Basics of Recognizing and avoiding online threats MCQs
Here are 25 multiple-choice questions (MCQs) on Basics of Recognizing and avoiding online threats,Passwords and authentication.These questions cover various aspects of recognizing and avoiding online threats, password security, and authentication, along with their respective Answers and explanations.
1. What is a common method used by attackers to crack passwords?
- Guessing passwords randomly
- Using brute force attacks
- Asking for passwords politely
- Creating strong passwords
Attackers often use brute force attacks to crack passwords.
2. What is the term for a security feature that allows users to access multiple services or applications with a single set of credentials after authenticating once?
- Password manager
- Multi-factor authentication (MFA)
- Single sign-on (SSO)
- Captcha
Single sign-on (SSO) allows access to multiple services with one set of credentials.
3. What is the term for a security vulnerability that allows an attacker to intercept and capture login credentials as they are transmitted over a network?
- Phishing
- Brute force attack
- Man-in-the-middle (MitM) attack
- Social engineering
A man-in-the-middle (MitM) attack intercepts login credentials in transit.
4. What is the term for a password policy that requires users to change their passwords at regular intervals, such as every 90 days?
- Password complexity
- Password rotation
- Password hashing
- Password manager
Password rotation requires users to change passwords regularly.
5. Which of the following is a recommended practice for password security?
- Sharing passwords with colleagues
- Writing passwords on sticky notes
- Storing passwords in a secure password manager
- Using easily guessable passwords
Storing passwords in a secure password manager is a recommended practice.
6. What is the term for a security feature that displays distorted characters that are difficult for automated bots to read, used to verify that a user is a human during online interactions?
- Password manager
- Multi-factor authentication (MFA)
- Single sign-on (SSO)
- Captcha
Captcha is used to verify that a user is human.
7. Which of the following is NOT a common authentication factor used in multi-factor authentication (MFA)?
- Something you know (e.g., password)
- Something you have (e.g., smartphone)
- Something you are (e.g., fingerprint)
- Something you want (e.g., favorite color)
"Something you want" is not a common authentication factor in MFA.
8. What is the term for a security threat that involves an attacker intercepting and eavesdropping on wireless communications between devices and networks?
- Ransomware
- Password cracking
- Man-in-the-middle (MitM) attack
- Phishing
A man-in-the-middle (MitM) attack intercepts wireless communications.
9. Which of the following is a secure method for storing passwords?
- Writing passwords on a piece of paper
- Storing passwords in a plain text document
- Using a reputable password manager
- Sharing passwords with friends
Using a reputable password manager is a secure method.
10. What is vishing in the context of online threats and authentication?
- A type of phishing attack that uses voice messages
- A biometric authentication method
- A strong and complex password
- A type of multi-factor authentication
Vishing is a type of phishing attack that uses voice messages or phone calls to trick individuals into revealing sensitive information.
11. What is the term for a method of authentication that uses physical characteristics of an individual, such as fingerprints or facial recognition?
- Biometric authentication
- Two-factor authentication (2FA)
- Password rotation
- Captcha
Biometric authentication uses physical characteristics for identification.
12. Which of the following is NOT a recommended practice for secure password management?
- Using the same password for multiple accounts
- Changing passwords after a security breach
- Enabling two-factor authentication (2FA) where available
- Regularly updating and strengthening passwords
Using the same password for multiple accounts is not a recommended practice.
13. What is the term for a security threat that involves an attacker pretending to be a legitimate organization or individual in an attempt to trick users into revealing sensitive information or performing actions they should not?
- Spear phishing
- Vishing
- Impersonation
- Credential stuffing
Impersonation involves pretending to be a legitimate entity to deceive users.
14. What is the primary purpose of a strong and unique password?
- To share with friends and family
- To make it easier to remember
- To protect online accounts from unauthorized access
- To use the same password for multiple accounts
A strong and unique password is designed to protect online accounts from unauthorized access.
15. Which of the following is NOT a common characteristic of a strong password?
- Easily guessable, such as "123456"
- Long and complex
- Contains a mix of uppercase and lowercase letters, numbers, and symbols
- Not a dictionary word or common phrase
A strong password should not be easily guessable.
16. What is the term for a security feature that requires users to provide two or more different forms of authentication to access an account or system?
- Password manager
- Multi-factor authentication (MFA)
- Single sign-on (SSO)
- Captcha
Multi-factor authentication (MFA) requires multiple forms of authentication.
17. What is the primary purpose of a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)?
- To simplify password management
- To prevent automated bots from accessing websites or services
- To create strong passwords
- To remember passwords for users
CAPTCHA is used to prevent automated bots from accessing websites or services.
18. What is a passphrase in the context of password security?
- A single word password
- A long and complex sequence of words
- A password consisting of only numbers
- A username
A passphrase is a long and complex sequence of words used as a password.
19. What is a password manager in the context of password security?
- A person who manages passwords for others
- A software tool that generates, stores, and auto-fills passwords
- A password policy for organizations
- A hardware component of a computer
A password manager is a software tool for generating, storing, and auto-filling passwords.
20. What is the term for the practice of reusing the same password for multiple online accounts?
- Password rotation
- Password complexity
- Password sharing
- Password recycling
Password recycling is the practice of reusing the same password.
21. What is the term for a security measure that restricts the number of login attempts within a certain time frame to prevent unauthorized access due to repeated password guessing?
- Account lockout
- Password recovery
- Password hashing
- Password strength
Account lockout restricts the number of login attempts to prevent unauthorized access.
22. Which of the following is NOT a recommended practice for password security?
- Using easily guessable passwords
- Changing passwords regularly
- Avoiding dictionary words and common phrases
- Using two-factor authentication (2FA)
Using easily guessable passwords is not recommended for password security.
23. What is the term for the process of converting a password into an unreadable form using a mathematical algorithm to enhance security?
- Password rotation
- Password complexity
- Password hashing
- Password sharing
Password hashing converts a password into an unreadable form.
24. What is the term for a technique used by attackers to trick individuals into revealing their passwords or sensitive information by posing as a trustworthy entity in electronic communication?
- Password management
- Password cracking
- Social engineering
- Authentication
Social engineering is used to trick individuals into revealing sensitive information.
25. Which of the following is an example of a security Question-used for password recovery?
- What is your favorite color?
- What is your username?
- What is your current IP address?
- What is the capital of France?
Security questions like "What is your favorite color?" are used for password recovery.