Unit 5 - Practice Quiz

INT250 50 Questions
0 Correct 0 Wrong 50 Left
0/50

1 Which part of the internet is not indexed by standard search engines and requires specific software, configurations, or authorization to access?

A. Deep Web
B. Transparent Web
C. Dark Web
D. Surface Web

2 What is the primary routing mechanism used by the Tor network to maintain user anonymity?

A. Tomato Routing
B. Packet Switching
C. Onion Routing
D. Garlic Routing

3 Which Top-Level Domain (TLD) is specifically associated with sites hosted on the Tor network?

A. .onion
B. .exe
C. .tor
D. .com

4 In the context of email basics, what does SMTP stand for?

A. Simple Mail Transfer Protocol
B. System Mail Transfer Protocol
C. Secure Mail Transmission Protocol
D. Standard Mail Text Protocol

5 Which protocol is primarily used by email clients to retrieve messages from a mail server?

A. SMTP
B. IMAP
C. SNMP
D. FTP

6 What is the most critical section of an email for forensic analysis when tracing the origin of a message?

A. The Email Header
B. The Signature Block
C. The Email Body
D. The Subject Line

7 Which specific field in an email header usually reveals the IP address of the sender?

A. Received
B. From
C. To
D. Return-Path

8 What is the term for an email attack where the sender manipulates the address to make it appear as if it came from a trusted source?

A. Email Sniffing
B. Email Spiking
C. Email Spoofing
D. Email Bombing

9 In a phishing investigation, what is 'Typosquatting'?

A. Registering a domain name extremely similar to a legitimate one
B. Deleting email logs
C. Encrypting the email body
D. Using all caps in the subject line

10 Which type of phishing attack specifically targets high-profile executives like CEOs or CFOs?

A. Vishing
B. Smishing
C. Spear Phishing
D. Whaling

11 What is the primary function of an Intrusion Detection System (IDS)?

A. To act as a web server
B. To encrypt network data
C. To block all network traffic
D. To monitor network traffic for suspicious activity

12 How does an Intrusion Prevention System (IPS) differ mainly from an IDS?

A. IPS only logs data
B. IPS cannot detect viruses
C. IPS is slower
D. IPS takes active action to stop the threat

13 Which type of IDS detection method relies on a database of known attack patterns?

A. Anomaly-based detection
B. Signature-based detection
C. Heuristic detection
D. Behavior-based detection

14 What is a 'False Positive' in the context of IDS/IPS?

A. A successful virus removal
B. A malicious attack that is missed
C. A legitimate activity flagged as malicious
D. A system crash

15 What does WAF stand for in web security?

A. Wireless Access Firewall
B. Wide Area Firewall
C. Web Application Firewall
D. Windows Authentication File

16 At which layer of the OSI model does a Web Application Firewall (WAF) primarily operate?

A. Layer 7 (Application)
B. Layer 3 (Network)
C. Layer 4 (Transport)
D. Layer 2 (Data Link)

17 Which attack involves injecting malicious SQL queries into input fields to manipulate a database?

A. Cross-Site Scripting (XSS)
B. CSRF
C. SQL Injection
D. Buffer Overflow

18 What type of web attack involves injecting malicious scripts into trusted websites viewed by other users?

A. SQL Injection
B. Brute Force
C. Directory Traversal
D. Cross-Site Scripting (XSS)

19 Which attack forces an end user to execute unwanted actions on a web application in which they are currently authenticated?

A. Packet Sniffing
B. Man-in-the-Middle
C. Cross-Site Request Forgery (CSRF)
D. SQL Injection

20 What is a 'Directory Traversal' attack?

A. Injecting SQL commands
B. Accessing restricted directories and files by manipulating file paths
C. Stealing cookies
D. Overloading the server with requests

21 In Email Forensics, what is the role of an MTA (Mail Transfer Agent)?

A. To route and transfer emails between servers
B. To display emails to the user
C. To attach files
D. To read emails

22 What is the standard port number for SMTP traffic?

A. 80
B. 25
C. 443
D. 21

23 Which component of an IDS is responsible for collecting data from the network?

A. Analyzer
B. Console
C. Sensor
D. Database

24 What is the main disadvantage of Anomaly-based IDS?

A. It is only for wireless networks
B. It requires virus signatures
C. It has a high rate of false positives
D. It cannot detect new attacks

25 Which web attack aims to make a machine or network resource unavailable to its intended users?

A. Privilege Escalation
B. Phishing
C. DoS (Denial of Service)
D. SQL Injection

26 What does a 'Logic Bomb' generally refer to in cyber crime?

A. Malicious code set to execute when specific conditions are met
B. A type of firewall
C. A physical explosive
D. A failed hacking attempt

27 Which of the following is a tool often used for network intrusion detection?

A. Excel
B. Snort
C. Word
D. Photoshop

28 In the context of the Dark Web, what is an 'Exit Node'?

A. The server where traffic leaves the Tor network to reach the open internet
B. A firewall rule
C. An offline server
D. The first server you connect to

29 What is the first step in an email crime investigation?

A. Deleting the spam
B. Seizing the suspect's computer
C. Arresting the suspect
D. Acquiring and preserving the email evidence

30 Which email protocol leaves the original email on the server by default?

A. POP3
B. FTP
C. HTTP
D. IMAP

31 What is 'Session Hijacking'?

A. Taking over a user's active web session by stealing the session ID
B. Breaking a password
C. Phishing for credit cards
D. Stealing a laptop

32 Which of the following is a passive security device?

A. Proxy Server
B. Firewall
C. IDS
D. IPS

33 In a SQL injection attack, what does the input ' OR '1'='1 typically achieve?

A. It deletes the database
B. It evaluates to True, bypassing authentication
C. It shuts down the server
D. It encrypts the data

34 Which type of XSS attack stores the malicious script permanently on the target server (e.g., in a forum post)?

A. Reflected XSS
B. Local XSS
C. Stored (Persistent) XSS
D. DOM-based XSS

35 What is the purpose of 'DKIM' in email security?

A. To block spam
B. To archive emails
C. To encrypt the email body
D. To verify that an email message was not forged or altered

36 A 'Zero-day' attack refers to:

A. An attack that takes zero seconds
B. An attack exploiting a vulnerability unknown to the software vendor
C. An attack that happens at midnight
D. An attack on a closed network

37 Which part of the email header is easiest to spoof?

A. From address
B. Received-By IP
C. Message-ID
D. DKIM Signature

38 What does a Host-based IDS (HIDS) monitor?

A. Traffic at the ISP level
B. Traffic on the entire subnet
C. Activity and logs on a specific individual device
D. Wireless signals only

39 What is 'Bitcoin's' primary role in the Dark Web?

A. It is the hosting provider
B. It is a common method for anonymous payment
C. It is the software used to browse
D. It acts as a firewall

40 Which attack involves an attacker intercepting communication between two parties?

A. Logic Bomb
B. Phishing
C. DDoS
D. Man-in-the-Middle (MITM)

41 What is 'Business Email Compromise' (BEC)?

A. A scam compromising legitimate business email accounts to conduct unauthorized transfers
B. A virus that deletes emails
C. Email server maintenance
D. Spam advertising

42 The 'Deep Web' includes:

A. Google search results
B. Anything not indexed by search engines (e.g., medical records, academic databases)
C. Only social media
D. Only illegal content

43 Which mechanism in a WAF allows only pre-approved traffic and blocks everything else?

A. Whitelisting
B. Greylisting
C. Blacklisting
D. Redlisting

44 In web attacks, what is a 'Brute Force' attack?

A. Guessing passwords by trying every possible combination
B. Sending a virus via email
C. Injecting SQL code
D. Physically breaking the server

45 What distinguishes a Distributed Denial of Service (DDoS) from a standard DoS?

A. DDoS is slower
B. DDoS targets emails only
C. DDoS uses multiple compromised systems (botnet) to attack
D. DDoS uses a single attacker machine

46 Which file on a web server determines which parts of the site crawlers are permitted to access?

A. config.php
B. index.html
C. style.css
D. robots.txt

47 What is the primary utility of 'Packet Sniffing' in forensics?

A. To clean viruses
B. To encrypt hard drives
C. To edit files remotely
D. To capture and analyze data traffic moving across a network

48 In email forensics, 'MUA' stands for:

A. Mail Upload Agent
B. Mail Unified Access
C. Master User Authorization
D. Mail User Agent

49 Which vulnerability allows an attacker to include a file, usually exploiting a 'dynamic file inclusion' mechanism implemented in the target application?

A. Dictionary Attack
B. Local File Inclusion (LFI)
C. Brute Force
D. Syn Flood

50 The 'Silk Road' was a famous marketplace located on:

A. Facebook
B. The Surface Web
C. A private LAN
D. The Dark Web