Skip to main content

Cyber Security Analyst Quiz - Basic Level - Part 1

 

Here is a 12-question Multiple Choice Question (MCQ) quiz designed for a cyber security analyst, focusing on basic scenarios that reflect common tasks and challenges in cyber security. This quiz tests foundational cyber security skills through practical scenarios. Each question has four options, with one correct answer to assess or reinforce  knowledge of common cyber security tasks. The correct answers, along with explanations for why other options are incorrect, are provided after the quiz.


  1. You receive an email claiming to be from your bank, asking you to click a link to verify your account. What should you do?
    A. Click the link and enter your credentials to verify.
    B. Reply to the email asking for more details.
    C. Contact your bank directly to confirm the email’s legitimacy.
    D. Forward the email to a friend to check if it’s legitimate.

  2. Your colleague asks to borrow your work laptop to check their personal email. What is the best response?
    A. Let them use it but monitor their activity.
    B. Allow them to use it since it’s just for email.
    C. Give them your login credentials to use it safely.
    D. Politely decline and explain it’s against company policy.

  3. You notice a USB drive left on a table in the office cafeteria. What should you do?
    A. Take it home to scan it on your personal computer.
    B. Plug it into your computer to check its contents.
    C. Leave it where it is and ignore it.
    D. Turn it over to the IT department without plugging it in.

  4. Your password for an online account is “password123”. How can you improve its security?
    A. Use a longer password with letters, numbers, and symbols.
    B. Change it to “123password”.
    C. Write it down and store it in your desk drawer.
    D. Keep it the same since it’s easy to remember.

  5. You’re working from a coffee shop and need to access your company’s network. What’s the safest way to connect?
    A. Use your personal hotspot without encryption.
    B. Use the coffee shop’s free Wi-Fi without a VPN.
    C. Connect through a VPN on your company laptop.
    D. Avoid accessing the network until you’re back at the office.

  6. A pop-up on your work computer warns that your system is infected and asks you to download software to fix it. What should you do?
    A. Download the software to resolve the issue quickly.
    B. Restart your computer to clear the infection.
    C. Close the pop-up and report it to IT immediately.
    D. Ignore the pop-up and continue working.

  7. You’re setting up a new account and are asked to enable two-factor authentication (2FA). What does 2FA do?
    A. It requires two different passwords for login.
    B. It adds an extra layer of security, like a code sent to your phone.
    C. It makes your password twice as long.
    D. It automatically logs you out after two failed attempts.

  8. Your manager sends you an urgent text asking for your login credentials to access a report. What should you do?
    A. Call your manager to verify the request before sharing anything.
    B. Provide the credentials immediately to help your manager.
    C. Ignore the text since it’s outside regular work hours.
    D. Text back asking for more details about the report.

  9. You accidentally click a suspicious link in an email. What’s the first thing you should do?
    A. Reply to the email to report the suspicious link.
    B. Delete the email and continue working.
    C. Run a quick antivirus scan and keep using the device.
    D. Disconnect your device from the internet and report to IT.

  10. Your company requires you to update your software regularly. Why is this important?
    A. It ensures your computer runs faster.
    B. It prevents your software from expiring.
    C. It fixes security vulnerabilities that hackers could exploit.
    D. It adds new features to make your work easier.

  11. You’re sharing a sensitive document with a coworker. What’s the safest way to send it?
    A. Save it to a USB drive and hand it to them.
    B. Use a secure, company-approved file-sharing platform.
    C. Email it without encryption.
    D. Send it via a personal messaging app like WhatsApp.

  12. A website asks for your date of birth and address to “verify your identity”. What should you do?
    A. Give a fake date of birth to protect your privacy.
    B. Provide the information to complete the verification.
    C. Close the website and use a different service.
    D. Check if the website is legitimate before sharing personal details.

Correct Answers and Explanations

  1. C. Contact your bank directly to confirm the email’s legitimacy.

    • Why C is correct: This avoids phishing scams by verifying with the bank directly.

    • Why others are incorrect:

      • A: Clicking unknown links risks malware or credential theft.

      • B: Replying may confirm your email is active, encouraging spam.

      • D: Forwarding doesn’t verify legitimacy and could spread the scam.

  2. D. Politely decline and explain it’s against company policy.

    • Why D is correct: Sharing devices risks data breaches, violating security policies.

    • Why others are incorrect:

      • A: Monitoring doesn’t prevent risks and is impractical.

      • B: Personal email access can introduce malware.

      • C: Sharing credentials is a major security violation.

  3. D. Turn it over to the IT department without plugging it in.

    • Why D is correct: Unknown USBs may contain malware; IT can safely investigate.

    • Why others are incorrect:

      • A: Scanning at home bypasses company protocols.

      • B: Plugging it in risks infection.

      • C: Ignoring it leaves a threat unaddressed.

  4. A. Use a longer password with letters, numbers, and symbols.

    • Why A is correct: Strong passwords are harder to crack, improving security.

    • Why others are incorrect:

      • B: “123password” is still weak.

      • C: Writing it down risks theft.

      • D: Keeping a weak password invites hacking.

  5. C. Connect through a VPN on your company laptop.

    • Why C is correct: VPNs encrypt connections, securing data on public networks.

    • Why others are incorrect:

      • A: Unencrypted hotspots are vulnerable.

      • B: Public Wi-Fi is often unsecured.

      • D: Avoiding access may be impractical for urgent work.

  6. C. Close the pop-up and report it to IT immediately.

    • Why C is correct: Pop-ups are often scams; IT can verify and secure the system.

    • Why others are incorrect:

      • A: Downloading unknown software risks infection.

      • B: Restarting may not remove malware.

      • D: Ignoring doesn’t address potential compromise.

  7. B. It adds an extra layer of security, like a code sent to your phone.

    • Why B is correct: 2FA adds a second verification step, enhancing security.

    • Why others are incorrect:

      • A: 2FA doesn’t require two passwords.

      • C: It doesn’t change password length.

      • D: Logging out after failed attempts is unrelated.

  8. A. Call your manager to verify the request before sharing anything.

    • Why A is correct: Verifying prevents impersonation scams.

    • Why others are incorrect:

      • B: Sharing credentials without verification risks theft.

      • C: Ignoring may delay legitimate requests.

      • D: Texting back may expose you to scams.

  9. D. Disconnect your device from the internet and report to IT.

    • Why D is correct: Disconnecting limits damage; IT can mitigate risks.

    • Why others are incorrect:

      • A: Replying could worsen the situation.

      • B: Deleting the email doesn’t undo the click.

      • C: Scanning is good but doesn’t address immediate risks.

  10. C. It fixes security vulnerabilities that hackers could exploit.

    • Why C is correct: Updates patch vulnerabilities, reducing attack risks.

    • Why others are incorrect:

      • A: Speed isn’t the primary goal.

      • B: Expiration is unrelated to updates.

      • D: Features are secondary to security.

  11. B. Use a secure, company-approved file-sharing platform.

    • Why B is correct: Secure platforms encrypt data, ensuring safe transfer.

    • Why others are incorrect:

      • A: USBs are prone to loss or malware.

      • C: Unencrypted email risks exposure.

      • D: Personal apps may lack security.

  12. D. Check if the website is legitimate before sharing personal details.

    • Why D is correct: Verifying prevents sharing data with scammers.

    • Why others are incorrect:

      • A: Fake data may still expose you.

      • B: Sharing without verification risks identity theft.

      • C: Closing avoids risks but may limit legitimate services.

Comments

Post a Comment

Popular posts from this blog

J10 - An insight of the Chinese 4.5 Gen Fighter Aircraft (with a Dash of Snark :-) !!!)

  Hold onto your flight helmets, folks, because we’re zooming into the Chengdu J-10, China’s sleek, pointy-nosed fighter jet that’s been turning heads and raising eyebrows—especially in the 2025 India-Pakistan crisis. Nicknamed the “Vigorous Dragon,” this single-engine, multirole beast is packed with electronics and electronic warfare (EW) systems that make it a formidable player in modern warfare. Built by the Chengdu Aircraft Corporation (CAC), the J-10 (especially the J-10CE variant) is Pakistan’s shiny new toy, and it’s been flexing its muscles against heavyweights like Rafale. Let’s unpack why its electronics and EW are the talk of the town, with a side of humor to keep things spicy. Avionics That Could Outsmart a Supercomputer : The J-10 boasts the KLJ-7A Active Electronically Scanned Array (AESA) radar, which is like having a hawk’s eyes on steroids including low probability of intercept (LPI). It tracks multiple targets at long ranges (up to 200+ km, per some sources), la...
Post a Comment
Read more

An Analysis of Pakistan’s Choice of J-35 Over J-20

  Pakistan’s decision to acquire the Shenyang J-35A (also referred to as FC-31 or J-31 in earlier iterations) over the Chengdu J-20 from China is a complex choice driven by economic, strategic, operational, and technical factors. This analysis provides a comprehensive examination, including a detailed technical comparison and the reasons behind Pakistan’s preference, based on available information up to May 24, 2025. Technical Analysis of J-35A vs. J-20 To understand Pakistan’s choice, a technical comparison of the two aircraft is essential. Both are fifth-generation fighters, but their design philosophies and capabilities differ significantly. Shenyang J-35A Type and Role : The J-35A is a fifth-generation, multirole stealth fighter, designed for both air superiority and ground attack missions. Its versatility makes it suitable for a range of operational needs. Dimensions : It has a length of approximately 16.9 meters and a wingspan of about 11.5 meters, making it smaller an...
Post a Comment
Read more

A Bird's eye view of Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft

  The Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft Fifth-generation fighter aircraft represent the pinnacle of modern aerospace engineering, integrating cutting-edge technologies to dominate the battlespace through stealth, advanced electronics, and unmatched versatility. Designed to operate in highly contested environments, these aircraft combine low-observable characteristics, sensor fusion, network-centric warfare capabilities, and advanced propulsion to outmatch adversaries. Picture this: a 5th generation fighter is like that sleek, mysterious stranger at a party who sneaks in unnoticed, knows everyone’s secrets, and leaves before the bill arrives. Meanwhile, 4.5 generation fighters are the life of the party, loud, versatile, and ready to dance with anyone, but they’re not quite invisible. The 5th generation stealthy superstars are—F-22 Raptor, F-35 Lightning II, J20 Mighty Dragon, J-35 Gyrfalcon, and Su-57 Felon—which can hold on their own against the ...
Post a Comment
Read more