Unit 5 - Practice Quiz

INT250 50 Questions
0 Correct 0 Wrong 50 Left
0/50

1 Which part of the internet is not indexed by standard search engines and requires specific software, configurations, or authorization to access?

A. Surface Web
B. Dark Web
C. Deep Web
D. Transparent Web

2 What is the primary routing mechanism used by the Tor network to maintain user anonymity?

A. Garlic Routing
B. Onion Routing
C. Tomato Routing
D. Packet Switching

3 Which Top-Level Domain (TLD) is specifically associated with sites hosted on the Tor network?

A. .exe
B. .onion
C. .tor
D. .com

4 In the context of email basics, what does SMTP stand for?

A. Secure Mail Transmission Protocol
B. Simple Mail Transfer Protocol
C. Standard Mail Text Protocol
D. System Mail Transfer Protocol

5 Which protocol is primarily used by email clients to retrieve messages from a mail server?

A. SMTP
B. SNMP
C. IMAP
D. FTP

6 What is the most critical section of an email for forensic analysis when tracing the origin of a message?

A. The Email Body
B. The Email Header
C. The Signature Block
D. The Subject Line

7 Which specific field in an email header usually reveals the IP address of the sender?

A. Received
B. Return-Path
C. From
D. To

8 What is the term for an email attack where the sender manipulates the address to make it appear as if it came from a trusted source?

A. Email Sniffing
B. Email Spoofing
C. Email Spiking
D. Email Bombing

9 In a phishing investigation, what is 'Typosquatting'?

A. Deleting email logs
B. Encrypting the email body
C. Using all caps in the subject line
D. Registering a domain name extremely similar to a legitimate one

10 Which type of phishing attack specifically targets high-profile executives like CEOs or CFOs?

A. Vishing
B. Spear Phishing
C. Smishing
D. Whaling

11 What is the primary function of an Intrusion Detection System (IDS)?

A. To act as a web server
B. To monitor network traffic for suspicious activity
C. To block all network traffic
D. To encrypt network data

12 How does an Intrusion Prevention System (IPS) differ mainly from an IDS?

A. IPS cannot detect viruses
B. IPS only logs data
C. IPS takes active action to stop the threat
D. IPS is slower

13 Which type of IDS detection method relies on a database of known attack patterns?

A. Heuristic detection
B. Signature-based detection
C. Behavior-based detection
D. Anomaly-based detection

14 What is a 'False Positive' in the context of IDS/IPS?

A. A system crash
B. A successful virus removal
C. A legitimate activity flagged as malicious
D. A malicious attack that is missed

15 What does WAF stand for in web security?

A. Wireless Access Firewall
B. Web Application Firewall
C. Wide Area Firewall
D. Windows Authentication File

16 At which layer of the OSI model does a Web Application Firewall (WAF) primarily operate?

A. Layer 2 (Data Link)
B. Layer 4 (Transport)
C. Layer 3 (Network)
D. Layer 7 (Application)

17 Which attack involves injecting malicious SQL queries into input fields to manipulate a database?

A. Cross-Site Scripting (XSS)
B. SQL Injection
C. Buffer Overflow
D. CSRF

18 What type of web attack involves injecting malicious scripts into trusted websites viewed by other users?

A. SQL Injection
B. Cross-Site Scripting (XSS)
C. Directory Traversal
D. Brute Force

19 Which attack forces an end user to execute unwanted actions on a web application in which they are currently authenticated?

A. Packet Sniffing
B. SQL Injection
C. Man-in-the-Middle
D. Cross-Site Request Forgery (CSRF)

20 What is a 'Directory Traversal' attack?

A. Injecting SQL commands
B. Stealing cookies
C. Accessing restricted directories and files by manipulating file paths
D. Overloading the server with requests

21 In Email Forensics, what is the role of an MTA (Mail Transfer Agent)?

A. To route and transfer emails between servers
B. To attach files
C. To read emails
D. To display emails to the user

22 What is the standard port number for SMTP traffic?

A. 25
B. 443
C. 80
D. 21

23 Which component of an IDS is responsible for collecting data from the network?

A. Console
B. Database
C. Analyzer
D. Sensor

24 What is the main disadvantage of Anomaly-based IDS?

A. It has a high rate of false positives
B. It requires virus signatures
C. It is only for wireless networks
D. It cannot detect new attacks

25 Which web attack aims to make a machine or network resource unavailable to its intended users?

A. SQL Injection
B. Privilege Escalation
C. DoS (Denial of Service)
D. Phishing

26 What does a 'Logic Bomb' generally refer to in cyber crime?

A. A type of firewall
B. A failed hacking attempt
C. Malicious code set to execute when specific conditions are met
D. A physical explosive

27 Which of the following is a tool often used for network intrusion detection?

A. Snort
B. Word
C. Photoshop
D. Excel

28 In the context of the Dark Web, what is an 'Exit Node'?

A. An offline server
B. The first server you connect to
C. The server where traffic leaves the Tor network to reach the open internet
D. A firewall rule

29 What is the first step in an email crime investigation?

A. Acquiring and preserving the email evidence
B. Arresting the suspect
C. Seizing the suspect's computer
D. Deleting the spam

30 Which email protocol leaves the original email on the server by default?

A. HTTP
B. IMAP
C. POP3
D. FTP

31 What is 'Session Hijacking'?

A. Taking over a user's active web session by stealing the session ID
B. Breaking a password
C. Phishing for credit cards
D. Stealing a laptop

32 Which of the following is a passive security device?

A. Firewall
B. Proxy Server
C. IPS
D. IDS

33 In a SQL injection attack, what does the input ' OR '1'='1 typically achieve?

A. It encrypts the data
B. It shuts down the server
C. It evaluates to True, bypassing authentication
D. It deletes the database

34 Which type of XSS attack stores the malicious script permanently on the target server (e.g., in a forum post)?

A. DOM-based XSS
B. Stored (Persistent) XSS
C. Reflected XSS
D. Local XSS

35 What is the purpose of 'DKIM' in email security?

A. To block spam
B. To verify that an email message was not forged or altered
C. To archive emails
D. To encrypt the email body

36 A 'Zero-day' attack refers to:

A. An attack exploiting a vulnerability unknown to the software vendor
B. An attack on a closed network
C. An attack that takes zero seconds
D. An attack that happens at midnight

37 Which part of the email header is easiest to spoof?

A. Received-By IP
B. Message-ID
C. From address
D. DKIM Signature

38 What does a Host-based IDS (HIDS) monitor?

A. Activity and logs on a specific individual device
B. Traffic at the ISP level
C. Wireless signals only
D. Traffic on the entire subnet

39 What is 'Bitcoin's' primary role in the Dark Web?

A. It is the software used to browse
B. It is the hosting provider
C. It acts as a firewall
D. It is a common method for anonymous payment

40 Which attack involves an attacker intercepting communication between two parties?

A. DDoS
B. Phishing
C. Logic Bomb
D. Man-in-the-Middle (MITM)

41 What is 'Business Email Compromise' (BEC)?

A. A virus that deletes emails
B. A scam compromising legitimate business email accounts to conduct unauthorized transfers
C. Spam advertising
D. Email server maintenance

42 The 'Deep Web' includes:

A. Google search results
B. Only illegal content
C. Anything not indexed by search engines (e.g., medical records, academic databases)
D. Only social media

43 Which mechanism in a WAF allows only pre-approved traffic and blocks everything else?

A. Whitelisting
B. Greylisting
C. Redlisting
D. Blacklisting

44 In web attacks, what is a 'Brute Force' attack?

A. Physically breaking the server
B. Guessing passwords by trying every possible combination
C. Sending a virus via email
D. Injecting SQL code

45 What distinguishes a Distributed Denial of Service (DDoS) from a standard DoS?

A. DDoS uses multiple compromised systems (botnet) to attack
B. DDoS targets emails only
C. DDoS uses a single attacker machine
D. DDoS is slower

46 Which file on a web server determines which parts of the site crawlers are permitted to access?

A. config.php
B. robots.txt
C. index.html
D. style.css

47 What is the primary utility of 'Packet Sniffing' in forensics?

A. To encrypt hard drives
B. To edit files remotely
C. To capture and analyze data traffic moving across a network
D. To clean viruses

48 In email forensics, 'MUA' stands for:

A. Master User Authorization
B. Mail User Agent
C. Mail Upload Agent
D. Mail Unified Access

49 Which vulnerability allows an attacker to include a file, usually exploiting a 'dynamic file inclusion' mechanism implemented in the target application?

A. Brute Force
B. Dictionary Attack
C. Syn Flood
D. Local File Inclusion (LFI)

50 The 'Silk Road' was a famous marketplace located on:

A. The Surface Web
B. A private LAN
C. The Dark Web
D. Facebook