Skip to main content

Cyber Security Analyst Quiz - Basic Level - Part 2

Here is a 12-question Multiple Choice Question (MCQ) quiz designed for a cyber security analyst, focusing on basic scenarios that reflect common tasks and challenges in cyber security. This quiz tests foundational cyber security skills through practical scenarios. Each question has four options, with one correct answer to assess or reinforce  knowledge of common cyber security tasks. The correct answers, along with explanations for why other options are incorrect, are provided after the quiz.


  1. You get a call from someone claiming to be from IT, asking for your password to fix a server issue. What should you do?
    A. Give them your password to resolve the issue quickly.
    B. Hang up and report the call to your IT department.
    C. Ask for their employee ID and call them back later.
    D. Provide a temporary password and change it afterward.

  2. You’re using a shared computer at a library. How can you protect your data?
    A. Save your files to the desktop for easy access.
    B. Log out of all accounts and clear the browser history before leaving.
    C. Use the same password for all your accounts for convenience.
    D. Leave the computer logged in if you’ll return soon.

  3. Your coworker shares a link to a “funny video” via email, but it looks suspicious. What should you do?
    A. Click the link to see if it’s safe.
    B. Forward the email to IT for review.
    C. Watch the video but don’t download anything.
    D. Delete the email without clicking the link.

  4. You need to create a backup of sensitive work files. What’s the safest method?
    A. Store them on a personal USB drive.
    B. Save them to an unencrypted cloud service.
    C. Use a company-approved, encrypted backup system.
    D. Keep them on your work computer’s desktop.

  5. You’re asked to install a new app on your work phone for a project. What should you do first?
    A. Download it from a third-party app store.
    B. Install it immediately to meet the project deadline.
    C. Verify with IT that the app is approved for use.
    D. Use your personal phone to avoid work restrictions.

  6. A website you visit frequently now redirects to an unfamiliar page. What should you do?
    A. Continue using the site if it looks similar.
    B. Close the browser and run an antivirus scan.
    C. Enter your login details to check if it’s legitimate.
    D. Bookmark the new page for future use.

  7. Your company issues a new security policy requiring complex passwords. What makes a password complex?
    A. It’s short and easy to type.
    B. It uses your name or birthdate for personalization.
    C. It includes a mix of uppercase, lowercase, numbers, and symbols.
    D. It’s the same as your email password for consistency.

  8. You receive a file attachment labeled “Invoice.pdf.exe” from an unknown sender. What should you do?
    A. Open it to check if it’s a legitimate invoice.
    B. Save it to your computer and scan it later.
    C. Delete the email and report it to IT.
    D. Forward it to a colleague to verify its contents.

  9. You’re traveling and need to use a hotel’s Wi-Fi. How can you stay secure?
    A. Use the Wi-Fi only for non-sensitive tasks.
    B. Connect using a VPN to encrypt your traffic.
    C. Share the Wi-Fi password with other guests.
    D. Disable your device’s firewall for better speed.

  10. Your work email account is locked after multiple failed login attempts. What should you do?
    A. Keep trying different passwords to unlock it.
    B. Contact IT to report the issue and reset your account.
    C. Use a coworker’s account to access your emails.
    D. Wait a few hours and try logging in again.

  11. You’re training a new employee on cybersecurity. What’s a key tip for spotting phishing emails?
    A. They always come from unknown senders.
    B. They often have spelling errors or urgent language.
    C. They include attachments that are safe to open.
    D. They use your company’s logo, so they’re legitimate.

  12. Your company laptop is stolen from your car. What’s the first step you should take?
    A. Replace the laptop and continue working.
    B. Report the theft to your IT department immediately.
    C. Change your personal email password.
    D. Check if the thief tries to contact you.

Correct Answers and Explanations

  1. B. Hang up and report the call to your IT department.

    • Why B is correct: Sharing passwords over the phone is a common scam. Reporting to IT ensures verification and protection.

    • Why others are incorrect:

      • A: Giving your password risks unauthorized access.

      • C: Asking for an ID doesn’t guarantee legitimacy.

      • D: Providing any password compromises security.

  2. B. Log out of all accounts and clear the browser history before leaving.

    • Why B is correct: This prevents others from accessing your data on a shared computer.

    • Why others are incorrect:

      • A: Saving files on a public computer risks exposure.

      • C: Reusing passwords increases vulnerability.

      • D: Leaving accounts logged in invites unauthorized access.

  3. D. Delete the email without clicking the link.

    • Why D is correct: Suspicious links may lead to malware; deleting avoids risk.

    • Why others are incorrect:

      • A: Clicking risks infection or phishing.

      • B: Forwarding may spread the threat.

      • C: Watching the video could still trigger malware.

  4. C. Use a company-approved, encrypted backup system.

    • Why C is correct: Encrypted, approved systems ensure data security and compliance.

    • Why others are incorrect:

      • A: Personal USBs are prone to loss or theft.

      • B: Unencrypted cloud services risk data exposure.

      • D: Desktop storage isn’t a backup and lacks security.

  5. C. Verify with IT that the app is approved for use.

    • Why C is correct: IT verification ensures the app is safe and compliant.

    • Why others are incorrect:

      • A: Third-party stores may host malicious apps.

      • B: Installing without checks risks malware.

      • D: Using a personal phone may violate policy.

  6. B. Close the browser and run an antivirus scan.

    • Why B is correct: Redirects may indicate malware; scanning ensures your system is clean.

    • Why others are incorrect:

      • A: Continuing risks further compromise.

      • C: Entering credentials could lead to theft.

      • D: Bookmarking a malicious site is dangerous.

  7. C. It includes a mix of uppercase, lowercase, numbers, and symbols.

    • Why C is correct: Complex passwords are harder to crack, enhancing security.

    • Why others are incorrect:

      • A: Short passwords are easier to guess.

      • B: Personal info makes passwords predictable.

      • D: Reusing passwords increases risk.

  8. C. Delete the email and report it to IT.

    • Why C is correct: .exe files disguised as PDFs are often malware; deleting and reporting prevents harm.

    • Why others are incorrect:

      • A: Opening risks infection.

      • B: Saving it still poses a threat.

      • D: Forwarding could spread malware.

  9. B. Connect using a VPN to encrypt your traffic.

    • Why B is correct: VPNs secure data on public Wi-Fi, preventing interception.

    • Why others are incorrect:

      • A: Non-sensitive tasks can still leak data.

      • C: Sharing passwords compromises security.

      • D: Disabling firewalls increases vulnerability.

  10. B. Contact IT to report the issue and reset your account.

    • Why B is correct: IT can investigate and secure your account, preventing unauthorized access.

    • Why others are incorrect:

      • A: Repeated attempts may worsen the lockout.

      • C: Using another’s account violates policy.

      • D: Waiting doesn’t address potential breaches.

  11. B. They often have spelling errors or urgent language.

    • Why B is correct: Phishing emails commonly use these tactics to trick users.

    • Why others are incorrect:

      • A: Phishing can come from spoofed familiar senders.

      • C: Attachments are often malicious.

      • D: Logos can be faked in phishing attempts.

  12. B. Report the theft to your IT department immediately.

    • Why B is correct: IT can remotely lock or wipe the device to protect data.

    • Why others are incorrect:

      • A: Replacing doesn’t address data security.

      • C: Personal email is unrelated to the breach.

      • D: Waiting for contact is impractical and risky.

Comments

Post a Comment

Popular posts from this blog

J10 - An insight of the Chinese 4.5 Gen Fighter Aircraft (with a Dash of Snark :-) !!!)

  Hold onto your flight helmets, folks, because we’re zooming into the Chengdu J-10, China’s sleek, pointy-nosed fighter jet that’s been turning heads and raising eyebrows—especially in the 2025 India-Pakistan crisis. Nicknamed the “Vigorous Dragon,” this single-engine, multirole beast is packed with electronics and electronic warfare (EW) systems that make it a formidable player in modern warfare. Built by the Chengdu Aircraft Corporation (CAC), the J-10 (especially the J-10CE variant) is Pakistan’s shiny new toy, and it’s been flexing its muscles against heavyweights like Rafale. Let’s unpack why its electronics and EW are the talk of the town, with a side of humor to keep things spicy. Avionics That Could Outsmart a Supercomputer : The J-10 boasts the KLJ-7A Active Electronically Scanned Array (AESA) radar, which is like having a hawk’s eyes on steroids including low probability of intercept (LPI). It tracks multiple targets at long ranges (up to 200+ km, per some sources), la...
Post a Comment
Read more

An Analysis of Pakistan’s Choice of J-35 Over J-20

  Pakistan’s decision to acquire the Shenyang J-35A (also referred to as FC-31 or J-31 in earlier iterations) over the Chengdu J-20 from China is a complex choice driven by economic, strategic, operational, and technical factors. This analysis provides a comprehensive examination, including a detailed technical comparison and the reasons behind Pakistan’s preference, based on available information up to May 24, 2025. Technical Analysis of J-35A vs. J-20 To understand Pakistan’s choice, a technical comparison of the two aircraft is essential. Both are fifth-generation fighters, but their design philosophies and capabilities differ significantly. Shenyang J-35A Type and Role : The J-35A is a fifth-generation, multirole stealth fighter, designed for both air superiority and ground attack missions. Its versatility makes it suitable for a range of operational needs. Dimensions : It has a length of approximately 16.9 meters and a wingspan of about 11.5 meters, making it smaller an...
Post a Comment
Read more

A Bird's eye view of Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft

  The Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft Fifth-generation fighter aircraft represent the pinnacle of modern aerospace engineering, integrating cutting-edge technologies to dominate the battlespace through stealth, advanced electronics, and unmatched versatility. Designed to operate in highly contested environments, these aircraft combine low-observable characteristics, sensor fusion, network-centric warfare capabilities, and advanced propulsion to outmatch adversaries. Picture this: a 5th generation fighter is like that sleek, mysterious stranger at a party who sneaks in unnoticed, knows everyone’s secrets, and leaves before the bill arrives. Meanwhile, 4.5 generation fighters are the life of the party, loud, versatile, and ready to dance with anyone, but they’re not quite invisible. The 5th generation stealthy superstars are—F-22 Raptor, F-35 Lightning II, J20 Mighty Dragon, J-35 Gyrfalcon, and Su-57 Felon—which can hold on their own against the ...
Post a Comment
Read more