MCQs Archive - Page 41 of 326

Semester Exam Introduction to Cyber Security InternationalMedium

Which option correctly identifies the idea of checking input to ensure it is well-formed, expected, and safe?

A. Playbook B. Broken access control C. Input validation D. SQL injection

Correct Answer: C. Input validation

Semester Exam Introduction to Cyber Security InternationalMedium

During an Introduction to Cyber Security exam, failure to properly protect confidential information is asking about which concept?

A. Escalation B. Broken access control C. Security misconfiguration D. Sensitive data exposure

Correct Answer: D. Sensitive data exposure

Semester Exam Introduction to Cyber Security InternationalMedium

A security student reads the description: unsafe default settings, exposed services, or incomplete configuration. Which term matches it?

A. Broken access control B. Installation C. SQL injection D. Security misconfiguration

Correct Answer: D. Security misconfiguration

Semester Exam Introduction to Cyber Security InternationalMedium

Which concept is best described as accessing objects by changing identifiers without proper authorization checks?

A. Port scanning B. Broken access control C. Insecure direct object reference D. SQL injection

Correct Answer: C. Insecure direct object reference

Semester Exam Introduction to Cyber Security InternationalMedium

In cyber security, which term refers to using path manipulation to access files outside intended directories?

A. Spoofing B. Cross-site scripting C. Directory traversal D. Broken authentication

Correct Answer: C. Directory traversal

Semester Exam Introduction to Cyber Security InternationalMedium

Which option correctly identifies the idea of failure to enforce restrictions on what authenticated users can do?

A. Broken authentication B. Input validation C. Broken access control D. Security policy

Correct Answer: C. Broken access control

Semester Exam Introduction to Cyber Security InternationalMedium

During an Introduction to Cyber Security exam, weaknesses that allow attackers to compromise accounts or sessions is asking about which concept?

A. Broken access control B. Broken authentication C. Threat modeling D. Cross-site scripting

Correct Answer: B. Broken authentication

Semester Exam Introduction to Cyber Security InternationalMedium

A security student reads the description: tricking a user’s browser into sending an unwanted authenticated request. Which term matches it?

A. Cross-site request forgery B. Insecure direct object reference C. Sensitive data exposure D. Anonymity

Correct Answer: A. Cross-site request forgery

Semester Exam Introduction to Cyber Security InternationalMedium

Which concept is best described as injecting scripts into web pages viewed by other users?

A. Directory traversal B. Cross-site scripting C. Insecure direct object reference D. Lessons learned

Correct Answer: B. Cross-site scripting

Semester Exam Introduction to Cyber Security InternationalMedium

In cyber security, which term refers to inserting malicious SQL into application input to manipulate database queries?

A. Directory traversal B. Cross-site request forgery C. Insecure direct object reference D. SQL injection

Correct Answer: D. SQL injection

Semester Exam Introduction to Cyber Security InternationalMedium

Which option correctly identifies the idea of secure generation, storage, rotation, and destruction of cryptographic keys?

A. Incident severity B. Public key infrastructure C. Asymmetric encryption D. Key management

Correct Answer: D. Key management

Semester Exam Introduction to Cyber Security InternationalMedium

During an Introduction to Cyber Security exam, random data added before hashing to reduce effectiveness of precomputed password attacks is asking about which concept?

A. Key management B. Salt C. Cybercriminal D. Asymmetric encryption

Correct Answer: B. Salt

All MCQs