the Cloud Service Provider (CSP) before testing
Explanation:
Testing without permission violates terms of service and the provider may interpret the test as a real attack and block it.
31
What does WPA3 use to replace the WPA2 Pre-Shared Key exchange, making it resistant to offline dictionary attacks?
A. Simultaneous Authentication of Equals (SAE)
B. WEP
C. TKIP
D. Plaintext
Correct Answer: Simultaneous Authentication of Equals (SAE)
Explanation:
SAE is the handshake protocol in WPA3 that prevents attackers from determining the password through offline dictionary attacks.
32
What is a 'Botnet' often used for in cloud attacks?
A. Mining cryptocurrency legally
B. Indexing web pages
C. Perform Distributed Denial of Service (DDoS) attacks
D. Backing up data
Correct Answer: Perform Distributed Denial of Service (DDoS) attacks
Explanation:
Botnets are networks of compromised devices used to flood a target with traffic, causing a DDoS.
33
What allows Android users to verify what capabilities an application is requesting (e.g., access to camera, contacts)?
A. Root Access
B. App Permissions
C. Kernel Panic
D. The instruction manual
Correct Answer: App Permissions
Explanation:
The permission model requires apps to ask the user for consent before accessing sensitive hardware or data.
34
Which wireless security protocol uses TKIP (Temporal Key Integrity Protocol)?
A. WEP
B. WPA2
C. WPA
D. WPA3
Correct Answer: WPA
Explanation:
WPA introduced TKIP to address the vulnerabilities of WEP, though it was later replaced by CCMP/AES in WPA2.
35
What is 'Geo-tagging' and why is it a mobile security risk?
A. Using GPS for maps; it uses data
B. Embedding location data in photos/posts; it reveals the user's physical location to stalkers
C. Playing games based on location; it wastes battery
D. Tagging friends in photos; it is a privacy violation
Correct Answer: Embedding location data in photos/posts; it reveals the user's physical location to stalkers
Explanation:
Geo-tags add metadata to files that can reveal exactly where a photo was taken, compromising physical safety.
36
In the context of SOC, what does 'Correlation' mean?
A. Linking different events from log files to identify a complex attack pattern
B. Connecting the power cables
C. Backing up files to two locations
D. Communicating with the HR department
Correct Answer: Linking different events from log files to identify a complex attack pattern
Explanation:
Correlation engines in SIEMs look for relationships between seemingly unrelated events to detect sophisticated threats.
37
Which of the following is a physical security threat to mobile devices?
A. Malware
B. Phishing
C. SQL Injection
D. Theft or Loss
Correct Answer: Theft or Loss
Explanation:
Because mobile devices are portable, they are easily lost or stolen, giving attackers physical access to the device.
38
What is 'Cryptojacking' in a cloud environment?
A. Stealing credit card numbers
B. Encrypting data for ransom
C. Unauthorized use of cloud computing resources to mine cryptocurrency
D. Hacking into a bank
Correct Answer: Unauthorized use of cloud computing resources to mine cryptocurrency
Explanation:
Attackers hijack the processing power of cloud instances to mine crypto, driving up costs for the victim.
39
The NIST definition of Cloud Computing includes 'Rapid Elasticity'. What does this mean?
A. The cloud is made of rubber
B. Data is stored on flexible disks
C. Capabilities can be elastically provisioned and released to scale rapidly outward and inward
D. The internet speed is constant
Correct Answer: Capabilities can be elastically provisioned and released to scale rapidly outward and inward
Explanation:
Rapid Elasticity allows systems to automatically scale resources up or down based on demand.
40
Which attack vector involves a malicious insider abusing their authorized access to cloud data?
A. Outsider Threat
B. War Driving
C. Insider Threat
D. DDoS
Correct Answer: Insider Threat
Explanation:
Insider threats involve employees or contractors using their legitimate privileges to steal data or cause harm.
41
What is the primary function of a Virtual Private Network (VPN) on a mobile device connecting to public Wi-Fi?
A. To download apps faster
B. To boost signal strength
C. To create an encrypted tunnel for data, protecting it from interception
D. To bypass battery limits
Correct Answer: To create an encrypted tunnel for data, protecting it from interception
Explanation:
A VPN encrypts internet traffic, making it unreadable to anyone sniffing the public Wi-Fi network.
42
Which Bluetooth class has the longest range (approximately 100 meters)?
A. Class 4
B. Class 2
C. Class 3
D. Class 1
Correct Answer: Class 1
Explanation:
Class 1 Bluetooth devices have higher power output (100mW) and a range of up to 100 meters.
43
What is 'MAM' in mobile security?
A. Mobile Access Monitoring
B. Main Access Module
C. Mobile Application Management
D. Man-Against-Machine
Correct Answer: Mobile Application Management
Explanation:
MAM focuses on securing specific corporate applications on a device, rather than controlling the entire device like MDM.
44
Which file format is used for installing software on the Android operating system?
A. .APK
B. .DMG
C. .EXE
D. .IPA
Correct Answer: .APK
Explanation:
Android Package Kit (APK) is the package file format used by the Android OS for distribution and installation of mobile apps.
45
In cloud security, what does 'Data Sovereignty' refer to?
A. The king of data
B. The speed of data transfer
C. The concept that data is subject to the laws of the country in which it is physically stored
D. The encryption level of data
Correct Answer: The concept that data is subject to the laws of the country in which it is physically stored
Explanation:
Data stored in the cloud resides on physical servers; local laws (like GDPR in Europe) apply to that data depending on the server location.
46
What is a 'Hybrid Cloud'?
A. A composition of two or more clouds (private, community, or public) that remain unique entities but are bound together
B. A cloud maintained by a single person
C. A cloud that only stores images
D. A cloud that runs on gas and electricity
Correct Answer: A composition of two or more clouds (private, community, or public) that remain unique entities but are bound together
Explanation:
Hybrid clouds combine public and private infrastructure, allowing data and applications to be shared between them.
47
Which wireless attack involves capturing handshake packets and attempting to crack the password offline?
A. Beacon Flooding
B. WPA Cracking / Dictionary Attack
C. MAC Filtering
D. Signal Jamming
Correct Answer: WPA Cracking / Dictionary Attack
Explanation:
Attackers capture the 4-way handshake and use wordlists to guess the Pre-Shared Key.
48
What is 'MAC Address Filtering'?
A. Allowing or denying network access based on the hardware address of the network card
B. Filtering out Mac computers
C. Blocking websites
D. Cleaning the router
Correct Answer: Allowing or denying network access based on the hardware address of the network card
Explanation:
MAC filtering creates an allow/deny list based on the unique Media Access Control address of devices.
49
Why is 'Remote Wipe' a critical feature for enterprise mobile security?
A. To delete apps that are not used
B. To erase sensitive corporate data if a device is lost or stolen
C. To clean the screen remotely
D. To update the OS remotely
Correct Answer: To erase sensitive corporate data if a device is lost or stolen
Explanation:
If a device falls into the wrong hands, Remote Wipe ensures that confidential data cannot be accessed.
50
Which of the following is a symptom of a mobile device being infected with malware?
A. Unexpected data usage spikes and rapid battery drain
B. Screen becoming brighter
C. Extended battery life
D. Faster performance
Correct Answer: Unexpected data usage spikes and rapid battery drain
Explanation:
Malware often runs background processes and communicates with C&C servers, consuming data and battery.