Unit 6 - Practice Quiz

INT244 50 Questions
0 Correct 0 Wrong 50 Left
0/50

1 Which IEEE standard governs Wireless LAN (WLAN) technologies?

A. IEEE 802.11
B. IEEE 802.1X
C. IEEE 802.3
D. IEEE 802.15

2 In the context of wireless security, what is an 'Evil Twin' attack?

A. A rogue access point that mimics a legitimate SSID to intercept traffic
B. A virus that replicates itself on mobile devices
C. Two hackers working simultaneously on the same network
D. A bluetooth attack that crashes the device

3 Which wireless encryption protocol is considered the weakest and has been deprecated due to severe vulnerabilities?

A. WPA2
B. WEP
C. WPA-Enterprise
D. WPA3

4 What is the primary difference between Bluejacking and Bluesnarfing?

A. Bluejacking takes full control of the device, while Bluesnarfing only crashes it
B. Bluejacking involves stealing data, while Bluesnarfing sends unsolicited messages
C. There is no difference; they are synonyms
D. Bluejacking sends unsolicited messages, while Bluesnarfing involves stealing data

5 Which Bluetooth attack allows an attacker to take full control of a target device to make calls or send texts?

A. Bluestriking
B. Bluesnarfing
C. Bluejacking
D. Bluebugging

6 What is the primary function of a SIEM (Security Information and Event Management) system?

A. To encrypt mobile device hard drives
B. To act as a firewall for wireless networks
C. To manage cloud subscriptions
D. To aggregate and analyze log data from various sources to detect security incidents

7 In a Security Operations Center (SOC), what is the main responsibility of Tier 1 analysts?

A. Threat hunting
B. Triage and initial classification of security alerts
C. Deep forensic analysis
D. Managing the budget of the security team

8 What core component does the Android operating system use as its foundation?

A. Darwin Kernel
B. Windows NT Kernel
C. Linux Kernel
D. Microkernel

9 iOS utilizes a security mechanism that restricts apps from accessing data or processes of other apps. What is this called?

A. Hypervising
B. Sandboxing
C. Rooting
D. Containerization

10 The process of removing software restrictions imposed by Apple on iOS devices is known as:

A. Rooting
B. Jailbreaking
C. Unlocking
D. Sideloading

11 On Android devices, gaining administrative (superuser) privileges is referred to as:

A. Jailbreaking
B. Bootloading
C. Rooting
D. Phishing

12 Which mobile security model involves separating personal and corporate data on the same device?

A. BYOD (Bring Your Own Device)
B. CYOD (Choose Your Own Device)
C. Containerization
D. Direct Access

13 What is 'Sideloading' in the context of mobile security?

A. Installing applications from sources other than the official app store
B. Charging a device via a malicious USB port
C. Turning the phone sideways to bypass facial recognition
D. Transferring data to the cloud

14 Which solution allows IT administrators to remotely wipe, lock, and configure mobile devices across an enterprise?

A. WPA2
B. IDS (Intrusion Detection System)
C. VPN (Virtual Private Network)
D. MDM (Mobile Device Management)

15 What is the 'Shared Responsibility Model' in cloud computing?

A. Security obligations are divided between the cloud provider and the customer
B. Multiple cloud providers share the cost of security
C. The cloud provider is responsible for everything
D. The customer is responsible for everything

16 Which Cloud Service Model provides the consumer with the capability to provision processing, storage, and networks (e.g., AWS EC2)?

A. PaaS (Platform as a Service)
B. IaaS (Infrastructure as a Service)
C. DaaS (Desktop as a Service)
D. SaaS (Software as a Service)

17 Which Cloud Service Model delivers applications over the internet (e.g., Gmail, Salesforce)?

A. SaaS (Software as a Service)
B. PaaS (Platform as a Service)
C. IaaS (Infrastructure as a Service)
D. FaaS (Function as a Service)

18 Google App Engine and Microsoft Azure App Service are examples of which cloud model?

A. IaaS
B. PaaS
C. SaaS
D. Hybrid

19 Which cloud deployment model is exclusively used by a single organization?

A. Public Cloud
B. Hybrid Cloud
C. Private Cloud
D. Community Cloud

20 What is a major security risk associated with Insecure APIs in cloud computing?

A. They prevent the use of firewalls
B. They consume too much electricity
C. They slow down the internet connection
D. They can expose sensitive data or allow unauthorized control if not properly authenticated

21 In the context of Wireless security, what is 'War Driving'?

A. Physically driving around to locate and map open or vulnerable wireless networks
B. Driving a tank into a data center
C. Using a drone to jam signals
D. Overclocking a CPU to increase speed

22 Which of the following is a countermeasure against Bluetooth attacks?

A. Setting the device to 'Non-discoverable' or 'Hidden' mode when not pairing
B. Using a PIN of '0000'
C. Broadcasting the device name publicly
D. Keeping Bluetooth in 'Discoverable' mode at all times

23 What is a 'Rogue Access Point'?

A. An unauthorized wireless access point installed on a secure network
B. A software update for Wi-Fi drivers
C. A secure router provided by the ISP
D. A firewall rule that blocks traffic

24 What is the purpose of SSID broadcasting?

A. To increase the speed of the internet
B. To announce the presence and name of the wireless network to nearby devices
C. To encrypt the data traffic
D. To block unauthorized users

25 Which mobile threat involves an attacker intercepting communication between the user and a server?

A. Screen locking
B. Data resting
C. Geofencing
D. Man-in-the-Middle (MitM) attack

26 What is 'Shadow IT' in the context of Cloud Security?

A. Dark mode interfaces in cloud apps
B. Backup data stored in a dark room
C. A hacking group targeting clouds
D. The use of IT systems and cloud services without explicit approval from the IT department

27 Which cloud attack involves an attacker exploiting the shared resources in a virtualized environment to access data from another tenant?

A. SQL Injection
B. Phishing
C. DDoS
D. Guest-Escape / Hypervisor Jumping

28 What is a CASB (Cloud Access Security Broker)?

A. A type of cloud malware
B. Software that sits between cloud service users and cloud applications to enforce security policies
C. A government agency regulating clouds
D. A physical lock for server rooms

29 Why is 'Multitenancy' a security concern in the cloud?

A. Multiple customers share the same physical resources, creating a risk of data leakage if isolation fails
B. It requires more electricity
C. It increases the cost of storage
D. It makes the internet slower

30 Which of the following is a critical step when testing security in the cloud (Penetration Testing)?

A. Ignoring the Service Level Agreement
B. Obtaining permission from the Cloud Service Provider (CSP) before testing
C. Launching an attack without warning
D. Testing only on weekends

31 What does WPA3 use to replace the WPA2 Pre-Shared Key exchange, making it resistant to offline dictionary attacks?

A. TKIP
B. Simultaneous Authentication of Equals (SAE)
C. WEP
D. Plaintext

32 What is a 'Botnet' often used for in cloud attacks?

A. Indexing web pages
B. Mining cryptocurrency legally
C. Perform Distributed Denial of Service (DDoS) attacks
D. Backing up data

33 What allows Android users to verify what capabilities an application is requesting (e.g., access to camera, contacts)?

A. The instruction manual
B. Root Access
C. App Permissions
D. Kernel Panic

34 Which wireless security protocol uses TKIP (Temporal Key Integrity Protocol)?

A. WPA2
B. WPA3
C. WPA
D. WEP

35 What is 'Geo-tagging' and why is it a mobile security risk?

A. Tagging friends in photos; it is a privacy violation
B. Playing games based on location; it wastes battery
C. Embedding location data in photos/posts; it reveals the user's physical location to stalkers
D. Using GPS for maps; it uses data

36 In the context of SOC, what does 'Correlation' mean?

A. Backing up files to two locations
B. Connecting the power cables
C. Linking different events from log files to identify a complex attack pattern
D. Communicating with the HR department

37 Which of the following is a physical security threat to mobile devices?

A. SQL Injection
B. Phishing
C. Malware
D. Theft or Loss

38 What is 'Cryptojacking' in a cloud environment?

A. Unauthorized use of cloud computing resources to mine cryptocurrency
B. Encrypting data for ransom
C. Stealing credit card numbers
D. Hacking into a bank

39 The NIST definition of Cloud Computing includes 'Rapid Elasticity'. What does this mean?

A. The cloud is made of rubber
B. The internet speed is constant
C. Capabilities can be elastically provisioned and released to scale rapidly outward and inward
D. Data is stored on flexible disks

40 Which attack vector involves a malicious insider abusing their authorized access to cloud data?

A. Outsider Threat
B. Insider Threat
C. DDoS
D. War Driving

41 What is the primary function of a Virtual Private Network (VPN) on a mobile device connecting to public Wi-Fi?

A. To create an encrypted tunnel for data, protecting it from interception
B. To download apps faster
C. To boost signal strength
D. To bypass battery limits

42 Which Bluetooth class has the longest range (approximately 100 meters)?

A. Class 4
B. Class 1
C. Class 2
D. Class 3

43 What is 'MAM' in mobile security?

A. Main Access Module
B. Mobile Application Management
C. Mobile Access Monitoring
D. Man-Against-Machine

44 Which file format is used for installing software on the Android operating system?

A. .APK
B. .IPA
C. .EXE
D. .DMG

45 In cloud security, what does 'Data Sovereignty' refer to?

A. The encryption level of data
B. The concept that data is subject to the laws of the country in which it is physically stored
C. The king of data
D. The speed of data transfer

46 What is a 'Hybrid Cloud'?

A. A cloud that only stores images
B. A composition of two or more clouds (private, community, or public) that remain unique entities but are bound together
C. A cloud that runs on gas and electricity
D. A cloud maintained by a single person

47 Which wireless attack involves capturing handshake packets and attempting to crack the password offline?

A. WPA Cracking / Dictionary Attack
B. Beacon Flooding
C. Signal Jamming
D. MAC Filtering

48 What is 'MAC Address Filtering'?

A. Blocking websites
B. Filtering out Mac computers
C. Allowing or denying network access based on the hardware address of the network card
D. Cleaning the router

49 Why is 'Remote Wipe' a critical feature for enterprise mobile security?

A. To clean the screen remotely
B. To update the OS remotely
C. To delete apps that are not used
D. To erase sensitive corporate data if a device is lost or stolen

50 Which of the following is a symptom of a mobile device being infected with malware?

A. Faster performance
B. Unexpected data usage spikes and rapid battery drain
C. Screen becoming brighter
D. Extended battery life